Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/ki0mxmsPTvhSNY472eGm8bVde4c.cer
File:                     ki0mxmsPTvhSNY472eGm8bVde4c.cer (raw, json)
Hash identifier:          XwDwQ67GVYmMwQ/Z5sdKta3No0k2TVz6eNRjVPPPjEY=
Subject key identifier:   92:2D:26:C6:6B:0F:4E:F8:52:35:8E:3B:D9:E1:A6:F1:B5:5D:7B:87
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       25EB
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F367972F/6110705C901011ED9475399BF1222468/ki0mxmsPTvhSNY472eGm8bVde4c.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F367972F/6110705C901011ED9475399BF1222468/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 02:50:46 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 24757
                          IP: 102.218.0.0/22
                          IP: 196.188.0.0/14
                          IP: 197.156.64.0/18
                          IP: 2c0f:f348::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9707 (0x25eb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 02:50:46 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F367972FAF/serialNumber=922D26C66B0F4EF852358E3BD9E1A6F1B55D7B87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:f3:a0:0e:ff:4c:80:a6:fd:9e:cf:25:85:28:
                    09:dd:af:3f:b8:87:c0:02:a7:81:78:cc:b7:6b:9f:
                    9e:6b:d5:f2:84:46:76:cd:16:eb:73:71:a1:80:d3:
                    14:95:28:4a:35:1c:a2:b9:c4:11:3e:88:cd:c1:a2:
                    41:d9:3e:3b:e3:0a:cf:8d:aa:ce:ed:fb:94:6d:e1:
                    f2:e9:00:ad:2f:f7:18:7b:e0:79:63:14:4a:6e:1a:
                    ca:cc:4c:14:aa:1c:5d:99:99:4f:ac:b2:23:a9:12:
                    0c:58:12:7e:7d:c7:9d:09:08:5e:e5:5e:d3:4b:c0:
                    74:30:29:ac:1a:f8:f2:84:44:c3:06:18:ed:5c:ba:
                    0a:d3:6b:86:a3:c8:40:34:0e:eb:9b:bd:4c:dd:21:
                    17:25:46:0d:3a:d0:12:4b:6a:bf:1e:76:c4:91:fa:
                    ef:96:40:a0:4a:ed:d0:71:0f:42:21:35:e3:b2:43:
                    61:82:82:07:0f:0d:10:2c:b9:29:ca:e0:6d:6c:cc:
                    80:9d:a2:1d:84:7c:f7:bf:82:66:a9:94:7f:b5:c5:
                    14:68:d0:0d:3d:44:9b:cd:b9:49:1e:70:86:28:e7:
                    e8:83:c1:3c:5d:06:23:2d:d4:ca:a1:48:cf:eb:2e:
                    bd:42:ee:c5:a4:7f:5f:cb:64:44:1e:ad:30:d9:2f:
                    0b:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:2D:26:C6:6B:0F:4E:F8:52:35:8E:3B:D9:E1:A6:F1:B5:5D:7B:87
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F367972F/6110705C901011ED9475399BF1222468/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F367972F/6110705C901011ED9475399BF1222468/ki0mxmsPTvhSNY472eGm8bVde4c.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  24757

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.218.0.0/22
                  196.188.0.0/14
                  197.156.64.0/18
                IPv6:
                  2c0f:f348::/32

    Signature Algorithm: sha256WithRSAEncryption
         ae:fb:e7:7e:ff:14:db:45:17:31:63:e2:9e:27:e2:94:b7:ed:
         fd:6b:5d:5b:9c:29:17:bd:d8:57:20:11:ee:2d:af:41:f3:6f:
         5e:a5:0a:3b:3a:63:c4:b4:ff:b2:a1:da:5d:bc:82:ef:3a:e9:
         ac:27:f2:97:14:08:e6:b7:a1:87:6b:e3:f3:b0:97:23:92:79:
         0c:89:ff:2e:be:5e:cb:53:02:e4:48:27:6d:65:b7:f7:fc:25:
         7f:13:a2:55:29:5c:e1:97:66:81:b9:33:63:ae:89:cc:ae:0a:
         82:81:20:92:fc:60:97:a5:9b:0b:60:66:d6:84:36:6a:16:b6:
         99:ce:36:5c:d4:0f:06:8f:97:a6:20:7b:32:43:5d:08:49:aa:
         30:82:81:f4:e2:ee:93:2e:5b:55:64:78:17:7a:52:12:fb:b4:
         3b:de:f2:78:f0:2f:01:76:6a:01:ef:23:6b:f8:19:25:4b:77:
         57:77:36:e5:b2:5d:4d:09:b0:81:e7:c0:d0:be:8b:e9:52:7e:
         7d:d6:e3:81:c7:7b:6b:01:b3:47:71:e4:02:66:26:51:ad:8d:
         96:ee:5a:1d:94:15:c3:f9:df:6e:35:6b:58:0f:74:41:3b:ae:
         5b:1c:c5:47:2f:d9:e3:a8:52:26:17:e6:79:e4:08:5f:9a:3d:
         ec:b8:8c:22
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgICJeswDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMjUwNDZaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjc5NzJGQUYxMTAvBgNVBAUTKDkyMkQyNkM2NkIwRjRFRjg1MjM1OEUz
QkQ5RTFBNkYxQjU1RDdCODcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDm86AO/0yApv2ezyWFKAndrz+4h8ACp4F4zLdrn55r1fKERnbNFutzcaGA0xSV
KEo1HKK5xBE+iM3BokHZPjvjCs+Nqs7t+5Rt4fLpAK0v9xh74HljFEpuGsrMTBSq
HF2ZmU+ssiOpEgxYEn59x50JCF7lXtNLwHQwKawa+PKERMMGGO1cugrTa4ajyEA0
DuubvUzdIRclRg060BJLar8edsSR+u+WQKBK7dBxD0IhNeOyQ2GCggcPDRAsuSnK
4G1szICdoh2EfPe/gmaplH+1xRRo0A09RJvNuUkecIYo5+iDwTxdBiMt1MqhSM/r
Lr1C7sWkf1/LZEQerTDZLwt/AgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQUki0mxmsP
TvhSNY472eGm8bVde4cwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY3OTcyRi82MTEwNzA1QzkwMTAx
MUVEOTQ3NTM5OUJGMTIyMjQ2OC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Nzk3MkYvNjExMDcwNUM5MDEwMTFFRDk0NzUzOTlCRjEyMjI0Njgva2kwbXht
c1BUdmhTTlk0NzJlR204YlZkZTRjLm1mdDAZBggrBgEFBQcBCAEB/wQKMAigBjAE
AgJgtTA5BggrBgEFBQcBBwEB/wQqMCgwFwQCAAEwEQMEAmbaAAMDAsS8AwQGxZxA
MA0EAgACMAcDBQAsD/NIMA0GCSqGSIb3DQEBCwUAA4IBAQCu++d+/xTbRRcxY+Ke
J+KUt+39a11bnCkXvdhXIBHuLa9B829epQo7OmPEtP+yodpdvILvOumsJ/KXFAjm
t6GHa+PzsJcjknkMif8uvl7LUwLkSCdtZbf3/CV/E6JVKVzhl2aBuTNjronMrgqC
gSCS/GCXpZsLYGbWhDZqFraZzjZc1A8Gj5emIHsyQ10ISaowgoH04u6TLltVZHgX
elIS+7Q73vJ48C8BdmoB7yNr+BklS3dXdzblsl1NCbCB58DQvovpUn591uOBx3tr
AbNHceQCZiZRrY2W7lodlBXD+d9uNWtYD3RBO65bHMVHL9njqFImF+Z55Ahfmj3s
uIwi
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:22 2024 by rpki-client on console-ams.rpki-client.org