Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/b4DAoZB2gNl5AN9FHNVU1_rbzGY.cer
File:                     b4DAoZB2gNl5AN9FHNVU1_rbzGY.cer (raw, json)
Hash identifier:          FySr483v51Nd+3eLib+21XL6ywIsvMektK1JyQCMc3s=
Subject key identifier:   6F:80:C0:A1:90:76:80:D9:79:00:DF:45:1C:D5:54:D7:FA:DB:CC:66
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       27FF
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36E94D7/42D42708D28511EC92ED97AFF1222468/b4DAoZB2gNl5AN9FHNVU1_rbzGY.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36E94D7/42D42708D28511EC92ED97AFF1222468/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 04:10:38 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 328510
                          IP: 102.38.64.0/18
                          IP: 102.217.176.0/22
                          IP: 2c0f:ede8::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 26 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10239 (0x27ff)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 04:10:38 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36E94D7AF/serialNumber=6F80C0A1907680D97900DF451CD554D7FADBCC66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:01:cf:5c:34:b8:8d:5f:4a:df:d9:8f:76:09:
                    82:e4:ab:f1:59:f8:43:87:ff:f0:23:fb:02:af:73:
                    ab:4a:df:05:d8:99:02:42:3f:11:73:e9:d5:1e:27:
                    ad:0b:eb:4b:8d:b0:a5:fb:1f:92:dc:f4:bc:68:d5:
                    45:8f:e9:6b:3b:d4:cd:81:c7:52:b3:f2:8f:61:9c:
                    68:5c:63:c9:7e:4d:7a:c3:80:be:61:d1:8d:09:12:
                    a6:6a:d6:39:2c:09:5a:48:76:b0:c3:87:7f:d3:27:
                    56:5e:01:11:68:41:57:53:13:ae:a3:ba:a4:51:1a:
                    24:9d:1a:83:ef:43:b5:31:74:35:fe:85:95:41:63:
                    36:71:e6:ea:d3:40:3e:46:0d:6d:c9:45:7d:94:a1:
                    b5:03:dc:6d:a9:9f:28:42:29:55:8d:68:e8:84:00:
                    59:96:71:ec:16:fa:48:63:4a:4a:0a:68:86:22:d7:
                    5a:77:7f:c8:09:51:df:6f:8c:55:bd:65:00:59:7c:
                    f8:22:20:80:8f:dd:a1:a1:c7:63:3e:d4:6d:37:7b:
                    9a:43:83:f1:d8:78:1d:88:3c:0d:b2:71:0c:d9:82:
                    fb:f1:da:fc:69:52:d9:ab:ec:86:7e:eb:d5:f0:b5:
                    84:63:95:b1:60:23:36:03:81:21:c5:a0:b7:1e:25:
                    88:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:80:C0:A1:90:76:80:D9:79:00:DF:45:1C:D5:54:D7:FA:DB:CC:66
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E94D7/42D42708D28511EC92ED97AFF1222468/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E94D7/42D42708D28511EC92ED97AFF1222468/b4DAoZB2gNl5AN9FHNVU1_rbzGY.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  328510

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.38.64.0/18
                  102.217.176.0/22
                IPv6:
                  2c0f:ede8::/32

    Signature Algorithm: sha256WithRSAEncryption
         bb:ea:5a:d1:2b:1d:57:b5:01:b8:6e:36:54:8f:f6:c9:9f:15:
         6c:ad:bc:ec:db:9b:4b:fc:de:ba:26:e8:c4:5a:9e:c9:c2:7f:
         d3:e7:c5:63:d3:e7:d9:ea:c6:ac:e3:04:58:d8:10:bf:3e:09:
         e4:27:76:25:23:40:16:e6:46:b3:02:fc:99:02:65:28:28:21:
         e6:ad:28:fd:99:a5:da:8c:e0:ca:75:13:50:23:d1:dd:f4:c4:
         8d:9e:cb:3e:77:a0:98:ff:40:c8:d5:81:19:fa:fe:6e:62:5d:
         af:7b:b0:d4:ed:83:50:c3:7f:3f:14:e6:21:13:87:5b:a3:57:
         6a:db:ff:e7:04:19:67:d2:bf:8a:31:05:4f:d7:4b:8c:dc:9f:
         28:62:dd:d7:49:ef:e6:73:41:1f:10:ea:13:04:f6:66:3b:78:
         aa:b9:59:db:c4:fc:99:de:33:0b:78:91:ee:e9:c9:1a:ba:a5:
         2b:ec:dd:d0:bd:3d:2a:e2:8d:ae:9b:f4:25:6c:6a:82:ce:6d:
         1e:e1:f9:ff:47:e8:e5:65:6d:89:4e:60:e4:8f:9c:78:79:34:
         96:30:6d:df:ad:7b:ae:48:c2:d1:75:05:4b:1e:eb:77:b4:6a:
         da:4f:54:23:38:69:c0:6d:92:85:f2:c4:f3:a9:82:93:4f:56:
         0b:eb:4f:22
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgICJ/8wDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwNDEwMzhaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkU5NEQ3QUYxMTAvBgNVBAUTKDZGODBDMEExOTA3NjgwRDk3OTAwREY0
NTFDRDU1NEQ3RkFEQkNDNjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/Ac9cNLiNX0rf2Y92CYLkq/FZ+EOH//Aj+wKvc6tK3wXYmQJCPxFz6dUeJ60L
60uNsKX7H5Lc9Lxo1UWP6Ws71M2Bx1Kz8o9hnGhcY8l+TXrDgL5h0Y0JEqZq1jks
CVpIdrDDh3/TJ1ZeARFoQVdTE66juqRRGiSdGoPvQ7UxdDX+hZVBYzZx5urTQD5G
DW3JRX2UobUD3G2pnyhCKVWNaOiEAFmWcewW+khjSkoKaIYi11p3f8gJUd9vjFW9
ZQBZfPgiIICP3aGhx2M+1G03e5pDg/HYeB2IPA2ycQzZgvvx2vxpUtmr7IZ+69Xw
tYRjlbFgIzYDgSHFoLceJYihAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUb4DAoZB2
gNl5AN9FHNVU1/rbzGYwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZFOTRENy80MkQ0MjcwOEQyODUx
MUVDOTJFRDk3QUZGMTIyMjQ2OC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTk0RDcvNDJENDI3MDhEMjg1MTFFQzkyRUQ5N0FGRjEyMjI0NjgvYjREQW9a
QjJnTmw1QU45RkhOVlUxX3JiekdZLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFAz4wNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAZmJkADBAJm2bAwDQQC
AAIwBwMFACwP7egwDQYJKoZIhvcNAQELBQADggEBALvqWtErHVe1AbhuNlSP9smf
FWytvOzbm0v83rom6MRansnCf9PnxWPT59nqxqzjBFjYEL8+CeQndiUjQBbmRrMC
/JkCZSgoIeatKP2ZpdqM4Mp1E1Aj0d30xI2eyz53oJj/QMjVgRn6/m5iXa97sNTt
g1DDfz8U5iETh1ujV2rb/+cEGWfSv4oxBU/XS4zcnyhi3ddJ7+ZzQR8Q6hME9mY7
eKq5WdvE/JneMwt4ke7pyRq6pSvs3dC9PSrija6b9CVsaoLObR7h+f9H6OVlbYlO
YOSPnHh5NJYwbd+te65IwtF1BUse63e0atpPVCM4acBtkoXyxPOpgpNPVgvrTyI=
-----END CERTIFICATE-----
Generated at Sun Nov 24 01:32:40 2024 by rpki-client on console-ams.rpki-client.org