Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/ZOSLdeIWdPhtTmtfQjaaenO-JUE.cer
File:                     ZOSLdeIWdPhtTmtfQjaaenO-JUE.cer (raw, json)
Hash identifier:          5WPh+zUCoaOgDYhODYlpmZOiww+O73LTwQSYgx3pqgk=
Subject key identifier:   64:E4:8B:75:E2:16:74:F8:6D:4E:6B:5F:42:36:9A:7A:73:BE:25:41
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       3336
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36E3530/64051F66FDAA11EEB8D47855017001B1/ZOSLdeIWdPhtTmtfQjaaenO-JUE.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36E3530/64051F66FDAA11EEB8D47855017001B1/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 05:52:50 +0000
Certificate not after:    Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources:    AS: 328245
                          IP: 102.209.188.0/23
                          IP: 196.43.247.0/24
                          IP: 2001:43f8:3d0::/48
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13110 (0x3336)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC
        Validity
            Not Before: Jan  1 05:52:50 2025 GMT
            Not After : Mar 31 00:00:00 2026 GMT
        Subject: CN=F36E3530AF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:1c:10:3a:25:02:03:a0:4b:7a:1b:9c:79:17:
                    42:e2:d9:c2:c7:1c:4b:c1:a3:54:d9:2c:42:01:4b:
                    19:08:87:a8:90:40:40:14:c4:87:25:92:d7:05:37:
                    46:83:7b:94:ca:f4:2f:6a:78:4b:61:98:05:c1:a2:
                    6c:38:6d:c0:b5:7c:c5:3c:27:64:a3:ad:b7:3a:67:
                    17:99:16:85:79:67:5f:ad:3c:81:ea:8b:90:d4:f8:
                    d2:ed:2a:6c:bc:83:78:a3:49:c6:b4:8a:60:49:80:
                    d8:31:1f:cb:da:39:a8:c1:15:31:ea:f2:97:51:92:
                    ca:76:f6:82:ed:52:2e:2a:b6:8e:96:9c:97:38:39:
                    3f:13:87:c1:32:46:85:59:a4:df:bd:1f:81:11:cf:
                    8c:7e:51:79:bf:4b:56:24:c0:24:f3:50:f5:23:eb:
                    b8:c1:d3:0f:b2:79:7a:fc:51:14:64:7c:6b:6a:5e:
                    5c:fe:1d:90:cc:28:e9:8a:e7:1e:80:32:4c:09:4c:
                    e6:e9:9f:d5:11:35:86:24:7c:a2:07:88:e1:58:3b:
                    2c:a2:d5:14:0e:af:70:25:57:eb:9e:d5:ef:6d:18:
                    bc:1f:fb:af:48:0f:49:6e:b9:e4:74:eb:46:a0:1a:
                    7b:56:b5:9a:b9:85:82:c0:d9:54:d3:ac:4b:d8:c4:
                    5b:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:E4:8B:75:E2:16:74:F8:6D:4E:6B:5F:42:36:9A:7A:73:BE:25:41
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E3530/64051F66FDAA11EEB8D47855017001B1/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E3530/64051F66FDAA11EEB8D47855017001B1/ZOSLdeIWdPhtTmtfQjaaenO-JUE.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  328245

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.209.188.0/23
                  196.43.247.0/24
                IPv6:
                  2001:43f8:3d0::/48

    Signature Algorithm: sha256WithRSAEncryption
         c6:9e:85:f9:9a:a6:78:07:fa:e9:a4:3a:a4:36:0f:fb:31:61:
         f6:69:e7:09:d2:e1:d6:a8:1b:b1:e6:25:ff:6d:b0:5a:21:08:
         8f:cf:87:d8:52:71:d4:f8:0f:1e:7b:66:a7:4c:37:0e:b1:24:
         9a:6c:c4:d4:7a:5f:5e:fc:cc:c9:0b:da:c2:10:6e:cb:6c:54:
         cf:c3:0d:ae:d1:83:dc:2d:8f:5e:11:5b:d6:f7:0c:a3:4c:49:
         3d:27:46:6f:ca:67:4d:7b:9b:56:42:33:78:f0:69:b3:20:33:
         b6:be:f3:15:12:cc:63:4a:22:7a:9e:98:22:b1:15:6b:d9:38:
         87:13:d2:07:51:2d:ae:4a:fd:e3:c8:cf:90:70:a0:75:d1:cb:
         3d:f7:11:50:47:88:23:f4:db:69:0f:f4:00:94:ce:91:b8:ed:
         6b:8e:51:f8:3d:f2:18:95:8f:0f:f4:86:66:17:b9:ec:60:ac:
         e8:25:05:23:9e:b8:cb:9c:83:08:c4:9f:4a:26:f1:ee:84:24:
         a1:f1:f2:db:67:69:1e:03:23:b9:43:aa:fb:93:96:28:6b:7a:
         18:4e:02:55:40:6a:c0:8d:8d:93:5f:88:04:e8:02:ac:3f:87:
         31:27:57:81:fc:a8:ef:71:cd:93:7f:db:62:84:cd:60:8b:b2:
         68:f4:09:c1
-----BEGIN CERTIFICATE-----
MIIGLTCCBRWgAwIBAgICMzYwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNTAxMDEwNTUyNTBaFw0yNjAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkUzNTMwQUYxMTAvBgNVBAUTKDY0RTQ4Qjc1RTIxNjc0Rjg2RDRFNkI1
RjQyMzY5QTdBNzNCRTI1NDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/HBA6JQIDoEt6G5x5F0Li2cLHHEvBo1TZLEIBSxkIh6iQQEAUxIclktcFN0aD
e5TK9C9qeEthmAXBomw4bcC1fMU8J2Sjrbc6ZxeZFoV5Z1+tPIHqi5DU+NLtKmy8
g3ijSca0imBJgNgxH8vaOajBFTHq8pdRksp29oLtUi4qto6WnJc4OT8Th8EyRoVZ
pN+9H4ERz4x+UXm/S1YkwCTzUPUj67jB0w+yeXr8URRkfGtqXlz+HZDMKOmK5x6A
MkwJTObpn9URNYYkfKIHiOFYOyyi1RQOr3AlV+ue1e9tGLwf+69ID0luueR060ag
GntWtZq5hYLA2VTTrEvYxFvnAgMBAAGjggMiMIIDHjAdBgNVHQ4EFgQUZOSLdeIW
dPhtTmtfQjaaenO+JUEwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZFMzUzMC82NDA1MUY2NkZEQUEx
MUVFQjhENDc4NTUwMTcwMDFCMS8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTM1MzAvNjQwNTFGNjZGREFBMTFFRUI4RDQ3ODU1MDE3MDAxQjEvWk9TTGRl
SVdkUGh0VG10ZlFqYWFlbk8tSlVFLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFAjUwNgYIKwYBBQUHAQcBAf8EJzAlMBIEAgABMAwDBAFm0bwDBADEK/cwDwQC
AAIwCQMHACABQ/gD0DANBgkqhkiG9w0BAQsFAAOCAQEAxp6F+ZqmeAf66aQ6pDYP
+zFh9mnnCdLh1qgbseYl/22wWiEIj8+H2FJx1PgPHntmp0w3DrEkmmzE1HpfXvzM
yQvawhBuy2xUz8MNrtGD3C2PXhFb1vcMo0xJPSdGb8pnTXubVkIzePBpsyAztr7z
FRLMY0oiep6YIrEVa9k4hxPSB1Etrkr948jPkHCgddHLPfcRUEeII/TbaQ/0AJTO
kbjta45R+D3yGJWPD/SGZhe57GCs6CUFI564y5yDCMSfSibx7oQkofHy22dpHgMj
uUOq+5OWKGt6GE4CVUBqwI2Nk1+IBOgCrD+HMSdXgfyo73HNk3/bYoTNYIuyaPQJ
wQ==
-----END CERTIFICATE-----