Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/d0EtfMEFPOGdN5zMYAe5JaHnTKE.cer
File:                     d0EtfMEFPOGdN5zMYAe5JaHnTKE.cer (raw, json)
Hash identifier:          t+8V7Wt6fQ+ff4kDxHMT5CUlKszRNA67QZcUjnE2MrU=
Subject key identifier:   77:41:2D:7C:C1:05:3C:E1:9D:37:9C:CC:60:07:B9:25:A1:E7:4C:A1
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       307C
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F367FC8B/7B5474960EA911EE99CD2B764AD9E6FC/d0EtfMEFPOGdN5zMYAe5JaHnTKE.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F367FC8B/7B5474960EA911EE99CD2B764AD9E6FC/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 03:22:43 +0000
Certificate not after:    Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources:    IP: 41.209.0.0/18
                          IP: 2001:4368::/32
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 04 Apr 2025 00:06:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12412 (0x307c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC
        Validity
            Not Before: Jan  1 03:22:43 2025 GMT
            Not After : Mar 31 00:00:00 2026 GMT
        Subject: CN=F367FC8BAF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:dd:78:19:bd:c5:d4:f2:5f:fa:65:69:ca:f9:
                    c3:95:22:b6:17:3a:4c:6d:d3:64:4d:e8:8b:3a:75:
                    fc:80:68:26:d6:51:63:34:53:33:c1:31:e0:1c:26:
                    cc:53:52:ff:8d:2a:a7:b8:ce:6f:65:98:f4:37:a2:
                    e2:c4:f1:94:06:9f:04:72:b1:e2:32:a0:95:e0:4b:
                    2f:f8:3b:57:cb:31:69:03:ef:a1:f6:b1:b2:82:7b:
                    8a:04:52:4d:ac:e3:51:aa:53:d1:3a:35:eb:75:19:
                    ff:35:5d:bf:6c:fc:fd:f3:fe:23:d5:ab:3c:19:2c:
                    6d:93:78:ab:63:d5:8f:5f:57:da:5a:9d:2b:1c:a8:
                    bf:72:88:f6:d3:8d:2c:82:6b:e2:39:67:c2:6b:c5:
                    97:95:2e:6c:b3:f8:ec:5f:7c:ae:82:36:81:9c:7a:
                    5d:3e:d5:52:8d:ad:26:e0:d9:55:29:a4:d7:7c:e7:
                    4e:ae:25:7b:00:46:be:47:3e:8f:cb:07:0e:a2:0d:
                    1a:ae:2f:11:7e:0b:59:95:7d:ba:3b:5f:b8:37:a4:
                    8e:06:32:40:f1:e6:1d:c8:ae:0d:74:53:d3:68:02:
                    b9:9c:c2:cf:50:26:33:b4:26:64:6c:23:4f:fc:32:
                    34:ee:77:79:be:91:53:1f:21:c9:05:3d:8e:1f:79:
                    87:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:41:2D:7C:C1:05:3C:E1:9D:37:9C:CC:60:07:B9:25:A1:E7:4C:A1
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F367FC8B/7B5474960EA911EE99CD2B764AD9E6FC/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F367FC8B/7B5474960EA911EE99CD2B764AD9E6FC/d0EtfMEFPOGdN5zMYAe5JaHnTKE.mft

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.209.0.0/18
                IPv6:
                  2001:4368::/32

    Signature Algorithm: sha256WithRSAEncryption
         b6:aa:4c:30:1a:5d:ee:76:94:5c:96:a7:66:39:a2:d9:b7:ff:
         bd:c5:cb:64:16:3d:69:92:1e:61:1b:e0:c4:4f:e2:eb:c3:73:
         7f:72:0b:81:09:cd:4b:30:71:0b:70:8b:21:aa:38:90:76:04:
         c1:e7:7e:fa:31:a2:56:ef:cd:2b:97:3b:c0:c8:ee:e8:8a:6c:
         e2:55:1f:5e:bc:a8:7c:89:ae:90:52:0e:19:56:61:5e:a5:55:
         1f:2e:67:df:ac:0f:c3:e3:4e:16:6e:cc:ce:ef:83:b7:d5:92:
         94:11:79:90:9d:1e:6b:dd:cc:1d:4d:1f:70:00:9c:5d:f9:aa:
         dd:76:a0:fd:74:45:9a:0a:7f:a9:47:55:2e:47:29:eb:8f:63:
         72:06:c8:99:48:c0:59:a7:e4:2f:0f:62:f8:4b:b4:c5:bd:81:
         10:fe:84:6f:35:82:9b:8e:51:63:77:5b:b8:18:f4:93:00:f5:
         84:a8:a3:76:de:6f:c8:cd:4b:b5:1c:93:51:76:af:5f:7a:9d:
         4d:b6:5f:eb:54:6a:10:b8:96:70:fc:7a:17:51:03:a9:2d:ee:
         c5:1b:e2:4e:d6:32:21:88:80:fd:a9:54:b1:19:5b:19:63:13:
         1e:1e:b6:94:9b:eb:3c:0b:e3:8d:1c:8e:f6:30:6a:21:f8:e1:
         83:bd:6d:de
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgICMHwwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNTAxMDEwMzIyNDNaFw0yNjAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjdGQzhCQUYxMTAvBgNVBAUTKDc3NDEyRDdDQzEwNTNDRTE5RDM3OUND
QzYwMDdCOTI1QTFFNzRDQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDD3XgZvcXU8l/6ZWnK+cOVIrYXOkxt02RN6Is6dfyAaCbWUWM0UzPBMeAcJsxT
Uv+NKqe4zm9lmPQ3ouLE8ZQGnwRyseIyoJXgSy/4O1fLMWkD76H2sbKCe4oEUk2s
41GqU9E6Net1Gf81Xb9s/P3z/iPVqzwZLG2TeKtj1Y9fV9panSscqL9yiPbTjSyC
a+I5Z8JrxZeVLmyz+OxffK6CNoGcel0+1VKNrSbg2VUppNd8506uJXsARr5HPo/L
Bw6iDRquLxF+C1mVfbo7X7g3pI4GMkDx5h3Irg10U9NoArmcws9QJjO0JmRsI0/8
MjTud3m+kVMfIckFPY4feYfpAgMBAAGjggL+MIIC+jAdBgNVHQ4EFgQUd0EtfMEF
POGdN5zMYAe5JaHnTKEwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY3RkM4Qi83QjU0NzQ5NjBFQTkx
MUVFOTlDRDJCNzY0QUQ5RTZGQy8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0ZDOEIvN0I1NDc0OTYwRUE5MTFFRTk5Q0QyQjc2NEFEOUU2RkMvZDBFdGZN
RUZQT0dkTjV6TVlBZTVKYUhuVEtFLm1mdDAuBggrBgEFBQcBBwEB/wQfMB0wDAQC
AAEwBgMEBinRADANBAIAAjAHAwUAIAFDaDANBgkqhkiG9w0BAQsFAAOCAQEAtqpM
MBpd7naUXJanZjmi2bf/vcXLZBY9aZIeYRvgxE/i68Nzf3ILgQnNSzBxC3CLIao4
kHYEwed++jGiVu/NK5c7wMju6Ips4lUfXryofImukFIOGVZhXqVVHy5n36wPw+NO
Fm7Mzu+Dt9WSlBF5kJ0ea93MHU0fcACcXfmq3Xag/XRFmgp/qUdVLkcp649jcgbI
mUjAWafkLw9i+Eu0xb2BEP6EbzWCm45RY3dbuBj0kwD1hKijdt5vyM1LtRyTUXav
X3qdTbZf61RqELiWcPx6F1EDqS3uxRviTtYyIYiA/alUsRlbGWMTHh62lJvrPAvj
jRyO9jBqIfjhg71t3g==
-----END CERTIFICATE-----