This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/lHgxWh5cVhWpIou-ykijlocLhH4.cer File: lHgxWh5cVhWpIou-ykijlocLhH4.cer (raw, json) Hash identifier: bfffSNpdk/8Xxr90Ax/5JHCjueNrN1uBe/tez0+D5FE= Subject key identifier: 94:78:31:5A:1E:5C:56:15:A9:22:8B:BE:CA:48:A3:96:87:0B:84:7E Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80 Certificate issuer: /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80 Certificate serial: 3C88 Authority info access: rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer Manifest: rsync://rpki.afrinic.net/repository/member_repository/F369F2FA/69B05CBABB0C11ECA7DC65BB5A40D577/lHgxWh5cVhWpIou-ykijlocLhH4.mft caRepository: rsync://rpki.afrinic.net/repository/member_repository/F369F2FA/69B05CBABB0C11ECA7DC65BB5A40D577/ Notify URL: https://rrdp.afrinic.net/notification.xml Certificate not before: Thu 01 Jan 2026 03:27:51 +0000 Certificate not after: Wed 31 Mar 2027 00:00:00 +0000 Subordinate resources: AS: 22750 AS: 37310 IP: 41.66.64.0/18 IP: 196.1.101.0 -- 196.1.102.255 IP: 196.44.64.0/19 IP: 196.44.224.0/20 IP: 197.211.128.0/18 IP: 2c0f:fc68::/32 Validation: OK Signature path: rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft rsync://rpki.afrinic.net/repository/AfriNIC.cer Signature path expires: Wed 14 Jan 2026 11:43:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15496 (0x3c88) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AFRINIC, serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80 Validity Not Before: Jan 1 03:27:51 2026 GMT Not After : Mar 31 00:00:00 2027 GMT Subject: CN=F369F2FAAF, serialNumber=9478315A1E5C5615A9228BBECA48A396870B847E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:46:ac:3f:c8:99:08:16:f1:0b:2a:70:dd:8a: a2:e9:a3:a2:33:72:b7:02:79:7b:48:3f:71:35:b1: 72:4b:03:a5:1b:6e:8d:33:7e:5c:fc:22:fb:44:b3: 59:ce:3b:9a:50:f2:31:b9:5d:37:08:8c:28:4d:82: c2:8e:fa:30:5b:c3:52:1d:50:a9:ef:0e:ce:b8:90: 45:5e:9a:2f:9b:00:b7:7f:6a:4c:cf:b4:c0:3c:a7: ad:d9:e4:dd:18:8c:bf:34:65:8e:d4:cb:d8:96:3a: c2:db:c3:c0:4a:88:fa:de:4c:96:53:c6:09:4b:92: 38:70:24:e1:d5:f8:59:6d:bb:79:3a:fa:1f:39:93: 66:61:a6:d7:4a:1c:8d:08:f6:4c:77:b3:0e:a1:9c: 94:87:cc:f4:77:ed:9d:0d:96:5e:f8:7d:e2:48:b8: 24:8f:44:db:72:7b:f2:bb:25:d3:63:eb:dd:a9:50: 12:53:cb:c7:c7:68:2c:8d:57:61:b7:66:3a:a1:8d: 32:6f:00:ab:3c:a9:32:ea:db:40:fc:84:95:a5:8c: 91:36:c3:01:e1:d5:f9:fa:be:6d:71:e8:a5:38:4b: 43:fd:0d:14:6d:03:9c:d5:99:20:e9:7d:a6:fc:4e: 5b:73:cd:e7:a0:89:06:6a:61:fd:e0:88:db:69:03: 27:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:78:31:5A:1E:5C:56:15:A9:22:8B:BE:CA:48:A3:96:87:0B:84:7E X509v3 Authority Key Identifier: keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://rpki.afrinic.net/policy/CPS.pdf Subject Information Access: CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F369F2FA/69B05CBABB0C11ECA7DC65BB5A40D577/ RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F369F2FA/69B05CBABB0C11ECA7DC65BB5A40D577/lHgxWh5cVhWpIou-ykijlocLhH4.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: 22750 37310 sbgp-ipAddrBlock: critical IPv4: 41.66.64.0/18 196.1.101.0-196.1.102.255 196.44.64.0/19 196.44.224.0/20 197.211.128.0/18 IPv6: 2c0f:fc68::/32 Signature Algorithm: sha256WithRSAEncryption 2f:eb:a1:cd:c8:5b:8b:4d:63:6f:06:a3:8f:c9:6b:e1:00:d0: a8:44:1a:a1:8c:12:54:cc:09:c0:a5:a5:64:de:61:a8:c1:75: 09:ca:95:0a:7c:5f:47:56:cc:00:46:8b:35:4c:23:f2:01:b3: dd:09:84:9f:5d:41:c7:d5:ae:03:87:e5:b5:26:0c:37:a3:d1: d1:ad:90:63:d1:93:89:c3:f5:1d:79:d5:a5:2d:6e:fa:73:90: 4a:8d:b4:3d:4d:c2:7f:3e:95:9f:ba:01:5e:98:d5:da:90:b3: 18:d1:d9:ba:e1:65:65:66:52:ea:a9:aa:94:11:f2:b2:ce:67: a5:4a:29:51:76:f1:d2:c9:5f:90:6f:a0:d3:e5:8f:76:90:4b: 1a:5b:c9:ae:80:00:65:c3:fe:9d:8e:31:d1:b2:e5:e6:da:1d: b4:f7:38:88:f1:85:c3:01:89:38:d4:a8:5d:51:71:1e:d2:d1: 8e:46:1a:93:8e:f5:15:0c:69:e5:51:75:36:ad:d5:d6:39:3e: 86:d6:78:92:5c:c1:9a:e6:60:84:05:c1:7e:93:ce:53:24:5a: af:ca:9b:85:20:3d:90:7a:0c:48:6b:8e:04:26:38:e9:d8:b2: c3:b4:bc:0d:b7:21:b1:cf:e6:93:a8:5c:bf:a3:46:b1:6e:8d: b8:a6:84:3c -----BEGIN CERTIFICATE----- MIIGSTCCBTGgAwIBAgICPIgwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz NEE5OEY4MDAeFw0yNjAxMDEwMzI3NTFaFw0yNzAzMzEwMDAwMDBaMEgxEzARBgNV BAMTCkYzNjlGMkZBQUYxMTAvBgNVBAUTKDk0NzgzMTVBMUU1QzU2MTVBOTIyOEJC RUNBNDhBMzk2ODcwQjg0N0UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCoRqw/yJkIFvELKnDdiqLpo6IzcrcCeXtIP3E1sXJLA6Ubbo0zflz8IvtEs1nO O5pQ8jG5XTcIjChNgsKO+jBbw1IdUKnvDs64kEVemi+bALd/akzPtMA8p63Z5N0Y jL80ZY7Uy9iWOsLbw8BKiPreTJZTxglLkjhwJOHV+Fltu3k6+h85k2ZhptdKHI0I 9kx3sw6hnJSHzPR37Z0Nll74feJIuCSPRNtye/K7JdNj692pUBJTy8fHaCyNV2G3 ZjqhjTJvAKs8qTLq20D8hJWljJE2wwHh1fn6vm1x6KU4S0P9DRRtA5zVmSDpfab8 TltzzeegiQZqYf3giNtpAyfdAgMBAAGjggM+MIIDOjAdBgNVHQ4EFgQUlHgxWh5c VhWpIou+ykijlocLhH4wHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY5RjJGQS82OUIwNUNCQUJCMEMx MUVDQTdEQzY1QkI1QTQwRDU3Ny8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6 Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv RjM2OUYyRkEvNjlCMDVDQkFCQjBDMTFFQ0E3REM2NUJCNUE0MEQ1NzcvbEhneFdo NWNWaFdwSW91LXlraWpsb2NMaEg0Lm1mdDAeBggrBgEFBQcBCAEB/wQPMA2gCzAJ AgJY3gIDAJG+ME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQGKUJAMAwDBADE AWUDBADEAWYDBAXELEADBATELOADBAbF04AwDQQCAAIwBwMFACwP/GgwDQYJKoZI hvcNAQELBQADggEBAC/roc3IW4tNY28Go4/Ja+EA0KhEGqGMElTMCcClpWTeYajB dQnKlQp8X0dWzABGizVMI/IBs90JhJ9dQcfVrgOH5bUmDDej0dGtkGPRk4nD9R15 1aUtbvpzkEqNtD1Nwn8+lZ+6AV6Y1dqQsxjR2brhZWVmUuqpqpQR8rLOZ6VKKVF2 8dLJX5BvoNPlj3aQSxpbya6AAGXD/p2OMdGy5ebaHbT3OIjxhcMBiTjUqF1RcR7S 0Y5GGpOO9RUMaeVRdTat1dY5PobWeJJcwZrmYIQFwX6TzlMkWq/Km4UgPZB6DEhr jgQmOOnYssO0vA23IbHP5pOoXL+jRrFujbimhDw= -----END CERTIFICATE-----Generated at Mon Jan 12 14:57:56 2026 by rpki-client