Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/iVUnx34gFEZnMJDwgWSPGGEnsbo.cer
File:                     iVUnx34gFEZnMJDwgWSPGGEnsbo.cer (raw, json)
Hash identifier:          EZ2bgXY+rnvxJRzfMlQmFZhKhrT774g2MXF81+NKujI=
Subject key identifier:   89:55:27:C7:7E:20:14:46:67:30:90:F0:81:64:8F:18:61:27:B1:BA
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       285E
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36ED442/9ED8257A57C811E5A805BD3EF8AEA228/iVUnx34gFEZnMJDwgWSPGGEnsbo.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36ED442/9ED8257A57C811E5A805BD3EF8AEA228/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 04:25:24 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 5713
                          AS: 5734
                          AS: 37118
                          AS: 37167
                          AS: 37251
                          AS: 37457
                          AS: 328028
                          IP: 41.144.0.0/13
                          IP: 41.246.0.0/15
                          IP: 102.248.0.0/13
                          IP: 105.184.0.0/14
                          IP: 105.224.0.0 -- 105.229.255.255
                          IP: 154.69.0.0/16
                          IP: 196.4.79.0/24
                          IP: 196.15.128.0/17
                          IP: 196.25.0.0/16
                          IP: 196.43.0.0/18
                          IP: 197.228.0.0/15
                          IP: 197.236.0.0/16
                          IP: 2c0e:2000::/20

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 31 Mar 2024 00:04:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10334 (0x285e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 04:25:24 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36ED442AF/serialNumber=895527C77E201446673090F081648F186127B1BA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:9f:10:32:61:74:8e:f1:04:47:83:f9:1d:73:
                    04:19:39:a5:db:1f:3d:09:ca:df:e4:0c:75:d5:e4:
                    f8:4e:76:f2:da:a4:bd:6d:16:53:06:3e:f9:6d:75:
                    65:3b:e9:35:76:1e:59:1f:60:78:03:50:7d:39:87:
                    ab:2a:ae:61:6a:b4:2c:83:66:2c:c6:08:79:5c:3a:
                    50:b2:08:32:82:08:75:f2:27:0d:bd:fd:f7:56:ae:
                    13:09:ea:33:0c:15:7d:68:73:ed:6d:97:d2:78:d8:
                    7f:62:c8:09:73:95:25:61:1e:45:94:48:0b:e1:b2:
                    01:c8:53:dd:6a:fc:84:5a:1a:e0:ea:e3:12:55:59:
                    e7:62:d4:26:40:89:c6:4a:90:6d:84:fd:f7:ca:2f:
                    25:2a:d3:10:3b:2e:83:91:0d:03:9a:88:c3:8e:d7:
                    07:c4:a2:e9:f7:6d:30:1c:84:1e:03:1d:74:42:14:
                    ad:9c:7a:f1:b6:ac:8d:d1:aa:70:b4:32:b9:78:4f:
                    86:68:3c:0c:84:db:48:f1:da:85:b6:dd:52:77:b1:
                    c2:46:16:76:3d:6f:49:cf:7b:e7:58:06:7c:eb:5b:
                    03:83:60:b8:73:2a:39:45:66:53:b3:c8:1d:86:42:
                    15:29:c5:55:9d:d9:3b:8a:5f:1b:17:b8:87:2a:9c:
                    93:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:55:27:C7:7E:20:14:46:67:30:90:F0:81:64:8F:18:61:27:B1:BA
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36ED442/9ED8257A57C811E5A805BD3EF8AEA228/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36ED442/9ED8257A57C811E5A805BD3EF8AEA228/iVUnx34gFEZnMJDwgWSPGGEnsbo.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  5713
                  5734
                  37118
                  37167
                  37251
                  37457
                  328028

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.144.0.0/13
                  41.246.0.0/15
                  102.248.0.0/13
                  105.184.0.0/14
                  105.224.0.0-105.229.255.255
                  154.69.0.0/16
                  196.4.79.0/24
                  196.15.128.0/17
                  196.25.0.0/16
                  196.43.0.0/18
                  197.228.0.0/15
                  197.236.0.0/16
                IPv6:
                  2c0e:2000::/20

    Signature Algorithm: sha256WithRSAEncryption
         71:93:4e:11:c8:13:bc:56:53:3f:2a:f0:b6:dd:b2:95:7d:49:
         59:bc:b0:7f:ad:85:1a:4b:b4:f6:d0:ed:1e:55:cb:5e:d8:ff:
         f4:86:44:9c:55:1a:43:cd:4f:05:5b:0c:22:9b:e1:62:31:7c:
         62:78:cc:28:74:86:f6:fc:60:9f:69:7e:89:12:6d:42:db:c5:
         e2:4d:3d:2e:8f:1f:e2:50:7f:bf:a8:6c:68:08:39:93:b0:ec:
         5b:d5:d7:cb:df:13:5b:72:39:8a:b9:dd:12:a8:39:62:b2:78:
         ae:a6:24:1c:6d:37:a3:34:5a:be:91:df:0b:5a:c5:a9:fe:1f:
         6e:a8:32:a0:7f:d4:15:83:40:fa:6b:67:45:fa:c3:2c:a0:28:
         fc:fa:d6:63:b6:cf:91:c8:39:c8:89:1e:93:a3:7c:07:f0:8e:
         79:5b:7f:e6:03:05:ae:21:8c:f9:a9:4e:42:47:19:ae:27:79:
         7e:e8:44:5f:99:a7:af:2f:f0:e9:bc:5d:9b:f6:9c:09:83:a4:
         c6:98:22:6e:b8:a7:eb:94:96:61:f8:8a:71:b0:1e:33:e5:79:
         79:d8:22:42:c0:55:c8:a8:1b:7b:11:cf:2c:32:15:1d:b5:cc:
         2b:6d:ed:16:28:d0:93:64:85:91:4d:c3:a9:c9:05:bc:0e:e8:
         2d:65:09:58
-----BEGIN CERTIFICATE-----
MIIGgDCCBWigAwIBAgICKF4wDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwNDI1MjRaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkVENDQyQUYxMTAvBgNVBAUTKDg5NTUyN0M3N0UyMDE0NDY2NzMwOTBG
MDgxNjQ4RjE4NjEyN0IxQkEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDQnxAyYXSO8QRHg/kdcwQZOaXbHz0Jyt/kDHXV5PhOdvLapL1tFlMGPvltdWU7
6TV2HlkfYHgDUH05h6sqrmFqtCyDZizGCHlcOlCyCDKCCHXyJw29/fdWrhMJ6jMM
FX1oc+1tl9J42H9iyAlzlSVhHkWUSAvhsgHIU91q/IRaGuDq4xJVWedi1CZAicZK
kG2E/ffKLyUq0xA7LoORDQOaiMOO1wfEoun3bTAchB4DHXRCFK2cevG2rI3RqnC0
Mrl4T4ZoPAyE20jx2oW23VJ3scJGFnY9b0nPe+dYBnzrWwODYLhzKjlFZlOzyB2G
QhUpxVWd2TuKXxsXuIcqnJMdAgMBAAGjggN1MIIDcTAdBgNVHQ4EFgQUiVUnx34g
FEZnMJDwgWSPGGEnsbowHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZFRDQ0Mi85RUQ4MjU3QTU3Qzgx
MUU1QTgwNUJEM0VGOEFFQTIyOC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RUQ0NDIvOUVEODI1N0E1N0M4MTFFNUE4MDVCRDNFRjhBRUEyMjgvaVZVbngz
NGdGRVpuTUpEd2dXU1BHR0Vuc2JvLm1mdDA2BggrBgEFBQcBCAEB/wQnMCWgIzAh
AgIWUQICFmYCAwCQ/gIDAJEvAgMAkYMCAwCSUQIDBQFcMG0GCCsGAQUFBwEHAQH/
BF4wXDBMBAIAATBGAwMDKZADAwEp9gMDA2b4AwMCabgwCgMDBWngAwMBaeQDAwCa
RQMEAMQETwMEB8QPgAMDAMQZAwQGxCsAAwMBxeQDAwDF7DAMBAIAAjAGAwQELA4g
MA0GCSqGSIb3DQEBCwUAA4IBAQBxk04RyBO8VlM/KvC23bKVfUlZvLB/rYUaS7T2
0O0eVcte2P/0hkScVRpDzU8FWwwim+FiMXxieMwodIb2/GCfaX6JEm1C28XiTT0u
jx/iUH+/qGxoCDmTsOxb1dfL3xNbcjmKud0SqDlisniupiQcbTejNFq+kd8LWsWp
/h9uqDKgf9QVg0D6a2dF+sMsoCj8+tZjts+RyDnIiR6To3wH8I55W3/mAwWuIYz5
qU5CRxmuJ3l+6ERfmaevL/DpvF2b9pwJg6TGmCJuuKfrlJZh+IpxsB4z5Xl52CJC
wFXIqBt7Ec8sMhUdtcwrbe0WKNCTZIWRTcOpyQW8DugtZQlY
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:38:43 2024 by rpki-client on console-fra.rpki-client.org