Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/hgXXWZoEAvcOwvJY1sFr0uTo0f4.cer
File:                     hgXXWZoEAvcOwvJY1sFr0uTo0f4.cer (raw, json)
Hash identifier:          Ypulr7a2AzEkq/8Onli7ZFQkXaB1GFgEp2uzZL3s7QI=
Subject key identifier:   86:05:D7:59:9A:04:02:F7:0E:C2:F2:58:D6:C1:6B:D2:E4:E8:D1:FE
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2878
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36F0628/F0CCBE7CFBA011EBAB786C49D8A014CE/hgXXWZoEAvcOwvJY1sFr0uTo0f4.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36F0628/F0CCBE7CFBA011EBAB786C49D8A014CE/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 04:28:31 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 327814
                          IP: 196.44.96.0/19
                          IP: 2c0f:f618::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10360 (0x2878)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 04:28:31 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36F0628AF/serialNumber=8605D7599A0402F70EC2F258D6C16BD2E4E8D1FE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:f0:08:2d:dc:88:91:3b:7a:60:ab:bd:d6:d1:
                    96:bc:f0:0e:af:e0:d7:aa:fd:75:ed:91:81:db:82:
                    6e:e5:2f:e1:04:c6:0d:78:1a:cf:53:5f:5e:c8:36:
                    63:10:09:b5:c2:c7:06:af:97:90:7b:24:60:b0:64:
                    b5:9e:df:31:ad:60:f0:f2:ab:09:4b:6a:5a:2c:a6:
                    61:3f:a1:69:78:4d:6b:28:1a:73:e1:98:99:e6:4a:
                    ed:92:9b:e8:61:a2:72:bf:1a:ed:ef:01:60:1b:79:
                    17:8d:46:6d:cd:93:44:44:46:2c:36:a1:d3:6c:98:
                    4b:ac:89:f2:58:4b:ea:46:a3:03:25:0c:de:42:46:
                    22:41:d6:bd:41:9e:ea:90:72:87:06:09:aa:90:5a:
                    6d:e3:20:d6:1d:32:03:0d:90:db:19:35:da:4b:64:
                    e2:33:73:c9:01:ab:7a:99:17:ab:56:6e:c9:3c:c6:
                    be:76:de:a3:74:f1:72:52:49:6e:f4:90:0e:3f:14:
                    c4:60:c9:16:5d:c4:af:bb:fe:4f:ba:6c:ae:9f:fe:
                    35:e7:94:d3:03:2c:66:db:31:f6:47:1e:cc:86:b1:
                    5c:2a:3c:32:5f:e2:72:c3:42:d4:b5:a5:b9:a6:55:
                    ca:6b:d0:3c:74:32:d7:4f:ec:4d:53:8e:07:51:c5:
                    d9:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:05:D7:59:9A:04:02:F7:0E:C2:F2:58:D6:C1:6B:D2:E4:E8:D1:FE
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F0628/F0CCBE7CFBA011EBAB786C49D8A014CE/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F0628/F0CCBE7CFBA011EBAB786C49D8A014CE/hgXXWZoEAvcOwvJY1sFr0uTo0f4.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  327814

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.44.96.0/19
                IPv6:
                  2c0f:f618::/32

    Signature Algorithm: sha256WithRSAEncryption
         1a:00:78:f3:06:7a:61:d4:c2:27:d5:f2:89:e5:84:7d:4a:a5:
         94:04:54:04:bd:d9:25:53:95:36:aa:ca:7b:02:7a:ab:b1:78:
         c8:55:07:64:c4:3b:56:06:67:f0:93:ee:4b:15:99:88:ea:d8:
         72:b1:35:21:91:ed:1e:e3:c2:3e:da:8f:00:e1:71:60:b5:84:
         d3:02:19:3d:b9:8e:4b:b7:fa:d6:16:5a:27:a0:c0:23:84:c7:
         16:37:0f:04:1d:49:82:ad:63:ac:34:10:bb:03:eb:a0:04:41:
         2c:fa:6b:43:98:86:cf:8f:de:1d:d2:90:c3:2e:eb:77:92:a5:
         81:82:9a:9e:3d:66:ff:dd:2b:30:79:be:67:59:c8:a9:ca:8c:
         7b:71:ab:72:c9:3a:2c:02:42:e4:b2:f5:f4:b8:2a:9b:24:81:
         ab:6d:0a:20:4e:1c:7a:4c:b9:9d:a0:bd:61:6e:a8:dc:03:ab:
         e8:99:91:99:7e:1e:e5:99:78:f4:fc:83:5c:d0:da:b0:90:f6:
         6b:e2:90:de:65:99:ff:b5:7b:a5:9e:7b:6f:3a:cd:30:38:c6:
         9b:1f:bf:db:c9:91:66:e2:94:43:ef:33:0e:11:30:99:3b:0d:
         83:6a:3e:e2:78:6f:99:9f:a6:db:8f:14:2e:45:3a:e9:c2:79:
         f9:87:66:dc
-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgICKHgwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwNDI4MzFaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkYwNjI4QUYxMTAvBgNVBAUTKDg2MDVENzU5OUEwNDAyRjcwRUMyRjI1
OEQ2QzE2QkQyRTRFOEQxRkUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCc8Agt3IiRO3pgq73W0Za88A6v4Neq/XXtkYHbgm7lL+EExg14Gs9TX17INmMQ
CbXCxwavl5B7JGCwZLWe3zGtYPDyqwlLalospmE/oWl4TWsoGnPhmJnmSu2Sm+hh
onK/Gu3vAWAbeReNRm3Nk0RERiw2odNsmEusifJYS+pGowMlDN5CRiJB1r1BnuqQ
cocGCaqQWm3jINYdMgMNkNsZNdpLZOIzc8kBq3qZF6tWbsk8xr523qN08XJSSW70
kA4/FMRgyRZdxK+7/k+6bK6f/jXnlNMDLGbbMfZHHsyGsVwqPDJf4nLDQtS1pbmm
Vcpr0Dx0MtdP7E1TjgdRxdkLAgMBAAGjggMaMIIDFjAdBgNVHQ4EFgQUhgXXWZoE
AvcOwvJY1sFr0uTo0f4wHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZGMDYyOC9GMENDQkU3Q0ZCQTAx
MUVCQUI3ODZDNDlEOEEwMTRDRS8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RjA2MjgvRjBDQ0JFN0NGQkEwMTFFQkFCNzg2QzQ5RDhBMDE0Q0UvaGdYWFda
b0VBdmNPd3ZKWTFzRnIwdVRvMGY0Lm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFAIYwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAXELGAwDQQCAAIwBwMF
ACwP9hgwDQYJKoZIhvcNAQELBQADggEBABoAePMGemHUwifV8onlhH1KpZQEVAS9
2SVTlTaqynsCequxeMhVB2TEO1YGZ/CT7ksVmYjq2HKxNSGR7R7jwj7ajwDhcWC1
hNMCGT25jku3+tYWWiegwCOExxY3DwQdSYKtY6w0ELsD66AEQSz6a0OYhs+P3h3S
kMMu63eSpYGCmp49Zv/dKzB5vmdZyKnKjHtxq3LJOiwCQuSy9fS4KpskgattCiBO
HHpMuZ2gvWFuqNwDq+iZkZl+HuWZePT8g1zQ2rCQ9mvikN5lmf+1e6Wee286zTA4
xpsfv9vJkWbilEPvMw4RMJk7DYNqPuJ4b5mfptuPFC5FOunCefmHZtw=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:22 2024 by rpki-client on console-ams.rpki-client.org