Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/qO2f3Jdp7203QbndrnI9MYFl51A.cer
File:                     qO2f3Jdp7203QbndrnI9MYFl51A.cer (raw, json)
Hash identifier:          8NXrlEGMM46HpyYvs35wWgTcYOceMWAnVWoemVcdk4Q=
Subject key identifier:   A8:ED:9F:DC:97:69:EF:6D:37:41:B9:DD:AE:72:3D:31:81:65:E7:50
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       254F
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36628E9/FCDCD124833211EC890A0BAF5A40D577/qO2f3Jdp7203QbndrnI9MYFl51A.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36628E9/FCDCD124833211EC890A0BAF5A40D577/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 02:28:25 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    IP: 102.68.48.0/22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 08:08:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9551 (0x254f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 02:28:25 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36628E9AF/serialNumber=A8ED9FDC9769EF6D3741B9DDAE723D318165E750
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:a7:c2:59:8b:ba:52:8c:a1:a7:d0:e0:e2:27:
                    cc:ba:cc:6e:65:e0:76:31:e9:d9:5f:0b:30:30:e7:
                    14:85:79:56:e7:06:36:6c:4b:7b:23:b8:e9:a5:56:
                    54:60:cd:e9:09:81:63:80:7d:d9:a8:62:ea:f6:c4:
                    ac:0a:0e:51:b1:a6:3b:53:00:72:af:c0:13:94:76:
                    1b:c4:08:8a:9b:f2:56:e9:62:9a:d9:fb:a4:62:2e:
                    f9:9e:64:c3:20:3d:0d:83:b1:6f:0f:ba:de:95:89:
                    eb:bc:80:4f:ac:12:59:0e:f1:6c:2a:cb:13:68:7b:
                    ff:11:c8:4b:d4:41:b6:f0:99:50:98:84:a2:9d:a9:
                    40:bf:84:5f:1c:05:fd:3b:4f:24:42:90:4e:0d:7c:
                    13:63:49:84:95:4b:9e:a5:23:16:8c:e2:e3:41:fc:
                    c5:4e:26:90:b6:d2:ca:d9:72:f5:f3:56:aa:c7:63:
                    15:00:ab:06:68:8c:5a:6c:1f:84:de:fa:6e:aa:83:
                    f0:da:33:30:bb:01:a1:d5:20:11:7e:eb:65:b2:77:
                    6b:14:47:36:73:da:8d:b4:cf:c5:8b:4e:5c:2a:d2:
                    46:83:86:ed:aa:c7:fa:c0:01:38:53:de:34:0b:21:
                    2c:e1:da:6d:91:17:c2:a1:05:bc:01:8b:1b:70:3f:
                    c9:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:ED:9F:DC:97:69:EF:6D:37:41:B9:DD:AE:72:3D:31:81:65:E7:50
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36628E9/FCDCD124833211EC890A0BAF5A40D577/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36628E9/FCDCD124833211EC890A0BAF5A40D577/qO2f3Jdp7203QbndrnI9MYFl51A.mft

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.68.48.0/22

    Signature Algorithm: sha256WithRSAEncryption
         01:88:11:5d:30:f1:e4:73:4e:e3:fd:3a:de:6c:da:6e:71:3f:
         a7:e2:bc:c2:a8:49:ab:e4:db:31:49:65:3d:d5:cd:49:c6:8e:
         65:d1:ba:39:97:19:d9:c5:5d:bf:a1:49:9d:81:3c:a4:67:4c:
         80:6f:40:da:1e:d6:e7:12:06:16:ba:ea:63:df:73:c0:2a:5f:
         1d:3e:c0:f1:d8:2a:10:8b:24:6e:e8:8b:ff:51:67:c8:0f:23:
         e2:57:ac:cd:8d:ea:30:24:b4:cb:98:cf:b9:fa:21:01:be:20:
         aa:13:14:b0:ba:36:66:ac:79:1a:64:91:44:04:55:ff:54:8a:
         e7:f2:98:c8:e8:63:b3:ad:1e:f3:2c:ee:2f:e4:5c:7f:45:3d:
         4d:5c:72:bd:e4:cc:83:a2:cf:f5:c3:92:2b:fd:15:3d:53:bb:
         27:a3:5a:b5:09:8c:49:bc:87:f1:a9:35:05:fb:34:5f:17:37:
         21:08:40:31:4a:d1:78:9e:1e:83:a5:d5:b6:8f:a9:5d:f3:63:
         14:9e:4b:e0:01:55:54:b1:cb:36:f2:b7:49:06:f1:01:4c:32:
         91:a7:f9:03:74:ed:45:7e:eb:f5:00:d7:33:f0:6c:b3:72:3e:
         e0:de:ca:8d:9e:e6:8f:e2:d3:e8:d5:db:7a:b7:21:b0:01:59:
         a8:c6:99:e8
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgICJU8wDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMjI4MjVaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjYyOEU5QUYxMTAvBgNVBAUTKEE4RUQ5RkRDOTc2OUVGNkQzNzQxQjlE
REFFNzIzRDMxODE2NUU3NTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD0p8JZi7pSjKGn0ODiJ8y6zG5l4HYx6dlfCzAw5xSFeVbnBjZsS3sjuOmlVlRg
zekJgWOAfdmoYur2xKwKDlGxpjtTAHKvwBOUdhvECIqb8lbpYprZ+6RiLvmeZMMg
PQ2DsW8Put6Vieu8gE+sElkO8WwqyxNoe/8RyEvUQbbwmVCYhKKdqUC/hF8cBf07
TyRCkE4NfBNjSYSVS56lIxaM4uNB/MVOJpC20srZcvXzVqrHYxUAqwZojFpsH4Te
+m6qg/DaMzC7AaHVIBF+62Wyd2sURzZz2o20z8WLTlwq0kaDhu2qx/rAAThT3jQL
ISzh2m2RF8KhBbwBixtwP8n/AgMBAAGjggLvMIIC6zAdBgNVHQ4EFgQUqO2f3Jdp
7203QbndrnI9MYFl51AwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY2MjhFOS9GQ0RDRDEyNDgzMzIx
MUVDODkwQTBCQUY1QTQwRDU3Ny8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NjI4RTkvRkNEQ0QxMjQ4MzMyMTFFQzg5MEEwQkFGNUE0MEQ1NzcvcU8yZjNK
ZHA3MjAzUWJuZHJuSTlNWUZsNTFBLm1mdDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAmZEMDANBgkqhkiG9w0BAQsFAAOCAQEAAYgRXTDx5HNO4/063mzabnE/
p+K8wqhJq+TbMUllPdXNScaOZdG6OZcZ2cVdv6FJnYE8pGdMgG9A2h7W5xIGFrrq
Y99zwCpfHT7A8dgqEIskbuiL/1FnyA8j4leszY3qMCS0y5jPufohAb4gqhMUsLo2
Zqx5GmSRRARV/1SK5/KYyOhjs60e8yzuL+Rcf0U9TVxyveTMg6LP9cOSK/0VPVO7
J6NatQmMSbyH8ak1Bfs0Xxc3IQhAMUrReJ4eg6XVto+pXfNjFJ5L4AFVVLHLNvK3
SQbxAUwykaf5A3TtRX7r9QDXM/Bss3I+4N7KjZ7mj+LT6NXberchsAFZqMaZ6A==
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:21:29 2024 by rpki-client on console-fra.rpki-client.org