Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/zXTtNlgzTKKBMtaW73DpDKP2Z8M.cer
File:                     zXTtNlgzTKKBMtaW73DpDKP2Z8M.cer (raw, json)
Hash identifier:          tSs2CamstAc2gZ7WhaMegPcjefPij7tB32SCKNBB0vI=
Subject key identifier:   CD:74:ED:36:58:33:4C:A2:81:32:D6:96:EF:70:E9:0C:A3:F6:67:C3
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       27E6
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36D70D9/3A34B348C78511EC9432BE98F1222468/zXTtNlgzTKKBMtaW73DpDKP2Z8M.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36D70D9/3A34B348C78511EC9432BE98F1222468/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 04:06:51 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 37150
                          IP: 102.129.96.0/19
                          IP: 196.40.176.0/20
                          IP: 196.46.176.0/21
                          IP: 2c0f:fdf0::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 08:08:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10214 (0x27e6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 04:06:51 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36D70D9AF/serialNumber=CD74ED3658334CA28132D696EF70E90CA3F667C3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:6a:70:56:e1:19:54:5d:67:7d:a2:61:2e:0a:
                    f9:23:5b:04:7b:11:f0:41:0a:60:c5:b6:32:5b:02:
                    61:23:bb:ba:75:e0:2c:d1:c9:e0:a9:3a:57:0e:b8:
                    35:8b:c0:23:a0:58:bf:8f:20:62:7f:95:ce:03:46:
                    4a:d8:d5:b7:f3:1d:ad:e1:c5:97:ec:84:51:47:ed:
                    3a:aa:9c:ad:02:76:09:ee:1b:45:81:08:a5:96:08:
                    56:cd:e5:8b:b2:f5:0c:3e:06:1c:41:d2:4e:82:94:
                    f7:d7:3c:c3:fd:19:35:0c:ad:97:b8:5b:22:61:de:
                    c8:6a:56:2b:ff:d9:4d:04:5d:ab:d8:96:37:67:09:
                    56:b6:af:06:40:ea:02:75:51:61:b6:20:3e:cf:d3:
                    74:ea:e6:de:4e:74:95:2f:dc:e3:5c:1e:77:3b:4d:
                    7c:72:6c:68:cb:08:50:54:64:eb:e4:fe:18:8c:f0:
                    fa:d6:08:a3:db:f6:77:55:f1:15:d0:b0:cb:2e:c1:
                    86:36:86:ed:8b:dd:c5:00:48:92:69:37:4b:0e:e4:
                    bb:1b:98:39:8c:a2:2e:e5:4a:a1:26:d9:6a:52:58:
                    db:56:90:4c:19:dd:15:c0:17:d7:c3:d0:2d:59:75:
                    2e:82:96:f2:68:b2:58:dc:76:8b:ea:c8:0d:a2:25:
                    5c:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:74:ED:36:58:33:4C:A2:81:32:D6:96:EF:70:E9:0C:A3:F6:67:C3
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D70D9/3A34B348C78511EC9432BE98F1222468/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D70D9/3A34B348C78511EC9432BE98F1222468/zXTtNlgzTKKBMtaW73DpDKP2Z8M.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  37150

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.129.96.0/19
                  196.40.176.0/20
                  196.46.176.0/21
                IPv6:
                  2c0f:fdf0::/32

    Signature Algorithm: sha256WithRSAEncryption
         4d:49:91:cc:21:65:45:e0:b8:9f:f3:51:1f:c1:d1:47:a3:cc:
         9f:d9:e1:0e:1d:38:7a:55:fa:5b:7f:54:86:0c:a7:37:b4:17:
         17:7f:0f:ef:c7:bf:a4:fd:5e:6d:2d:5b:a9:bd:75:bc:d2:ad:
         b4:db:94:dd:58:71:70:e7:5d:97:5b:52:b7:cd:41:03:33:eb:
         88:1b:c5:e0:67:48:df:82:0a:90:33:69:b0:f4:3b:ce:92:4d:
         e6:cd:66:97:3c:3d:a2:6e:31:50:7d:0e:df:46:64:e6:9e:93:
         86:29:4b:60:18:d4:c5:a1:76:0e:97:8a:c5:ff:fd:89:55:88:
         bf:13:00:09:b7:51:c2:81:11:c7:c5:df:75:da:b3:70:09:9a:
         71:13:f4:9d:cc:28:f3:16:0c:3e:dc:62:6e:1b:9d:8f:bd:5a:
         8a:e9:dc:fd:75:59:71:34:41:c6:ef:cf:8b:38:75:b2:2d:35:
         41:72:ee:c4:b2:8d:97:f0:41:18:2b:74:ab:53:ec:70:25:2a:
         ea:d3:6b:02:1b:f7:a0:f6:81:70:fa:41:a0:f3:0d:35:fd:7b:
         b6:b3:21:e2:2c:9e:17:fb:d5:f1:f0:2a:b2:ef:36:4d:a5:a3:
         79:ec:6e:c3:ed:a6:2f:d5:61:8b:96:7c:71:5e:c9:df:83:18:
         2e:8a:f8:71
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgICJ+YwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwNDA2NTFaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkQ3MEQ5QUYxMTAvBgNVBAUTKENENzRFRDM2NTgzMzRDQTI4MTMyRDY5
NkVGNzBFOTBDQTNGNjY3QzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDkanBW4RlUXWd9omEuCvkjWwR7EfBBCmDFtjJbAmEju7p14CzRyeCpOlcOuDWL
wCOgWL+PIGJ/lc4DRkrY1bfzHa3hxZfshFFH7TqqnK0CdgnuG0WBCKWWCFbN5Yuy
9Qw+BhxB0k6ClPfXPMP9GTUMrZe4WyJh3shqViv/2U0EXavYljdnCVa2rwZA6gJ1
UWG2ID7P03Tq5t5OdJUv3ONcHnc7TXxybGjLCFBUZOvk/hiM8PrWCKPb9ndV8RXQ
sMsuwYY2hu2L3cUASJJpN0sO5LsbmDmMoi7lSqEm2WpSWNtWkEwZ3RXAF9fD0C1Z
dS6ClvJosljcdovqyA2iJVxfAgMBAAGjggMmMIIDIjAdBgNVHQ4EFgQUzXTtNlgz
TKKBMtaW73DpDKP2Z8MwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZENzBEOS8zQTM0QjM0OEM3ODUx
MUVDOTQzMkJFOThGMTIyMjQ2OC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RDcwRDkvM0EzNEIzNDhDNzg1MTFFQzk0MzJCRTk4RjEyMjI0NjgvelhUdE5s
Z3pUS0tCTXRhVzczRHBES1AyWjhNLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMAkR4wOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBAVmgWADBATEKLADBAPE
LrAwDQQCAAIwBwMFACwP/fAwDQYJKoZIhvcNAQELBQADggEBAE1JkcwhZUXguJ/z
UR/B0UejzJ/Z4Q4dOHpV+lt/VIYMpze0Fxd/D+/Hv6T9Xm0tW6m9dbzSrbTblN1Y
cXDnXZdbUrfNQQMz64gbxeBnSN+CCpAzabD0O86STebNZpc8PaJuMVB9Dt9GZOae
k4YpS2AY1MWhdg6XisX//YlViL8TAAm3UcKBEcfF33Xas3AJmnET9J3MKPMWDD7c
Ym4bnY+9Worp3P11WXE0Qcbvz4s4dbItNUFy7sSyjZfwQRgrdKtT7HAlKurTawIb
96D2gXD6QaDzDTX9e7azIeIsnhf71fHwKrLvNk2lo3nsbsPtpi/VYYuWfHFeyd+D
GC6K+HE=
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:21:29 2024 by rpki-client on console-fra.rpki-client.org