Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/h-G7jI0reZLqTr7rMz_hQp5w7po.cer
File:                     h-G7jI0reZLqTr7rMz_hQp5w7po.cer (raw, json)
Hash identifier:          XCLN4nXyKM5LnvPtkDWL1I1l9QxIsAujCdBZRCnmRKo=
Subject key identifier:   87:E1:BB:8C:8D:2B:79:92:EA:4E:BE:EB:33:3F:E1:42:9E:70:EE:9A
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       246F
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F3646FFE/C2CBD65AB02911EC99FA77C05A40D577/h-G7jI0reZLqTr7rMz_hQp5w7po.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F3646FFE/C2CBD65AB02911EC99FA77C05A40D577/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 01:34:23 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 37121

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9327 (0x246f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 01:34:23 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F3646FFEAF/serialNumber=87E1BB8C8D2B7992EA4EBEEB333FE1429E70EE9A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:44:ce:40:d7:98:fa:cf:53:d9:07:7e:87:68:
                    94:20:6a:41:57:97:ea:de:32:1a:2f:2a:a5:f6:43:
                    2d:24:23:86:19:e6:46:4d:83:82:e2:a7:66:1c:92:
                    ee:74:e3:4f:ee:3e:9a:ae:10:4e:3e:7e:37:56:e1:
                    05:75:3c:02:45:a5:dc:90:44:d5:70:2b:65:d9:1d:
                    f4:a7:05:62:80:51:76:71:a7:94:37:ea:41:0a:13:
                    30:91:07:2d:03:15:80:f7:b5:f2:65:05:d8:39:e6:
                    26:ea:b3:3c:52:86:0e:22:94:dc:2f:ee:49:6a:73:
                    e1:80:dc:8d:99:78:cc:3c:1a:e1:98:82:30:70:94:
                    71:5f:7a:e0:b9:34:99:2a:72:c8:f5:6c:53:81:65:
                    d4:d4:d4:11:60:e8:5a:1e:1b:35:02:74:9e:ce:25:
                    11:32:b3:a3:91:c6:35:e7:93:64:5b:e2:c7:21:cc:
                    23:e7:d5:6c:fb:3c:0d:7e:5f:28:94:cd:28:d1:02:
                    c3:e9:1b:6e:66:7b:1c:d5:f1:a3:53:a6:9e:e8:08:
                    5b:a8:d9:17:b7:95:d4:0f:47:f2:94:dd:2e:6b:93:
                    4e:d9:3a:b6:bc:47:2b:ac:ab:70:ca:26:14:07:b7:
                    67:6d:be:d9:22:2a:6f:11:5a:a2:80:1a:7c:58:d5:
                    f5:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:E1:BB:8C:8D:2B:79:92:EA:4E:BE:EB:33:3F:E1:42:9E:70:EE:9A
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F3646FFE/C2CBD65AB02911EC99FA77C05A40D577/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F3646FFE/C2CBD65AB02911EC99FA77C05A40D577/h-G7jI0reZLqTr7rMz_hQp5w7po.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  37121

    Signature Algorithm: sha256WithRSAEncryption
         65:af:0d:72:fc:45:eb:aa:49:d7:b7:46:7a:bb:3b:c1:66:4f:
         8a:25:39:5a:a7:f1:01:4e:40:69:70:80:53:2b:ef:16:32:78:
         91:30:62:4a:c5:79:3f:54:81:3c:d7:75:54:fb:62:54:e6:05:
         53:20:a2:33:86:67:60:ac:f9:de:75:8b:4e:a2:9f:f0:fe:78:
         9e:d3:0f:2d:97:d3:2d:1f:33:45:e0:15:97:6a:68:a8:e9:00:
         df:6b:52:18:3a:21:03:3b:2c:a7:63:b2:55:ae:18:80:1c:7a:
         67:1b:09:26:68:40:ae:a9:5f:cc:47:99:a0:f2:62:18:e8:ea:
         ce:3c:95:f7:1c:6e:e8:d9:e2:57:31:5a:3a:18:30:8e:b3:72:
         d9:8f:99:e5:3b:63:b7:bb:4d:e3:84:11:4e:5e:17:4f:e9:98:
         71:1c:0a:26:12:dc:aa:f8:ec:ee:ec:3f:4f:fb:85:7b:7b:94:
         af:b3:41:b2:c6:a8:98:ca:b4:a5:2c:da:4a:2e:10:da:ef:1d:
         58:69:1b:3a:f2:83:db:91:af:e2:dc:dd:1e:45:71:e2:4d:e0:
         ae:c4:09:9a:88:14:0f:35:b8:31:f4:be:a7:cc:c3:87:4a:73:
         76:66:51:73:da:c5:59:03:83:5b:cb:73:4d:9f:a1:51:4a:17:
         bc:47:45:bc
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgICJG8wDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMTM0MjNaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjQ2RkZFQUYxMTAvBgNVBAUTKDg3RTFCQjhDOEQyQjc5OTJFQTRFQkVF
QjMzM0ZFMTQyOUU3MEVFOUEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDCRM5A15j6z1PZB36HaJQgakFXl+reMhovKqX2Qy0kI4YZ5kZNg4Lip2Ycku50
40/uPpquEE4+fjdW4QV1PAJFpdyQRNVwK2XZHfSnBWKAUXZxp5Q36kEKEzCRBy0D
FYD3tfJlBdg55ibqszxShg4ilNwv7klqc+GA3I2ZeMw8GuGYgjBwlHFfeuC5NJkq
csj1bFOBZdTU1BFg6FoeGzUCdJ7OJREys6ORxjXnk2Rb4schzCPn1Wz7PA1+XyiU
zSjRAsPpG25mexzV8aNTpp7oCFuo2Re3ldQPR/KU3S5rk07ZOra8Ryusq3DKJhQH
t2dtvtkiKm8RWqKAGnxY1fV5AgMBAAGjggLqMIIC5jAdBgNVHQ4EFgQUh+G7jI0r
eZLqTr7rMz/hQp5w7powHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY0NkZGRS9DMkNCRDY1QUIwMjkx
MUVDOTlGQTc3QzA1QTQwRDU3Ny8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDZGRkUvQzJDQkQ2NUFCMDI5MTFFQzk5RkE3N0MwNUE0MEQ1NzcvaC1HN2pJ
MHJlWkxxVHI3ck16X2hRcDV3N3BvLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMAkQEwDQYJKoZIhvcNAQELBQADggEBAGWvDXL8ReuqSde3Rnq7O8FmT4olOVqn
8QFOQGlwgFMr7xYyeJEwYkrFeT9UgTzXdVT7YlTmBVMgojOGZ2Cs+d51i06in/D+
eJ7TDy2X0y0fM0XgFZdqaKjpAN9rUhg6IQM7LKdjslWuGIAcemcbCSZoQK6pX8xH
maDyYhjo6s48lfccbujZ4lcxWjoYMI6zctmPmeU7Y7e7TeOEEU5eF0/pmHEcCiYS
3Kr47O7sP0/7hXt7lK+zQbLGqJjKtKUs2kouENrvHVhpGzryg9uRr+Lc3R5FceJN
4K7ECZqIFA81uDH0vqfMw4dKc3ZmUXPaxVkDg1vLc02foVFKF7xHRbw=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:04:32 2024 by rpki-client on console-fra.rpki-client.org