$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DDFB95E03A294FDCFC9F3B70A26BCF74C3A4CD29.cer File: DDFB95E03A294FDCFC9F3B70A26BCF74C3A4CD29.cer (raw, json) Hash identifier: ambifQr/vCdvtkQ9IFbIN0hmpiOmuRM9qJCUyJRiz4Q= Subject key identifier: DD:FB:95:E0:3A:29:4F:DC:FC:9F:3B:70:A2:6B:CF:74:C3:A4:CD:29 Authority key identifier: F2:5A:1B:7D:8F:7A:DF:94:C0:DE:BE:8F:EA:C1:C3:BC:D6:05:86:78 Certificate issuer: /CN=F25A1B7D8F7ADF94C0DEBE8FEAC1C3BCD6058678 Certificate serial: 43D7A2A66B685575C1BF56BC07B917777E255D52 Authority info access: rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/F25A1B7D8F7ADF94C0DEBE8FEAC1C3BCD6058678.cer Manifest: rsync://repository.lacnic.net/rpki/lacnic/AA323EACD8EE65853EA64901C0708C7E0A6C4B49E832C9EFE0C726AC07655800/0/DDFB95E03A294FDCFC9F3B70A26BCF74C3A4CD29.mft caRepository: rsync://repository.lacnic.net/rpki/lacnic/AA323EACD8EE65853EA64901C0708C7E0A6C4B49E832C9EFE0C726AC07655800/0/ Notify URL: https://rrdp.lacnic.net/rrdp/notification.xml Certificate not before: Wed 28 Jan 2026 02:50:11 +0000 Certificate not after: Wed 27 Jan 2027 02:55:11 +0000 Subordinate resources: IP: 45.164.20.0/22 IP: 2806:30a::/32 Validation: OK Signature path: rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F25A1B7D8F7ADF94C0DEBE8FEAC1C3BCD6058678.crl rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F25A1B7D8F7ADF94C0DEBE8FEAC1C3BCD6058678.mft rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/F25A1B7D8F7ADF94C0DEBE8FEAC1C3BCD6058678.cer rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer Signature path expires: Sun 22 Feb 2026 23:49:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:d7:a2:a6:6b:68:55:75:c1:bf:56:bc:07:b9:17:77:7e:25:5d:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F25A1B7D8F7ADF94C0DEBE8FEAC1C3BCD6058678 Validity Not Before: Jan 28 02:50:11 2026 GMT Not After : Jan 27 02:55:11 2027 GMT Subject: CN=DDFB95E03A294FDCFC9F3B70A26BCF74C3A4CD29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:ef:cd:2f:dc:53:da:5a:91:6b:11:9e:e5:6e: 63:74:99:02:de:c2:d8:67:79:0a:75:56:ff:29:7c: a3:38:fa:38:15:de:da:97:20:63:b6:c9:ef:e5:57: 79:40:66:5e:1e:d0:7f:8f:ad:10:13:6b:aa:57:db: f1:98:b9:80:85:19:ca:aa:09:c2:46:68:ae:2a:e0: ed:3f:23:8d:83:6b:84:90:9e:e1:f1:36:0f:2b:81: 67:50:5a:1e:b4:a2:ee:7d:8d:32:b8:d3:b7:c6:29: 8a:b2:34:dc:b8:e5:d6:56:c2:ed:43:ee:1d:e0:63: b2:69:d0:31:da:f9:9d:49:1b:3b:21:62:47:d0:cb: 2a:cb:c4:b2:9b:e8:0a:b5:e9:0d:25:f4:52:05:fe: 61:c2:22:3f:f3:5f:bb:27:48:16:90:f6:a3:e6:be: 20:76:60:2c:3c:a8:ee:bb:65:81:c7:31:ef:4f:3d: f1:bf:5e:ed:37:b0:47:a5:56:65:d7:75:0d:38:35: 91:d0:81:79:07:6a:fe:60:58:88:57:28:2d:15:73: ae:a0:b6:38:5a:e6:2f:43:cb:c7:ef:46:1f:6e:98: 76:d5:ac:5c:75:c4:d3:f6:13:c7:05:81:ad:89:43: 77:2d:69:6c:64:53:87:a1:eb:49:ff:b7:e2:ab:59: 20:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: DD:FB:95:E0:3A:29:4F:DC:FC:9F:3B:70:A2:6B:CF:74:C3:A4:CD:29 X509v3 Authority Key Identifier: keyid:F2:5A:1B:7D:8F:7A:DF:94:C0:DE:BE:8F:EA:C1:C3:BC:D6:05:86:78 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F25A1B7D8F7ADF94C0DEBE8FEAC1C3BCD6058678.crl Authority Information Access: CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/F25A1B7D8F7ADF94C0DEBE8FEAC1C3BCD6058678.cer Subject Information Access: CA Repository - URI:rsync://repository.lacnic.net/rpki/lacnic/AA323EACD8EE65853EA64901C0708C7E0A6C4B49E832C9EFE0C726AC07655800/0/ RPKI Manifest - URI:rsync://repository.lacnic.net/rpki/lacnic/AA323EACD8EE65853EA64901C0708C7E0A6C4B49E832C9EFE0C726AC07655800/0/DDFB95E03A294FDCFC9F3B70A26BCF74C3A4CD29.mft RPKI Notify - URI:https://rrdp.lacnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.164.20.0/22 IPv6: 2806:30a::/32 Signature Algorithm: sha256WithRSAEncryption 84:06:28:52:d0:d0:0a:95:13:44:9f:29:66:da:13:ac:0c:48: a7:3a:88:e6:7f:cf:08:cd:8c:57:c4:e6:15:cd:ca:57:de:28: c6:d0:b4:44:88:a2:d1:ff:0b:5c:2c:e2:0c:00:4b:e8:c4:fe: 14:e2:e5:e5:04:6e:60:e6:0b:af:ef:a6:05:c4:62:29:46:ad: 0c:28:bf:84:28:a6:d3:8a:ec:6c:0d:7d:a5:8e:55:b7:d5:8f: c4:5b:23:c8:cc:ec:aa:05:95:36:dd:10:fd:32:ac:2a:0b:60: ca:33:f5:dd:3e:63:39:af:1c:0d:5b:a8:f5:ee:76:f1:1a:ab: 99:ab:21:ea:b8:25:c0:e3:7b:7a:a6:08:26:01:f9:75:15:97: 8d:82:ce:62:bf:61:21:3f:02:98:03:4d:75:92:bb:ba:c1:20: a9:74:10:58:df:ca:96:20:0b:24:11:ca:60:b6:3b:e2:27:cb: d6:67:be:1d:30:37:80:9a:c0:da:9a:41:34:00:e1:27:4b:e8: dd:65:b0:74:15:e3:ea:45:74:19:f5:50:29:e3:97:b7:bd:dd: cc:c6:43:74:13:86:ae:49:7b:ee:fc:3a:c8:b6:d5:0b:49:af: 9f:ff:20:48:d5:5d:d4:d2:f0:17:e1:10:da:36:a6:3a:30:b1: c7:35:09:65 -----BEGIN CERTIFICATE----- MIIGiTCCBXGgAwIBAgIUQ9eipmtoVXXBv1a8B7kXd34lXVIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRjI1QTFCN0Q4RjdBREY5NEMwREVCRThGRUFDMUMzQkNE NjA1ODY3ODAeFw0yNjAxMjgwMjUwMTFaFw0yNzAxMjcwMjU1MTFaMDMxMTAvBgNV BAMTKERERkI5NUUwM0EyOTRGRENGQzlGM0I3MEEyNkJDRjc0QzNBNENEMjkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCq780v3FPaWpFrEZ7lbmN0mQLe wthneQp1Vv8pfKM4+jgV3tqXIGO2ye/lV3lAZl4e0H+PrRATa6pX2/GYuYCFGcqq CcJGaK4q4O0/I42Da4SQnuHxNg8rgWdQWh60ou59jTK407fGKYqyNNy45dZWwu1D 7h3gY7Jp0DHa+Z1JGzshYkfQyyrLxLKb6Aq16Q0l9FIF/mHCIj/zX7snSBaQ9qPm viB2YCw8qO67ZYHHMe9PPfG/Xu03sEelVmXXdQ04NZHQgXkHav5gWIhXKC0Vc66g tjha5i9Dy8fvRh9umHbVrFx1xNP2E8cFga2JQ3ctaWxkU4eh60n/t+KrWSBxAgMB AAGjggOTMIIDjzAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTd+5XgOilP3Pyf O3Cia890w6TNKTAfBgNVHSMEGDAWgBTyWht9j3rflMDevo/qwcO81gWGeDAOBgNV HQ8BAf8EBAMCAQYwgbAGA1UdHwSBqDCBpTCBoqCBn6CBnIaBmXJzeW5jOi8vcmVw b3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURF NzA5QUMwRDI1NUNGMjc5QzQ3NzE2RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQv MC9GMjVBMUI3RDhGN0FERjk0QzBERUJFOEZFQUMxQzNCQ0Q2MDU4Njc4LmNybDCB uQYIKwYBBQUHAQEEgawwgakwgaYGCCsGAQUFBzAChoGZcnN5bmM6Ly9yZXBvc2l0 b3J5LmxhY25pYy5uZXQvcnBraS9sYWNuaWMvRTVBQTFCMkM2OTBEMzRERDNBNDJF MEMwMjY4QzMyMThFRDE1OEUxNUQyOUZDQkQwQkFCNjZCNDc4NkQ2MzJFNi8wL0Yy NUExQjdEOEY3QURGOTRDMERFQkU4RkVBQzFDM0JDRDYwNTg2NzguY2VyMIIBcQYI KwYBBQUHAQsEggFjMIIBXzB5BggrBgEFBQcwBYZtcnN5bmM6Ly9yZXBvc2l0b3J5 LmxhY25pYy5uZXQvcnBraS9sYWNuaWMvQUEzMjNFQUNEOEVFNjU4NTNFQTY0OTAx QzA3MDhDN0UwQTZDNEI0OUU4MzJDOUVGRTBDNzI2QUMwNzY1NTgwMC8wLzCBpgYI KwYBBQUHMAqGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh Y25pYy9BQTMyM0VBQ0Q4RUU2NTg1M0VBNjQ5MDFDMDcwOEM3RTBBNkM0QjQ5RTgz MkM5RUZFMEM3MjZBQzA3NjU1ODAwLzAvRERGQjk1RTAzQTI5NEZEQ0ZDOUYzQjcw QTI2QkNGNzRDM0E0Q0QyOS5tZnQwOQYIKwYBBQUHMA2GLWh0dHBzOi8vcnJkcC5s YWNuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLaQUMA0EAgAC MAcDBQAoBgMKMA0GCSqGSIb3DQEBCwUAA4IBAQCEBihS0NAKlRNEnylm2hOsDEin Oojmf88IzYxXxOYVzcpX3ijG0LREiKLR/wtcLOIMAEvoxP4U4uXlBG5g5guv76YF xGIpRq0MKL+EKKbTiuxsDX2ljlW31Y/EWyPIzOyqBZU23RD9MqwqC2DKM/XdPmM5 rxwNW6j17nbxGquZqyHquCXA43t6pggmAfl1FZeNgs5iv2EhPwKYA011kru6wSCp dBBY38qWIAskEcpgtjviJ8vWZ74dMDeAmsDamkE0AOEnS+jdZbB0FePqRXQZ9VAp 45e3vd3MxkN0E4auSXvu/DrIttULSa+f/yBI1V3U0vAX4RDaNqY6MLHHNQll -----END CERTIFICATE-----Generated at Thu Feb 19 02:59:34 2026 by rpki-client