Certificate

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/297e119ebe51a00d6560ab73fd79c51ada403f19.cer
File:                     297e119ebe51a00d6560ab73fd79c51ada403f19.cer (raw, json)
Hash identifier:          cfh5u/b0yjp8UmLst/lRgi0fs73mXQVgggPlBAKY6i0=
Subject key identifier:   07:09:37:88:ED:4A:80:C2:0C:DE:CE:10:A7:FF:BB:31:21:A2:72:9E
Authority key identifier: 14:70:94:B4:E4:47:E3:EE:2D:CC:3F:D5:27:3D:46:EB:9D:C4:78:07
Certificate issuer:       /CN=production O=lacnic
Certificate serial:       010F2746
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
Manifest:                 rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/297e119ebe51a00d6560ab73fd79c51ada403f19.mft
caRepository:             rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/
Notify URL:               https://rrdp.lacnic.net/rrdp/notification.xml
Certificate not before:   Thu 18 Aug 2022 16:16:00 +0000
Certificate not after:    Fri 25 Apr 2025 15:00:00 +0000
Subordinate resources:    AS: 27823
                          IP: 138.36.236.0/22
                          IP: 138.219.40.0/22
                          IP: 168.181.184.0/22
                          IP: 168.197.48.0/22
                          IP: 179.43.112.0/20
                          IP: 200.58.96.0/19
                          IP: 2800:6c0::/32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17770310 (0x10f2746)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=production O=lacnic
        Validity
            Not Before: Aug 18 16:16:00 2022 GMT
            Not After : Apr 25 15:00:00 2025 GMT
        Subject: CN=297e119ebe51a00d6560ab73fd79c51ada403f19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:b5:5d:d2:1d:95:ce:f7:1e:82:60:a4:fe:a4:
                    68:23:2f:db:1d:91:8e:cf:47:4b:c3:e6:c4:4a:49:
                    13:8f:69:2f:45:0d:49:5a:52:b0:1f:66:d2:7d:ed:
                    08:3a:a8:28:59:39:93:5d:08:90:c2:28:62:e9:41:
                    09:99:38:6e:a1:2c:34:b5:5d:54:21:2a:63:37:ab:
                    36:2a:e2:00:36:a2:42:cc:c1:b8:8c:a6:3c:75:74:
                    07:dc:ef:54:90:b0:40:9f:77:e1:37:bb:27:d4:7d:
                    23:66:d1:fa:47:c4:bb:43:1c:7b:5f:13:a8:1f:37:
                    75:bd:68:c3:87:71:54:cc:4a:ad:3c:c9:7f:11:15:
                    99:c5:99:5e:b4:0f:e8:ae:76:a1:18:b5:c2:14:d8:
                    ce:f8:1b:d8:22:1a:1a:6b:41:52:fb:f6:f2:78:16:
                    8a:73:b8:9b:a7:bf:29:d6:51:b0:f9:98:a0:aa:b9:
                    f6:52:2e:2b:5c:8c:a8:ba:ee:ec:36:02:da:92:30:
                    bf:0b:58:8a:76:98:ca:7e:2b:63:dc:b3:b6:0a:5e:
                    e0:2b:83:8e:24:ab:ee:46:bb:aa:33:f7:c2:64:62:
                    63:56:c3:15:f9:f7:3a:a3:f4:de:df:27:3a:7c:37:
                    42:fb:e9:ec:70:3e:cd:6a:c7:77:ee:ef:23:72:6d:
                    43:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:09:37:88:ED:4A:80:C2:0C:DE:CE:10:A7:FF:BB:31:21:A2:72:9E
            X509v3 Authority Key Identifier:
                keyid:14:70:94:B4:E4:47:E3:EE:2D:CC:3F:D5:27:3D:46:EB:9D:C4:78:07

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer

            Subject Information Access:
                RPKI Notify - URI:https://rrdp.lacnic.net/rrdp/notification.xml
                CA Repository - URI:rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/
                RPKI Manifest - URI:rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/297e119ebe51a00d6560ab73fd79c51ada403f19.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.36.236.0/22
                  138.219.40.0/22
                  168.181.184.0/22
                  168.197.48.0/22
                  179.43.112.0/20
                  200.58.96.0/19
                IPv6:
                  2800:6c0::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  27823

    Signature Algorithm: sha256WithRSAEncryption
         70:05:3b:ef:65:aa:0a:6d:88:59:86:89:8e:a3:f4:6a:ac:32:
         8e:96:93:b2:49:17:ce:e4:87:f8:52:95:76:ed:91:12:e3:44:
         b6:55:3f:4d:11:5c:db:7d:1d:af:3c:d3:ef:68:f9:35:6a:3e:
         66:1a:f0:df:68:b7:b9:e8:6e:ad:62:d0:c9:1d:22:61:8a:ee:
         9f:3e:4f:38:1e:cd:2e:a1:ad:0f:f8:86:32:97:80:6b:6f:43:
         c5:1a:4c:f2:26:b6:e5:0d:1c:3a:cb:18:6a:9b:0b:73:30:19:
         ab:b9:25:17:bb:3e:52:6e:10:6c:c5:5a:83:b6:05:73:b0:2a:
         fb:c8:e1:16:64:8d:d8:61:b0:76:63:7b:96:b5:a6:1b:78:ba:
         aa:6d:d5:6f:6f:dd:b5:94:82:06:be:b6:ab:d3:ca:27:1f:ff:
         94:4e:50:39:54:ae:e2:ef:7e:05:d4:23:c6:21:1e:5a:48:80:
         d3:fe:b0:2b:46:82:dc:64:e2:fb:d1:ec:5a:d4:71:33:b3:8e:
         40:4b:16:23:81:46:8c:30:1f:91:19:6a:90:9e:76:32:d4:72:
         59:46:6f:bb:15:72:23:3b:49:b3:44:ce:78:d0:7d:10:6e:ed:
         2b:d3:f5:ea:69:82:c5:9b:15:7f:16:49:e6:b3:75:7e:9e:22:
         a2:4d:c0:60
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIEAQ8nRjANBgkqhkiG9w0BAQsFADAeMRwwGgYDVQQDExNw
cm9kdWN0aW9uIE89bGFjbmljMB4XDTIyMDgxODE2MTYwMFoXDTI1MDQyNTE1MDAw
MFowMzExMC8GA1UEAxMoMjk3ZTExOWViZTUxYTAwZDY1NjBhYjczZmQ3OWM1MWFk
YTQwM2YxOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM61XdIdlc73
HoJgpP6kaCMv2x2Rjs9HS8PmxEpJE49pL0UNSVpSsB9m0n3tCDqoKFk5k10IkMIo
YulBCZk4bqEsNLVdVCEqYzerNiriADaiQszBuIymPHV0B9zvVJCwQJ934Te7J9R9
I2bR+kfEu0Mce18TqB83db1ow4dxVMxKrTzJfxEVmcWZXrQP6K52oRi1whTYzvgb
2CIaGmtBUvv28ngWinO4m6e/KdZRsPmYoKq59lIuK1yMqLru7DYC2pIwvwtYinaY
yn4rY9yztgpe4CuDjiSr7ka7qjP3wmRiY1bDFfn3OqP03t8nOnw3Qvvp7HA+zWrH
d+7vI3JtQ4kCAwEAAaOCAyYwggMiMB0GA1UdDgQWBBQHCTeI7UqAwgzezhCn/7sx
IaJynjAfBgNVHSMEGDAWgBQUcJS05Efj7i3MP9UnPUbrncR4BzAPBgNVHRMBAf8E
BTADAQH/MA4GA1UdDwEB/wQEAwIBBjByBggrBgEFBQcBAQRmMGQwYgYIKwYBBQUH
MAKGVnJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFjbmljL2Zm
MTRlOTA1NWQ1YWZhYTM3ZmJlMjBmNGEyNmJkMTNjOGYxOGQ3OWEuY2VyMIIBNAYI
KwYBBQUHAQsEggEmMIIBIjA5BggrBgEFBQcwDYYtaHR0cHM6Ly9ycmRwLmxhY25p
Yy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMFsGCCsGAQUFBzAFhk9yc3luYzov
L3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xhY25pYy80ZDhkZjBmMC00MWM0
LTQwMWQtYWMxNS1kZTBkYjQwYWM5Y2IvMIGHBggrBgEFBQcwCoZ7cnN5bmM6Ly9y
ZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9sYWNuaWMvNGQ4ZGYwZjAtNDFjNC00
MDFkLWFjMTUtZGUwZGI0MGFjOWNiLzI5N2UxMTllYmU1MWEwMGQ2NTYwYWI3M2Zk
NzljNTFhZGE0MDNmMTkubWZ0MIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzov
L3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xhY25pYy80OGYwODNiYi1mNjAz
LTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZmYxNGU5MDU1ZDVhZmFhMzdmYmUyMGY0
YTI2YmQxM2M4ZjE4ZDc5YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAook7AMEAorbKAMEAqi1uAMEAqjF
MAMEBLMrcAMEBcg6YDANBAIAAjAHAwUAKAAGwDAZBggrBgEFBQcBCAEB/wQKMAig
BjAEAgJsrzANBgkqhkiG9w0BAQsFAAOCAQEAcAU772WqCm2IWYaJjqP0aqwyjpaT
skkXzuSH+FKVdu2REuNEtlU/TRFc230drzzT72j5NWo+Zhrw32i3uehurWLQyR0i
YYrunz5POB7NLqGtD/iGMpeAa29DxRpM8ia25Q0cOssYapsLczAZq7klF7s+Um4Q
bMVag7YFc7Aq+8jhFmSN2GGwdmN7lrWmG3i6qm3Vb2/dtZSCBr62q9PKJx//lE5Q
OVSu4u9+BdQjxiEeWkiA0/6wK0aC3GTi+9HsWtRxM7OOQEsWI4FGjDAfkRlqkJ52
MtRyWUZvuxVyIztJs0TOeNB9EG7tK9P16mmCxZsVfxZJ5rN1fp4iok3AYA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 05:44:41 2024 by rpki-client on console-ams.rpki-client.org