Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/mHRv-zBcIzNDMIo4lctwgmYY_Eg.cer
File:                     mHRv-zBcIzNDMIo4lctwgmYY_Eg.cer (raw, json)
Hash identifier:          O1c2zBe2l/N0GjkEes+BNAcrIcODEiLQ3XLrrO7t/T8=
Subject key identifier:   98:74:6F:FB:30:5C:23:33:43:30:8A:38:95:CB:70:82:66:18:FC:48
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2740
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36B2802/871341FC0F8B11EA8FF19662F8AEA228/mHRv-zBcIzNDMIo4lctwgmYY_Eg.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36B2802/871341FC0F8B11EA8FF19662F8AEA228/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 03:41:30 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 328146

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10048 (0x2740)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 03:41:30 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36B2802AF/serialNumber=98746FFB305C233343308A3895CB70826618FC48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:1e:20:0e:cc:d3:22:95:4b:4b:32:0f:a8:2e:
                    ba:29:12:7d:ec:60:c8:c0:e5:e0:0e:9e:94:b1:60:
                    6e:91:7b:ec:23:18:05:37:70:a5:f6:65:26:96:cd:
                    29:0b:f0:a7:a8:fd:8a:b2:1a:4c:cd:65:00:45:b3:
                    db:08:eb:07:85:3f:cb:91:e6:10:29:79:8e:c6:d6:
                    36:fe:84:04:0a:ca:75:91:f8:9e:fc:df:0f:e1:91:
                    49:7f:e6:5c:cc:1b:3c:62:f6:39:89:83:58:2c:57:
                    03:9e:2c:d7:ed:2c:7a:77:a9:be:88:39:35:94:3c:
                    5f:03:32:5d:cc:04:df:0f:e4:9f:de:32:29:07:5c:
                    6c:08:43:44:10:42:f7:18:3e:a7:1a:d7:07:55:8d:
                    b7:36:7c:78:6f:f5:74:4e:1c:7b:16:98:f9:01:70:
                    22:16:db:11:4b:cf:09:86:7c:d4:a4:20:fc:62:0c:
                    ba:03:1f:d4:78:29:6b:e4:39:af:dd:28:3c:b8:9e:
                    82:b1:f9:da:f9:5f:c0:b2:11:10:63:58:73:ee:dc:
                    c6:0a:0a:fe:89:14:4b:bf:7f:08:dc:c3:cb:4c:81:
                    96:e2:1c:aa:9f:f8:42:3b:f8:50:c1:cc:45:e1:21:
                    8a:fc:0e:53:49:4f:ea:3f:75:cc:ab:16:d4:6a:14:
                    67:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:74:6F:FB:30:5C:23:33:43:30:8A:38:95:CB:70:82:66:18:FC:48
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B2802/871341FC0F8B11EA8FF19662F8AEA228/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B2802/871341FC0F8B11EA8FF19662F8AEA228/mHRv-zBcIzNDMIo4lctwgmYY_Eg.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  328146

    Signature Algorithm: sha256WithRSAEncryption
         ae:c7:4e:43:d3:35:bf:74:a9:dc:49:45:b3:56:57:34:b7:d9:
         03:b1:61:87:17:08:2e:dd:52:1e:fe:79:8f:ca:9e:25:50:3b:
         67:29:b5:fc:35:91:2f:2c:b5:27:b7:0f:1d:ad:58:a1:95:1b:
         af:19:76:c1:c8:8a:53:02:79:61:d5:d5:9a:7a:22:57:f2:f1:
         a4:8b:f0:c3:98:b2:13:c3:d7:1b:5a:d8:b8:ce:ef:c9:f2:62:
         dd:61:18:b3:64:1c:e3:9c:f7:40:94:74:a9:cf:34:39:ff:fe:
         9c:a8:22:44:6c:a3:98:3a:97:51:20:2b:97:85:bb:ba:1a:f5:
         e2:37:55:2e:b4:9b:6d:bb:a7:42:3a:49:4d:84:7f:3b:57:d0:
         99:f8:eb:ca:e0:48:ba:d3:a9:cf:bc:49:b4:22:66:11:d1:a7:
         48:a4:a0:c9:4b:d8:1c:ad:c9:8c:a9:9d:38:6f:6f:ee:47:95:
         4b:fa:6c:17:9e:a1:df:19:ae:1b:bf:28:85:29:d7:44:e6:97:
         d0:23:76:92:04:7d:12:af:22:e2:b0:a9:e8:2a:9c:8f:88:93:
         d3:b9:c3:a4:2b:71:d9:f4:9e:05:98:74:2d:96:09:65:f9:20:
         5a:f3:85:c4:15:e2:49:a7:51:d7:54:d6:a9:b1:7a:a8:06:03:
         28:fe:43:6e
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgICJ0AwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMzQxMzBaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkIyODAyQUYxMTAvBgNVBAUTKDk4NzQ2RkZCMzA1QzIzMzM0MzMwOEEz
ODk1Q0I3MDgyNjYxOEZDNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDWHiAOzNMilUtLMg+oLropEn3sYMjA5eAOnpSxYG6Re+wjGAU3cKX2ZSaWzSkL
8Keo/YqyGkzNZQBFs9sI6weFP8uR5hApeY7G1jb+hAQKynWR+J783w/hkUl/5lzM
Gzxi9jmJg1gsVwOeLNftLHp3qb6IOTWUPF8DMl3MBN8P5J/eMikHXGwIQ0QQQvcY
Pqca1wdVjbc2fHhv9XROHHsWmPkBcCIW2xFLzwmGfNSkIPxiDLoDH9R4KWvkOa/d
KDy4noKx+dr5X8CyERBjWHPu3MYKCv6JFEu/fwjcw8tMgZbiHKqf+EI7+FDBzEXh
IYr8DlNJT+o/dcyrFtRqFGcJAgMBAAGjggLqMIIC5jAdBgNVHQ4EFgQUmHRv+zBc
IzNDMIo4lctwgmYY/EgwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZCMjgwMi84NzEzNDFGQzBGOEIx
MUVBOEZGMTk2NjJGOEFFQTIyOC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QjI4MDIvODcxMzQxRkMwRjhCMTFFQThGRjE5NjYyRjhBRUEyMjgvbUhSdi16
QmNJek5ETUlvNGxjdHdnbVlZX0VnLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFAdIwDQYJKoZIhvcNAQELBQADggEBAK7HTkPTNb90qdxJRbNWVzS32QOxYYcX
CC7dUh7+eY/KniVQO2cptfw1kS8stSe3Dx2tWKGVG68ZdsHIilMCeWHV1Zp6Ilfy
8aSL8MOYshPD1xta2LjO78nyYt1hGLNkHOOc90CUdKnPNDn//pyoIkRso5g6l1Eg
K5eFu7oa9eI3VS60m227p0I6SU2EfztX0Jn468rgSLrTqc+8SbQiZhHRp0ikoMlL
2BytyYypnThvb+5HlUv6bBeeod8Zrhu/KIUp10Tml9AjdpIEfRKvIuKwqegqnI+I
k9O5w6Qrcdn0ngWYdC2WCWX5IFrzhcQV4kmnUddU1qmxeqgGAyj+Q24=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:04:32 2024 by rpki-client on console-fra.rpki-client.org