Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/hpZESHdbL4-GNZ1UFo4iDB6HG_U.cer
File:                     hpZESHdbL4-GNZ1UFo4iDB6HG_U.cer (raw, json)
Hash identifier:          eHjBiMgEOqHiGoleo3VjxfcEXPvGCoiOwLvx+FNfW8o=
Subject key identifier:   86:96:44:48:77:5B:2F:8F:86:35:9D:54:16:8E:22:0C:1E:87:1B:F5
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       27F3
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36D8D30/5697D44CA6B011ED847B379DF1222468/hpZESHdbL4-GNZ1UFo4iDB6HG_U.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36D8D30/5697D44CA6B011ED847B379DF1222468/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 04:08:54 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 328422
                          IP: 2c0f:5180::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 31 Mar 2024 00:04:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10227 (0x27f3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 04:08:54 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36D8D30AF/serialNumber=86964448775B2F8F86359D54168E220C1E871BF5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:41:03:b5:c4:a4:15:e3:f1:87:6b:31:19:b3:
                    38:2f:be:2d:7c:56:87:4e:ad:47:f4:ea:cc:67:a4:
                    64:16:60:a4:a9:26:40:59:d8:86:74:10:ce:ed:31:
                    b4:6b:ae:10:c1:86:e9:a7:fb:d0:75:c3:d7:f8:bd:
                    78:9c:05:4e:bd:77:9c:00:33:a1:93:36:0e:02:84:
                    a3:a5:a8:7a:0c:2d:b7:b0:8c:20:36:0c:f2:81:c8:
                    3b:42:29:7b:90:b3:2c:65:bf:4c:85:57:c8:c1:81:
                    68:63:ae:c9:16:cf:69:c9:d9:3d:9c:db:02:69:10:
                    c2:82:c7:8e:0c:b2:ed:fd:be:ef:f8:6f:f7:e3:0c:
                    12:5d:cd:f2:f9:5b:89:0d:1c:51:35:3e:f5:2b:de:
                    b1:4c:04:ca:97:75:0f:cc:aa:11:79:f5:36:3c:58:
                    c2:b6:9c:0f:e4:1d:76:80:ea:73:40:2c:74:c0:b8:
                    bc:c3:e9:79:bf:01:1e:b7:f3:a7:dc:a5:db:fe:d6:
                    17:a5:a1:0b:13:17:93:10:29:b1:03:e8:b8:3f:82:
                    af:01:21:8c:e1:54:88:66:37:9b:be:b7:d6:c3:e2:
                    a8:a9:3a:8d:f0:74:d4:28:9e:84:61:29:a2:ea:dc:
                    22:6f:38:a0:ca:e3:37:3f:0f:11:66:ba:39:fa:00:
                    f1:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:96:44:48:77:5B:2F:8F:86:35:9D:54:16:8E:22:0C:1E:87:1B:F5
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D8D30/5697D44CA6B011ED847B379DF1222468/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D8D30/5697D44CA6B011ED847B379DF1222468/hpZESHdbL4-GNZ1UFo4iDB6HG_U.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  328422

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:5180::/32

    Signature Algorithm: sha256WithRSAEncryption
         72:ec:56:b2:b3:87:ec:42:3b:9a:c8:45:89:a5:f5:8f:d5:12:
         06:a4:da:4b:83:36:7a:6d:e1:6c:f1:5a:2c:fa:d9:35:3a:14:
         6a:ce:1a:9b:90:5c:36:cf:4a:e3:f5:cd:f4:93:10:b8:3b:72:
         81:5d:48:db:d2:e6:53:3b:7b:0f:3c:30:0d:84:67:33:6b:c9:
         72:9f:f2:a2:ea:ac:e1:9d:18:ed:c3:a6:6f:58:e4:1b:79:de:
         0a:9d:1d:a4:98:06:a9:47:23:44:e5:b9:25:3f:b3:0d:e8:8e:
         a6:c8:ca:2c:ca:16:ab:3d:58:90:cc:01:c6:98:7a:9a:7e:9b:
         f3:af:2f:69:b1:4b:a6:e7:e7:92:d9:7f:c8:93:1d:08:34:61:
         d8:0a:11:f1:9a:9c:59:84:2b:09:b5:b3:33:d2:44:4e:8b:40:
         10:89:f3:34:d8:74:58:93:31:2e:52:24:d8:b1:96:86:ff:6b:
         33:70:7c:f5:9f:c9:e8:48:c0:cf:bf:e5:a4:f4:bf:4f:93:af:
         fd:cf:af:1c:50:79:13:f6:dc:38:ca:9d:06:b6:27:1d:f9:e2:
         50:1d:e6:1b:e7:18:70:4a:93:76:60:66:a0:44:31:5c:cc:05:
         be:51:b0:e0:27:3c:a9:68:d8:77:f9:ec:c0:81:1b:ba:d1:15:
         72:0c:69:98
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgICJ/MwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwNDA4NTRaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkQ4RDMwQUYxMTAvBgNVBAUTKDg2OTY0NDQ4Nzc1QjJGOEY4NjM1OUQ1
NDE2OEUyMjBDMUU4NzFCRjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCyQQO1xKQV4/GHazEZszgvvi18VodOrUf06sxnpGQWYKSpJkBZ2IZ0EM7tMbRr
rhDBhumn+9B1w9f4vXicBU69d5wAM6GTNg4ChKOlqHoMLbewjCA2DPKByDtCKXuQ
syxlv0yFV8jBgWhjrskWz2nJ2T2c2wJpEMKCx44Msu39vu/4b/fjDBJdzfL5W4kN
HFE1PvUr3rFMBMqXdQ/MqhF59TY8WMK2nA/kHXaA6nNALHTAuLzD6Xm/AR6386fc
pdv+1heloQsTF5MQKbED6Lg/gq8BIYzhVIhmN5u+t9bD4qipOo3wdNQonoRhKaLq
3CJvOKDK4zc/DxFmujn6APE/AgMBAAGjggMMMIIDCDAdBgNVHQ4EFgQUhpZESHdb
L4+GNZ1UFo4iDB6HG/UwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZEOEQzMC81Njk3RDQ0Q0E2QjAx
MUVEODQ3QjM3OURGMTIyMjQ2OC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RDhEMzAvNTY5N0Q0NENBNkIwMTFFRDg0N0IzNzlERjEyMjI0NjgvaHBaRVNI
ZGJMNC1HTloxVUZvNGlEQjZIR19VLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFAuYwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAsD1GAMA0GCSqGSIb3
DQEBCwUAA4IBAQBy7Fays4fsQjuayEWJpfWP1RIGpNpLgzZ6beFs8Vos+tk1OhRq
zhqbkFw2z0rj9c30kxC4O3KBXUjb0uZTO3sPPDANhGcza8lyn/Ki6qzhnRjtw6Zv
WOQbed4KnR2kmAapRyNE5bklP7MN6I6myMosyharPViQzAHGmHqafpvzry9psUum
5+eS2X/Ikx0INGHYChHxmpxZhCsJtbMz0kROi0AQifM02HRYkzEuUiTYsZaG/2sz
cHz1n8noSMDPv+Wk9L9Pk6/9z68cUHkT9tw4yp0Gticd+eJQHeYb5xhwSpN2YGag
RDFczAW+UbDgJzypaNh3+ezAgRu60RVyDGmY
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:18:42 2024 by rpki-client on console-ams.rpki-client.org