Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/f4UxHUPeqV9MFIwIQ_ssKdOHfMw.cer
File:                     f4UxHUPeqV9MFIwIQ_ssKdOHfMw.cer (raw, json)
Hash identifier:          2YqRcHJlul1v0fWfLrDy7mqNszThnM13rJlxqIWVmsk=
Subject key identifier:   7F:85:31:1D:43:DE:A9:5F:4C:14:8C:08:43:FB:2C:29:D3:87:7C:CC
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2BFF
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36CBA0F/00E1DAE08BBD11EFA1253244762E951A/f4UxHUPeqV9MFIwIQ_ssKdOHfMw.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36CBA0F/00E1DAE08BBD11EFA1253244762E951A/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Wed 16 Oct 2024 12:49:05 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 329478
                          IP: 102.208.28.0/22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11263 (0x2bff)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Oct 16 12:49:05 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36CBA0FAF/serialNumber=7F85311D43DEA95F4C148C0843FB2C29D3877CCC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:09:45:e2:35:7b:0a:5e:d5:cb:2e:fa:31:c3:
                    22:0b:a8:51:8a:ec:8d:5b:99:86:bf:f8:13:9b:10:
                    a5:af:39:a5:a7:4b:1d:64:82:ff:17:c7:5b:99:9d:
                    40:b6:37:16:40:a1:67:d5:a8:9c:96:80:71:01:ee:
                    10:2b:ab:2b:2c:e9:af:44:2e:45:4e:75:46:ea:51:
                    6e:c1:64:8a:6c:d6:02:46:d1:d6:8a:1b:97:fc:7d:
                    45:a9:a2:92:ed:64:cd:c7:c8:34:b1:08:13:cc:f3:
                    51:bc:29:32:96:81:a1:89:e7:9f:d4:0e:34:6d:fd:
                    22:cf:1a:d3:60:8d:81:9b:d6:a4:2f:86:c1:d7:dd:
                    38:b3:06:77:c0:ad:1f:20:8f:af:c7:ea:53:06:c3:
                    84:5f:4a:76:46:f1:c9:14:28:a9:29:c9:ec:68:8a:
                    74:a3:c7:05:48:3e:d0:5b:c5:00:1b:1c:93:7c:cb:
                    c8:3a:7f:51:93:af:f3:d3:a6:4d:99:b7:96:c8:ad:
                    47:1a:4a:de:e5:df:1e:86:31:3d:31:fd:2e:50:60:
                    bc:47:41:10:f5:cd:ba:80:cd:5d:82:bd:4d:33:9b:
                    e0:cd:2b:5b:b0:e8:ff:00:c9:3b:a0:25:1f:16:f6:
                    0f:6e:2f:f3:62:c1:90:70:a3:6a:31:70:ca:7e:bd:
                    a4:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:85:31:1D:43:DE:A9:5F:4C:14:8C:08:43:FB:2C:29:D3:87:7C:CC
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36CBA0F/00E1DAE08BBD11EFA1253244762E951A/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36CBA0F/00E1DAE08BBD11EFA1253244762E951A/f4UxHUPeqV9MFIwIQ_ssKdOHfMw.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  329478

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.208.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c1:1c:fa:d3:7e:05:2b:74:7b:30:0e:76:8c:a1:f0:91:ce:0b:
         d2:eb:7e:c2:5d:1b:70:15:aa:66:c5:70:18:74:6b:fa:ea:6e:
         23:cf:07:24:a6:ab:71:80:28:c4:75:74:21:51:5b:09:2b:19:
         b1:1e:01:3c:36:ea:5e:f9:aa:4a:07:69:d0:c0:bb:0f:86:64:
         02:8d:80:84:7f:c5:34:c2:34:2d:e0:1e:58:9b:1d:aa:03:6d:
         41:35:92:00:68:0a:8b:de:79:93:9c:ed:5c:16:5a:28:2c:c8:
         ce:53:73:b0:f9:74:bd:01:61:09:d7:e4:cc:d9:15:fc:29:88:
         66:e1:92:af:e3:71:56:41:a5:3a:ac:f5:56:e5:89:c7:6b:be:
         01:4f:b1:90:7a:08:cb:fd:f7:ef:be:8b:45:68:4c:39:03:d4:
         39:e2:26:47:9b:d5:81:40:9a:ff:e2:09:35:e1:2a:d5:df:ea:
         3e:f8:9c:19:36:fd:93:01:87:c7:db:24:1c:15:14:bb:2b:59:
         19:58:87:4a:89:85:47:15:62:f6:7b:67:42:6f:14:e1:08:84:
         a7:5b:46:46:88:b1:17:49:d1:c5:55:0c:4d:5b:9a:81:1c:63:
         f4:8b:18:e5:79:ff:98:ff:44:3a:31:46:74:e5:0b:6f:16:f6:
         4c:88:87:df
-----BEGIN CERTIFICATE-----
MIIGFjCCBP6gAwIBAgICK/8wDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDEwMTYxMjQ5MDVaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkNCQTBGQUYxMTAvBgNVBAUTKDdGODUzMTFENDNERUE5NUY0QzE0OEMw
ODQzRkIyQzI5RDM4NzdDQ0MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQClCUXiNXsKXtXLLvoxwyILqFGK7I1bmYa/+BObEKWvOaWnSx1kgv8Xx1uZnUC2
NxZAoWfVqJyWgHEB7hArqyss6a9ELkVOdUbqUW7BZIps1gJG0daKG5f8fUWpopLt
ZM3HyDSxCBPM81G8KTKWgaGJ55/UDjRt/SLPGtNgjYGb1qQvhsHX3TizBnfArR8g
j6/H6lMGw4RfSnZG8ckUKKkpyexoinSjxwVIPtBbxQAbHJN8y8g6f1GTr/PTpk2Z
t5bIrUcaSt7l3x6GMT0x/S5QYLxHQRD1zbqAzV2CvU0zm+DNK1uw6P8AyTugJR8W
9g9uL/NiwZBwo2oxcMp+vaRLAgMBAAGjggMLMIIDBzAdBgNVHQ4EFgQUf4UxHUPe
qV9MFIwIQ/ssKdOHfMwwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZDQkEwRi8wMEUxREFFMDhCQkQx
MUVGQTEyNTMyNDQ3NjJFOTUxQS8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Q0JBMEYvMDBFMURBRTA4QkJEMTFFRkExMjUzMjQ0NzYyRTk1MUEvZjRVeEhV
UGVxVjlNRkl3SVFfc3NLZE9IZk13Lm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFBwYwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm0BwwDQYJKoZIhvcN
AQELBQADggEBAMEc+tN+BSt0ezAOdoyh8JHOC9LrfsJdG3AVqmbFcBh0a/rqbiPP
BySmq3GAKMR1dCFRWwkrGbEeATw26l75qkoHadDAuw+GZAKNgIR/xTTCNC3gHlib
HaoDbUE1kgBoCoveeZOc7VwWWigsyM5Tc7D5dL0BYQnX5MzZFfwpiGbhkq/jcVZB
pTqs9VblicdrvgFPsZB6CMv99+++i0VoTDkD1DniJkeb1YFAmv/iCTXhKtXf6j74
nBk2/ZMBh8fbJBwVFLsrWRlYh0qJhUcVYvZ7Z0JvFOEIhKdbRkaIsRdJ0cVVDE1b
moEcY/SLGOV5/5j/RDoxRnTlC28W9kyIh98=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:04:32 2024 by rpki-client on console-fra.rpki-client.org