Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/yLuITQS6vBYFq333lYeWBZySwmo.cer
File:                     yLuITQS6vBYFq333lYeWBZySwmo.cer (raw, json)
Hash identifier:          +XX9f2vtnJCK3od/B8DxJ2B0Mcs8Jyci3syAzG/xlNo=
Subject key identifier:   C8:BB:88:4D:04:BA:BC:16:05:AB:7D:F7:95:87:96:05:9C:92:C2:6A
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       25BB
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F3670369/691565D27E7811ECB77461CB5A40D577/yLuITQS6vBYFq333lYeWBZySwmo.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F3670369/691565D27E7811ECB77461CB5A40D577/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 02:43:31 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 328072
                          IP: 2c0f:ef20::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 31 Mar 2024 00:04:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9659 (0x25bb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 02:43:31 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F3670369AF/serialNumber=C8BB884D04BABC1605AB7DF7958796059C92C26A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:3f:12:52:fe:70:dc:87:3f:7d:cc:40:c1:10:
                    c5:ab:48:2b:19:03:18:17:38:81:f4:20:a4:55:b1:
                    e2:d0:07:19:67:52:4f:0d:a7:3d:da:be:f3:51:24:
                    b8:f0:ea:d0:f1:03:fc:69:04:77:e4:d1:fa:c2:ca:
                    44:44:0e:8a:39:af:f4:5f:7b:d3:13:2d:85:4d:3a:
                    36:0e:92:57:56:02:da:7e:01:e8:60:f0:6e:59:9d:
                    96:fb:c3:9c:13:f9:75:ed:5b:08:65:55:87:06:92:
                    07:95:d7:65:84:e1:b3:a2:3b:80:f6:15:0d:c4:4f:
                    a5:67:f6:98:33:e0:af:83:da:c4:03:1b:f1:64:9c:
                    8e:f3:4d:db:eb:0f:ec:ea:59:94:42:96:76:de:92:
                    4c:00:25:62:ed:18:e9:b6:57:10:24:22:a1:09:3b:
                    98:ea:b5:cc:a8:25:5a:e4:d5:58:fd:fe:60:48:87:
                    8a:16:bf:ff:73:7f:81:a4:4b:4b:13:6c:9d:88:9f:
                    1a:c8:68:82:64:9a:21:24:3a:ab:42:3b:93:ed:f0:
                    78:55:e2:03:9d:0a:93:95:41:23:51:0c:8e:29:94:
                    af:c7:e2:32:b7:40:7d:b2:0f:9b:a1:b2:0e:f9:d3:
                    c5:e4:13:76:2c:20:35:07:ab:94:56:24:8d:7c:c1:
                    4a:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:BB:88:4D:04:BA:BC:16:05:AB:7D:F7:95:87:96:05:9C:92:C2:6A
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F3670369/691565D27E7811ECB77461CB5A40D577/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F3670369/691565D27E7811ECB77461CB5A40D577/yLuITQS6vBYFq333lYeWBZySwmo.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  328072

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:ef20::/32

    Signature Algorithm: sha256WithRSAEncryption
         67:ac:cb:69:ed:82:b4:04:55:1e:0b:ec:98:3a:1b:aa:f7:90:
         a0:2b:57:af:4f:e0:d0:69:0a:1a:af:c2:3b:a3:00:9f:84:73:
         58:36:be:14:35:e9:c9:7a:fb:19:3f:49:7c:89:47:63:ae:84:
         47:6f:f0:b4:db:e8:94:05:60:22:c6:6a:fd:df:b1:d9:7c:c0:
         73:a0:fa:88:9b:f5:69:44:ba:ef:2a:0f:ed:86:80:19:67:3f:
         84:aa:bf:26:b3:3d:ab:3b:dc:59:4d:2b:d9:4b:6e:6a:9b:7f:
         ab:e8:94:a2:b2:3a:09:0e:db:16:7c:c0:64:84:07:1c:96:54:
         68:be:f5:24:fa:0c:f8:00:62:11:7e:5a:fe:50:20:20:a2:8f:
         c8:d5:e5:ab:5e:38:1a:3b:a7:fa:c7:91:20:84:6b:82:a9:79:
         51:62:80:38:90:94:3e:40:ae:18:5e:9f:3a:46:e9:33:92:f9:
         af:b0:2b:68:0f:b2:9c:91:7b:1a:85:03:29:10:74:bf:b5:1d:
         24:bf:51:19:cc:11:32:07:7a:a5:66:09:86:81:c2:69:21:bf:
         03:26:7e:7e:5c:a4:f1:0c:8c:ce:15:f7:28:eb:7d:06:de:d7:
         2e:7d:03:57:7a:b6:4a:6c:bb:89:a6:3e:72:08:aa:7b:ac:ff:
         34:4d:ee:f4
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgICJbswDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMjQzMzFaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjcwMzY5QUYxMTAvBgNVBAUTKEM4QkI4ODREMDRCQUJDMTYwNUFCN0RG
Nzk1ODc5NjA1OUM5MkMyNkEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDGPxJS/nDchz99zEDBEMWrSCsZAxgXOIH0IKRVseLQBxlnUk8Npz3avvNRJLjw
6tDxA/xpBHfk0frCykREDoo5r/Rfe9MTLYVNOjYOkldWAtp+Aehg8G5ZnZb7w5wT
+XXtWwhlVYcGkgeV12WE4bOiO4D2FQ3ET6Vn9pgz4K+D2sQDG/FknI7zTdvrD+zq
WZRClnbekkwAJWLtGOm2VxAkIqEJO5jqtcyoJVrk1Vj9/mBIh4oWv/9zf4GkS0sT
bJ2InxrIaIJkmiEkOqtCO5Pt8HhV4gOdCpOVQSNRDI4plK/H4jK3QH2yD5uhsg75
08XkE3YsIDUHq5RWJI18wUqLAgMBAAGjggMMMIIDCDAdBgNVHQ4EFgQUyLuITQS6
vBYFq333lYeWBZySwmowHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY3MDM2OS82OTE1NjVEMjdFNzgx
MUVDQjc3NDYxQ0I1QTQwRDU3Ny8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzAzNjkvNjkxNTY1RDI3RTc4MTFFQ0I3NzQ2MUNCNUE0MEQ1NzcveUx1SVRR
UzZ2QllGcTMzM2xZZVdCWnlTd21vLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFAYgwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAsD+8gMA0GCSqGSIb3
DQEBCwUAA4IBAQBnrMtp7YK0BFUeC+yYOhuq95CgK1evT+DQaQoar8I7owCfhHNY
Nr4UNenJevsZP0l8iUdjroRHb/C02+iUBWAixmr937HZfMBzoPqIm/VpRLrvKg/t
hoAZZz+Eqr8msz2rO9xZTSvZS25qm3+r6JSisjoJDtsWfMBkhAccllRovvUk+gz4
AGIRflr+UCAgoo/I1eWrXjgaO6f6x5EghGuCqXlRYoA4kJQ+QK4YXp86Rukzkvmv
sCtoD7KckXsahQMpEHS/tR0kv1EZzBEyB3qlZgmGgcJpIb8DJn5+XKTxDIzOFfco
630G3tcufQNXerZKbLuJpj5yCKp7rP80Te70
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:18:42 2024 by rpki-client on console-ams.rpki-client.org