Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/lZcz31nobqfCOy-zem6EbbsYgns.cer
File:                     lZcz31nobqfCOy-zem6EbbsYgns.cer (raw, json)
Hash identifier:          h2qemmWz5844vMzLIKLmHiHladuGuFeBVx3VZSM9pEQ=
Subject key identifier:   95:97:33:DF:59:E8:6E:A7:C2:3B:2F:B3:7A:6E:84:6D:BB:18:82:7B
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2593
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/BEFB44EE879A11E99F393351F8AEA228/lZcz31nobqfCOy-zem6EbbsYgns.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/BEFB44EE879A11E99F393351F8AEA228/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 02:38:01 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 36916
                          IP: 41.138.92.0/22
                          IP: 41.180.0.0/16
                          IP: 41.221.224.0/20
                          IP: 41.223.60.0/22
                          IP: 2c0f:fcb0::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 08:08:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9619 (0x2593)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 02:38:01 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F3669D6BAF/serialNumber=959733DF59E86EA7C23B2FB37A6E846DBB18827B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:70:ab:97:62:55:e1:a0:81:1b:61:b2:30:41:
                    f4:3e:4f:d1:2c:43:38:a0:e8:77:f9:8f:0f:65:6e:
                    b5:0d:54:b8:28:5f:32:ba:83:f9:57:f1:08:09:d3:
                    4b:3b:44:b5:25:46:dd:e0:23:4d:54:bd:e5:f5:f5:
                    47:14:4f:37:fd:9f:8d:47:fe:a1:e6:c7:29:91:8e:
                    01:21:53:b5:a8:03:16:49:73:16:aa:33:d4:da:f3:
                    a2:70:ad:4d:6f:76:60:bb:30:0e:73:61:f6:c5:46:
                    ef:69:70:5d:fe:2f:78:e2:b4:32:6e:f5:f1:31:64:
                    c5:4f:7e:e5:be:a8:de:d6:a6:db:3f:bb:93:d4:20:
                    1f:a6:33:1e:e7:89:f3:93:b7:3e:26:86:ec:bd:2b:
                    5c:c4:0f:98:eb:0b:5f:03:9f:12:10:52:0d:1e:f9:
                    59:cc:ae:c5:91:47:06:4b:51:46:61:91:65:46:b1:
                    0f:f9:4a:19:32:33:95:a0:6a:76:4f:0e:11:ab:4f:
                    15:24:d2:05:62:78:03:69:40:41:3b:41:3e:78:16:
                    55:f4:b5:ec:8f:94:27:d2:85:24:fd:3e:29:19:9e:
                    fa:70:ea:94:59:dc:6f:51:a0:b2:42:78:f2:c5:74:
                    45:74:c8:b4:d8:0b:bb:97:a5:2b:5a:82:04:cb:29:
                    4f:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:97:33:DF:59:E8:6E:A7:C2:3B:2F:B3:7A:6E:84:6D:BB:18:82:7B
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/BEFB44EE879A11E99F393351F8AEA228/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/BEFB44EE879A11E99F393351F8AEA228/lZcz31nobqfCOy-zem6EbbsYgns.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  36916

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.138.92.0/22
                  41.180.0.0/16
                  41.221.224.0/20
                  41.223.60.0/22
                IPv6:
                  2c0f:fcb0::/32

    Signature Algorithm: sha256WithRSAEncryption
         02:d5:50:d1:41:d6:da:94:c4:35:2e:4f:a1:4b:0b:a2:5a:75:
         02:df:bd:ba:53:09:ff:16:0e:db:3c:e0:c2:2c:e3:0c:e2:93:
         5b:25:d1:34:b5:0f:aa:1d:03:d9:b8:ae:5a:37:fb:50:d7:80:
         2a:80:3a:d7:58:cd:12:8e:9d:93:62:3d:ed:52:6c:1b:c2:26:
         9a:f9:1e:59:b8:42:43:f4:43:0b:36:30:2e:66:79:f9:3c:00:
         61:f4:5d:37:68:3d:fc:f6:6a:84:bf:24:2b:8d:e9:07:7e:ec:
         05:44:b1:f8:6f:6c:0a:65:38:d1:61:ff:3b:4d:e2:db:17:1d:
         44:72:25:ec:dc:59:90:23:39:25:6b:ac:53:7e:b3:89:10:f8:
         4e:f5:cb:9f:27:e8:a4:e4:e6:b1:c3:75:29:b8:41:37:7f:7c:
         90:f5:b1:b2:66:ef:4a:2c:b3:be:c0:ee:76:a9:a8:b8:97:88:
         17:f6:8a:cf:19:33:2f:29:61:22:9f:88:1e:fd:27:f9:f6:5f:
         0e:33:62:f8:49:99:86:6b:22:fd:b0:72:cf:e9:9d:eb:18:08:
         70:05:15:49:9a:e6:10:90:5a:be:c0:30:e3:2c:7d:23:c3:03:
         12:b4:e1:69:a2:be:64:cf:c0:ca:6a:a1:ce:89:7e:42:69:2a:
         e2:85:44:2a
-----BEGIN CERTIFICATE-----
MIIGNjCCBR6gAwIBAgICJZMwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMjM4MDFaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjY5RDZCQUYxMTAvBgNVBAUTKDk1OTczM0RGNTlFODZFQTdDMjNCMkZC
MzdBNkU4NDZEQkIxODgyN0IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCncKuXYlXhoIEbYbIwQfQ+T9EsQzig6Hf5jw9lbrUNVLgoXzK6g/lX8QgJ00s7
RLUlRt3gI01UveX19UcUTzf9n41H/qHmxymRjgEhU7WoAxZJcxaqM9Ta86JwrU1v
dmC7MA5zYfbFRu9pcF3+L3jitDJu9fExZMVPfuW+qN7Wpts/u5PUIB+mMx7nifOT
tz4mhuy9K1zED5jrC18DnxIQUg0e+VnMrsWRRwZLUUZhkWVGsQ/5ShkyM5WganZP
DhGrTxUk0gVieANpQEE7QT54FlX0teyPlCfShST9PikZnvpw6pRZ3G9RoLJCePLF
dEV0yLTYC7uXpStaggTLKU8FAgMBAAGjggMrMIIDJzAdBgNVHQ4EFgQUlZcz31no
bqfCOy+zem6EbbsYgnswHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY2OUQ2Qi9CRUZCNDRFRTg3OUEx
MUU5OUYzOTMzNTFGOEFFQTIyOC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NjlENkIvQkVGQjQ0RUU4NzlBMTFFOTlGMzkzMzUxRjhBRUEyMjgvbFpjejMx
bm9icWZDT3ktemVtNkViYnNZZ25zLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMAkDQwPwYIKwYBBQUHAQcBAf8EMDAuMB0EAgABMBcDBAIpilwDAwAptAMEBCnd
4AMEAinfPDANBAIAAjAHAwUALA/8sDANBgkqhkiG9w0BAQsFAAOCAQEAAtVQ0UHW
2pTENS5PoUsLolp1At+9ulMJ/xYO2zzgwizjDOKTWyXRNLUPqh0D2biuWjf7UNeA
KoA611jNEo6dk2I97VJsG8ImmvkeWbhCQ/RDCzYwLmZ5+TwAYfRdN2g9/PZqhL8k
K43pB37sBUSx+G9sCmU40WH/O03i2xcdRHIl7NxZkCM5JWusU36ziRD4TvXLnyfo
pOTmscN1KbhBN398kPWxsmbvSiyzvsDudqmouJeIF/aKzxkzLylhIp+IHv0n+fZf
DjNi+EmZhmsi/bByz+md6xgIcAUVSZrmEJBavsAw4yx9I8MDErThaaK+ZM/Aymqh
zol+Qmkq4oVEKg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:21:29 2024 by rpki-client on console-fra.rpki-client.org