Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/kcmeRXlnuZKbLt55eXKLD-Jjmtk.cer
File:                     kcmeRXlnuZKbLt55eXKLD-Jjmtk.cer (raw, json)
Hash identifier:          C48VzlAPLR47jYSRRpR+y6ZEdHncVJ3gVmVBmeVoR64=
Subject key identifier:   91:C9:9E:45:79:67:B9:92:9B:2E:DE:79:79:72:8B:0F:E2:63:9A:D9
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2A49
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36AE219/52BAC3D8231011EF92871F3A7DDC24C2/kcmeRXlnuZKbLt55eXKLD-Jjmtk.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36AE219/52BAC3D8231011EF92871F3A7DDC24C2/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Wed 05 Jun 2024 07:50:57 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 329278
                          IP: 102.212.244.0/22
                          IP: 2c0f:4440::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10825 (0x2a49)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jun  5 07:50:57 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36AE219AF/serialNumber=91C99E457967B9929B2EDE7979728B0FE2639AD9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:bb:53:64:78:05:b4:1a:f4:b9:fe:e6:ea:c0:
                    a6:a1:d5:9f:4c:72:19:55:ea:7a:02:e1:f6:75:25:
                    03:64:9b:8d:0d:5c:8a:93:9f:bd:68:dc:64:69:59:
                    96:f0:92:f0:04:59:f7:37:d3:34:6a:3a:41:7f:26:
                    6b:54:d9:b3:a0:00:aa:95:88:db:02:7e:5e:7b:42:
                    9b:fc:74:b6:89:a7:f9:78:42:00:a2:af:e0:d0:88:
                    f5:52:06:55:31:42:9d:b9:c1:f6:10:9a:03:a4:38:
                    4f:e9:95:7a:39:dd:55:2c:6f:8c:78:84:89:5e:f2:
                    1b:44:e1:98:bf:ac:55:76:53:14:7c:76:f2:be:48:
                    29:38:08:7a:1c:86:11:50:a0:f0:ef:96:e3:b6:52:
                    2f:38:e9:1c:f5:1b:e8:87:8f:d3:6e:14:0f:e7:00:
                    73:94:51:be:fd:f8:b9:90:cf:0b:48:ac:f4:cd:de:
                    5c:1b:a4:32:30:9c:39:7f:f9:6f:84:7f:fd:b4:bd:
                    f1:15:0a:df:d4:77:62:bd:24:8a:b6:0f:6e:e3:57:
                    68:86:c7:5c:52:47:37:b1:78:00:75:99:6a:3d:3c:
                    ac:79:4a:a0:36:50:05:88:40:80:da:01:ec:f3:15:
                    fd:2f:7b:22:77:82:50:21:17:8a:c9:51:fb:f1:33:
                    60:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:C9:9E:45:79:67:B9:92:9B:2E:DE:79:79:72:8B:0F:E2:63:9A:D9
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36AE219/52BAC3D8231011EF92871F3A7DDC24C2/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36AE219/52BAC3D8231011EF92871F3A7DDC24C2/kcmeRXlnuZKbLt55eXKLD-Jjmtk.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  329278

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.212.244.0/22
                IPv6:
                  2c0f:4440::/32

    Signature Algorithm: sha256WithRSAEncryption
         3e:c2:57:bf:3d:9c:d0:a1:83:ec:06:ff:f6:31:2c:62:7b:92:
         23:30:d9:52:2c:be:67:da:26:ce:d7:8f:03:f4:df:e0:34:ee:
         02:e4:93:7b:4e:98:74:85:b8:11:0c:bf:ed:6a:53:dd:fb:26:
         1e:5f:97:5a:91:a1:b0:8c:00:42:da:87:96:1b:16:73:d3:8d:
         94:9a:ac:ea:b3:2c:00:f6:89:28:43:9e:a0:79:0d:75:72:5f:
         2e:b5:0b:6e:7d:84:83:fc:21:e7:0a:25:86:72:e6:d2:6b:20:
         3a:b1:38:3e:ac:56:4c:11:32:0b:20:b3:1c:c7:0d:39:e2:e0:
         e2:bd:25:4c:a7:31:0b:cd:0d:66:26:2c:1d:05:87:2c:32:63:
         b9:39:89:fe:db:a6:be:96:e7:a6:04:bb:99:36:4f:fa:17:b5:
         8d:02:68:54:c8:2b:cd:84:f2:e3:58:d1:49:a1:cd:ab:8b:cc:
         9b:8b:12:aa:38:25:56:37:f0:ad:4c:23:39:1d:02:f8:0d:f3:
         a3:30:a7:6c:b3:6b:fd:aa:ce:5c:85:62:1c:cf:d9:97:79:5a:
         a3:10:25:71:c4:d9:7f:ad:1d:ec:b9:3a:a9:f4:4d:22:e5:ca:
         c6:21:48:30:6d:9d:68:41:92:bd:de:5d:30:2c:15:41:8b:39:
         aa:3f:86:84
-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgICKkkwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDA2MDUwNzUwNTdaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkFFMjE5QUYxMTAvBgNVBAUTKDkxQzk5RTQ1Nzk2N0I5OTI5QjJFREU3
OTc5NzI4QjBGRTI2MzlBRDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDVu1NkeAW0GvS5/ubqwKah1Z9MchlV6noC4fZ1JQNkm40NXIqTn71o3GRpWZbw
kvAEWfc30zRqOkF/JmtU2bOgAKqViNsCfl57Qpv8dLaJp/l4QgCir+DQiPVSBlUx
Qp25wfYQmgOkOE/plXo53VUsb4x4hIle8htE4Zi/rFV2UxR8dvK+SCk4CHochhFQ
oPDvluO2Ui846Rz1G+iHj9NuFA/nAHOUUb79+LmQzwtIrPTN3lwbpDIwnDl/+W+E
f/20vfEVCt/Ud2K9JIq2D27jV2iGx1xSRzexeAB1mWo9PKx5SqA2UAWIQIDaAezz
Ff0veyJ3glAhF4rJUfvxM2DvAgMBAAGjggMaMIIDFjAdBgNVHQ4EFgQUkcmeRXln
uZKbLt55eXKLD+JjmtkwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZBRTIxOS81MkJBQzNEODIzMTAx
MUVGOTI4NzFGM0E3RERDMjRDMi8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QUUyMTkvNTJCQUMzRDgyMzEwMTFFRjkyODcxRjNBN0REQzI0QzIva2NtZVJY
bG51WktiTHQ1NWVYS0xELUpqbXRrLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFBj4wLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJm1PQwDQQCAAIwBwMF
ACwPREAwDQYJKoZIhvcNAQELBQADggEBAD7CV789nNChg+wG//YxLGJ7kiMw2VIs
vmfaJs7XjwP03+A07gLkk3tOmHSFuBEMv+1qU937Jh5fl1qRobCMAELah5YbFnPT
jZSarOqzLAD2iShDnqB5DXVyXy61C259hIP8IecKJYZy5tJrIDqxOD6sVkwRMgsg
sxzHDTni4OK9JUynMQvNDWYmLB0FhywyY7k5if7bpr6W56YEu5k2T/oXtY0CaFTI
K82E8uNY0UmhzauLzJuLEqo4JVY38K1MIzkdAvgN86Mwp2yza/2qzlyFYhzP2Zd5
WqMQJXHE2X+tHey5Oqn0TSLlysYhSDBtnWhBkr3eXTAsFUGLOao/hoQ=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:04:32 2024 by rpki-client on console-fra.rpki-client.org