Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/g90Sbl5YX_qT9fH_Xe72__27_6Y.cer
File:                     g90Sbl5YX_qT9fH_Xe72__27_6Y.cer (raw, json)
Hash identifier:          2BJypmaqGwafHJoJZV8nfLYRr8qpLUX1G3nQxHc/TxI=
Subject key identifier:   83:DD:12:6E:5E:58:5F:FA:93:F5:F1:FF:5D:EE:F6:FF:FD:BB:FF:A6
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       299C
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36C6E7C/2BD3F1B6590111EDA097F2F0F1222468/g90Sbl5YX_qT9fH_Xe72__27_6Y.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36C6E7C/2BD3F1B6590111EDA097F2F0F1222468/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Tue 19 Mar 2024 00:03:48 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 328474
                          IP: 102.67.56.0/22
                          IP: 102.209.120.0/22
                          IP: 102.214.192.0/22
                          IP: 102.221.244.0/22
                          IP: 2c0f:ed60::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10652 (0x299c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Mar 19 00:03:48 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36C6E7CAF/serialNumber=83DD126E5E585FFA93F5F1FF5DEEF6FFFDBBFFA6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:58:d1:4b:91:05:6e:78:53:23:d6:4e:06:1c:
                    d2:72:13:e0:22:b5:17:fb:8b:4e:55:85:8a:44:d2:
                    76:ea:12:ef:56:1a:1d:77:58:39:e7:35:bb:f5:5c:
                    28:7e:48:9d:85:61:f1:e4:d5:62:d8:2c:fd:60:40:
                    28:32:11:1a:0c:14:a1:21:ba:2e:2a:8e:f0:99:41:
                    00:f0:c0:30:24:ca:32:1b:fc:b6:26:4d:ad:aa:ed:
                    7d:52:78:e7:20:5d:de:56:30:af:0e:ed:a2:16:4b:
                    f5:c8:67:a7:c3:ad:05:b7:15:f2:04:61:0a:0a:04:
                    8c:05:13:89:3f:03:8f:e4:56:8c:08:9c:da:d6:58:
                    ee:e9:22:df:ef:36:32:14:3b:67:92:71:99:0c:75:
                    33:98:4d:65:d7:2c:06:a1:52:1c:41:cc:04:93:6d:
                    77:16:eb:9e:d8:0d:bf:ae:57:5a:a9:ec:af:55:de:
                    e7:30:29:f8:58:a4:cf:ca:f9:06:fb:eb:88:cc:cd:
                    8d:67:f8:6b:f0:08:66:b4:fb:fb:62:1c:58:56:21:
                    f3:07:40:81:4f:63:02:00:fe:74:8f:26:9b:d2:35:
                    14:8c:30:e3:d4:05:8d:d0:f1:9d:60:e8:03:eb:2c:
                    98:2b:68:c6:32:1c:0d:3a:e9:ac:8c:ae:99:25:35:
                    be:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:DD:12:6E:5E:58:5F:FA:93:F5:F1:FF:5D:EE:F6:FF:FD:BB:FF:A6
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C6E7C/2BD3F1B6590111EDA097F2F0F1222468/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C6E7C/2BD3F1B6590111EDA097F2F0F1222468/g90Sbl5YX_qT9fH_Xe72__27_6Y.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  328474

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.67.56.0/22
                  102.209.120.0/22
                  102.214.192.0/22
                  102.221.244.0/22
                IPv6:
                  2c0f:ed60::/32

    Signature Algorithm: sha256WithRSAEncryption
         3a:32:47:97:3b:d6:02:07:b9:25:94:bb:ee:63:96:bc:6a:ce:
         ae:98:fc:e0:02:86:25:30:96:e9:0b:7c:84:86:5c:59:e4:7d:
         f5:93:a6:ae:d0:ab:29:d3:c5:25:a0:c7:84:63:d1:f7:c3:20:
         f3:32:60:b2:f0:80:ff:e5:ae:d8:a3:86:c4:ef:97:a2:43:93:
         af:14:48:c1:b1:b5:e2:c0:1a:f2:3a:ee:20:4a:15:29:94:ea:
         78:43:a1:cc:64:ec:66:07:2b:7e:d8:6e:72:64:9d:e3:8b:36:
         48:eb:64:1e:ce:35:54:c0:91:40:97:d4:de:0b:8b:24:67:87:
         98:18:b2:b4:4b:bb:ea:90:63:b0:7f:82:fd:5d:05:33:d0:ff:
         a5:93:c6:4f:67:27:37:5a:a4:b9:71:eb:f3:df:05:b7:5b:01:
         91:7d:ab:8f:47:16:94:9e:00:25:5a:96:c6:85:01:5a:42:79:
         74:15:5f:15:98:ca:23:fb:4f:11:42:d1:bc:f2:e1:1f:e6:45:
         18:15:97:66:f4:90:32:33:be:07:f7:58:20:ca:03:81:fc:56:
         57:ef:2d:23:26:23:a1:73:2b:eb:74:9b:09:32:db:dc:65:44:
         7c:f8:58:eb:cd:65:57:80:c6:b3:ef:77:f1:a6:57:ab:cd:92:
         04:99:c0:91
-----BEGIN CERTIFICATE-----
MIIGNzCCBR+gAwIBAgICKZwwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAzMTkwMDAzNDhaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkM2RTdDQUYxMTAvBgNVBAUTKDgzREQxMjZFNUU1ODVGRkE5M0Y1RjFG
RjVERUVGNkZGRkRCQkZGQTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCtWNFLkQVueFMj1k4GHNJyE+AitRf7i05VhYpE0nbqEu9WGh13WDnnNbv1XCh+
SJ2FYfHk1WLYLP1gQCgyERoMFKEhui4qjvCZQQDwwDAkyjIb/LYmTa2q7X1SeOcg
Xd5WMK8O7aIWS/XIZ6fDrQW3FfIEYQoKBIwFE4k/A4/kVowInNrWWO7pIt/vNjIU
O2eScZkMdTOYTWXXLAahUhxBzASTbXcW657YDb+uV1qp7K9V3ucwKfhYpM/K+Qb7
64jMzY1n+GvwCGa0+/tiHFhWIfMHQIFPYwIA/nSPJpvSNRSMMOPUBY3Q8Z1g6APr
LJgraMYyHA066ayMrpklNb4XAgMBAAGjggMsMIIDKDAdBgNVHQ4EFgQUg90Sbl5Y
X/qT9fH/Xe72//27/6YwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZDNkU3Qy8yQkQzRjFCNjU5MDEx
MUVEQTA5N0YyRjBGMTIyMjQ2OC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzZFN0MvMkJEM0YxQjY1OTAxMTFFREEwOTdGMkYwRjEyMjI0NjgvZzkwU2Js
NVlYX3FUOWZIX1hlNzJfXzI3XzZZLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFAxowQAYIKwYBBQUHAQcBAf8EMTAvMB4EAgABMBgDBAJmQzgDBAJm0XgDBAJm
1sADBAJm3fQwDQQCAAIwBwMFACwP7WAwDQYJKoZIhvcNAQELBQADggEBADoyR5c7
1gIHuSWUu+5jlrxqzq6Y/OAChiUwlukLfISGXFnkffWTpq7QqynTxSWgx4Rj0ffD
IPMyYLLwgP/lrtijhsTvl6JDk68USMGxteLAGvI67iBKFSmU6nhDocxk7GYHK37Y
bnJkneOLNkjrZB7ONVTAkUCX1N4LiyRnh5gYsrRLu+qQY7B/gv1dBTPQ/6WTxk9n
JzdapLlx6/PfBbdbAZF9q49HFpSeACValsaFAVpCeXQVXxWYyiP7TxFC0bzy4R/m
RRgVl2b0kDIzvgf3WCDKA4H8VlfvLSMmI6FzK+t0mwky29xlRHz4WOvNZVeAxrPv
d/GmV6vNkgSZwJE=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:04:32 2024 by rpki-client on console-fra.rpki-client.org