Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/cfbjXgELx4fYmgtLqTPZlvrU2tI.cer
File:                     cfbjXgELx4fYmgtLqTPZlvrU2tI.cer (raw, json)
Hash identifier:          x5/4KNrB9WJQuxEH5kmJTjIB9cL8F5QPnjkfdjycLFk=
Subject key identifier:   71:F6:E3:5E:01:0B:C7:87:D8:9A:0B:4B:A9:33:D9:96:FA:D4:DA:D2
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       265A
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36882A1/AA75582CC7C411EBB520A668F8AEA228/cfbjXgELx4fYmgtLqTPZlvrU2tI.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36882A1/AA75582CC7C411EBB520A668F8AEA228/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 03:06:17 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 327978

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9818 (0x265a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 03:06:17 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36882A1AF/serialNumber=71F6E35E010BC787D89A0B4BA933D996FAD4DAD2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:df:77:02:a9:f5:08:6d:47:a2:6c:b9:b2:e5:
                    f1:ca:61:d6:b3:e3:67:e2:a9:06:b2:2b:23:62:f8:
                    79:10:0a:84:dc:80:35:3d:a7:6d:48:66:46:92:5e:
                    ff:cb:f0:56:fe:f3:c7:63:d7:79:7a:c7:77:53:e4:
                    5b:4a:c0:26:3d:39:c6:df:d2:92:30:d6:2f:b1:40:
                    cd:1f:aa:a4:7e:f2:a6:06:d5:fb:3d:d2:21:21:58:
                    fa:08:44:16:75:05:11:fe:d7:30:72:0e:a9:52:74:
                    5f:a4:2b:12:4c:b6:eb:3c:08:b7:48:c5:47:ba:ef:
                    20:2c:23:8b:b4:2c:d7:dc:cb:13:49:61:77:a0:51:
                    9b:05:71:1e:ad:08:25:f0:00:6c:13:23:17:48:21:
                    78:ea:54:b8:5b:3b:94:b9:41:b3:31:b1:42:5b:77:
                    ab:e9:17:77:e1:2c:af:35:68:b7:60:90:d7:0f:29:
                    0a:bc:0c:16:e6:57:b2:25:5c:ce:37:6e:c8:ca:bc:
                    34:da:da:08:5a:18:46:46:bb:02:b6:05:f0:71:74:
                    42:98:05:d4:0a:4c:fd:34:e1:81:d2:00:d1:c1:52:
                    28:cc:95:03:3f:d4:d6:6a:bb:1b:c0:d4:a1:bc:76:
                    6d:96:52:ba:40:0e:0a:b8:f4:d5:19:ea:93:26:ce:
                    da:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:F6:E3:5E:01:0B:C7:87:D8:9A:0B:4B:A9:33:D9:96:FA:D4:DA:D2
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36882A1/AA75582CC7C411EBB520A668F8AEA228/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36882A1/AA75582CC7C411EBB520A668F8AEA228/cfbjXgELx4fYmgtLqTPZlvrU2tI.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  327978

    Signature Algorithm: sha256WithRSAEncryption
         9a:45:d3:19:d9:b2:4b:ce:89:7d:3e:ba:71:26:b2:66:2a:5f:
         51:a1:8f:5c:c9:ec:ca:e1:9c:8e:19:83:27:93:40:ef:ed:ed:
         b4:50:fc:e1:1a:20:78:e9:6a:65:a7:1e:16:84:b7:d2:ee:da:
         ce:c6:68:df:51:6c:6b:93:04:41:13:98:39:33:66:e0:e3:cc:
         d5:e7:b2:7d:c0:42:cb:d3:ca:43:4d:3f:84:ee:9b:59:a2:a8:
         85:ab:af:6d:99:c2:da:71:4c:10:ff:01:d5:70:17:e5:1b:aa:
         8a:8b:d7:fa:99:c5:45:10:25:13:ec:b2:e2:02:46:33:a6:bb:
         96:be:ae:45:4b:95:f3:be:07:cf:c2:f2:50:0b:e9:96:72:13:
         ad:e7:6c:07:8a:35:f3:d8:86:18:4f:e4:da:85:48:80:c9:57:
         08:48:81:67:a6:bb:86:0e:38:b3:6f:ff:76:87:02:08:c2:ea:
         4e:f2:c2:a0:14:09:a2:c9:92:14:36:b9:01:12:1d:74:de:f3:
         31:cb:d1:ea:e6:29:71:5a:65:d5:3a:85:ea:1d:57:66:ff:1e:
         9f:14:01:33:97:c6:65:db:1a:e4:b7:a7:14:c4:4f:e1:13:b3:
         e1:c4:70:07:d6:7f:11:28:5d:e0:c8:81:ea:4e:a2:68:c6:73:
         b5:5f:40:f8
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgICJlowDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMzA2MTdaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjg4MkExQUYxMTAvBgNVBAUTKDcxRjZFMzVFMDEwQkM3ODdEODlBMEI0
QkE5MzNEOTk2RkFENERBRDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDr33cCqfUIbUeibLmy5fHKYdaz42fiqQayKyNi+HkQCoTcgDU9p21IZkaSXv/L
8Fb+88dj13l6x3dT5FtKwCY9Ocbf0pIw1i+xQM0fqqR+8qYG1fs90iEhWPoIRBZ1
BRH+1zByDqlSdF+kKxJMtus8CLdIxUe67yAsI4u0LNfcyxNJYXegUZsFcR6tCCXw
AGwTIxdIIXjqVLhbO5S5QbMxsUJbd6vpF3fhLK81aLdgkNcPKQq8DBbmV7IlXM43
bsjKvDTa2ghaGEZGuwK2BfBxdEKYBdQKTP004YHSANHBUijMlQM/1NZquxvA1KG8
dm2WUrpADgq49NUZ6pMmztqFAgMBAAGjggLqMIIC5jAdBgNVHQ4EFgQUcfbjXgEL
x4fYmgtLqTPZlvrU2tIwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY4ODJBMS9BQTc1NTgyQ0M3QzQx
MUVCQjUyMEE2NjhGOEFFQTIyOC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODgyQTEvQUE3NTU4MkNDN0M0MTFFQkI1MjBBNjY4RjhBRUEyMjgvY2Zialhn
RUx4NGZZbWd0THFUUFpsdnJVMnRJLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFASowDQYJKoZIhvcNAQELBQADggEBAJpF0xnZskvOiX0+unEmsmYqX1Ghj1zJ
7MrhnI4ZgyeTQO/t7bRQ/OEaIHjpamWnHhaEt9Lu2s7GaN9RbGuTBEETmDkzZuDj
zNXnsn3AQsvTykNNP4Tum1miqIWrr22ZwtpxTBD/AdVwF+UbqoqL1/qZxUUQJRPs
suICRjOmu5a+rkVLlfO+B8/C8lAL6ZZyE63nbAeKNfPYhhhP5NqFSIDJVwhIgWem
u4YOOLNv/3aHAgjC6k7ywqAUCaLJkhQ2uQESHXTe8zHL0ermKXFaZdU6heodV2b/
Hp8UATOXxmXbGuS3pxTET+ETs+HEcAfWfxEoXeDIgepOomjGc7VfQPg=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:22 2024 by rpki-client on console-ams.rpki-client.org