Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/rvfHd6w2NsZ7rooMxp5EY46aAJ8.cer
File:                     rvfHd6w2NsZ7rooMxp5EY46aAJ8.cer (raw, json)
Hash identifier:          HP5luHqhxTU2KTuoPNrMipayZVb/VoLqRss6BIniOWM=
Subject key identifier:   AE:F7:C7:77:AC:36:36:C6:7B:AE:8A:0C:C6:9E:44:63:8E:9A:00:9F
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2702
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36A4C9E/EA6F480C01B111ED8D98EB89F1222468/rvfHd6w2NsZ7rooMxp5EY46aAJ8.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36A4C9E/EA6F480C01B111ED8D98EB89F1222468/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 03:32:01 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 328758
                          IP: 102.221.182.0/23

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9986 (0x2702)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 03:32:01 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36A4C9EAF/serialNumber=AEF7C777AC3636C67BAE8A0CC69E44638E9A009F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:71:f1:af:f4:34:38:f3:43:7d:c2:b5:f0:54:
                    48:ea:e8:44:ac:bd:0c:ad:1b:a9:05:ad:47:fe:30:
                    3d:6f:1c:d9:b6:e4:dc:aa:93:9f:b9:87:e0:8c:78:
                    9a:66:4f:03:93:a3:67:3d:95:a5:68:a3:61:15:aa:
                    e3:c9:80:0a:0b:f1:f2:67:75:11:a6:2f:2d:e0:c6:
                    ee:70:2f:31:38:80:b8:56:66:af:3a:23:4e:cb:c2:
                    ed:c7:09:df:21:2f:ca:de:91:0a:d5:33:71:91:55:
                    63:52:71:ef:b9:e6:c4:8c:7d:13:6a:a6:2f:c9:ea:
                    9b:91:12:3a:ae:61:71:7c:34:10:7c:5d:8d:3b:da:
                    d8:b2:c9:59:79:71:12:58:3e:35:86:c5:40:85:94:
                    51:d8:1d:96:cf:93:65:a5:9a:89:0b:88:94:3e:4e:
                    03:ed:2b:1d:06:e5:5a:1b:a1:e1:26:12:37:32:cc:
                    e7:31:88:00:c0:78:96:51:91:00:ae:23:8a:b2:da:
                    cb:8e:6c:42:dc:c3:f4:95:8d:38:de:37:ea:a4:5d:
                    92:ea:06:7c:c2:f1:94:e0:dc:88:17:50:e1:7d:50:
                    34:8f:2b:27:f2:bb:ed:04:3c:c9:f8:58:c7:68:1f:
                    98:e1:f3:22:8c:99:f6:1d:4b:77:7b:7a:14:0a:5c:
                    57:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:F7:C7:77:AC:36:36:C6:7B:AE:8A:0C:C6:9E:44:63:8E:9A:00:9F
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A4C9E/EA6F480C01B111ED8D98EB89F1222468/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A4C9E/EA6F480C01B111ED8D98EB89F1222468/rvfHd6w2NsZ7rooMxp5EY46aAJ8.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  328758

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.221.182.0/23

    Signature Algorithm: sha256WithRSAEncryption
         49:f2:75:41:95:a3:f5:99:fe:65:35:77:e8:f5:b5:92:fd:5d:
         e4:04:43:cf:59:24:9b:96:f2:d5:3b:e1:96:64:05:6d:8c:99:
         c6:85:a5:2a:91:2a:b3:0d:91:9e:8c:79:7e:ca:12:69:84:f2:
         37:9a:ed:8b:e1:fe:24:87:fb:2d:47:db:61:6a:57:73:c7:e6:
         a9:a2:3b:39:ad:b6:11:4a:c2:87:7b:ce:97:e2:92:54:49:9d:
         1c:ce:b4:17:d5:0b:e0:42:8f:25:ff:cd:54:3d:b4:44:38:7f:
         81:e6:79:17:7e:21:aa:dd:a9:41:65:93:34:76:07:91:97:8d:
         8a:14:80:c5:71:db:da:01:dc:d9:f0:c6:ec:c9:2e:dd:a7:4e:
         00:38:51:a7:5e:65:c7:65:0c:81:42:6d:fc:56:dc:f4:37:02:
         bc:54:42:a9:a3:ac:21:49:b0:74:8d:c1:d0:08:64:84:3d:5c:
         2b:07:de:1d:a5:bd:f2:f1:e4:2d:6e:26:3c:cb:df:dc:5f:a9:
         b9:78:eb:6f:46:fa:cc:be:0e:fc:b4:cc:32:a2:8c:00:87:93:
         af:7f:23:c8:a5:4c:38:e0:c4:aa:27:6d:67:06:46:ac:fd:c7:
         5f:fd:32:28:ce:27:db:cf:02:95:cd:ae:9e:b7:97:43:20:80:
         85:d5:c7:84
-----BEGIN CERTIFICATE-----
MIIGFjCCBP6gAwIBAgICJwIwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMzMyMDFaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkE0QzlFQUYxMTAvBgNVBAUTKEFFRjdDNzc3QUMzNjM2QzY3QkFFOEEw
Q0M2OUU0NDYzOEU5QTAwOUYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCzcfGv9DQ480N9wrXwVEjq6ESsvQytG6kFrUf+MD1vHNm25Nyqk5+5h+CMeJpm
TwOTo2c9laVoo2EVquPJgAoL8fJndRGmLy3gxu5wLzE4gLhWZq86I07Lwu3HCd8h
L8rekQrVM3GRVWNSce+55sSMfRNqpi/J6puREjquYXF8NBB8XY072tiyyVl5cRJY
PjWGxUCFlFHYHZbPk2WlmokLiJQ+TgPtKx0G5VoboeEmEjcyzOcxiADAeJZRkQCu
I4qy2suObELcw/SVjTjeN+qkXZLqBnzC8ZTg3IgXUOF9UDSPKyfyu+0EPMn4WMdo
H5jh8yKMmfYdS3d7ehQKXFfJAgMBAAGjggMLMIIDBzAdBgNVHQ4EFgQUrvfHd6w2
NsZ7rooMxp5EY46aAJ8wHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZBNEM5RS9FQTZGNDgwQzAxQjEx
MUVEOEQ5OEVCODlGMTIyMjQ2OC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTRDOUUvRUE2RjQ4MEMwMUIxMTFFRDhEOThFQjg5RjEyMjI0NjgvcnZmSGQ2
dzJOc1o3cm9vTXhwNUVZNDZhQUo4Lm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFBDYwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFm3bYwDQYJKoZIhvcN
AQELBQADggEBAEnydUGVo/WZ/mU1d+j1tZL9XeQEQ89ZJJuW8tU74ZZkBW2MmcaF
pSqRKrMNkZ6MeX7KEmmE8jea7Yvh/iSH+y1H22FqV3PH5qmiOzmtthFKwod7zpfi
klRJnRzOtBfVC+BCjyX/zVQ9tEQ4f4HmeRd+IardqUFlkzR2B5GXjYoUgMVx29oB
3NnwxuzJLt2nTgA4UadeZcdlDIFCbfxW3PQ3ArxUQqmjrCFJsHSNwdAIZIQ9XCsH
3h2lvfLx5C1uJjzL39xfqbl4629G+sy+Dvy0zDKijACHk69/I8ilTDjgxKonbWcG
Rqz9x1/9MijOJ9vPApXNrp63l0MggIXVx4Q=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:23 2024 by rpki-client on console-ams.rpki-client.org