Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/ndN95jYew89otu98PBKrOZx8L4s.cer
File:                     ndN95jYew89otu98PBKrOZx8L4s.cer (raw, json)
Hash identifier:          J7k91+kSz9ssPCgKbbQbLj8iBGrTlRYuWfVGUfo5c5k=
Subject key identifier:   9D:D3:7D:E6:36:1E:C3:CF:68:B6:EF:7C:3C:12:AB:39:9C:7C:2F:8B
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2548
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F3660442/2962801C4FB211ED837146D4F1222468/ndN95jYew89otu98PBKrOZx8L4s.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F3660442/2962801C4FB211ED837146D4F1222468/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 02:26:48 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 329166
                          IP: 102.211.204.0/22
                          IP: 102.214.8.0/22
                          IP: 2c0f:5780::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 08:08:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9544 (0x2548)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 02:26:48 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F3660442AF/serialNumber=9DD37DE6361EC3CF68B6EF7C3C12AB399C7C2F8B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:dc:eb:8e:b1:d8:d4:ff:ec:9d:04:dc:21:ef:
                    9e:62:31:d5:63:43:c1:43:ed:15:f3:16:04:bc:0f:
                    f1:16:89:74:9e:6e:eb:06:e7:70:53:85:9c:86:f2:
                    06:ca:bd:24:c0:25:fe:98:a3:b3:f9:84:4e:67:33:
                    cc:a7:b4:a1:a2:4a:e1:e7:62:81:09:ee:dd:cb:e5:
                    97:7b:83:00:7c:3b:79:9d:26:b3:b2:8d:1d:fd:6a:
                    09:0d:9f:50:4b:ad:cf:06:2a:92:56:a7:cd:bf:3a:
                    72:f0:72:52:d9:dc:3f:be:9b:ce:71:e3:f6:c5:4e:
                    23:ac:0b:9d:28:3a:53:4d:55:53:9c:26:79:91:7b:
                    e2:72:bd:ab:bd:28:53:6d:3a:38:d7:a1:ca:f6:dc:
                    1c:4f:e0:10:5e:6a:f8:fc:78:09:83:c8:b9:47:c3:
                    87:1c:39:33:1c:65:32:bd:4c:bd:65:e3:85:17:ff:
                    4a:e1:eb:f4:48:34:39:f3:93:3d:ba:d2:ae:97:e5:
                    a3:f6:1b:c2:d0:9d:09:fc:6c:da:cd:86:42:53:67:
                    95:f3:57:d4:0d:69:d4:25:e0:9f:23:60:26:43:f5:
                    38:69:5b:1d:ba:25:37:00:38:1a:72:46:70:74:4c:
                    12:54:50:ae:0b:68:b0:39:9f:65:70:70:ca:ae:65:
                    7a:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:D3:7D:E6:36:1E:C3:CF:68:B6:EF:7C:3C:12:AB:39:9C:7C:2F:8B
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F3660442/2962801C4FB211ED837146D4F1222468/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F3660442/2962801C4FB211ED837146D4F1222468/ndN95jYew89otu98PBKrOZx8L4s.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  329166

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.211.204.0/22
                  102.214.8.0/22
                IPv6:
                  2c0f:5780::/32

    Signature Algorithm: sha256WithRSAEncryption
         07:dc:6a:1e:82:bd:17:63:dd:c2:7f:07:34:d9:27:a3:31:0c:
         13:7e:44:b7:ca:bc:42:57:ff:7c:e5:3b:75:a5:54:25:ea:d1:
         a5:d4:75:dd:0a:90:79:89:0d:d6:5b:3a:2c:7e:6a:d4:f1:93:
         15:77:65:83:25:16:33:58:09:0f:d8:02:3c:a4:67:da:c3:81:
         43:56:68:00:7d:cb:df:58:3d:11:fe:17:b2:1b:e0:16:79:21:
         5f:75:16:45:3d:69:bf:e2:cf:42:f4:f3:52:46:da:b4:02:c2:
         90:d1:7d:2d:05:d9:fb:1b:5e:e7:c7:cc:88:9d:82:af:c5:74:
         db:9f:3c:0f:c3:1d:d7:b5:58:4d:f3:11:ba:bf:76:fb:07:da:
         69:43:2e:cb:02:69:ff:a6:92:0c:d2:18:83:e3:ce:71:fb:0f:
         77:72:65:22:e0:7d:32:38:a2:91:bc:e7:b9:84:68:d9:7b:ab:
         33:3c:8a:07:35:40:79:fd:85:fb:26:a9:22:ef:78:c1:d5:a2:
         17:81:5c:48:c8:12:38:f1:10:fe:d1:94:6d:e4:05:f5:83:f4:
         4b:45:5a:6d:80:f3:87:cc:3d:30:d4:9e:89:74:76:ec:45:fa:
         99:c0:61:cf:e1:f8:ed:5f:25:54:22:70:b9:02:2a:20:7b:ce:
         21:e5:87:ca
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgICJUgwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMjI2NDhaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjYwNDQyQUYxMTAvBgNVBAUTKDlERDM3REU2MzYxRUMzQ0Y2OEI2RUY3
QzNDMTJBQjM5OUM3QzJGOEIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCx3OuOsdjU/+ydBNwh755iMdVjQ8FD7RXzFgS8D/EWiXSebusG53BThZyG8gbK
vSTAJf6Yo7P5hE5nM8yntKGiSuHnYoEJ7t3L5Zd7gwB8O3mdJrOyjR39agkNn1BL
rc8GKpJWp82/OnLwclLZ3D++m85x4/bFTiOsC50oOlNNVVOcJnmRe+Jyvau9KFNt
OjjXocr23BxP4BBeavj8eAmDyLlHw4ccOTMcZTK9TL1l44UX/0rh6/RINDnzkz26
0q6X5aP2G8LQnQn8bNrNhkJTZ5XzV9QNadQl4J8jYCZD9ThpWx26JTcAOBpyRnB0
TBJUUK4LaLA5n2VwcMquZXqnAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUndN95jYe
w89otu98PBKrOZx8L4swHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY2MDQ0Mi8yOTYyODAxQzRGQjIx
MUVEODM3MTQ2RDRGMTIyMjQ2OC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NjA0NDIvMjk2MjgwMUM0RkIyMTFFRDgzNzE0NkQ0RjEyMjI0NjgvbmROOTVq
WWV3ODlvdHU5OFBCS3JPWng4TDRzLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFBc4wNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAJm08wDBAJm1ggwDQQC
AAIwBwMFACwPV4AwDQYJKoZIhvcNAQELBQADggEBAAfcah6CvRdj3cJ/BzTZJ6Mx
DBN+RLfKvEJX/3zlO3WlVCXq0aXUdd0KkHmJDdZbOix+atTxkxV3ZYMlFjNYCQ/Y
AjykZ9rDgUNWaAB9y99YPRH+F7Ib4BZ5IV91FkU9ab/iz0L081JG2rQCwpDRfS0F
2fsbXufHzIidgq/FdNufPA/DHde1WE3zEbq/dvsH2mlDLssCaf+mkgzSGIPjznH7
D3dyZSLgfTI4opG857mEaNl7qzM8igc1QHn9hfsmqSLveMHVoheBXEjIEjjxEP7R
lG3kBfWD9EtFWm2A84fMPTDUnol0duxF+pnAYc/h+O1fJVQicLkCKiB7ziHlh8o=
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:21:29 2024 by rpki-client on console-fra.rpki-client.org