Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/lxWomCIk5V6mKKnmhSkjWEy0wSs.cer
File:                     lxWomCIk5V6mKKnmhSkjWEy0wSs.cer (raw, json)
Hash identifier:          SmLcYqICNX9CCQl5I5FsTXPu3jz5UYDNiVhu1ajiwpQ=
Subject key identifier:   97:15:A8:98:22:24:E5:5E:A6:28:A9:E6:85:29:23:58:4C:B4:C1:2B
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       304A
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F367B915/F5E67D585EFC11EBACFB2081F8AEA228/lxWomCIk5V6mKKnmhSkjWEy0wSs.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F367B915/F5E67D585EFC11EBACFB2081F8AEA228/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 03:12:33 +0000
Certificate not after:    Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources:    AS: 328541
                          IP: 102.64.4.0/23
                          IP: 2001:43f8:13f0::/48
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12362 (0x304a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC
        Validity
            Not Before: Jan  1 03:12:33 2025 GMT
            Not After : Mar 31 00:00:00 2026 GMT
        Subject: CN=F367B915AF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:16:28:f0:58:61:ce:50:f2:29:ce:c0:da:50:
                    1e:ed:00:c1:ed:63:74:e6:a3:ca:84:2c:ef:bb:c4:
                    cd:9b:27:b8:a3:9f:64:b9:7f:0d:76:89:af:5e:e2:
                    d6:22:b5:54:ea:fb:99:27:a8:21:c5:0d:4d:5a:be:
                    66:a4:ae:29:ae:38:21:de:4b:96:8d:ff:ed:59:1c:
                    f0:84:11:f6:dc:18:4d:71:f4:1e:9f:8b:2d:e4:74:
                    dd:1e:fa:50:4f:ea:69:31:50:b4:d3:47:54:de:c2:
                    1e:3d:d4:46:70:4a:2b:64:5e:24:29:ee:a5:b0:64:
                    b4:97:84:30:a1:df:7d:6d:d2:3c:b1:9d:68:24:50:
                    79:d0:89:4d:50:6d:b9:95:4c:47:9c:a6:ca:22:08:
                    43:0e:25:9d:d2:ee:40:ea:a7:b9:de:88:f2:e5:2b:
                    a2:31:36:66:81:38:1f:b2:8c:57:ab:44:11:b1:fe:
                    ff:76:40:b5:99:d6:bf:f7:66:ba:92:38:af:1d:5f:
                    f6:ad:c7:9d:6d:12:44:90:22:41:3e:e2:2c:46:97:
                    8a:f5:10:f0:a4:b3:4d:9f:ea:15:e8:af:93:b8:31:
                    ab:a2:68:04:a0:13:f2:96:ba:62:2c:73:f9:36:16:
                    d7:99:6d:7f:1d:38:94:c0:73:1b:5e:2e:71:1e:2d:
                    1c:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:15:A8:98:22:24:E5:5E:A6:28:A9:E6:85:29:23:58:4C:B4:C1:2B
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B915/F5E67D585EFC11EBACFB2081F8AEA228/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B915/F5E67D585EFC11EBACFB2081F8AEA228/lxWomCIk5V6mKKnmhSkjWEy0wSs.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  328541

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.64.4.0/23
                IPv6:
                  2001:43f8:13f0::/48

    Signature Algorithm: sha256WithRSAEncryption
         8a:02:79:35:f8:06:c5:34:da:9d:01:7a:f3:5b:1e:a7:f7:9b:
         df:4d:30:df:ae:22:ff:79:8c:e2:d8:d5:41:4f:b1:52:72:ea:
         cc:c7:6e:09:2c:12:6e:e5:67:74:e5:50:21:a7:51:0a:ce:b6:
         d8:6a:ac:25:a8:16:b3:35:2d:e4:25:76:c0:2e:30:b4:20:94:
         1b:36:8e:c8:27:ee:4b:fb:ca:18:3b:22:6b:b9:cb:b8:30:5b:
         04:9c:16:16:f0:9d:fb:dc:63:6a:f6:da:4e:80:33:a7:53:9e:
         46:0a:ca:8b:bc:cb:c0:8a:3d:12:06:24:df:9d:e2:ba:36:de:
         49:56:35:07:6d:64:98:53:ba:8c:c2:63:32:54:e8:25:b8:29:
         89:17:e4:6b:71:c6:a6:6a:bc:72:4c:eb:e0:1d:5d:b5:4f:a0:
         b0:72:bc:2c:48:d2:ce:aa:5e:ac:54:d8:85:07:dd:68:8a:7c:
         6e:9a:a2:e5:16:a1:5d:7a:af:51:cb:d5:2b:b4:cc:cb:c8:8a:
         60:bd:a0:57:87:a3:e6:c8:38:b2:9e:b3:31:f3:be:8f:9b:cd:
         9b:78:0f:3d:c3:e4:4b:2e:97:69:1b:fd:7e:a0:b3:68:39:85:
         f2:d9:9c:da:99:d2:f4:07:8e:b6:f3:50:a8:9f:6d:23:e9:14:
         cc:54:3b:78
-----BEGIN CERTIFICATE-----
MIIGJzCCBQ+gAwIBAgICMEowDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNTAxMDEwMzEyMzNaFw0yNjAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjdCOTE1QUYxMTAvBgNVBAUTKDk3MTVBODk4MjIyNEU1NUVBNjI4QTlF
Njg1MjkyMzU4NENCNEMxMkIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCZFijwWGHOUPIpzsDaUB7tAMHtY3Tmo8qELO+7xM2bJ7ijn2S5fw12ia9e4tYi
tVTq+5knqCHFDU1avmakrimuOCHeS5aN/+1ZHPCEEfbcGE1x9B6fiy3kdN0e+lBP
6mkxULTTR1Tewh491EZwSitkXiQp7qWwZLSXhDCh331t0jyxnWgkUHnQiU1QbbmV
TEecpsoiCEMOJZ3S7kDqp7neiPLlK6IxNmaBOB+yjFerRBGx/v92QLWZ1r/3ZrqS
OK8dX/atx51tEkSQIkE+4ixGl4r1EPCks02f6hXor5O4MauiaASgE/KWumIsc/k2
FteZbX8dOJTAcxteLnEeLRzbAgMBAAGjggMcMIIDGDAdBgNVHQ4EFgQUlxWomCIk
5V6mKKnmhSkjWEy0wSswHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY3QjkxNS9GNUU2N0Q1ODVFRkMx
MUVCQUNGQjIwODFGOEFFQTIyOC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0I5MTUvRjVFNjdENTg1RUZDMTFFQkFDRkIyMDgxRjhBRUEyMjgvbHhXb21D
SWs1VjZtS0tubWhTa2pXRXkwd1NzLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFA10wMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAFmQAQwDwQCAAIwCQMH
ACABQ/gT8DANBgkqhkiG9w0BAQsFAAOCAQEAigJ5NfgGxTTanQF681sep/eb300w
364i/3mM4tjVQU+xUnLqzMduCSwSbuVndOVQIadRCs622GqsJagWszUt5CV2wC4w
tCCUGzaOyCfuS/vKGDsia7nLuDBbBJwWFvCd+9xjavbaToAzp1OeRgrKi7zLwIo9
EgYk353iujbeSVY1B21kmFO6jMJjMlToJbgpiRfka3HGpmq8ckzr4B1dtU+gsHK8
LEjSzqperFTYhQfdaIp8bpqi5RahXXqvUcvVK7TMy8iKYL2gV4ej5sg4sp6zMfO+
j5vNm3gPPcPkSy6XaRv9fqCzaDmF8tmc2pnS9AeOtvNQqJ9tI+kUzFQ7eA==
-----END CERTIFICATE-----