Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/bfvHdnmFr_b5jM3hELmzpyppQYY.cer
File:                     bfvHdnmFr_b5jM3hELmzpyppQYY.cer (raw, json)
Hash identifier:          NoUfEQnLy/s0eNO9TIL/OAYee2+apmkUxVKmavQjgik=
Subject key identifier:   6D:FB:C7:76:79:85:AF:F6:F9:8C:CD:E1:10:B9:B3:A7:2A:69:41:86
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       24A3
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F364A64D/6232C5A6CC9811E8BD93D157F8AEA228/bfvHdnmFr_b5jM3hELmzpyppQYY.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F364A64D/6232C5A6CC9811E8BD93D157F8AEA228/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 01:46:09 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 327700
                          IP: 41.94.0.0/16
                          IP: 2c0f:f140::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 09 Jun 2024 11:30:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9379 (0x24a3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 01:46:09 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F364A64DAF/serialNumber=6DFBC7767985AFF6F98CCDE110B9B3A72A694186
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:32:41:21:ad:d0:78:f7:27:29:6b:af:9c:66:
                    b0:40:6f:09:15:36:8c:d5:c7:c5:05:09:43:b9:72:
                    9e:ec:c7:0c:ce:01:b8:aa:e0:8e:e8:c4:54:3e:dd:
                    82:1b:49:d1:cc:63:a6:83:ba:36:0c:f0:df:34:03:
                    90:b7:53:68:49:be:d8:a8:23:8d:c6:a8:67:c4:ac:
                    bd:62:47:3c:c3:d9:d9:5a:3d:f4:9c:02:90:ef:85:
                    d9:d0:c5:ba:55:8f:2a:c2:7b:ff:f8:7f:d8:30:37:
                    88:71:15:6b:5b:89:8c:cd:a2:2b:bb:89:89:1a:56:
                    ed:c9:14:3b:5c:19:48:9d:f7:38:ed:94:66:c5:76:
                    a6:e5:c0:7b:89:0a:38:af:23:fa:e7:8f:72:97:a3:
                    47:cb:c0:81:eb:94:70:c4:6c:6d:c2:64:8b:50:eb:
                    29:44:27:18:35:c9:2d:d4:d9:bc:3e:19:7a:f3:c3:
                    d4:ee:f9:c2:e6:e2:55:1b:44:f5:b0:3e:d4:5c:ac:
                    ad:a9:9c:8e:23:b0:cb:b7:30:81:a9:cb:76:a0:78:
                    0c:cb:63:63:34:91:30:ad:e9:32:dc:fc:b7:6c:c3:
                    ca:a3:5d:39:b7:93:87:96:2f:ec:aa:e1:58:e1:2c:
                    63:26:0c:ac:d6:84:3b:eb:f3:47:62:7e:bb:ee:d4:
                    e0:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:FB:C7:76:79:85:AF:F6:F9:8C:CD:E1:10:B9:B3:A7:2A:69:41:86
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F364A64D/6232C5A6CC9811E8BD93D157F8AEA228/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F364A64D/6232C5A6CC9811E8BD93D157F8AEA228/bfvHdnmFr_b5jM3hELmzpyppQYY.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  327700

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.94.0.0/16
                IPv6:
                  2c0f:f140::/32

    Signature Algorithm: sha256WithRSAEncryption
         00:3f:24:d5:a9:30:15:3c:26:d5:96:7d:f6:32:ec:bb:1b:e7:
         00:8d:f8:b7:ec:5d:5a:90:f9:20:f6:4e:ca:82:9d:ae:e3:b5:
         c7:54:61:92:35:17:7c:6a:81:cd:af:c3:0a:32:60:c1:b9:e2:
         9a:a6:c2:9d:a2:25:77:51:a1:65:4b:66:40:fe:bc:53:8d:7d:
         1d:b7:27:c7:c9:33:18:9a:0e:fe:26:76:e1:a7:a7:ad:2c:ac:
         1a:12:82:21:d9:6a:b3:c5:08:5e:95:55:e6:9c:90:b7:02:71:
         87:a8:7b:01:01:11:aa:89:70:76:d3:94:5e:a4:d3:a7:56:d9:
         13:15:63:58:92:69:a2:05:77:9b:57:cd:e2:c9:a5:32:00:ca:
         02:5b:a4:8e:de:81:3f:b1:37:01:99:30:d0:1e:97:b8:8b:0b:
         e1:37:f5:07:c5:c1:12:41:cd:84:90:57:7a:77:cd:a0:02:65:
         e1:e1:af:b6:7e:1f:84:ad:1a:98:3e:15:fc:0a:1e:c7:28:3e:
         bd:71:f0:24:84:f2:28:6e:0c:87:1c:77:8f:1e:57:c3:19:de:
         f4:26:a8:12:51:a6:52:07:de:06:2f:8d:f9:1d:6c:45:9d:6c:
         b5:ab:9d:d1:e5:88:28:6b:f2:e7:90:f4:7f:87:df:08:9a:46:
         0f:07:02:7f
-----BEGIN CERTIFICATE-----
MIIGJDCCBQygAwIBAgICJKMwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMTQ2MDlaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjRBNjREQUYxMTAvBgNVBAUTKDZERkJDNzc2Nzk4NUFGRjZGOThDQ0RF
MTEwQjlCM0E3MkE2OTQxODYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDEMkEhrdB49ycpa6+cZrBAbwkVNozVx8UFCUO5cp7sxwzOAbiq4I7oxFQ+3YIb
SdHMY6aDujYM8N80A5C3U2hJvtioI43GqGfErL1iRzzD2dlaPfScApDvhdnQxbpV
jyrCe//4f9gwN4hxFWtbiYzNoiu7iYkaVu3JFDtcGUid9zjtlGbFdqblwHuJCjiv
I/rnj3KXo0fLwIHrlHDEbG3CZItQ6ylEJxg1yS3U2bw+GXrzw9Tu+cLm4lUbRPWw
PtRcrK2pnI4jsMu3MIGpy3ageAzLY2M0kTCt6TLc/Ldsw8qjXTm3k4eWL+yq4Vjh
LGMmDKzWhDvr80difrvu1ODlAgMBAAGjggMZMIIDFTAdBgNVHQ4EFgQUbfvHdnmF
r/b5jM3hELmzpyppQYYwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY0QTY0RC82MjMyQzVBNkNDOTgx
MUU4QkQ5M0QxNTdGOEFFQTIyOC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NEE2NEQvNjIzMkM1QTZDQzk4MTFFOEJEOTNEMTU3RjhBRUEyMjgvYmZ2SGRu
bUZyX2I1ak0zaEVMbXpweXBwUVlZLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFABQwLQYIKwYBBQUHAQcBAf8EHjAcMAsEAgABMAUDAwApXjANBAIAAjAHAwUA
LA/xQDANBgkqhkiG9w0BAQsFAAOCAQEAAD8k1akwFTwm1ZZ99jLsuxvnAI34t+xd
WpD5IPZOyoKdruO1x1RhkjUXfGqBza/DCjJgwbnimqbCnaIld1GhZUtmQP68U419
Hbcnx8kzGJoO/iZ24aenrSysGhKCIdlqs8UIXpVV5pyQtwJxh6h7AQERqolwdtOU
XqTTp1bZExVjWJJpogV3m1fN4smlMgDKAlukjt6BP7E3AZkw0B6XuIsL4Tf1B8XB
EkHNhJBXenfNoAJl4eGvtn4fhK0amD4V/Aoexyg+vXHwJITyKG4Mhxx3jx5Xwxne
9CaoElGmUgfeBi+N+R1sRZ1staud0eWIKGvy55D0f4ffCJpGDwcCfw==
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:45:28 2024 by rpki-client on console-fra.rpki-client.org