Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/tcdCRu5ePI-pmYQd3EQ2U_hUun0.cer
File:                     tcdCRu5ePI-pmYQd3EQ2U_hUun0.cer (raw, json)
Hash identifier:          CEmBMu7uikGEmMHEhj0w8n5qAncT82jBl8Uh7twyE2s=
Subject key identifier:   B5:C7:42:46:EE:5E:3C:8F:A9:99:84:1D:DC:44:36:53:F8:54:BA:7D
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2927
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36E75A9/55520340C40611EE8F4A288D775412E6/tcdCRu5ePI-pmYQd3EQ2U_hUun0.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36E75A9/55520340C40611EE8F4A288D775412E6/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 05 Feb 2024 15:51:25 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 329378
                          IP: 102.210.104.0/22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10535 (0x2927)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Feb  5 15:51:25 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36E75A9AF/serialNumber=B5C74246EE5E3C8FA999841DDC443653F854BA7D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:64:bc:67:32:4b:d1:24:1f:80:49:bb:e9:23:
                    d7:28:49:09:a9:0a:61:3d:7d:99:ea:8f:ad:49:0b:
                    e7:b1:91:34:87:41:d4:12:a1:4a:16:56:1f:82:4d:
                    41:d2:64:77:8b:72:a3:a8:03:0a:36:d8:9c:6d:99:
                    28:02:c3:1b:b7:aa:7c:17:a0:41:2e:d0:6d:5d:7f:
                    fd:17:9a:81:bb:1b:7e:4b:7b:63:27:e1:1e:e3:a8:
                    bf:64:fc:0e:74:3d:e4:e1:35:13:be:ea:cf:6f:92:
                    4d:ae:de:1f:4c:50:64:de:f7:8e:60:64:d9:f2:36:
                    df:49:fb:82:a5:1a:ce:4f:e8:c1:e6:db:97:58:54:
                    60:a0:55:9f:bb:86:fe:b8:2a:e9:c1:99:6d:3d:15:
                    c1:63:67:6d:87:6e:1d:8c:1c:8c:4b:67:45:6a:e0:
                    1b:f1:f2:a8:43:5f:9c:f7:fc:d0:e4:46:fc:0c:d3:
                    e2:b9:16:0b:70:03:ea:3c:25:fc:c5:b7:1a:79:e3:
                    83:03:27:c0:ce:53:d6:0f:05:9c:75:5e:18:08:f3:
                    f0:c5:09:81:30:09:4f:7f:48:0e:61:ac:f0:9b:a3:
                    58:b1:c4:04:74:55:aa:63:d7:5f:87:96:b4:32:a9:
                    29:6e:f9:ad:f1:dc:dc:72:2b:b7:0b:a0:c8:02:1f:
                    af:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:C7:42:46:EE:5E:3C:8F:A9:99:84:1D:DC:44:36:53:F8:54:BA:7D
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E75A9/55520340C40611EE8F4A288D775412E6/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E75A9/55520340C40611EE8F4A288D775412E6/tcdCRu5ePI-pmYQd3EQ2U_hUun0.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  329378

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.210.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         67:92:2b:2a:a2:1d:e9:8c:bd:06:22:8c:e1:46:8d:61:13:d5:
         16:d7:dc:9d:d6:6c:e5:df:20:12:aa:2b:dd:79:2b:7d:e7:82:
         5c:e9:eb:b9:94:7e:a8:8a:fb:42:23:a2:98:83:bd:cc:50:b3:
         58:10:87:e1:8a:a9:29:a8:99:0b:00:5f:61:46:c0:b3:c0:75:
         c4:3d:d2:d7:02:27:56:ea:40:34:f2:ab:6f:d3:0f:24:dc:f8:
         17:da:75:cc:95:66:fa:92:d4:5b:78:b5:40:20:2d:21:c2:6c:
         bc:28:00:9f:3c:93:89:c4:03:6b:1b:7c:b5:37:ad:d4:38:db:
         d6:d3:f9:b8:db:ac:c9:23:74:3d:19:44:f8:07:46:28:34:d5:
         97:7a:94:8d:4c:e0:c6:f7:be:e9:6c:66:46:5d:99:0b:30:f2:
         61:15:a0:9f:69:e5:77:63:ac:a1:28:0a:91:d0:dc:f8:96:39:
         4b:09:38:80:15:58:c7:06:54:f3:3b:dd:98:ea:ec:de:d3:92:
         6d:ba:9f:fb:40:7a:41:7d:43:69:c5:ef:14:5d:81:c7:16:47:
         ce:54:00:69:6a:7d:b8:41:c7:db:26:91:eb:24:08:01:c8:ab:
         a9:74:2a:ed:2f:ae:c4:e1:c2:7a:bb:82:fa:c5:0e:d5:a7:93:
         cd:f3:c9:f1
-----BEGIN CERTIFICATE-----
MIIGFjCCBP6gAwIBAgICKScwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAyMDUxNTUxMjVaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkU3NUE5QUYxMTAvBgNVBAUTKEI1Qzc0MjQ2RUU1RTNDOEZBOTk5ODQx
RERDNDQzNjUzRjg1NEJBN0QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDFZLxnMkvRJB+ASbvpI9coSQmpCmE9fZnqj61JC+exkTSHQdQSoUoWVh+CTUHS
ZHeLcqOoAwo22JxtmSgCwxu3qnwXoEEu0G1df/0XmoG7G35Le2Mn4R7jqL9k/A50
PeThNRO+6s9vkk2u3h9MUGTe945gZNnyNt9J+4KlGs5P6MHm25dYVGCgVZ+7hv64
KunBmW09FcFjZ22Hbh2MHIxLZ0Vq4Bvx8qhDX5z3/NDkRvwM0+K5FgtwA+o8JfzF
txp544MDJ8DOU9YPBZx1XhgI8/DFCYEwCU9/SA5hrPCbo1ixxAR0Vapj11+HlrQy
qSlu+a3x3NxyK7cLoMgCH69XAgMBAAGjggMLMIIDBzAdBgNVHQ4EFgQUtcdCRu5e
PI+pmYQd3EQ2U/hUun0wHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZFNzVBOS81NTUyMDM0MEM0MDYx
MUVFOEY0QTI4OEQ3NzU0MTJFNi8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTc1QTkvNTU1MjAzNDBDNDA2MTFFRThGNEEyODhENzc1NDEyRTYvdGNkQ1J1
NWVQSS1wbVlRZDNFUTJVX2hVdW4wLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFBqIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm0mgwDQYJKoZIhvcN
AQELBQADggEBAGeSKyqiHemMvQYijOFGjWET1RbX3J3WbOXfIBKqK915K33nglzp
67mUfqiK+0IjopiDvcxQs1gQh+GKqSmomQsAX2FGwLPAdcQ90tcCJ1bqQDTyq2/T
DyTc+BfadcyVZvqS1Ft4tUAgLSHCbLwoAJ88k4nEA2sbfLU3rdQ429bT+bjbrMkj
dD0ZRPgHRig01Zd6lI1M4Mb3vulsZkZdmQsw8mEVoJ9p5XdjrKEoCpHQ3PiWOUsJ
OIAVWMcGVPM73Zjq7N7Tkm26n/tAekF9Q2nF7xRdgccWR85UAGlqfbhBx9smkesk
CAHIq6l0Ku0vrsThwnq7gvrFDtWnk83zyfE=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:23 2024 by rpki-client on console-ams.rpki-client.org