Certificate

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7272057ebe387df71782aa3e99d4f487f3e842e8.cer
File:                     7272057ebe387df71782aa3e99d4f487f3e842e8.cer (raw, json)
Hash identifier:          NDcrQahz9vcIJ1VxQRgAfAglOK2trI6dBP0flVPOtfg=
Subject key identifier:   2C:C0:67:CE:51:EC:05:E7:87:C1:0F:08:8E:45:02:0E:09:A5:F5:73
Authority key identifier: 14:70:94:B4:E4:47:E3:EE:2D:CC:3F:D5:27:3D:46:EB:9D:C4:78:07
Certificate issuer:       /CN=production O=lacnic
Certificate serial:       010186F6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
Manifest:                 rsync://repository.lacnic.net/rpki/lacnic/24b64913-3f22-450b-888d-a02758dfa3a2/7272057ebe387df71782aa3e99d4f487f3e842e8.mft
caRepository:             rsync://repository.lacnic.net/rpki/lacnic/24b64913-3f22-450b-888d-a02758dfa3a2/
Notify URL:               https://rrdp.lacnic.net/rrdp/notification.xml
Certificate not before:   Sun 20 Feb 2022 02:32:44 +0000
Certificate not after:    Wed 18 Dec 2024 03:52:02 +0000
Subordinate resources:    IP: 201.77.96.0/22
                          IP: 2806:3a8::/32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 16877302 (0x10186f6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=production O=lacnic
        Validity
            Not Before: Feb 20 02:32:44 2022 GMT
            Not After : Dec 18 03:52:02 2024 GMT
        Subject: CN=7272057ebe387df71782aa3e99d4f487f3e842e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:c8:e0:db:0a:42:6a:f5:97:6e:00:de:56:91:
                    87:7c:1a:8c:11:1a:0d:f1:c4:0e:97:6d:c2:e6:ef:
                    0e:1a:ad:07:45:a0:bf:04:9f:d8:79:23:d8:01:92:
                    5e:d6:b8:a6:e1:27:81:86:5c:ae:83:77:50:e6:c3:
                    07:93:1d:f2:94:ec:4a:ea:5c:4c:f2:26:33:13:fa:
                    ac:e1:52:ab:f4:59:be:fe:f3:fb:54:0f:62:bd:71:
                    e8:54:9d:50:ed:1f:3f:d6:14:b7:2f:c1:2f:bc:43:
                    70:fc:7a:30:5b:f8:6b:02:88:10:fe:09:d3:36:17:
                    f5:cb:02:49:96:bf:4a:ab:cf:29:d0:da:b0:fa:cc:
                    b3:8f:e7:58:90:35:13:b1:00:0a:3d:73:f4:87:b3:
                    60:c7:9b:b1:74:d2:b9:b1:d4:04:73:a4:9a:42:42:
                    f7:8c:e9:43:00:24:6f:ce:f7:34:98:cb:08:d0:fc:
                    f4:ea:c8:99:b8:89:9f:68:1e:60:6c:ea:ef:6e:72:
                    bb:2b:b7:f2:37:7f:89:5b:4e:a8:a0:73:63:a8:dc:
                    f1:7b:17:f7:fa:c2:8d:fc:aa:ae:94:12:c0:4f:cf:
                    ae:33:47:54:71:3c:80:8f:de:39:95:9f:12:11:60:
                    89:c6:8c:30:66:17:ba:7b:b5:dc:f9:49:17:a7:82:
                    3a:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:C0:67:CE:51:EC:05:E7:87:C1:0F:08:8E:45:02:0E:09:A5:F5:73
            X509v3 Authority Key Identifier:
                keyid:14:70:94:B4:E4:47:E3:EE:2D:CC:3F:D5:27:3D:46:EB:9D:C4:78:07

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer

            Subject Information Access:
                RPKI Notify - URI:https://rrdp.lacnic.net/rrdp/notification.xml
                CA Repository - URI:rsync://repository.lacnic.net/rpki/lacnic/24b64913-3f22-450b-888d-a02758dfa3a2/
                RPKI Manifest - URI:rsync://repository.lacnic.net/rpki/lacnic/24b64913-3f22-450b-888d-a02758dfa3a2/7272057ebe387df71782aa3e99d4f487f3e842e8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.77.96.0/22
                IPv6:
                  2806:3a8::/32

    Signature Algorithm: sha256WithRSAEncryption
         42:cd:18:5e:ab:91:e3:9a:30:b4:f1:02:55:64:14:d4:9a:a0:
         ed:fa:9e:87:c1:81:e6:d9:8e:19:8f:48:e8:26:69:ce:fc:e4:
         4c:a9:bf:9d:df:e6:22:6c:98:69:ab:9c:46:06:66:f9:0d:93:
         4f:08:2f:06:83:18:df:ce:7e:90:6d:b2:1d:5b:91:5a:cd:00:
         f3:c1:53:7d:92:83:e6:2c:3f:52:a0:5f:cf:be:36:b8:d1:19:
         18:f4:10:2c:e3:da:24:bc:d8:83:9f:ff:75:a2:fa:45:4c:a4:
         28:86:d2:ad:12:28:7e:99:ce:e1:b1:d3:fb:8a:5f:c7:85:45:
         36:ea:6a:64:c0:35:d9:ad:b9:de:b1:ba:7e:5c:a6:e9:18:bc:
         50:d5:e2:5c:6c:58:d5:76:8c:ea:30:92:fc:26:13:50:df:c4:
         e0:d4:94:6e:27:3b:fc:97:59:1c:bc:b5:f3:66:1d:14:2e:7d:
         a8:63:f2:84:1e:fb:14:3c:55:77:ab:c0:f9:97:09:83:af:32:
         4a:b3:fd:a4:39:9e:1e:62:76:44:ff:bc:37:65:b4:f6:bb:08:
         62:f0:4e:d0:ba:19:2e:64:6f:cf:f5:2a:22:7d:72:71:f0:29:
         21:0a:83:0d:1a:50:93:9f:57:b6:32:23:e4:11:e0:74:c3:68:
         80:ed:aa:84
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIEAQGG9jANBgkqhkiG9w0BAQsFADAeMRwwGgYDVQQDExNw
cm9kdWN0aW9uIE89bGFjbmljMB4XDTIyMDIyMDAyMzI0NFoXDTI0MTIxODAzNTIw
MlowMzExMC8GA1UEAxMoNzI3MjA1N2ViZTM4N2RmNzE3ODJhYTNlOTlkNGY0ODdm
M2U4NDJlODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKLI4NsKQmr1
l24A3laRh3wajBEaDfHEDpdtwubvDhqtB0WgvwSf2Hkj2AGSXta4puEngYZcroN3
UObDB5Md8pTsSupcTPImMxP6rOFSq/RZvv7z+1QPYr1x6FSdUO0fP9YUty/BL7xD
cPx6MFv4awKIEP4J0zYX9csCSZa/SqvPKdDasPrMs4/nWJA1E7EACj1z9IezYMeb
sXTSubHUBHOkmkJC94zpQwAkb873NJjLCND89OrImbiJn2geYGzq725yuyu38jd/
iVtOqKBzY6jc8XsX9/rCjfyqrpQSwE/PrjNHVHE8gI/eOZWfEhFgicaMMGYXunu1
3PlJF6eCOrsCAwEAAaOCAu0wggLpMB0GA1UdDgQWBBQswGfOUewF54fBDwiORQIO
CaX1czAfBgNVHSMEGDAWgBQUcJS05Efj7i3MP9UnPUbrncR4BzAPBgNVHRMBAf8E
BTADAQH/MA4GA1UdDwEB/wQEAwIBBjByBggrBgEFBQcBAQRmMGQwYgYIKwYBBQUH
MAKGVnJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFjbmljL2Zm
MTRlOTA1NWQ1YWZhYTM3ZmJlMjBmNGEyNmJkMTNjOGYxOGQ3OWEuY2VyMIIBNAYI
KwYBBQUHAQsEggEmMIIBIjA5BggrBgEFBQcwDYYtaHR0cHM6Ly9ycmRwLmxhY25p
Yy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMFsGCCsGAQUFBzAFhk9yc3luYzov
L3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xhY25pYy8yNGI2NDkxMy0zZjIy
LTQ1MGItODg4ZC1hMDI3NThkZmEzYTIvMIGHBggrBgEFBQcwCoZ7cnN5bmM6Ly9y
ZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9sYWNuaWMvMjRiNjQ5MTMtM2YyMi00
NTBiLTg4OGQtYTAyNzU4ZGZhM2EyLzcyNzIwNTdlYmUzODdkZjcxNzgyYWEzZTk5
ZDRmNDg3ZjNlODQyZTgubWZ0MIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzov
L3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xhY25pYy80OGYwODNiYi1mNjAz
LTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZmYxNGU5MDU1ZDVhZmFhMzdmYmUyMGY0
YTI2YmQxM2M4ZjE4ZDc5YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAslNYDANBAIAAjAHAwUAKAYDqDAN
BgkqhkiG9w0BAQsFAAOCAQEAQs0YXquR45owtPECVWQU1Jqg7fqeh8GB5tmOGY9I
6CZpzvzkTKm/nd/mImyYaaucRgZm+Q2TTwgvBoMY385+kG2yHVuRWs0A88FTfZKD
5iw/UqBfz742uNEZGPQQLOPaJLzYg5//daL6RUykKIbSrRIofpnO4bHT+4pfx4VF
NupqZMA12a253rG6flym6Ri8UNXiXGxY1XaM6jCS/CYTUN/E4NSUbic7/JdZHLy1
82YdFC59qGPyhB77FDxVd6vA+ZcJg68ySrP9pDmeHmJ2RP+8N2W09rsIYvBO0LoZ
LmRvz/UqIn1ycfApIQqDDRpQk59XtjIj5BHgdMNogO2qhA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 05:45:02 2024 by rpki-client on console-ams.rpki-client.org