Certificate

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/290aff7d1e492984c44cd91b24e605f06a13914f.cer
File:                     290aff7d1e492984c44cd91b24e605f06a13914f.cer (raw, json)
Hash identifier:          qtSO3x1xmSGyZT0Ns1/4HMUFkK8Mf8vwFNr/tRsVqPk=
Subject key identifier:   91:76:77:AB:F3:84:E7:20:93:10:32:8D:6B:A1:F9:7A:6E:6E:3B:03
Authority key identifier: 14:70:94:B4:E4:47:E3:EE:2D:CC:3F:D5:27:3D:46:EB:9D:C4:78:07
Certificate issuer:       /CN=production O=lacnic
Certificate serial:       E23B12
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
Manifest:                 rsync://repository.lacnic.net/rpki/lacnic/e27eec05-4eb4-47d6-9573-b4ccee1ad96c/290aff7d1e492984c44cd91b24e605f06a13914f.mft
caRepository:             rsync://repository.lacnic.net/rpki/lacnic/e27eec05-4eb4-47d6-9573-b4ccee1ad96c/
Notify URL:               https://rrdp.lacnic.net/rrdp/notification.xml
Certificate not before:   Wed 22 Mar 2023 18:03:11 +0000
Certificate not after:    Tue 09 Jul 2024 16:49:26 +0000
Subordinate resources:    AS: 269771
                          IP: 45.184.103.0/24
                          IP: 2803:9d60::/32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14826258 (0xe23b12)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=production O=lacnic
        Validity
            Not Before: Mar 22 18:03:11 2023 GMT
            Not After : Jul  9 16:49:26 2024 GMT
        Subject: CN=290aff7d1e492984c44cd91b24e605f06a13914f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:a6:16:be:81:7e:fb:ef:d6:08:4e:7c:e5:ce:
                    dd:cf:6d:5f:d5:3c:3c:96:31:8b:e2:e6:5d:a1:85:
                    b1:fc:30:82:91:8c:11:ea:3d:5e:bb:9f:de:65:b1:
                    1e:60:12:cb:39:09:24:f6:65:32:2a:00:fe:4c:f9:
                    0e:e9:bc:59:9b:ec:cd:65:59:bb:14:3a:ac:7b:f2:
                    c4:bc:96:cc:60:4b:84:25:3a:ab:d3:2f:13:83:76:
                    2e:a3:76:56:fb:3e:4c:cf:84:5e:71:9c:4e:eb:02:
                    04:42:d7:3d:2e:ca:c3:49:3c:39:a3:5d:7a:64:4c:
                    35:8a:89:c0:98:d4:dc:8c:19:7e:6d:f5:f3:c4:f5:
                    df:ad:0e:c3:67:16:37:d6:9b:07:87:8f:35:04:eb:
                    d6:37:8c:4e:f8:5b:3f:35:2e:f0:b9:db:58:be:69:
                    a4:b6:8d:91:85:86:96:66:7f:7e:1f:6c:05:5d:4c:
                    78:a9:09:4b:0c:33:c5:e2:19:4b:59:94:49:57:f0:
                    45:46:2b:21:e6:54:18:ac:98:d3:7d:97:30:e4:59:
                    1e:ff:5c:ac:39:21:c7:05:75:f9:15:18:e6:33:2d:
                    67:22:dc:f9:82:77:aa:10:96:7f:09:8e:88:f0:03:
                    10:18:31:c5:77:f9:84:cb:51:fa:de:2b:2e:7d:4d:
                    0c:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:76:77:AB:F3:84:E7:20:93:10:32:8D:6B:A1:F9:7A:6E:6E:3B:03
            X509v3 Authority Key Identifier:
                keyid:14:70:94:B4:E4:47:E3:EE:2D:CC:3F:D5:27:3D:46:EB:9D:C4:78:07

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer

            Subject Information Access:
                RPKI Notify - URI:https://rrdp.lacnic.net/rrdp/notification.xml
                CA Repository - URI:rsync://repository.lacnic.net/rpki/lacnic/e27eec05-4eb4-47d6-9573-b4ccee1ad96c/
                RPKI Manifest - URI:rsync://repository.lacnic.net/rpki/lacnic/e27eec05-4eb4-47d6-9573-b4ccee1ad96c/290aff7d1e492984c44cd91b24e605f06a13914f.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.184.103.0/24
                IPv6:
                  2803:9d60::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  269771

    Signature Algorithm: sha256WithRSAEncryption
         87:21:bf:5e:17:2a:33:29:4b:e8:d1:0f:a3:22:9a:f5:97:c7:
         e5:8a:14:2c:f5:99:8e:65:2e:c7:b3:f5:4c:58:dc:2e:f7:af:
         4b:90:37:f7:49:20:1c:03:64:4b:69:1b:ea:b2:10:50:af:a9:
         2f:3c:53:5b:04:98:82:a7:00:39:a0:f7:7c:81:ef:fb:51:50:
         f6:06:f9:2d:b1:ad:8d:6c:e8:4d:6d:24:fd:1b:10:58:b6:ea:
         52:55:73:65:42:8f:b0:f8:12:76:6c:96:36:ca:e7:dc:be:6d:
         b7:31:6c:44:2e:1f:3a:4c:1e:e8:5d:d1:74:62:18:76:b1:91:
         c4:26:80:c0:e3:26:34:4a:0b:c9:14:7f:a9:f1:91:3e:93:dc:
         a1:89:97:41:dd:2d:88:e4:eb:51:af:73:7c:2f:02:e8:18:3e:
         64:2d:23:2a:4c:36:11:5b:30:ce:a5:19:bb:1b:cc:e3:8f:5b:
         98:ea:31:3a:75:84:0b:69:ba:8f:f2:a5:aa:ce:60:89:55:13:
         28:86:0f:04:c6:fe:47:f3:21:c7:8a:5d:10:d0:a6:87:8a:67:
         6f:15:07:48:3c:3a:bd:4b:6d:bf:f4:5c:71:e5:4d:7a:89:e9:
         c3:d5:0d:1b:58:36:6f:51:f1:55:5d:cd:b0:30:1a:b8:87:24:
         26:61:df:58
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgIEAOI7EjANBgkqhkiG9w0BAQsFADAeMRwwGgYDVQQDExNw
cm9kdWN0aW9uIE89bGFjbmljMB4XDTIzMDMyMjE4MDMxMVoXDTI0MDcwOTE2NDky
NlowMzExMC8GA1UEAxMoMjkwYWZmN2QxZTQ5Mjk4NGM0NGNkOTFiMjRlNjA1ZjA2
YTEzOTE0ZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKKmFr6Bfvvv
1ghOfOXO3c9tX9U8PJYxi+LmXaGFsfwwgpGMEeo9Xruf3mWxHmASyzkJJPZlMioA
/kz5Dum8WZvszWVZuxQ6rHvyxLyWzGBLhCU6q9MvE4N2LqN2Vvs+TM+EXnGcTusC
BELXPS7Kw0k8OaNdemRMNYqJwJjU3IwZfm3188T1360Ow2cWN9abB4ePNQTr1jeM
TvhbPzUu8LnbWL5ppLaNkYWGlmZ/fh9sBV1MeKkJSwwzxeIZS1mUSVfwRUYrIeZU
GKyY032XMORZHv9crDkhxwV1+RUY5jMtZyLc+YJ3qhCWfwmOiPADEBgxxXf5hMtR
+t4rLn1NDGsCAwEAAaOCAwkwggMFMB0GA1UdDgQWBBSRdner84TnIJMQMo1rofl6
bm47AzAfBgNVHSMEGDAWgBQUcJS05Efj7i3MP9UnPUbrncR4BzAPBgNVHRMBAf8E
BTADAQH/MA4GA1UdDwEB/wQEAwIBBjByBggrBgEFBQcBAQRmMGQwYgYIKwYBBQUH
MAKGVnJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFjbmljL2Zm
MTRlOTA1NWQ1YWZhYTM3ZmJlMjBmNGEyNmJkMTNjOGYxOGQ3OWEuY2VyMIIBNAYI
KwYBBQUHAQsEggEmMIIBIjA5BggrBgEFBQcwDYYtaHR0cHM6Ly9ycmRwLmxhY25p
Yy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMFsGCCsGAQUFBzAFhk9yc3luYzov
L3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xhY25pYy9lMjdlZWMwNS00ZWI0
LTQ3ZDYtOTU3My1iNGNjZWUxYWQ5NmMvMIGHBggrBgEFBQcwCoZ7cnN5bmM6Ly9y
ZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9sYWNuaWMvZTI3ZWVjMDUtNGViNC00
N2Q2LTk1NzMtYjRjY2VlMWFkOTZjLzI5MGFmZjdkMWU0OTI5ODRjNDRjZDkxYjI0
ZTYwNWYwNmExMzkxNGYubWZ0MIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzov
L3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xhY25pYy80OGYwODNiYi1mNjAz
LTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZmYxNGU5MDU1ZDVhZmFhMzdmYmUyMGY0
YTI2YmQxM2M4ZjE4ZDc5YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAC24ZzANBAIAAjAHAwUAKAOdYDAa
BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMEHcswDQYJKoZIhvcNAQELBQADggEBAIch
v14XKjMpS+jRD6MimvWXx+WKFCz1mY5lLsez9UxY3C73r0uQN/dJIBwDZEtpG+qy
EFCvqS88U1sEmIKnADmg93yB7/tRUPYG+S2xrY1s6E1tJP0bEFi26lJVc2VCj7D4
EnZsljbK59y+bbcxbEQuHzpMHuhd0XRiGHaxkcQmgMDjJjRKC8kUf6nxkT6T3KGJ
l0HdLYjk61Gvc3wvAugYPmQtIypMNhFbMM6lGbsbzOOPW5jqMTp1hAtpuo/yparO
YIlVEyiGDwTG/kfzIceKXRDQpoeKZ28VB0g8Or1Lbb/0XHHlTXqJ6cPVDRtYNm9R
8VVdzbAwGriHJCZh31g=
-----END CERTIFICATE-----
Generated at Fri Mar 29 05:44:41 2024 by rpki-client on console-ams.rpki-client.org