Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/osaoR7jzEgAwg0GHFH38ZcjulMA.cer
File:                     osaoR7jzEgAwg0GHFH38ZcjulMA.cer (raw, json)
Hash identifier:          IQO78xq5VLA+g4waZvgYX88VNJYxcnW8l5p8cn/OW4M=
Subject key identifier:   A2:C6:A8:47:B8:F3:12:00:30:83:41:87:14:7D:FC:65:C8:EE:94:C0
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2392
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F3627BD6/366035A423F211E6BD17D823F8AEA228/osaoR7jzEgAwg0GHFH38ZcjulMA.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F3627BD6/366035A423F211E6BD17D823F8AEA228/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 00:39:24 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 7020
                          IP: 196.4.250.0/23
                          IP: 196.10.1.0 -- 196.10.50.255
                          IP: 196.29.128.0/19
                          IP: 196.45.168.0/21
                          IP: 2c0f:fb80::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9106 (0x2392)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 00:39:24 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F3627BD6AF/serialNumber=A2C6A847B8F3120030834187147DFC65C8EE94C0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:ca:b4:37:0d:1e:03:ca:13:39:4d:9e:b8:62:
                    ab:be:96:cb:c1:e0:15:d0:17:0b:f1:59:db:94:a1:
                    67:ff:32:f3:7d:23:5f:09:97:67:7b:c0:e6:03:1f:
                    77:00:07:cf:be:44:87:be:15:7d:45:39:c9:a2:5d:
                    12:ca:0b:fe:f1:c9:f5:66:0a:55:d4:ac:02:bf:c3:
                    4b:fc:bb:f0:3c:c3:dc:56:42:64:89:df:eb:75:21:
                    9f:49:1c:e6:44:dd:0a:b1:be:53:df:10:a9:7e:ec:
                    61:1f:8c:df:27:04:a1:4c:a1:f3:60:60:cd:23:18:
                    d1:f2:68:92:55:62:a2:67:2f:dd:18:0b:02:3f:1d:
                    8b:84:44:30:74:b0:a2:d9:e4:2d:75:44:48:aa:a3:
                    a6:ea:ba:c6:c1:e7:8e:6d:32:2e:a9:b2:d1:86:47:
                    f4:b5:e1:67:bc:79:15:48:00:68:d4:aa:da:03:d2:
                    1f:8a:c5:05:56:25:cc:df:b0:2e:5e:e3:89:56:aa:
                    ba:9e:8f:44:0a:09:43:7d:8d:33:07:f5:b2:b7:92:
                    fd:eb:fb:c4:07:5f:49:1e:f9:dc:24:bf:c5:98:d6:
                    8a:d8:dc:ce:ef:5c:e9:05:d0:52:91:61:fe:28:79:
                    62:cb:90:18:92:89:94:cf:92:e2:37:94:0f:7a:09:
                    bb:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:C6:A8:47:B8:F3:12:00:30:83:41:87:14:7D:FC:65:C8:EE:94:C0
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F3627BD6/366035A423F211E6BD17D823F8AEA228/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F3627BD6/366035A423F211E6BD17D823F8AEA228/osaoR7jzEgAwg0GHFH38ZcjulMA.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  7020

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.4.250.0/23
                  196.10.1.0-196.10.50.255
                  196.29.128.0/19
                  196.45.168.0/21
                IPv6:
                  2c0f:fb80::/32

    Signature Algorithm: sha256WithRSAEncryption
         6d:99:3a:3e:10:29:93:22:23:70:b5:e8:37:59:bc:e4:31:fd:
         01:e3:58:fe:70:b1:7b:3f:bd:3c:50:7e:32:74:9b:c5:b4:69:
         90:40:24:04:48:7a:b2:4f:a4:79:d5:64:6a:14:42:a1:64:c0:
         b5:ea:0f:b2:65:53:e8:cd:7a:6c:77:5f:8f:e8:cd:79:e4:6e:
         7a:74:a8:fe:78:31:90:a8:90:61:16:b7:8d:d3:2f:d6:e3:f2:
         6c:63:58:ef:85:7f:6a:46:f1:be:e5:5f:2d:39:22:54:c6:d7:
         87:91:e7:18:35:c0:d6:44:b3:08:b0:de:66:6e:ab:f4:71:1e:
         0b:51:8f:a2:22:19:7a:79:84:10:10:24:49:32:a8:ed:0e:84:
         f6:b0:3a:3d:48:5a:e6:b9:f8:95:89:f4:bd:78:08:81:78:2a:
         db:e2:39:a4:8c:28:39:6d:2b:c7:ab:ff:86:14:19:87:e1:7f:
         88:73:43:3c:65:83:0d:1d:15:2f:df:70:c6:49:d1:6c:68:8b:
         49:16:83:70:15:77:1b:e6:e0:9f:a7:f5:3c:71:c3:f9:75:f7:
         51:48:93:46:d3:67:02:fe:c6:e2:c0:e3:48:7d:95:1b:64:ae:
         15:34:11:e8:3c:a7:0b:8e:58:70:2f:b8:31:61:b9:89:d4:c6:
         f7:50:1e:54
-----BEGIN CERTIFICATE-----
MIIGPjCCBSagAwIBAgICI5IwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMDM5MjRaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjI3QkQ2QUYxMTAvBgNVBAUTKEEyQzZBODQ3QjhGMzEyMDAzMDgzNDE4
NzE0N0RGQzY1QzhFRTk0QzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD0yrQ3DR4DyhM5TZ64Yqu+lsvB4BXQFwvxWduUoWf/MvN9I18Jl2d7wOYDH3cA
B8++RIe+FX1FOcmiXRLKC/7xyfVmClXUrAK/w0v8u/A8w9xWQmSJ3+t1IZ9JHOZE
3QqxvlPfEKl+7GEfjN8nBKFMofNgYM0jGNHyaJJVYqJnL90YCwI/HYuERDB0sKLZ
5C11REiqo6bqusbB545tMi6pstGGR/S14We8eRVIAGjUqtoD0h+KxQVWJczfsC5e
44lWqrqej0QKCUN9jTMH9bK3kv3r+8QHX0ke+dwkv8WY1orY3M7vXOkF0FKRYf4o
eWLLkBiSiZTPkuI3lA96CbvNAgMBAAGjggMzMIIDLzAdBgNVHQ4EFgQUosaoR7jz
EgAwg0GHFH38ZcjulMAwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzYyN0JENi8zNjYwMzVBNDIzRjIx
MUU2QkQxN0Q4MjNGOEFFQTIyOC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MjdCRDYvMzY2MDM1QTQyM0YyMTFFNkJEMTdEODIzRjhBRUEyMjgvb3Nhb1I3
anpFZ0F3ZzBHSEZIMzhaY2p1bE1BLm1mdDAZBggrBgEFBQcBCAEB/wQKMAigBjAE
AgIbbDBIBggrBgEFBQcBBwEB/wQ5MDcwJgQCAAEwIAMEAcQE+jAMAwQAxAoBAwQA
xAoyAwQFxB2AAwQDxC2oMA0EAgACMAcDBQAsD/uAMA0GCSqGSIb3DQEBCwUAA4IB
AQBtmTo+ECmTIiNwteg3WbzkMf0B41j+cLF7P708UH4ydJvFtGmQQCQESHqyT6R5
1WRqFEKhZMC16g+yZVPozXpsd1+P6M155G56dKj+eDGQqJBhFreN0y/W4/JsY1jv
hX9qRvG+5V8tOSJUxteHkecYNcDWRLMIsN5mbqv0cR4LUY+iIhl6eYQQECRJMqjt
DoT2sDo9SFrmufiVifS9eAiBeCrb4jmkjCg5bSvHq/+GFBmH4X+Ic0M8ZYMNHRUv
33DGSdFsaItJFoNwFXcb5uCfp/U8ccP5dfdRSJNG02cC/sbiwONIfZUbZK4VNBHo
PKcLjlhwL7gxYbmJ1Mb3UB5U
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:04:32 2024 by rpki-client on console-fra.rpki-client.org