Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/rDTyPLJrGR-mwlc2ZqQWPdmGg4k.cer
File:                     rDTyPLJrGR-mwlc2ZqQWPdmGg4k.cer (raw, json)
Hash identifier:          n6Io1KDCxP3rZDAL/tcbn2qNtKel1QN6MQFVUIk7qO0=
Subject key identifier:   AC:34:F2:3C:B2:6B:19:1F:A6:C2:57:36:66:A4:16:3D:D9:86:83:89
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       315D
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36E4353/8AE09C2C19F611EC96E1D276D8A014CE/rDTyPLJrGR-mwlc2ZqQWPdmGg4k.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36E4353/8AE09C2C19F611EC96E1D276D8A014CE/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 04:09:34 +0000
Certificate not after:    Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources:    IP: 102.135.224.0/20
                          IP: 2c0f:6c00::/32
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12637 (0x315d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC
        Validity
            Not Before: Jan  1 04:09:34 2025 GMT
            Not After : Mar 31 00:00:00 2026 GMT
        Subject: CN=F36E4353AF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:a0:7c:45:b9:45:27:26:bb:f6:e9:95:71:81:
                    1f:d2:25:66:13:63:1d:57:de:bb:b7:f1:59:f8:4a:
                    1f:0f:d4:ba:b7:b1:74:7d:42:15:06:fa:6a:3f:f2:
                    43:9b:47:b8:83:a8:4b:0c:ec:45:04:24:ce:79:a5:
                    64:cd:40:f4:d8:de:20:83:96:e2:a0:c1:d6:d5:ff:
                    1d:5e:c3:fb:49:83:38:1c:1f:77:92:f0:7b:58:b0:
                    49:74:a3:c1:dd:78:1b:26:56:e6:0d:3f:f4:ca:00:
                    85:aa:0f:db:b0:bb:26:af:62:73:fd:41:02:98:8d:
                    48:6f:b6:1f:46:c3:fd:7c:a3:9e:69:e0:bf:c9:cc:
                    a2:8b:25:8a:86:e1:f6:16:9c:11:8e:a2:10:e9:8f:
                    a3:89:09:8e:d5:0a:9d:4b:a9:3c:bf:d7:c3:67:64:
                    b5:2a:30:2f:ec:66:f8:a9:05:59:7c:d9:4f:6a:cc:
                    a4:1c:ab:80:b8:8c:7d:d7:7e:bd:ed:92:24:94:35:
                    cd:72:de:6a:50:a8:4f:7a:d6:62:56:2d:6d:c6:9f:
                    a1:6b:99:85:c2:85:ab:26:d7:f3:c1:30:f6:cf:e7:
                    fd:4c:1f:dc:a4:e5:c9:60:ee:0b:19:d8:74:1a:75:
                    f1:20:ff:64:ce:7a:83:7e:2b:21:c4:c3:b9:4d:4a:
                    f3:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:34:F2:3C:B2:6B:19:1F:A6:C2:57:36:66:A4:16:3D:D9:86:83:89
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E4353/8AE09C2C19F611EC96E1D276D8A014CE/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E4353/8AE09C2C19F611EC96E1D276D8A014CE/rDTyPLJrGR-mwlc2ZqQWPdmGg4k.mft

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.135.224.0/20
                IPv6:
                  2c0f:6c00::/32

    Signature Algorithm: sha256WithRSAEncryption
         8c:d3:4b:eb:a3:de:57:e8:1c:78:b1:82:36:59:c2:2a:28:a9:
         d5:b0:e5:b0:cd:38:41:42:bb:94:61:d9:e5:62:c9:62:92:80:
         35:78:ea:07:81:bc:2d:40:ee:83:ff:e7:35:29:c0:f3:74:5f:
         bb:0d:54:06:5c:62:21:5d:47:ee:83:3c:fa:d8:24:4e:87:bf:
         13:d4:a8:ad:8e:d5:ef:65:39:01:ab:5a:cb:52:00:79:f4:cd:
         7c:7f:bd:d0:f3:14:18:4a:67:5b:65:ff:0e:16:19:97:11:6d:
         76:e8:f4:74:a4:32:61:95:45:d1:44:55:10:cf:09:ae:fd:51:
         ce:b5:09:2c:80:97:1d:01:fe:9e:11:c7:58:e9:d1:60:58:79:
         98:9b:ab:5a:cd:e7:be:99:de:56:b1:1f:6f:c3:5a:51:00:e2:
         7f:e2:7b:88:69:f5:7a:9d:9c:9c:b8:c0:c9:80:35:64:07:d6:
         97:a5:f4:89:e9:23:9a:4a:0d:5b:a3:12:3c:83:61:7c:e2:9c:
         90:32:23:49:d1:a3:b6:79:a7:9f:35:8d:ed:8e:3d:72:14:1c:
         6b:82:36:5a:e9:44:00:7e:ce:37:98:e2:52:85:48:5c:65:7d:
         92:c1:e4:04:3a:b0:34:8c:89:24:ff:c0:43:7e:90:6a:43:5a:
         4f:3d:1b:d8
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgICMV0wDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNTAxMDEwNDA5MzRaFw0yNjAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkU0MzUzQUYxMTAvBgNVBAUTKEFDMzRGMjNDQjI2QjE5MUZBNkMyNTcz
NjY2QTQxNjNERDk4NjgzODkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDwoHxFuUUnJrv26ZVxgR/SJWYTYx1X3ru38Vn4Sh8P1Lq3sXR9QhUG+mo/8kOb
R7iDqEsM7EUEJM55pWTNQPTY3iCDluKgwdbV/x1ew/tJgzgcH3eS8HtYsEl0o8Hd
eBsmVuYNP/TKAIWqD9uwuyavYnP9QQKYjUhvth9Gw/18o55p4L/JzKKLJYqG4fYW
nBGOohDpj6OJCY7VCp1LqTy/18NnZLUqMC/sZvipBVl82U9qzKQcq4C4jH3Xfr3t
kiSUNc1y3mpQqE961mJWLW3Gn6FrmYXChasm1/PBMPbP5/1MH9yk5clg7gsZ2HQa
dfEg/2TOeoN+KyHEw7lNSvMjAgMBAAGjggL+MIIC+jAdBgNVHQ4EFgQUrDTyPLJr
GR+mwlc2ZqQWPdmGg4kwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZFNDM1My84QUUwOUMyQzE5RjYx
MUVDOTZFMUQyNzZEOEEwMTRDRS8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTQzNTMvOEFFMDlDMkMxOUY2MTFFQzk2RTFEMjc2RDhBMDE0Q0UvckRUeVBM
SnJHUi1td2xjMlpxUVdQZG1HZzRrLm1mdDAuBggrBgEFBQcBBwEB/wQfMB0wDAQC
AAEwBgMEBGaH4DANBAIAAjAHAwUALA9sADANBgkqhkiG9w0BAQsFAAOCAQEAjNNL
66PeV+gceLGCNlnCKiip1bDlsM04QUK7lGHZ5WLJYpKANXjqB4G8LUDug//nNSnA
83Rfuw1UBlxiIV1H7oM8+tgkToe/E9SorY7V72U5Aatay1IAefTNfH+90PMUGEpn
W2X/DhYZlxFtduj0dKQyYZVF0URVEM8Jrv1RzrUJLICXHQH+nhHHWOnRYFh5mJur
Ws3nvpneVrEfb8NaUQDif+J7iGn1ep2cnLjAyYA1ZAfWl6X0iekjmkoNW6MSPINh
fOKckDIjSdGjtnmnnzWN7Y49chQca4I2WulEAH7ON5jiUoVIXGV9ksHkBDqwNIyJ
JP/AQ36QakNaTz0b2A==
-----END CERTIFICATE-----