Certificate

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a12940490bd588d04ca6f10e67f9895c773999a9.cer
File:                     a12940490bd588d04ca6f10e67f9895c773999a9.cer (raw, json)
Hash identifier:          j6elIAj1IF7zdnQiLSlu/p7w2A/2A0KYisRuElfnqz8=
Subject key identifier:   11:C9:5F:39:0F:5A:14:33:8F:15:FA:7E:F1:D9:12:5E:4D:A7:C6:D6
Authority key identifier: 14:70:94:B4:E4:47:E3:EE:2D:CC:3F:D5:27:3D:46:EB:9D:C4:78:07
Certificate issuer:       /CN=production O=lacnic
Certificate serial:       01064033
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
Manifest:                 rsync://repository.lacnic.net/rpki/lacnic/052f4016-d206-42ed-adb9-88280d25848d/a12940490bd588d04ca6f10e67f9895c773999a9.mft
caRepository:             rsync://repository.lacnic.net/rpki/lacnic/052f4016-d206-42ed-adb9-88280d25848d/
Notify URL:               https://rrdp.lacnic.net/rrdp/notification.xml
Certificate not before:   Tue 09 Mar 2021 20:36:38 +0000
Certificate not after:    Sat 08 Feb 2025 05:00:00 +0000
Subordinate resources:    AS: 52233
                          IP: 131.221.144.0/22
                          IP: 138.219.140.0/22
                          IP: 161.0.96.0/20
                          IP: 170.245.0.0/22
                          IP: 186.2.176.0/20
                          IP: 190.112.224.0/19
                          IP: 2800:530::/32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17186867 (0x1064033)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=production O=lacnic
        Validity
            Not Before: Mar  9 20:36:38 2021 GMT
            Not After : Feb  8 05:00:00 2025 GMT
        Subject: CN=a12940490bd588d04ca6f10e67f9895c773999a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:e5:84:82:fa:bc:3c:92:5d:21:8f:f1:9a:bb:
                    2a:85:ba:ea:dd:ed:d1:4d:41:ff:b9:9c:87:c7:62:
                    3d:1f:9e:54:40:85:6d:d5:89:f1:d2:36:e4:b5:63:
                    de:ec:e9:c3:c1:64:b5:53:63:e5:b0:eb:d6:a8:b8:
                    ab:19:fe:d0:d8:bf:9d:22:18:3a:fd:fe:d2:c7:f7:
                    10:01:ec:63:f3:c6:70:29:f8:76:38:be:91:d8:ea:
                    cb:57:b0:db:09:74:61:76:f8:c7:83:d5:9f:b0:62:
                    89:f2:f7:76:63:8e:ac:e8:fb:05:b3:e4:48:4f:16:
                    8a:8d:35:22:8f:37:e1:85:32:b2:d1:dc:45:3a:8e:
                    e4:a8:dc:38:d7:cf:74:2c:53:e6:75:d1:ca:50:dd:
                    50:e9:a1:28:30:34:50:12:44:d3:46:c8:0f:fd:fd:
                    43:61:0e:5e:26:5b:4a:e4:5b:50:fa:1b:f5:4f:37:
                    3b:47:15:08:0d:b5:60:ab:2d:1f:e7:48:73:47:19:
                    23:43:66:ee:75:2c:88:8a:6f:e2:a5:e2:63:f8:d9:
                    c3:08:bb:1e:ed:7c:3e:46:20:f4:e9:21:94:56:9a:
                    d5:f7:e5:10:52:af:f4:e6:b5:6a:88:52:46:80:5c:
                    98:36:19:2f:54:0a:c2:72:ca:bf:cc:91:a9:fb:6d:
                    98:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:C9:5F:39:0F:5A:14:33:8F:15:FA:7E:F1:D9:12:5E:4D:A7:C6:D6
            X509v3 Authority Key Identifier:
                keyid:14:70:94:B4:E4:47:E3:EE:2D:CC:3F:D5:27:3D:46:EB:9D:C4:78:07

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer

            Subject Information Access:
                RPKI Notify - URI:https://rrdp.lacnic.net/rrdp/notification.xml
                CA Repository - URI:rsync://repository.lacnic.net/rpki/lacnic/052f4016-d206-42ed-adb9-88280d25848d/
                RPKI Manifest - URI:rsync://repository.lacnic.net/rpki/lacnic/052f4016-d206-42ed-adb9-88280d25848d/a12940490bd588d04ca6f10e67f9895c773999a9.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.221.144.0/22
                  138.219.140.0/22
                  161.0.96.0/20
                  170.245.0.0/22
                  186.2.176.0/20
                  190.112.224.0/19
                IPv6:
                  2800:530::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  52233

    Signature Algorithm: sha256WithRSAEncryption
         86:10:0a:b6:a2:bc:71:50:d3:2e:6c:59:fc:9c:3a:d8:3c:6d:
         63:60:c6:86:03:04:e0:22:93:55:9a:ef:9e:1c:a1:ef:1e:53:
         e3:6a:96:2d:f7:a7:79:ff:65:56:88:88:41:fa:71:d8:21:f2:
         63:ab:4e:71:2b:ac:01:92:09:4e:4a:6a:75:5c:43:c9:26:18:
         7e:b5:ad:b5:d0:6c:49:7d:d9:57:3e:d9:63:c5:23:e0:b4:5c:
         a7:ac:b5:01:9d:47:cf:2f:30:98:7f:27:d6:15:6a:a1:c4:cb:
         56:0d:25:66:5f:93:f6:c7:8f:f1:6c:d2:9b:fe:6d:0d:f8:9d:
         dc:90:eb:e8:2c:ad:7e:2d:bc:db:71:81:04:ce:4f:72:59:2d:
         d9:59:7d:e4:c7:47:1d:3b:a9:2e:6c:9e:b9:4c:b8:df:f3:d9:
         58:43:68:07:38:97:03:1d:9a:db:bf:cb:41:87:45:2b:1f:52:
         e1:93:7b:44:52:46:48:7a:9f:77:f4:74:e5:c2:40:87:83:2d:
         f5:aa:12:90:49:af:e6:d5:11:25:2b:18:10:33:69:e2:84:6d:
         b7:b0:e4:0c:72:45:78:75:e0:64:60:7f:7f:c9:38:fc:2c:b9:
         5d:1c:23:e7:dc:35:23:03:20:58:a4:f2:10:7a:c4:ee:12:2b:
         f6:af:54:51
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIEAQZAMzANBgkqhkiG9w0BAQsFADAeMRwwGgYDVQQDExNw
cm9kdWN0aW9uIE89bGFjbmljMB4XDTIxMDMwOTIwMzYzOFoXDTI1MDIwODA1MDAw
MFowMzExMC8GA1UEAxMoYTEyOTQwNDkwYmQ1ODhkMDRjYTZmMTBlNjdmOTg5NWM3
NzM5OTlhOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAI7lhIL6vDyS
XSGP8Zq7KoW66t3t0U1B/7mch8diPR+eVECFbdWJ8dI25LVj3uzpw8FktVNj5bDr
1qi4qxn+0Ni/nSIYOv3+0sf3EAHsY/PGcCn4dji+kdjqy1ew2wl0YXb4x4PVn7Bi
ifL3dmOOrOj7BbPkSE8Wio01Io834YUystHcRTqO5KjcONfPdCxT5nXRylDdUOmh
KDA0UBJE00bID/39Q2EOXiZbSuRbUPob9U83O0cVCA21YKstH+dIc0cZI0Nm7nUs
iIpv4qXiY/jZwwi7Hu18PkYg9OkhlFaa1fflEFKv9Oa1aohSRoBcmDYZL1QKwnLK
v8yRqfttmK8CAwEAAaOCAycwggMjMB0GA1UdDgQWBBQRyV85D1oUM48V+n7x2RJe
TafG1jAfBgNVHSMEGDAWgBQUcJS05Efj7i3MP9UnPUbrncR4BzAPBgNVHRMBAf8E
BTADAQH/MA4GA1UdDwEB/wQEAwIBBjByBggrBgEFBQcBAQRmMGQwYgYIKwYBBQUH
MAKGVnJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFjbmljL2Zm
MTRlOTA1NWQ1YWZhYTM3ZmJlMjBmNGEyNmJkMTNjOGYxOGQ3OWEuY2VyMIIBNAYI
KwYBBQUHAQsEggEmMIIBIjA5BggrBgEFBQcwDYYtaHR0cHM6Ly9ycmRwLmxhY25p
Yy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMFsGCCsGAQUFBzAFhk9yc3luYzov
L3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xhY25pYy8wNTJmNDAxNi1kMjA2
LTQyZWQtYWRiOS04ODI4MGQyNTg0OGQvMIGHBggrBgEFBQcwCoZ7cnN5bmM6Ly9y
ZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9sYWNuaWMvMDUyZjQwMTYtZDIwNi00
MmVkLWFkYjktODgyODBkMjU4NDhkL2ExMjk0MDQ5MGJkNTg4ZDA0Y2E2ZjEwZTY3
Zjk4OTVjNzczOTk5YTkubWZ0MIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzov
L3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xhY25pYy80OGYwODNiYi1mNjAz
LTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZmYxNGU5MDU1ZDVhZmFhMzdmYmUyMGY0
YTI2YmQxM2M4ZjE4ZDc5YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAoPdkAMEAorbjAMEBKEAYAMEAqr1
AAMEBLoCsAMEBb5w4DANBAIAAjAHAwUAKAAFMDAaBggrBgEFBQcBCAEB/wQLMAmg
BzAFAgMAzAkwDQYJKoZIhvcNAQELBQADggEBAIYQCraivHFQ0y5sWfycOtg8bWNg
xoYDBOAik1Wa754coe8eU+Nqli33p3n/ZVaIiEH6cdgh8mOrTnErrAGSCU5KanVc
Q8kmGH61rbXQbEl92Vc+2WPFI+C0XKestQGdR88vMJh/J9YVaqHEy1YNJWZfk/bH
j/Fs0pv+bQ34ndyQ6+gsrX4tvNtxgQTOT3JZLdlZfeTHRx07qS5snrlMuN/z2VhD
aAc4lwMdmtu/y0GHRSsfUuGTe0RSRkh6n3f0dOXCQIeDLfWqEpBJr+bVESUrGBAz
aeKEbbew5AxyRXh14GRgf3/JOPwsuV0cI+fcNSMDIFik8hB6xO4SK/avVFE=
-----END CERTIFICATE-----
Generated at Fri Mar 29 04:58:52 2024 by rpki-client on console-fra.rpki-client.org