Certificate

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4a28d2145c63fe2a4ec69a7b2ee952102f10a4fa.cer
File:                     4a28d2145c63fe2a4ec69a7b2ee952102f10a4fa.cer (raw, json)
Hash identifier:          dRU0KN6yrOtpplk8aQKfGRKWFyalq1irQ06+WsBDeZw=
Subject key identifier:   16:32:85:BE:91:49:B4:FA:01:47:42:4E:C1:3D:94:27:89:1E:13:A1
Authority key identifier: 14:70:94:B4:E4:47:E3:EE:2D:CC:3F:D5:27:3D:46:EB:9D:C4:78:07
Certificate issuer:       /CN=production O=lacnic
Certificate serial:       0100024A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
Manifest:                 rsync://repository.lacnic.net/rpki/lacnic/d83f4a7f-0710-4f5b-8343-416280d84a0a/4a28d2145c63fe2a4ec69a7b2ee952102f10a4fa.mft
caRepository:             rsync://repository.lacnic.net/rpki/lacnic/d83f4a7f-0710-4f5b-8343-416280d84a0a/
Notify URL:               https://rrdp.lacnic.net/rrdp/notification.xml
Certificate not before:   Fri 17 Nov 2017 18:37:12 +0000
Certificate not after:    Tue 03 Dec 2024 04:00:00 +0000
Subordinate resources:    AS: 27668
                          AS: 27844
                          IP: 186.43.128.0/17
                          IP: 190.94.128.0/19
                          IP: 191.100.0.0/16
                          IP: 200.55.224.0/20
                          IP: 201.238.128.0/18
                          IP: 2800:2f0::/32
                          IP: 2800:400::/32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 16777802 (0x100024a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=production O=lacnic
        Validity
            Not Before: Nov 17 18:37:12 2017 GMT
            Not After : Dec  3 04:00:00 2024 GMT
        Subject: CN=4a28d2145c63fe2a4ec69a7b2ee952102f10a4fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:9f:1b:b4:c7:b6:85:08:17:d4:e5:c3:0f:19:
                    a0:68:4d:00:99:b2:f8:4a:62:9d:e0:02:95:ce:6b:
                    e3:29:96:64:17:79:31:15:00:97:ca:6d:93:27:dd:
                    b9:64:f0:df:c3:f3:b9:0d:d2:11:f4:e7:94:7d:eb:
                    6b:bc:b9:ca:8e:94:be:f8:69:61:f6:96:0e:99:49:
                    3d:ea:9e:11:b3:ff:8a:1b:e3:7c:e2:c5:39:6f:d7:
                    c0:86:ae:ae:16:87:9b:ac:81:f2:4e:d0:ad:e5:eb:
                    71:56:c2:4f:3f:78:61:d4:62:29:6e:73:1a:60:0a:
                    cf:c6:f3:e1:88:0c:bc:28:09:cd:fb:32:cb:47:ed:
                    7b:51:82:90:06:e3:26:a9:72:b6:03:2f:cb:dd:45:
                    d0:d7:c7:e6:bd:83:ef:e7:22:f1:7a:92:a3:40:3d:
                    dc:5c:60:6a:a0:88:53:bc:89:7f:49:a7:69:88:bf:
                    7c:d0:74:a2:e4:49:c7:bb:90:44:65:b0:1a:7b:2b:
                    ed:a3:2e:e5:49:5f:78:c9:04:09:76:7c:22:96:09:
                    c2:a0:e9:60:e1:64:60:b7:a9:84:e3:01:0d:b8:b7:
                    0b:a1:ce:41:90:da:ba:0a:ba:5c:64:09:e4:df:1d:
                    9c:5c:8c:97:23:0e:15:14:5f:5b:f9:13:2c:15:1b:
                    e7:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:32:85:BE:91:49:B4:FA:01:47:42:4E:C1:3D:94:27:89:1E:13:A1
            X509v3 Authority Key Identifier:
                keyid:14:70:94:B4:E4:47:E3:EE:2D:CC:3F:D5:27:3D:46:EB:9D:C4:78:07

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer

            Subject Information Access:
                RPKI Notify - URI:https://rrdp.lacnic.net/rrdp/notification.xml
                CA Repository - URI:rsync://repository.lacnic.net/rpki/lacnic/d83f4a7f-0710-4f5b-8343-416280d84a0a/
                RPKI Manifest - URI:rsync://repository.lacnic.net/rpki/lacnic/d83f4a7f-0710-4f5b-8343-416280d84a0a/4a28d2145c63fe2a4ec69a7b2ee952102f10a4fa.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.43.128.0/17
                  190.94.128.0/19
                  191.100.0.0/16
                  200.55.224.0/20
                  201.238.128.0/18
                IPv6:
                  2800:2f0::/32
                  2800:400::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  27668
                  27844

    Signature Algorithm: sha256WithRSAEncryption
         32:f3:9e:57:32:c6:a7:22:a0:a9:62:ae:3d:2a:f7:91:d8:b1:
         6e:ab:4e:46:79:2e:0d:f3:26:3b:6f:68:6d:df:75:46:f2:16:
         27:3e:c6:28:76:af:d6:28:fb:22:54:cc:3f:90:33:84:ee:5c:
         d7:92:f0:84:1f:e4:2b:6e:c7:11:4e:10:d7:30:10:d0:dc:79:
         27:23:eb:17:4a:ca:ed:e0:08:d9:be:38:af:33:0a:91:65:94:
         bf:08:e9:cf:17:b2:4d:8f:a4:21:00:91:4e:4d:26:fb:5a:7b:
         89:43:e3:3b:fe:55:cd:e5:a0:ef:e9:17:d6:4e:ba:af:65:5e:
         0d:20:77:ad:99:4e:98:d0:d5:54:59:83:6c:63:05:3b:8e:1f:
         63:b2:48:c9:75:43:12:ad:a3:b0:50:c3:11:7c:47:cf:0d:5d:
         c2:5b:ba:90:e9:30:d6:72:89:b5:a4:c7:91:02:fd:c3:10:92:
         63:0d:7f:b5:c3:48:02:9d:a3:7d:30:bd:46:cb:1e:db:72:5e:
         08:46:d7:ee:7c:13:08:23:cf:1f:91:0c:c2:d0:10:53:70:c8:
         ac:fb:7f:5f:d3:43:20:ed:4e:c8:04:35:3f:50:b1:48:c8:22:
         a2:99:cc:10:a7:43:b8:7d:f2:3a:c2:75:f6:71:49:7e:b9:fd:
         e0:25:7e:1d
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIEAQACSjANBgkqhkiG9w0BAQsFADAeMRwwGgYDVQQDExNw
cm9kdWN0aW9uIE89bGFjbmljMB4XDTE3MTExNzE4MzcxMloXDTI0MTIwMzA0MDAw
MFowMzExMC8GA1UEAxMoNGEyOGQyMTQ1YzYzZmUyYTRlYzY5YTdiMmVlOTUyMTAy
ZjEwYTRmYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIifG7THtoUI
F9Tlww8ZoGhNAJmy+EpineAClc5r4ymWZBd5MRUAl8ptkyfduWTw38PzuQ3SEfTn
lH3ra7y5yo6UvvhpYfaWDplJPeqeEbP/ihvjfOLFOW/XwIaurhaHm6yB8k7QreXr
cVbCTz94YdRiKW5zGmAKz8bz4YgMvCgJzfsyy0fte1GCkAbjJqlytgMvy91F0NfH
5r2D7+ci8XqSo0A93FxgaqCIU7yJf0mnaYi/fNB0ouRJx7uQRGWwGnsr7aMu5Ulf
eMkECXZ8IpYJwqDpYOFkYLephOMBDbi3C6HOQZDaugq6XGQJ5N8dnFyMlyMOFRRf
W/kTLBUb5+UCAwEAAaOCAyowggMmMB0GA1UdDgQWBBQWMoW+kUm0+gFHQk7BPZQn
iR4ToTAfBgNVHSMEGDAWgBQUcJS05Efj7i3MP9UnPUbrncR4BzAPBgNVHRMBAf8E
BTADAQH/MA4GA1UdDwEB/wQEAwIBBjByBggrBgEFBQcBAQRmMGQwYgYIKwYBBQUH
MAKGVnJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFjbmljL2Zm
MTRlOTA1NWQ1YWZhYTM3ZmJlMjBmNGEyNmJkMTNjOGYxOGQ3OWEuY2VyMIIBNAYI
KwYBBQUHAQsEggEmMIIBIjA5BggrBgEFBQcwDYYtaHR0cHM6Ly9ycmRwLmxhY25p
Yy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMFsGCCsGAQUFBzAFhk9yc3luYzov
L3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xhY25pYy9kODNmNGE3Zi0wNzEw
LTRmNWItODM0My00MTYyODBkODRhMGEvMIGHBggrBgEFBQcwCoZ7cnN5bmM6Ly9y
ZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9sYWNuaWMvZDgzZjRhN2YtMDcxMC00
ZjViLTgzNDMtNDE2MjgwZDg0YTBhLzRhMjhkMjE0NWM2M2ZlMmE0ZWM2OWE3YjJl
ZTk1MjEwMmYxMGE0ZmEubWZ0MIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzov
L3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xhY25pYy80OGYwODNiYi1mNjAz
LTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZmYxNGU5MDU1ZDVhZmFhMzdmYmUyMGY0
YTI2YmQxM2M4ZjE4ZDc5YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswIwQCAAEwHQMEB7orgAMEBb5egAMDAL9kAwQEyDfg
AwQGye6AMBQEAgACMA4DBQAoAALwAwUAKAAEADAdBggrBgEFBQcBCAEB/wQOMAyg
CjAIAgJsFAICbMQwDQYJKoZIhvcNAQELBQADggEBADLznlcyxqcioKlirj0q95HY
sW6rTkZ5Lg3zJjtvaG3fdUbyFic+xih2r9Yo+yJUzD+QM4TuXNeS8IQf5CtuxxFO
ENcwENDceScj6xdKyu3gCNm+OK8zCpFllL8I6c8Xsk2PpCEAkU5NJvtae4lD4zv+
Vc3loO/pF9ZOuq9lXg0gd62ZTpjQ1VRZg2xjBTuOH2OySMl1QxKto7BQwxF8R88N
XcJbupDpMNZyibWkx5EC/cMQkmMNf7XDSAKdo30wvUbLHttyXghG1+58Ewgjzx+R
DMLQEFNwyKz7f1/TQyDtTsgENT9QsUjIIqKZzBCnQ7h98jrCdfZxSX65/eAlfh0=
-----END CERTIFICATE-----
Generated at Thu Mar 28 23:48:10 2024 by rpki-client on console-ams.rpki-client.org