Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer
File:                     auoksJnDKyLk5Iu58mz1eL72v_M.cer (raw, json)
Hash identifier:          frGuHh4k1kNV3SvE2tGLqnWjxyk+V3uEosUOAZsdV+4=
Subject key identifier:   6A:EA:24:B0:99:C3:2B:22:E4:E4:8B:B9:F2:6C:F5:78:BE:F6:BF:F3
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       240F
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 01:09:57 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    IP: 102.135.0.0/17
                          IP: 196.251.64.0/18

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 31 Mar 2024 00:04:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9231 (0x240f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 01:09:57 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F363BA19AF/serialNumber=6AEA24B099C32B22E4E48BB9F26CF578BEF6BFF3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:4f:8e:d2:fb:fa:69:08:b8:15:ff:59:36:87:
                    c8:28:d0:9f:cc:36:b4:0f:b4:3a:6a:f3:c1:a6:25:
                    1d:f9:c3:a5:fb:e2:44:db:12:4e:e8:42:4c:f2:81:
                    f2:f4:c4:da:0a:1b:7b:da:75:3e:1d:5f:27:d0:ce:
                    92:d1:6f:22:04:d7:c6:be:59:1b:ad:f9:fd:6b:47:
                    73:40:2b:06:fa:90:fe:6a:34:1a:97:6a:10:c8:12:
                    92:e0:39:c2:90:a2:15:23:98:ed:df:b5:34:1d:ba:
                    48:5a:46:7f:98:2f:17:07:a0:04:2f:b5:5e:b7:22:
                    42:0a:a2:48:52:2b:77:34:fd:f3:8f:e8:07:5a:4e:
                    09:76:4a:bf:38:ae:25:e6:8f:33:74:6e:a8:de:74:
                    42:2c:e5:03:88:4e:95:a4:22:33:c9:25:d2:ee:e5:
                    87:cc:ce:9b:3b:8a:76:8b:52:15:00:85:cb:c8:51:
                    2c:ee:5e:bc:da:b7:ec:ac:bb:cc:ca:6c:f8:b5:43:
                    7e:f9:20:19:03:be:b0:74:00:44:7d:f9:80:da:bf:
                    84:27:e1:c0:42:58:a1:54:81:37:8a:c7:4f:ed:c6:
                    10:c1:2b:0e:b9:2a:79:92:e6:82:3d:9a:cc:10:bb:
                    e5:36:77:7b:09:b8:6f:77:29:eb:d4:da:4d:53:b2:
                    ed:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:EA:24:B0:99:C3:2B:22:E4:E4:8B:B9:F2:6C:F5:78:BE:F6:BF:F3
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.mft

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.135.0.0/17
                  196.251.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         c5:db:1f:6c:34:a3:39:cb:d7:49:26:0c:d4:c4:19:8c:ad:cd:
         59:6a:03:2d:9e:08:a7:25:d4:37:df:bd:de:7e:e5:2b:81:9c:
         c1:d4:0f:39:96:08:59:39:f6:d8:ca:1b:ee:47:71:5c:8d:3a:
         da:07:c1:63:f4:9c:c2:3b:6f:3e:9b:82:22:d4:1f:29:8c:6f:
         89:50:2c:58:e8:91:2b:ef:34:75:d0:01:6b:5b:0d:4c:15:e5:
         28:7b:04:fe:ea:b7:ae:56:ba:e1:b4:40:02:db:a4:a2:cf:3c:
         85:47:ed:8f:7c:75:6c:25:36:53:32:2a:9f:f4:70:10:5c:2a:
         12:e1:b6:27:7f:71:eb:26:bb:10:de:02:87:e2:56:49:f2:11:
         55:42:c1:a4:51:04:f7:05:58:6f:38:a3:07:df:7f:7c:ad:7a:
         2f:f8:2f:3a:83:35:c6:f4:db:d2:5f:56:1a:ac:58:62:1d:2f:
         99:60:37:55:f5:bc:d6:af:8b:99:d7:a3:5d:17:6c:98:0f:fb:
         e9:88:f7:25:f0:1a:99:5f:35:71:dc:fd:26:c4:d7:c0:57:08:
         d3:7a:c1:b8:2a:df:d8:77:9d:b8:07:f0:78:ff:2b:9d:f8:2c:
         26:8f:2d:de:23:3a:37:64:fa:68:27:4b:4f:37:8f:b1:6c:db:
         e8:b1:1e:22
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgICJA8wDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMTA5NTdaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjNCQTE5QUYxMTAvBgNVBAUTKDZBRUEyNEIwOTlDMzJCMjJFNEU0OEJC
OUYyNkNGNTc4QkVGNkJGRjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDgT47S+/ppCLgV/1k2h8go0J/MNrQPtDpq88GmJR35w6X74kTbEk7oQkzygfL0
xNoKG3vadT4dXyfQzpLRbyIE18a+WRut+f1rR3NAKwb6kP5qNBqXahDIEpLgOcKQ
ohUjmO3ftTQdukhaRn+YLxcHoAQvtV63IkIKokhSK3c0/fOP6AdaTgl2Sr84riXm
jzN0bqjedEIs5QOITpWkIjPJJdLu5YfMzps7inaLUhUAhcvIUSzuXrzat+ysu8zK
bPi1Q375IBkDvrB0AER9+YDav4Qn4cBCWKFUgTeKx0/txhDBKw65KnmS5oI9mswQ
u+U2d3sJuG93KevU2k1Tsu0LAgMBAAGjggL1MIIC8TAdBgNVHQ4EFgQUauoksJnD
KyLk5Iu58mz1eL72v/MwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzYzQkExOS8wRTdGMURGNjk2MkEx
MUVDODY3MUU2RTA1QTQwRDU3Ny8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2M0JBMTkvMEU3RjFERjY5NjJBMTFFQzg2NzFFNkUwNUE0MEQ1NzcvYXVva3NK
bkRLeUxrNUl1NThtejFlTDcydl9NLm1mdDAlBggrBgEFBQcBBwEB/wQWMBQwEgQC
AAEwDAMEB2aHAAMEBsT7QDANBgkqhkiG9w0BAQsFAAOCAQEAxdsfbDSjOcvXSSYM
1MQZjK3NWWoDLZ4IpyXUN9+93n7lK4GcwdQPOZYIWTn22Mob7kdxXI062gfBY/Sc
wjtvPpuCItQfKYxviVAsWOiRK+80ddABa1sNTBXlKHsE/uq3rla64bRAAtukos88
hUftj3x1bCU2UzIqn/RwEFwqEuG2J39x6ya7EN4Ch+JWSfIRVULBpFEE9wVYbzij
B99/fK16L/gvOoM1xvTb0l9WGqxYYh0vmWA3VfW81q+LmdejXRdsmA/76Yj3JfAa
mV81cdz9JsTXwFcI03rBuCrf2HeduAfweP8rnfgsJo8t3iM6N2T6aCdLTzePsWzb
6LEeIg==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:18:42 2024 by rpki-client on console-ams.rpki-client.org