Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/iCYpiV2NtXslQepI-hEmMl4pAgs.cer
File:                     iCYpiV2NtXslQepI-hEmMl4pAgs.cer (raw, json)
Hash identifier:          5ALZNkUio6i30Y+MffYMd/KExjD8l7CcZ1cAiEkLmp8=
Subject key identifier:   88:26:29:89:5D:8D:B5:7B:25:41:EA:48:FA:11:26:32:5E:29:02:0B
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       236E
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F3620ACF/925E2BE6586D11E5AEB55C2FF8AEA228/iCYpiV2NtXslQepI-hEmMl4pAgs.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F3620ACF/925E2BE6586D11E5AEB55C2FF8AEA228/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 00:28:20 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 327750
                          AS: 328047
                          AS: 328101
                          IP: 102.23.224.0/19
                          IP: 102.69.248.0/21
                          IP: 102.164.192.0/19
                          IP: 154.126.192.0/19
                          IP: 2c0f:f368::/32
                          IP: 2c0f:f4e8::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9070 (0x236e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 00:28:20 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F3620ACFAF/serialNumber=882629895D8DB57B2541EA48FA1126325E29020B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:d6:1f:6a:4b:06:73:30:c4:c5:da:ce:e5:72:
                    7d:cb:db:bf:a7:41:ea:ea:f9:d2:f0:26:ef:fa:4b:
                    83:fe:b8:01:3d:94:c5:12:7b:c1:01:79:cd:9c:25:
                    cf:8b:f4:7d:14:83:ae:2f:ab:71:a1:a5:31:73:10:
                    af:40:e4:eb:4e:83:f5:c1:7a:57:c8:24:36:f8:27:
                    08:94:aa:0f:8a:28:60:ea:64:9d:9c:d9:b4:2e:d9:
                    be:b6:d1:64:91:81:8b:c8:e6:49:9a:e9:af:f9:35:
                    ac:40:85:e7:39:90:b2:ab:3a:fb:58:66:90:30:9a:
                    74:7e:88:4e:64:3b:49:96:fe:01:e0:45:80:48:9c:
                    e5:88:69:7e:1a:15:54:7f:ed:d0:5e:97:a6:4a:63:
                    67:f6:86:b1:f9:64:be:a4:38:ff:f2:09:a6:74:8f:
                    e6:a0:97:f7:9d:80:d7:b4:17:a9:6c:53:99:c4:ae:
                    af:a2:41:fb:f1:b6:6d:49:b2:21:05:ae:bf:60:b1:
                    94:82:ce:f1:a6:b3:91:3b:46:a6:3c:ee:49:3f:86:
                    b1:63:32:8d:c6:eb:d5:59:ea:8d:5d:28:0c:26:84:
                    54:c6:08:d7:dc:51:d2:97:8b:ff:73:77:67:0f:fe:
                    2b:15:03:9a:7d:ff:bd:d1:8f:9e:d8:15:6e:59:0f:
                    af:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:26:29:89:5D:8D:B5:7B:25:41:EA:48:FA:11:26:32:5E:29:02:0B
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F3620ACF/925E2BE6586D11E5AEB55C2FF8AEA228/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F3620ACF/925E2BE6586D11E5AEB55C2FF8AEA228/iCYpiV2NtXslQepI-hEmMl4pAgs.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  327750
                  328047
                  328101

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.23.224.0/19
                  102.69.248.0/21
                  102.164.192.0/19
                  154.126.192.0/19
                IPv6:
                  2c0f:f368::/32
                  2c0f:f4e8::/32

    Signature Algorithm: sha256WithRSAEncryption
         9f:a0:fe:0f:41:49:f0:d9:f3:25:2d:cb:60:4d:3f:eb:9a:d9:
         ef:1e:23:42:d3:e8:b4:78:d8:3a:1d:1d:3a:a6:c4:37:7b:d7:
         65:f9:c8:dc:f0:46:4f:bf:49:8e:01:77:67:92:e1:fc:9f:d6:
         2b:72:76:4f:2c:ad:e0:89:9d:ad:93:50:70:63:16:0d:f5:22:
         e4:68:fd:39:97:1a:7d:2e:4c:0e:f9:32:67:bb:85:9e:56:b2:
         f4:61:9b:d1:92:08:e7:0b:fe:b5:5f:16:02:94:ab:a2:58:2c:
         93:a1:ab:33:d3:dc:00:0d:36:bf:03:e9:32:f7:c1:7e:1d:34:
         e9:ad:86:1f:cc:f2:41:67:06:8a:42:88:23:d6:5a:f2:c9:f8:
         d8:a9:91:58:e9:2a:ab:b4:69:e0:76:43:7f:08:8b:c1:45:b0:
         e5:c2:6c:09:4b:f2:34:55:ba:bb:9a:9f:c2:e8:21:f2:19:d0:
         5f:d4:cb:c8:01:5d:4e:7b:b5:b2:c8:03:d2:92:13:e0:79:a2:
         cc:d4:d1:09:43:45:53:c8:a7:20:45:7b:7b:7a:d3:8a:31:7a:
         d0:3b:87:98:7c:c5:ec:d8:c1:8b:df:c3:4c:92:66:ff:68:6e:
         e6:f6:8a:9a:13:c5:60:cd:ca:78:f3:a0:37:98:d9:47:cb:80:
         2d:98:3a:3d
-----BEGIN CERTIFICATE-----
MIIGSDCCBTCgAwIBAgICI24wDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMDI4MjBaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjIwQUNGQUYxMTAvBgNVBAUTKDg4MjYyOTg5NUQ4REI1N0IyNTQxRUE0
OEZBMTEyNjMyNUUyOTAyMEIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDb1h9qSwZzMMTF2s7lcn3L27+nQerq+dLwJu/6S4P+uAE9lMUSe8EBec2cJc+L
9H0Ug64vq3GhpTFzEK9A5OtOg/XBelfIJDb4JwiUqg+KKGDqZJ2c2bQu2b620WSR
gYvI5kma6a/5NaxAhec5kLKrOvtYZpAwmnR+iE5kO0mW/gHgRYBInOWIaX4aFVR/
7dBel6ZKY2f2hrH5ZL6kOP/yCaZ0j+agl/edgNe0F6lsU5nErq+iQfvxtm1JsiEF
rr9gsZSCzvGms5E7RqY87kk/hrFjMo3G69VZ6o1dKAwmhFTGCNfcUdKXi/9zd2cP
/isVA5p9/73Rj57YFW5ZD6/lAgMBAAGjggM9MIIDOTAdBgNVHQ4EFgQUiCYpiV2N
tXslQepI+hEmMl4pAgswHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzYyMEFDRi85MjVFMkJFNjU4NkQx
MUU1QUVCNTVDMkZGOEFFQTIyOC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MjBBQ0YvOTI1RTJCRTY1ODZEMTFFNUFFQjU1QzJGRjhBRUEyMjgvaUNZcGlW
Mk50WHNsUWVwSS1oRW1NbDRwQWdzLm1mdDAkBggrBgEFBQcBCAEB/wQVMBOgETAP
AgMFAEYCAwUBbwIDBQGlMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQFZhfg
AwQDZkX4AwQFZqTAAwQFmn7AMBQEAgACMA4DBQAsD/NoAwUALA/06DANBgkqhkiG
9w0BAQsFAAOCAQEAn6D+D0FJ8NnzJS3LYE0/65rZ7x4jQtPotHjYOh0dOqbEN3vX
ZfnI3PBGT79JjgF3Z5Lh/J/WK3J2Tyyt4ImdrZNQcGMWDfUi5Gj9OZcafS5MDvky
Z7uFnlay9GGb0ZII5wv+tV8WApSrolgsk6GrM9PcAA02vwPpMvfBfh006a2GH8zy
QWcGikKII9Za8sn42KmRWOkqq7Rp4HZDfwiLwUWw5cJsCUvyNFW6u5qfwugh8hnQ
X9TLyAFdTnu1ssgD0pIT4HmizNTRCUNFU8inIEV7e3rTijF60DuHmHzF7NjBi9/D
TJJm/2hu5vaKmhPFYM3KePOgN5jZR8uALZg6PQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:22 2024 by rpki-client on console-ams.rpki-client.org