Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/e5XIh1o9qSB6rcxUQDFzjYpiLas.cer
File:                     e5XIh1o9qSB6rcxUQDFzjYpiLas.cer (raw, json)
Hash identifier:          8tJx80/bZwW1K4HazbzspMm/7M9zvKXIyVpqb5wk3Gc=
Subject key identifier:   7B:95:C8:87:5A:3D:A9:20:7A:AD:CC:54:40:31:73:8D:8A:62:2D:AB
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2836
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36E38E5/C89F9E94553E11ED8E2230CAF1222468/e5XIh1o9qSB6rcxUQDFzjYpiLas.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36E38E5/C89F9E94553E11ED8E2230CAF1222468/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 04:18:53 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    IP: 102.67.164.0/22
                          IP: 102.213.152.0/22
                          IP: 2c0f:edb0::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 08:08:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10294 (0x2836)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 04:18:53 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36E38E5AF/serialNumber=7B95C8875A3DA9207AADCC544031738D8A622DAB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:0f:5d:1d:9d:30:70:78:0e:ce:b4:f4:64:a6:
                    47:51:83:eb:db:62:34:46:40:11:6b:aa:77:09:6e:
                    90:11:7b:3e:ba:35:1e:0d:bb:19:b0:4c:37:e3:b0:
                    cd:a4:c0:53:1b:9f:3b:e3:27:68:40:45:90:41:da:
                    fa:1d:79:be:cd:ff:ea:5e:9b:0e:b1:68:2e:76:95:
                    33:54:c7:f1:2e:a1:39:f6:20:72:0f:41:cb:3f:60:
                    4c:27:d3:d7:c3:0a:99:2b:ba:2d:e9:c7:14:5a:87:
                    72:ab:73:79:54:0f:45:a3:cd:29:12:fc:ff:40:1b:
                    b1:36:19:4a:d5:3a:ae:a6:c2:65:6e:9a:10:b3:65:
                    0c:68:36:54:11:ff:b1:de:05:c1:40:d9:94:34:36:
                    24:df:70:fc:5b:95:65:da:0f:d7:03:d4:33:89:b0:
                    db:3a:2f:69:89:e4:d4:88:7e:09:7c:18:41:12:3c:
                    99:26:36:03:b5:03:3d:83:3a:4e:86:5b:f0:10:8f:
                    e7:29:b6:c7:3f:c7:da:2d:47:18:ee:aa:08:ff:df:
                    8a:22:80:a6:1d:f3:af:8f:6e:d8:01:2b:1e:8c:ba:
                    a8:4f:d3:d1:ed:a7:5e:c5:b2:88:91:5d:b9:93:4b:
                    5e:3d:19:b6:f8:75:c1:cc:ac:0f:d2:f1:53:8a:2d:
                    dc:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:95:C8:87:5A:3D:A9:20:7A:AD:CC:54:40:31:73:8D:8A:62:2D:AB
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E38E5/C89F9E94553E11ED8E2230CAF1222468/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E38E5/C89F9E94553E11ED8E2230CAF1222468/e5XIh1o9qSB6rcxUQDFzjYpiLas.mft

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.67.164.0/22
                  102.213.152.0/22
                IPv6:
                  2c0f:edb0::/32

    Signature Algorithm: sha256WithRSAEncryption
         a4:94:04:20:3b:32:4e:15:25:71:a6:ad:b0:79:5f:2c:13:70:
         90:35:48:9a:36:87:ba:dd:32:e0:96:90:87:c1:14:bb:55:1d:
         45:9f:f5:ee:68:41:02:2e:c5:a0:cc:2c:9d:92:f4:85:e1:58:
         43:f5:3a:53:90:65:ca:8f:6a:77:f9:f7:35:31:bb:0a:2b:b7:
         d8:9f:84:7b:3c:6a:78:d8:5c:0f:86:91:5b:29:e9:22:e2:e3:
         c5:05:2b:8f:ee:bc:d3:02:ef:c9:99:88:3d:30:5d:3e:ce:e1:
         8b:ca:77:d1:be:2e:01:ee:22:ff:04:7a:21:f9:d4:87:98:d5:
         10:c7:fa:2b:d5:d6:f0:2d:a5:ec:18:4d:4c:9e:f6:e4:47:6c:
         87:9c:5f:a2:01:81:41:7b:bc:12:47:0d:39:18:62:e6:17:2f:
         4d:1c:33:d5:54:9c:35:4c:0e:32:99:dd:e1:18:46:a5:e0:5b:
         25:a4:12:04:a8:76:e0:2d:e1:1d:62:61:c6:de:5f:d0:9a:7c:
         dc:9e:a3:d0:08:84:90:a4:3e:3a:a9:14:2f:8f:7f:04:2b:93:
         d6:0b:3b:96:b4:20:92:66:57:32:5a:9e:84:69:3e:d0:0a:bd:
         ee:d4:c7:36:5b:17:a5:8c:3d:d7:ca:af:25:14:2d:1b:04:4f:
         be:b6:4a:e0
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgICKDYwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwNDE4NTNaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkUzOEU1QUYxMTAvBgNVBAUTKDdCOTVDODg3NUEzREE5MjA3QUFEQ0M1
NDQwMzE3MzhEOEE2MjJEQUIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDoD10dnTBweA7OtPRkpkdRg+vbYjRGQBFrqncJbpARez66NR4NuxmwTDfjsM2k
wFMbnzvjJ2hARZBB2vodeb7N/+pemw6xaC52lTNUx/EuoTn2IHIPQcs/YEwn09fD
Cpkrui3pxxRah3Krc3lUD0WjzSkS/P9AG7E2GUrVOq6mwmVumhCzZQxoNlQR/7He
BcFA2ZQ0NiTfcPxblWXaD9cD1DOJsNs6L2mJ5NSIfgl8GEESPJkmNgO1Az2DOk6G
W/AQj+cptsc/x9otRxjuqgj/34oigKYd86+PbtgBKx6MuqhP09Htp17FsoiRXbmT
S149Gbb4dcHMrA/S8VOKLdyZAgMBAAGjggMEMIIDADAdBgNVHQ4EFgQUe5XIh1o9
qSB6rcxUQDFzjYpiLaswHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZFMzhFNS9DODlGOUU5NDU1M0Ux
MUVEOEUyMjMwQ0FGMTIyMjQ2OC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTM4RTUvQzg5RjlFOTQ1NTNFMTFFRDhFMjIzMENBRjEyMjI0NjgvZTVYSWgx
bzlxU0I2cmN4VVFERnpqWXBpTGFzLm1mdDA0BggrBgEFBQcBBwEB/wQlMCMwEgQC
AAEwDAMEAmZDpAMEAmbVmDANBAIAAjAHAwUALA/tsDANBgkqhkiG9w0BAQsFAAOC
AQEApJQEIDsyThUlcaatsHlfLBNwkDVImjaHut0y4JaQh8EUu1UdRZ/17mhBAi7F
oMwsnZL0heFYQ/U6U5Blyo9qd/n3NTG7Ciu32J+EezxqeNhcD4aRWynpIuLjxQUr
j+680wLvyZmIPTBdPs7hi8p30b4uAe4i/wR6IfnUh5jVEMf6K9XW8C2l7BhNTJ72
5Edsh5xfogGBQXu8EkcNORhi5hcvTRwz1VScNUwOMpnd4RhGpeBbJaQSBKh24C3h
HWJhxt5f0Jp83J6j0AiEkKQ+OqkUL49/BCuT1gs7lrQgkmZXMlqehGk+0Aq97tTH
NlsXpYw918qvJRQtGwRPvrZK4A==
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:21:29 2024 by rpki-client on console-fra.rpki-client.org