Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/arin/xNAUrWh1DnXpEEzqXCmztxlY_do.cer
File:                     xNAUrWh1DnXpEEzqXCmztxlY_do.cer (raw, json)
Hash identifier:          A901kY1KIjmYGRla70or2RM/sp1ddYC8IdtGDy3tX+k=
Subject key identifier:   C4:D0:14:AD:68:75:0E:75:E9:10:4C:EA:5C:29:B3:B7:19:58:FD:DA
Authority key identifier: B8:7C:5A:75:F3:D9:57:41:3A:B9:98:64:69:46:D4:54:1D:51:14:55
Certificate issuer:       /CN=ARINTOAFRINIC/serialNumber=B87C5A75F3D957413AB998646946D4541D511455
Certificate serial:       13AF
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F367B8D1/4273E04E21F011EEA3A2BC0F4AD9E6FC/xNAUrWh1DnXpEEzqXCmztxlY_do.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F367B8D1/4273E04E21F011EEA3A2BC0F4AD9E6FC/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 00:52:11 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    IP: 137.255.0.0/16
                          IP: 160.119.144.0/22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5039 (0x13af)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ARINTOAFRINIC/serialNumber=B87C5A75F3D957413AB998646946D4541D511455
        Validity
            Not Before: Jan  1 00:52:11 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F367B8D1AR/serialNumber=C4D014AD68750E75E9104CEA5C29B3B71958FDDA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:cd:2e:ca:3a:99:f8:24:a2:15:c7:2b:3d:d7:
                    c3:04:18:98:aa:2e:4e:b5:7d:8e:22:45:0b:23:51:
                    26:a9:c2:73:c2:c9:b9:6b:1d:89:3d:e4:6c:61:03:
                    c1:d4:bd:d3:07:dd:17:5a:00:28:b5:0a:03:8e:a4:
                    06:20:64:b8:19:4c:09:fc:00:f5:b2:3c:af:79:1e:
                    16:ed:fb:4e:41:ca:19:bc:9b:3d:14:fe:b3:b0:67:
                    92:a3:b6:97:23:41:57:5a:7d:03:ac:fd:cb:12:12:
                    cd:da:74:5c:00:1d:ce:f7:0c:0d:29:f0:00:e0:ed:
                    d9:0a:82:82:78:3e:24:c5:e7:85:1c:cd:da:ef:11:
                    91:16:af:2b:bf:03:ab:2c:a2:c5:97:42:6d:f4:ab:
                    81:a3:22:b7:be:45:18:7c:b7:c6:04:4b:ea:4f:4b:
                    67:b1:47:5d:a3:f4:f3:05:c0:b9:e9:c8:c9:46:d8:
                    e2:54:75:b9:39:33:86:8b:f2:94:ef:e8:9d:21:bd:
                    91:8a:bd:b6:84:b3:4e:26:cd:10:e3:60:db:f9:29:
                    5d:f0:5f:8b:f6:66:79:d2:a1:6b:10:ae:f9:05:a3:
                    8a:7a:8c:b6:92:3d:c6:dd:91:5f:4c:55:10:ce:5c:
                    d4:5a:c9:62:14:07:26:c1:2c:9b:fc:6d:5c:4e:c1:
                    68:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:D0:14:AD:68:75:0E:75:E9:10:4C:EA:5C:29:B3:B7:19:58:FD:DA
            X509v3 Authority Key Identifier:
                keyid:B8:7C:5A:75:F3:D9:57:41:3A:B9:98:64:69:46:D4:54:1D:51:14:55

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B8D1/4273E04E21F011EEA3A2BC0F4AD9E6FC/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B8D1/4273E04E21F011EEA3A2BC0F4AD9E6FC/xNAUrWh1DnXpEEzqXCmztxlY_do.mft

            sbgp-ipAddrBlock: critical
                IPv4:
                  137.255.0.0/16
                  160.119.144.0/22

    Signature Algorithm: sha256WithRSAEncryption
         89:14:ce:49:da:9b:4e:de:71:20:9f:54:18:35:40:e4:4c:31:
         ac:80:2b:67:13:48:99:b7:0e:57:04:28:94:94:74:cd:31:0a:
         94:6c:83:c4:d8:86:d9:ff:55:e4:1f:72:54:ea:38:3a:1e:b2:
         5b:02:47:58:de:29:a0:5b:8c:8e:b1:9e:4d:1d:b5:1b:33:8e:
         73:19:bc:c7:1f:14:3b:33:31:87:77:ea:94:90:ba:33:54:9a:
         3a:c1:40:76:3d:0e:b1:f2:ee:3e:af:94:82:97:25:93:96:8c:
         51:65:6b:63:b7:51:a3:ab:86:2a:d1:2d:41:4b:8c:4e:ac:07:
         fe:d2:bb:08:ba:7c:fe:e6:b4:1d:11:35:a1:28:22:88:64:05:
         56:5b:b0:28:5a:9c:e7:89:af:b8:95:f4:3e:30:4c:41:f5:ab:
         bd:fa:1e:73:00:9a:e0:51:e0:1a:7e:86:10:b1:81:8e:9c:9d:
         f7:f7:1a:e8:2b:fd:84:a1:f3:62:14:b3:63:f8:96:d5:7c:90:
         fc:1e:8c:f3:d8:b2:9f:ac:23:0c:85:8e:94:25:a0:79:1b:2f:
         dc:bf:a8:ec:41:6e:2e:9e:0a:8b:95:38:9d:ae:44:bc:09:fd:
         b1:30:0c:b5:07:9f:2f:7a:95:3d:de:68:a3:42:50:37:3a:3a:
         da:61:c2:86
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgICE68wDQYJKoZIhvcNAQELBQAwSzEWMBQGA1UEAxMNQVJJ
TlRPQUZSSU5JQzExMC8GA1UEBRMoQjg3QzVBNzVGM0Q5NTc0MTNBQjk5ODY0Njk0
NkQ0NTQxRDUxMTQ1NTAeFw0yNDAxMDEwMDUyMTFaFw0yNTAzMzEwMDAwMDBaMEgx
EzARBgNVBAMTCkYzNjdCOEQxQVIxMTAvBgNVBAUTKEM0RDAxNEFENjg3NTBFNzVF
OTEwNENFQTVDMjlCM0I3MTk1OEZEREEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQDMzS7KOpn4JKIVxys918MEGJiqLk61fY4iRQsjUSapwnPCyblrHYk9
5GxhA8HUvdMH3RdaACi1CgOOpAYgZLgZTAn8APWyPK95Hhbt+05Byhm8mz0U/rOw
Z5KjtpcjQVdafQOs/csSEs3adFwAHc73DA0p8ADg7dkKgoJ4PiTF54UczdrvEZEW
ryu/A6ssosWXQm30q4GjIre+RRh8t8YES+pPS2exR12j9PMFwLnpyMlG2OJUdbk5
M4aL8pTv6J0hvZGKvbaEs04mzRDjYNv5KV3wX4v2ZnnSoWsQrvkFo4p6jLaSPcbd
kV9MVRDOXNRayWIUBybBLJv8bVxOwWhRAgMBAAGjggL2MIIC8jAdBgNVHQ4EFgQU
xNAUrWh1DnXpEEzqXCmztxlY/dowHwYDVR0jBBgwFoAUuHxadfPZV0E6uZhkaUbU
VB1RFFUwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wWQYDVR0fBFIw
UDBOoEygSoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi91SHhhZGZQWlYwRTZ1WmhrYVViVVZCMVJGRlUuY3JsMHQGCCsGAQUFBwEBBGgw
ZjBkBggrBgEFBQcwAoZYcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRv
cnkvMDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYXJpbi10by1hZnJp
bmljLmNlcjBPBgNVHSABAf8ERTBDMEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEW
J2h0dHBzOi8vcnBraS5hZnJpbmljLm5ldC9wb2xpY3kvQ1BTLnBkZjCCAUUGCCsG
AQUFBwELBIIBNzCCATMwbAYIKwYBBQUHMAWGYHJzeW5jOi8vcnBraS5hZnJpbmlj
Lm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5L0YzNjdCOEQxLzQyNzNF
MDRFMjFGMDExRUVBM0EyQkMwRjRBRDlFNkZDLzA1BggrBgEFBQcwDYYpaHR0cHM6
Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYsGCCsGAQUFBzAK
hn9yc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVw
b3NpdG9yeS9GMzY3QjhEMS80MjczRTA0RTIxRjAxMUVFQTNBMkJDMEY0QUQ5RTZG
Qy94TkFVcldoMURuWHBFRXpxWENtenR4bFlfZG8ubWZ0MCQGCCsGAQUFBwEHAQH/
BBUwEzARBAIAATALAwMAif8DBAKgd5AwDQYJKoZIhvcNAQELBQADggEBAIkUzkna
m07ecSCfVBg1QORMMayAK2cTSJm3DlcEKJSUdM0xCpRsg8TYhtn/VeQfclTqODoe
slsCR1jeKaBbjI6xnk0dtRszjnMZvMcfFDszMYd36pSQujNUmjrBQHY9DrHy7j6v
lIKXJZOWjFFla2O3UaOrhirRLUFLjE6sB/7Suwi6fP7mtB0RNaEoIohkBVZbsCha
nOeJr7iV9D4wTEH1q736HnMAmuBR4Bp+hhCxgY6cnff3Gugr/YSh82IUs2P4ltV8
kPwejPPYsp+sIwyFjpQloHkbL9y/qOxBbi6eCouVOJ2uRLwJ/bEwDLUHny96lT3e
aKNCUDc6OtphwoY=
-----END CERTIFICATE-----
Generated at Thu Nov 21 01:25:54 2024 by rpki-client on console-ams.rpki-client.org