Certificate
$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/nqwIPfzNKV1WFgVVs-q-bRV3CyA.cer
File: nqwIPfzNKV1WFgVVs-q-bRV3CyA.cer (raw, json)
Hash identifier: sFtOUWUvYFQYDHNHLVDDqgIInZtKnQ6J6dEII+543RM=
Subject key identifier: 9E:AC:08:3D:FC:CD:29:5D:56:16:05:55:B3:EA:BE:6D:15:77:0B:20
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer: /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial: 2D43
Authority info access: rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest: rsync://rpki.afrinic.net/repository/member_repository/F3623AE4/C4005E32B27011EF82361D42762E951A/nqwIPfzNKV1WFgVVs-q-bRV3CyA.mft
caRepository: rsync://rpki.afrinic.net/repository/member_repository/F3623AE4/C4005E32B27011EF82361D42762E951A/
Notify URL: https://rrdp.afrinic.net/notification.xml
Certificate not before: Wed 01 Jan 2025 00:32:36 +0000
Certificate not after: Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources: AS: 328237
IP: 2c0f:f1a8::/32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 04 Apr 2025 00:06:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11587 (0x2d43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=AFRINIC
Validity
Not Before: Jan 1 00:32:36 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=F3623AE4AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:9b:fa:f6:7a:31:6b:0e:65:e3:5e:94:81:ce:
78:37:69:4c:60:86:20:16:b1:49:c9:c2:fd:cb:a8:
4d:97:e0:81:90:c0:14:2c:ac:aa:11:91:01:44:06:
b5:b7:f6:ae:0a:39:fd:45:6c:41:12:7e:2e:a1:0b:
27:e9:40:d1:b1:19:5b:bf:d5:2d:5e:77:07:62:0b:
6b:68:ed:97:50:94:24:87:fa:df:b3:7c:af:fe:48:
b6:26:b2:b1:0b:12:ac:e4:f4:94:36:41:ff:9d:13:
09:17:91:3e:23:48:d0:a8:0c:f1:1c:11:fa:03:aa:
fa:0f:56:66:a7:2c:99:87:5e:5f:3a:71:27:68:62:
cc:86:2a:48:5b:8e:39:7a:e8:cf:3d:3f:2e:fd:dc:
a6:01:0a:f4:c5:a9:d6:42:9a:7a:13:34:b1:a6:e9:
3c:52:a3:81:be:6a:ce:42:6f:2f:6d:78:33:6b:e3:
52:84:ff:e7:15:41:28:bc:85:62:b1:71:c5:4b:7c:
81:eb:0e:3f:5a:36:81:7f:12:f2:18:1b:4d:cd:24:
b7:dd:0f:2b:e8:35:ff:69:27:8a:c8:e4:a6:7a:cd:
1b:d8:de:9c:2e:f0:25:04:63:e2:e5:6a:6d:4e:4b:
65:09:cb:d4:22:e2:45:90:be:f4:09:9d:ad:43:f3:
21:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:AC:08:3D:FC:CD:29:5D:56:16:05:55:B3:EA:BE:6D:15:77:0B:20
X509v3 Authority Key Identifier:
keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F3623AE4/C4005E32B27011EF82361D42762E951A/
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F3623AE4/C4005E32B27011EF82361D42762E951A/nqwIPfzNKV1WFgVVs-q-bRV3CyA.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
328237
sbgp-ipAddrBlock: critical
IPv6:
2c0f:f1a8::/32
Signature Algorithm: sha256WithRSAEncryption
73:c6:cf:08:dc:65:d3:bf:6d:db:87:d7:04:2e:c8:8c:ec:5c:
9c:76:91:be:c0:d7:7e:ac:8a:a1:e0:be:61:c2:50:ac:84:dd:
4e:c3:4f:f6:ac:88:16:8e:21:e2:78:b5:0a:da:53:db:4b:c8:
7c:02:47:a6:6d:60:44:e1:96:60:c7:aa:b1:d5:d1:53:4d:80:
7b:d5:8c:29:bb:57:c8:ef:16:f7:27:21:be:20:6c:2f:13:1a:
74:5d:f0:35:16:85:93:36:1b:f3:0f:ed:e4:1c:19:84:1d:f6:
ed:0e:ad:c4:2e:a3:c6:4d:94:75:ee:1b:8a:40:bc:6f:44:84:
32:90:d2:f0:ca:a4:97:9d:a3:66:a7:08:99:fe:59:86:8c:90:
de:26:da:a0:46:33:7a:12:99:78:dd:c3:4b:02:f6:25:6e:fa:
e8:71:e4:8d:c7:8e:20:60:ff:81:f2:de:0d:6b:48:1e:b6:75:
08:4e:bc:7d:13:14:05:57:2f:2d:73:ce:c6:be:17:69:3c:2c:
e5:52:6e:7f:3d:b0:1b:c6:98:19:62:33:15:9b:67:85:23:b1:
8a:2e:9d:72:ce:2f:54:bd:09:cb:97:60:78:43:30:9f:e9:4c:
ff:61:0f:bd:0e:43:fc:60:01:c4:28:54:4c:ad:5d:d9:9e:10:
29:39:3e:f9
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgICLUMwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNTAxMDEwMDMyMzZaFw0yNjAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjIzQUU0QUYxMTAvBgNVBAUTKDlFQUMwODNERkNDRDI5NUQ1NjE2MDU1
NUIzRUFCRTZEMTU3NzBCMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCZm/r2ejFrDmXjXpSBzng3aUxghiAWsUnJwv3LqE2X4IGQwBQsrKoRkQFEBrW3
9q4KOf1FbEESfi6hCyfpQNGxGVu/1S1edwdiC2to7ZdQlCSH+t+zfK/+SLYmsrEL
Eqzk9JQ2Qf+dEwkXkT4jSNCoDPEcEfoDqvoPVmanLJmHXl86cSdoYsyGKkhbjjl6
6M89Py793KYBCvTFqdZCmnoTNLGm6TxSo4G+as5Cby9teDNr41KE/+cVQSi8hWKx
ccVLfIHrDj9aNoF/EvIYG03NJLfdDyvoNf9pJ4rI5KZ6zRvY3pwu8CUEY+Llam1O
S2UJy9Qi4kWQvvQJna1D8yGjAgMBAAGjggMMMIIDCDAdBgNVHQ4EFgQUnqwIPfzN
KV1WFgVVs+q+bRV3CyAwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzYyM0FFNC9DNDAwNUUzMkIyNzAx
MUVGODIzNjFENDI3NjJFOTUxQS8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MjNBRTQvQzQwMDVFMzJCMjcwMTFFRjgyMzYxRDQyNzYyRTk1MUEvbnF3SVBm
ek5LVjFXRmdWVnMtcS1iUlYzQ3lBLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFAi0wIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAsD/GoMA0GCSqGSIb3
DQEBCwUAA4IBAQBzxs8I3GXTv23bh9cELsiM7FycdpG+wNd+rIqh4L5hwlCshN1O
w0/2rIgWjiHieLUK2lPbS8h8AkembWBE4ZZgx6qx1dFTTYB71Ywpu1fI7xb3JyG+
IGwvExp0XfA1FoWTNhvzD+3kHBmEHfbtDq3ELqPGTZR17huKQLxvRIQykNLwyqSX
naNmpwiZ/lmGjJDeJtqgRjN6Epl43cNLAvYlbvroceSNx44gYP+B8t4Na0getnUI
Trx9ExQFVy8tc87GvhdpPCzlUm5/PbAbxpgZYjMVm2eFI7GKLp1yzi9UvQnLl2B4
QzCf6Uz/YQ+9DkP8YAHEKFRMrV3ZnhApOT75
-----END CERTIFICATE-----
Generated at Wed Apr 2 08:31:51 2025 by rpki-client