Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/fs54roG_QHKx3E9vt-bLkWYlKzQ.cer
File:                     fs54roG_QHKx3E9vt-bLkWYlKzQ.cer (raw, json)
Hash identifier:          tU4jsQhXrSDay1u9ZM3ouXCG3V7FfaEivXMcT7mRYbs=
Subject key identifier:   7E:CE:78:AE:81:BF:40:72:B1:DC:4F:6F:B7:E6:CB:91:66:25:2B:34
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2821
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36E1028/10D59DBCC8A411ECB5E23199F1222468/fs54roG_QHKx3E9vt-bLkWYlKzQ.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36E1028/10D59DBCC8A411ECB5E23199F1222468/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 04:15:40 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    IP: 196.200.240.0/20

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10273 (0x2821)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 04:15:40 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36E1028AF/serialNumber=7ECE78AE81BF4072B1DC4F6FB7E6CB9166252B34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:2f:56:8c:55:79:0a:a7:34:0e:a1:de:20:e6:
                    07:1a:da:a6:f0:c8:2c:aa:6f:ac:ca:21:56:19:37:
                    ff:ec:12:76:1d:4f:99:07:5c:97:34:98:72:c1:46:
                    b0:de:f5:cf:e9:d8:99:13:1c:ae:43:92:ee:d7:00:
                    35:6c:d1:0a:74:60:0a:c6:16:32:a7:bb:fa:e7:8d:
                    56:68:2d:89:f2:cc:c4:8c:a9:63:50:7b:97:f5:5a:
                    9c:46:e7:9b:1d:4c:a7:83:0f:6c:6a:33:b4:d2:90:
                    f6:f4:62:07:b5:2f:47:d2:15:ee:82:93:33:9c:b8:
                    b3:7f:06:8d:27:88:30:4a:c9:cb:e8:65:a1:5d:eb:
                    a1:98:a1:0a:45:03:8b:24:b2:f9:79:ed:f8:ca:88:
                    e2:eb:c3:d8:4e:ec:95:57:5f:52:bb:6e:60:15:3d:
                    05:92:95:a5:ca:d2:c8:cb:c9:5f:3b:b3:72:39:20:
                    0c:15:9e:3a:7f:03:a8:4b:49:a3:db:d0:fd:64:11:
                    79:94:ba:60:c1:5a:f7:c9:82:3d:61:a9:b2:07:12:
                    39:42:56:75:5e:c8:4c:70:0f:97:34:ca:4d:df:76:
                    d6:60:28:4e:e2:5a:6a:59:fc:c5:0d:b3:34:45:9d:
                    ba:4d:94:b6:79:09:d4:72:59:cb:ed:67:6e:95:3f:
                    95:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:CE:78:AE:81:BF:40:72:B1:DC:4F:6F:B7:E6:CB:91:66:25:2B:34
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E1028/10D59DBCC8A411ECB5E23199F1222468/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E1028/10D59DBCC8A411ECB5E23199F1222468/fs54roG_QHKx3E9vt-bLkWYlKzQ.mft

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.200.240.0/20

    Signature Algorithm: sha256WithRSAEncryption
         9a:6f:82:40:c7:84:6d:59:11:24:29:da:5b:4a:36:cb:97:4b:
         96:f4:7f:e4:75:57:e1:94:6b:f0:45:9f:b7:34:ba:94:4b:45:
         1f:37:96:40:f8:8a:2b:5e:ad:eb:4c:26:14:f9:c8:f9:80:44:
         26:1d:21:52:03:fc:e9:46:a8:ef:a3:d3:8c:95:4e:25:22:89:
         9b:8e:be:76:14:21:71:e4:30:fb:00:83:aa:51:68:3a:30:7b:
         78:a8:fe:0e:17:82:d2:a2:05:3f:1b:f3:34:9b:8b:f6:fd:88:
         f5:60:97:12:d8:3b:0a:f6:1e:cd:1d:62:84:93:4a:2b:9a:6a:
         e3:d8:22:95:0c:18:80:13:0d:0f:57:09:92:fa:02:cd:2a:f2:
         e4:81:d6:85:ca:3b:91:9c:c9:d3:c4:59:b0:20:e3:d8:aa:5e:
         20:94:95:13:b2:fc:fb:50:4d:40:d5:0b:3a:2c:db:86:d9:05:
         19:6a:08:68:d5:63:d6:7b:da:d3:0f:cc:5c:6c:53:68:77:5d:
         36:bd:6c:91:61:f5:48:ba:f5:78:49:42:e8:ef:b3:4b:0c:8c:
         12:88:f9:7a:59:69:48:5c:1b:9d:93:38:9a:b1:3d:34:4e:70:
         de:20:a8:13:f8:dd:51:5e:ef:79:49:ce:3d:96:d1:0d:b3:b5:
         9b:bf:0b:d4
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgICKCEwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwNDE1NDBaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkUxMDI4QUYxMTAvBgNVBAUTKDdFQ0U3OEFFODFCRjQwNzJCMURDNEY2
RkI3RTZDQjkxNjYyNTJCMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDRL1aMVXkKpzQOod4g5gca2qbwyCyqb6zKIVYZN//sEnYdT5kHXJc0mHLBRrDe
9c/p2JkTHK5Dku7XADVs0Qp0YArGFjKnu/rnjVZoLYnyzMSMqWNQe5f1WpxG55sd
TKeDD2xqM7TSkPb0Yge1L0fSFe6CkzOcuLN/Bo0niDBKycvoZaFd66GYoQpFA4sk
svl57fjKiOLrw9hO7JVXX1K7bmAVPQWSlaXK0sjLyV87s3I5IAwVnjp/A6hLSaPb
0P1kEXmUumDBWvfJgj1hqbIHEjlCVnVeyExwD5c0yk3fdtZgKE7iWmpZ/MUNszRF
nbpNlLZ5CdRyWcvtZ26VP5VTAgMBAAGjggLvMIIC6zAdBgNVHQ4EFgQUfs54roG/
QHKx3E9vt+bLkWYlKzQwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZFMTAyOC8xMEQ1OURCQ0M4QTQx
MUVDQjVFMjMxOTlGMTIyMjQ2OC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTEwMjgvMTBENTlEQkNDOEE0MTFFQ0I1RTIzMTk5RjEyMjI0NjgvZnM1NHJv
R19RSEt4M0U5dnQtYkxrV1lsS3pRLm1mdDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEBMTI8DANBgkqhkiG9w0BAQsFAAOCAQEAmm+CQMeEbVkRJCnaW0o2y5dL
lvR/5HVX4ZRr8EWftzS6lEtFHzeWQPiKK16t60wmFPnI+YBEJh0hUgP86Uao76PT
jJVOJSKJm46+dhQhceQw+wCDqlFoOjB7eKj+DheC0qIFPxvzNJuL9v2I9WCXEtg7
CvYezR1ihJNKK5pq49gilQwYgBMND1cJkvoCzSry5IHWhco7kZzJ08RZsCDj2Kpe
IJSVE7L8+1BNQNULOizbhtkFGWoIaNVj1nva0w/MXGxTaHddNr1skWH1SLr1eElC
6O+zSwyMEoj5ellpSFwbnZM4mrE9NE5w3iCoE/jdUV7veUnOPZbRDbO1m78L1A==
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:22 2024 by rpki-client on console-ams.rpki-client.org