Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/Zxdi3y9LZeg1DvQ9_m40d2V1G2c.cer
File:                     Zxdi3y9LZeg1DvQ9_m40d2V1G2c.cer (raw, json)
Hash identifier:          CF9Ki3ZXQZ5hi54/2jG8JACMiaBp9OdScrNmZzIHSAY=
Subject key identifier:   67:17:62:DF:2F:4B:65:E8:35:0E:F4:3D:FE:6E:34:77:65:75:1B:67
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2852
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36EBDD7/59907460BE1D11EB9A348B42F8AEA228/Zxdi3y9LZeg1DvQ9_m40d2V1G2c.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36EBDD7/59907460BE1D11EB9A348B42F8AEA228/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 04:23:30 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 37349
                          IP: 41.79.68.0/22
                          IP: 41.207.240.0/21
                          IP: 102.210.200.0/22
                          IP: 102.212.108.0/22
                          IP: 196.200.224.0/20
                          IP: 2c0f:fda8::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10322 (0x2852)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 04:23:30 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36EBDD7AF/serialNumber=671762DF2F4B65E8350EF43DFE6E347765751B67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:48:ca:4f:4f:d6:14:e1:4c:0c:37:1f:f7:f3:
                    70:35:0b:88:52:1d:10:42:8b:ac:54:6e:4c:af:28:
                    7e:6d:ae:6d:2c:6a:67:ea:4f:75:1d:40:ca:61:79:
                    91:4e:1a:b7:71:d2:e1:f2:57:6e:44:94:e2:ce:aa:
                    c4:3e:52:a2:de:6b:52:b5:ed:33:69:40:01:60:d5:
                    70:6f:5b:61:bd:d5:6c:3c:53:48:e8:14:3c:49:3a:
                    b4:bb:82:10:10:0a:ce:59:33:5a:03:e6:75:a0:1a:
                    62:53:fd:aa:62:d3:df:8f:e0:88:18:72:2d:c7:64:
                    88:85:49:95:15:77:ef:aa:eb:dc:db:fe:2b:68:6a:
                    fb:62:ce:47:c6:f6:db:2c:14:52:4a:97:c0:81:93:
                    df:96:92:a1:9d:eb:2e:31:8b:02:25:c2:67:78:9b:
                    e7:22:3c:c9:33:41:75:fb:49:0d:a8:67:90:38:ec:
                    4f:1b:3d:eb:a9:44:aa:ed:1f:6e:04:ce:49:93:72:
                    82:e5:c9:e3:68:a1:58:ca:8c:6f:7c:d5:c1:6f:36:
                    db:51:8e:ad:90:f9:24:b7:fa:e3:67:a3:f4:31:4b:
                    79:35:e5:88:4d:db:81:04:03:ab:a5:5f:02:68:80:
                    27:3a:0c:da:6a:f5:b1:8e:c6:ea:3c:0a:ac:9b:d5:
                    2d:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:17:62:DF:2F:4B:65:E8:35:0E:F4:3D:FE:6E:34:77:65:75:1B:67
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36EBDD7/59907460BE1D11EB9A348B42F8AEA228/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36EBDD7/59907460BE1D11EB9A348B42F8AEA228/Zxdi3y9LZeg1DvQ9_m40d2V1G2c.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  37349

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.79.68.0/22
                  41.207.240.0/21
                  102.210.200.0/22
                  102.212.108.0/22
                  196.200.224.0/20
                IPv6:
                  2c0f:fda8::/32

    Signature Algorithm: sha256WithRSAEncryption
         5c:dc:ee:99:81:ca:65:8f:52:e3:62:0b:e1:e7:93:1d:b8:24:
         ae:ae:47:3e:e6:9c:49:ac:87:27:0c:ac:d0:69:a1:f1:57:9a:
         6f:3d:cf:c8:8f:49:31:d3:0e:15:9f:4b:4e:0e:69:3a:3f:dd:
         04:44:66:b5:62:07:2a:4b:df:b3:6c:0f:16:c6:b0:6e:c3:0a:
         19:06:2f:0f:b3:18:20:1e:4d:5e:b8:0f:47:90:eb:e4:7d:00:
         a6:aa:05:b2:33:33:aa:f3:e1:f0:5c:5b:70:74:96:ef:2a:d9:
         cf:69:f7:14:bf:bd:d0:46:bf:a7:34:9f:cb:f0:2c:b4:95:d3:
         e7:b9:72:5b:71:10:ad:c5:45:21:59:2d:69:44:3c:df:a2:55:
         63:33:e1:66:6e:cc:8c:39:a4:bc:02:b8:a1:fa:c0:f3:28:6e:
         b1:0d:1f:16:8a:07:ee:97:35:63:22:dd:1c:72:b0:59:f3:3d:
         cd:2d:4d:59:5f:5c:c6:0b:0d:48:1c:c4:d5:64:66:36:98:19:
         2c:ff:19:05:d1:e2:6e:6e:3e:95:6f:d9:8e:33:6d:ef:4a:a3:
         d9:c6:92:d3:ec:46:8d:63:f6:b3:c9:87:b0:75:79:ea:57:5f:
         63:ff:73:7f:4a:df:a3:5c:39:4c:33:4f:26:6d:52:c0:dc:0c:
         e2:e2:05:16
-----BEGIN CERTIFICATE-----
MIIGPTCCBSWgAwIBAgICKFIwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwNDIzMzBaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkVCREQ3QUYxMTAvBgNVBAUTKDY3MTc2MkRGMkY0QjY1RTgzNTBFRjQz
REZFNkUzNDc3NjU3NTFCNjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC6SMpPT9YU4UwMNx/383A1C4hSHRBCi6xUbkyvKH5trm0samfqT3UdQMpheZFO
Grdx0uHyV25ElOLOqsQ+UqLea1K17TNpQAFg1XBvW2G91Ww8U0joFDxJOrS7ghAQ
Cs5ZM1oD5nWgGmJT/api09+P4IgYci3HZIiFSZUVd++q69zb/itoavtizkfG9tss
FFJKl8CBk9+WkqGd6y4xiwIlwmd4m+ciPMkzQXX7SQ2oZ5A47E8bPeupRKrtH24E
zkmTcoLlyeNooVjKjG981cFvNttRjq2Q+SS3+uNno/QxS3k15YhN24EEA6ulXwJo
gCc6DNpq9bGOxuo8Cqyb1S3xAgMBAAGjggMyMIIDLjAdBgNVHQ4EFgQUZxdi3y9L
Zeg1DvQ9/m40d2V1G2cwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZFQkRENy81OTkwNzQ2MEJFMUQx
MUVCOUEzNDhCNDJGOEFFQTIyOC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RUJERDcvNTk5MDc0NjBCRTFEMTFFQjlBMzQ4QjQyRjhBRUEyMjgvWnhkaTN5
OUxaZWcxRHZROV9tNDBkMlYxRzJjLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMAkeUwRgYIKwYBBQUHAQcBAf8ENzA1MCQEAgABMB4DBAIpT0QDBAMpz/ADBAJm
0sgDBAJm1GwDBATEyOAwDQQCAAIwBwMFACwP/agwDQYJKoZIhvcNAQELBQADggEB
AFzc7pmBymWPUuNiC+Hnkx24JK6uRz7mnEmshycMrNBpofFXmm89z8iPSTHTDhWf
S04OaTo/3QREZrViBypL37NsDxbGsG7DChkGLw+zGCAeTV64D0eQ6+R9AKaqBbIz
M6rz4fBcW3B0lu8q2c9p9xS/vdBGv6c0n8vwLLSV0+e5cltxEK3FRSFZLWlEPN+i
VWMz4WZuzIw5pLwCuKH6wPMobrENHxaKB+6XNWMi3RxysFnzPc0tTVlfXMYLDUgc
xNVkZjaYGSz/GQXR4m5uPpVv2Y4zbe9Ko9nGktPsRo1j9rPJh7B1eepXX2P/c39K
36NcOUwzTyZtUsDcDOLiBRY=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:22 2024 by rpki-client on console-ams.rpki-client.org