Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/lxWomCIk5V6mKKnmhSkjWEy0wSs.cer
File:                     lxWomCIk5V6mKKnmhSkjWEy0wSs.cer (raw, json)
Hash identifier:          ifv3zngjPMP1nFAjNPrik82fxbS6GX/Wlz0kyLscsL4=
Subject key identifier:   97:15:A8:98:22:24:E5:5E:A6:28:A9:E6:85:29:23:58:4C:B4:C1:2B
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2603
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F367B915/F5E67D585EFC11EBACFB2081F8AEA228/lxWomCIk5V6mKKnmhSkjWEy0wSs.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F367B915/F5E67D585EFC11EBACFB2081F8AEA228/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 02:54:03 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 328541
                          IP: 102.64.4.0/23
                          IP: 2001:43f8:13f0::/48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9731 (0x2603)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 02:54:03 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F367B915AF/serialNumber=9715A8982224E55EA628A9E6852923584CB4C12B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:16:28:f0:58:61:ce:50:f2:29:ce:c0:da:50:
                    1e:ed:00:c1:ed:63:74:e6:a3:ca:84:2c:ef:bb:c4:
                    cd:9b:27:b8:a3:9f:64:b9:7f:0d:76:89:af:5e:e2:
                    d6:22:b5:54:ea:fb:99:27:a8:21:c5:0d:4d:5a:be:
                    66:a4:ae:29:ae:38:21:de:4b:96:8d:ff:ed:59:1c:
                    f0:84:11:f6:dc:18:4d:71:f4:1e:9f:8b:2d:e4:74:
                    dd:1e:fa:50:4f:ea:69:31:50:b4:d3:47:54:de:c2:
                    1e:3d:d4:46:70:4a:2b:64:5e:24:29:ee:a5:b0:64:
                    b4:97:84:30:a1:df:7d:6d:d2:3c:b1:9d:68:24:50:
                    79:d0:89:4d:50:6d:b9:95:4c:47:9c:a6:ca:22:08:
                    43:0e:25:9d:d2:ee:40:ea:a7:b9:de:88:f2:e5:2b:
                    a2:31:36:66:81:38:1f:b2:8c:57:ab:44:11:b1:fe:
                    ff:76:40:b5:99:d6:bf:f7:66:ba:92:38:af:1d:5f:
                    f6:ad:c7:9d:6d:12:44:90:22:41:3e:e2:2c:46:97:
                    8a:f5:10:f0:a4:b3:4d:9f:ea:15:e8:af:93:b8:31:
                    ab:a2:68:04:a0:13:f2:96:ba:62:2c:73:f9:36:16:
                    d7:99:6d:7f:1d:38:94:c0:73:1b:5e:2e:71:1e:2d:
                    1c:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:15:A8:98:22:24:E5:5E:A6:28:A9:E6:85:29:23:58:4C:B4:C1:2B
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B915/F5E67D585EFC11EBACFB2081F8AEA228/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B915/F5E67D585EFC11EBACFB2081F8AEA228/lxWomCIk5V6mKKnmhSkjWEy0wSs.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  328541

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.64.4.0/23
                IPv6:
                  2001:43f8:13f0::/48

    Signature Algorithm: sha256WithRSAEncryption
         59:27:b4:dc:b4:f8:4b:c5:60:32:4c:02:98:f9:98:0f:d4:24:
         18:6f:db:76:ab:03:08:a9:1a:03:ae:d8:64:94:9a:86:4b:51:
         b3:4a:b3:0a:30:85:c8:3c:e8:80:e2:0d:81:c9:ac:e7:55:ae:
         96:12:da:80:88:a2:32:f3:65:6f:9e:fe:48:0a:98:8a:58:22:
         47:61:fa:8c:91:2b:d9:9e:4d:7c:30:38:0b:37:5c:ab:77:08:
         de:b0:35:fc:b8:2c:09:86:03:7a:f5:7b:4d:07:f1:f2:42:ef:
         73:72:40:04:90:9d:0e:f3:c5:25:9b:2a:35:d4:91:76:ef:e4:
         d5:f8:1d:05:78:e2:58:d3:34:83:09:70:ca:8b:86:43:de:af:
         92:fe:66:62:c5:db:d9:b5:eb:93:ab:d9:ad:1e:a1:c9:a8:42:
         e4:12:21:d2:07:36:a0:e6:50:03:ef:bc:0e:62:14:d8:1d:73:
         ca:e0:34:7e:07:95:bf:17:f3:07:e2:69:f2:c2:1a:19:94:f1:
         e7:26:2e:29:d2:ad:24:73:dc:a3:c2:17:54:99:0e:13:07:31:
         28:4f:db:e2:8b:09:b8:2b:ad:f2:d9:38:cb:b2:6e:cb:e1:ad:
         e0:9e:4d:21:33:8c:34:bf:cf:02:3c:b2:42:3d:10:84:f1:12:
         ac:06:2b:01
-----BEGIN CERTIFICATE-----
MIIGJzCCBQ+gAwIBAgICJgMwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMjU0MDNaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjdCOTE1QUYxMTAvBgNVBAUTKDk3MTVBODk4MjIyNEU1NUVBNjI4QTlF
Njg1MjkyMzU4NENCNEMxMkIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCZFijwWGHOUPIpzsDaUB7tAMHtY3Tmo8qELO+7xM2bJ7ijn2S5fw12ia9e4tYi
tVTq+5knqCHFDU1avmakrimuOCHeS5aN/+1ZHPCEEfbcGE1x9B6fiy3kdN0e+lBP
6mkxULTTR1Tewh491EZwSitkXiQp7qWwZLSXhDCh331t0jyxnWgkUHnQiU1QbbmV
TEecpsoiCEMOJZ3S7kDqp7neiPLlK6IxNmaBOB+yjFerRBGx/v92QLWZ1r/3ZrqS
OK8dX/atx51tEkSQIkE+4ixGl4r1EPCks02f6hXor5O4MauiaASgE/KWumIsc/k2
FteZbX8dOJTAcxteLnEeLRzbAgMBAAGjggMcMIIDGDAdBgNVHQ4EFgQUlxWomCIk
5V6mKKnmhSkjWEy0wSswHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY3QjkxNS9GNUU2N0Q1ODVFRkMx
MUVCQUNGQjIwODFGOEFFQTIyOC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0I5MTUvRjVFNjdENTg1RUZDMTFFQkFDRkIyMDgxRjhBRUEyMjgvbHhXb21D
SWs1VjZtS0tubWhTa2pXRXkwd1NzLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFA10wMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAFmQAQwDwQCAAIwCQMH
ACABQ/gT8DANBgkqhkiG9w0BAQsFAAOCAQEAWSe03LT4S8VgMkwCmPmYD9QkGG/b
dqsDCKkaA67YZJSahktRs0qzCjCFyDzogOINgcms51WulhLagIiiMvNlb57+SAqY
ilgiR2H6jJEr2Z5NfDA4Czdcq3cI3rA1/LgsCYYDevV7TQfx8kLvc3JABJCdDvPF
JZsqNdSRdu/k1fgdBXjiWNM0gwlwyouGQ96vkv5mYsXb2bXrk6vZrR6hyahC5BIh
0gc2oOZQA++8DmIU2B1zyuA0fgeVvxfzB+Jp8sIaGZTx5yYuKdKtJHPco8IXVJkO
EwcxKE/b4osJuCut8tk4y7Juy+Gt4J5NITOMNL/PAjyyQj0QhPESrAYrAQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:04:32 2024 by rpki-client on console-fra.rpki-client.org