Certificate

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bca241a84c27bfe35e84dea65f4a7db00fab553c.cer
File:                     bca241a84c27bfe35e84dea65f4a7db00fab553c.cer (raw, json)
Hash identifier:          9fyVGcB2OtaaBdm/VZxbV0bG5t2MPAgAyVjbjeT4xlo=
Subject key identifier:   F4:58:60:FC:8C:F0:EC:66:8C:12:40:B7:75:C3:E2:4E:6C:36:03:80
Authority key identifier: 14:70:94:B4:E4:47:E3:EE:2D:CC:3F:D5:27:3D:46:EB:9D:C4:78:07
Certificate issuer:       /CN=production O=lacnic
Certificate serial:       010C9BED
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
Manifest:                 rsync://repository.lacnic.net/rpki/lacnic/7d7da0c3-c0a0-4dbb-a356-50448d749317/bca241a84c27bfe35e84dea65f4a7db00fab553c.mft
caRepository:             rsync://repository.lacnic.net/rpki/lacnic/7d7da0c3-c0a0-4dbb-a356-50448d749317/
Notify URL:               https://rrdp.lacnic.net/rrdp/notification.xml
Certificate not before:   Tue 29 Nov 2022 17:24:53 +0000
Certificate not after:    Thu 03 Apr 2025 15:00:00 +0000
Subordinate resources:    AS: 19196
                          AS: 27680
                          IP: 152.172.0.0/14
                          IP: 181.172.0.0/15
                          IP: 181.200.0.0/14
                          IP: 186.40.0.0/15
                          IP: 186.65.128.0/17
                          IP: 190.4.192.0/18
                          IP: 190.108.128.0/18
                          IP: 191.124.0.0/14
                          IP: 201.187.128.0 -- 201.189.255.255
                          IP: 201.220.224.0/19
                          IP: 2800:4c0::/32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17603565 (0x10c9bed)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=production O=lacnic
        Validity
            Not Before: Nov 29 17:24:53 2022 GMT
            Not After : Apr  3 15:00:00 2025 GMT
        Subject: CN=bca241a84c27bfe35e84dea65f4a7db00fab553c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:37:55:ba:30:46:f7:9d:86:b7:db:47:f0:82:
                    4f:8d:6e:8a:bf:ef:8a:94:56:20:18:84:17:0e:16:
                    a7:62:a4:c9:39:e6:89:2e:5e:3e:08:4e:35:f4:2d:
                    5a:a5:67:bf:26:46:7e:40:08:6c:b8:8d:f7:62:2f:
                    1b:e5:f4:ac:69:9f:95:1f:a1:cb:a5:c5:ec:ae:df:
                    ec:ce:a9:24:bf:e3:61:e2:23:2f:65:1d:2f:96:11:
                    18:a3:37:aa:83:cb:f2:d0:09:88:e0:13:0d:bc:a2:
                    94:b7:55:60:bf:21:72:70:7b:54:f4:2c:0e:66:97:
                    35:f2:2b:3b:ee:98:eb:ae:97:a4:9a:bd:3e:e5:c4:
                    ea:34:40:a7:b6:dc:09:59:3e:78:76:53:93:50:12:
                    b4:bd:ca:80:28:73:50:00:d5:5f:d1:cd:14:dc:53:
                    0a:28:97:4f:fd:a6:4a:bc:0b:9a:ec:aa:73:37:b2:
                    bf:59:dd:d2:3a:fb:17:fc:e9:db:67:a0:5a:92:3e:
                    09:f8:12:35:25:e8:ec:a1:e1:c7:ad:37:47:5d:3c:
                    65:6c:26:cd:bc:f0:4a:e3:49:23:af:5c:f0:47:ef:
                    80:fe:aa:ec:5c:26:da:40:13:cd:7c:22:b2:24:25:
                    c5:eb:bc:6c:1e:a6:1c:c9:d8:92:77:cd:e4:3a:4d:
                    a9:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:58:60:FC:8C:F0:EC:66:8C:12:40:B7:75:C3:E2:4E:6C:36:03:80
            X509v3 Authority Key Identifier:
                keyid:14:70:94:B4:E4:47:E3:EE:2D:CC:3F:D5:27:3D:46:EB:9D:C4:78:07

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer

            Subject Information Access:
                RPKI Notify - URI:https://rrdp.lacnic.net/rrdp/notification.xml
                CA Repository - URI:rsync://repository.lacnic.net/rpki/lacnic/7d7da0c3-c0a0-4dbb-a356-50448d749317/
                RPKI Manifest - URI:rsync://repository.lacnic.net/rpki/lacnic/7d7da0c3-c0a0-4dbb-a356-50448d749317/bca241a84c27bfe35e84dea65f4a7db00fab553c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  152.172.0.0/14
                  181.172.0.0/15
                  181.200.0.0/14
                  186.40.0.0/15
                  186.65.128.0/17
                  190.4.192.0/18
                  190.108.128.0/18
                  191.124.0.0/14
                  201.187.128.0-201.189.255.255
                  201.220.224.0/19
                IPv6:
                  2800:4c0::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  19196
                  27680

    Signature Algorithm: sha256WithRSAEncryption
         96:22:11:3b:b8:b8:75:49:90:31:1d:0a:08:b9:8d:3d:a9:ba:
         f0:a2:83:3d:20:d4:d4:c9:e4:97:b1:60:8e:dd:25:f5:c5:6a:
         76:1c:2e:f3:20:d4:09:4f:46:5c:9b:e2:8a:e5:e3:18:24:8f:
         70:48:a9:34:f0:83:96:8e:7c:15:07:30:3e:89:9c:6a:65:0d:
         07:94:93:4e:fe:46:20:ff:45:2f:35:0f:a1:eb:fe:38:bc:6f:
         97:35:9a:a4:3c:6e:bd:63:f7:dc:86:b7:53:78:57:5c:2e:cb:
         72:33:c6:53:ed:e7:d3:d0:29:1a:16:2e:f4:49:af:20:73:99:
         71:38:2a:7b:34:c7:ed:07:0f:59:c4:e1:00:2e:0c:2b:d9:99:
         28:31:c1:a3:5b:dc:ce:6e:e9:25:28:81:b0:30:f4:7e:0a:5a:
         c3:03:4f:e4:ed:f4:f0:6d:93:70:8b:b8:ff:0e:f0:c9:53:a1:
         50:05:d9:a1:b9:33:85:d8:a7:6b:42:1a:79:e3:11:29:1b:af:
         97:95:b7:a8:4b:eb:d7:a1:9f:14:9f:eb:ab:0a:b7:78:9f:03:
         89:27:14:d7:60:c0:0a:23:04:8c:44:13:0c:90:48:93:d1:e8:
         17:a7:a9:0a:2c:ab:c4:3e:ee:55:ba:36:94:7b:9e:3d:0e:05:
         59:49:43:a4
-----BEGIN CERTIFICATE-----
MIIGFTCCBP2gAwIBAgIEAQyb7TANBgkqhkiG9w0BAQsFADAeMRwwGgYDVQQDExNw
cm9kdWN0aW9uIE89bGFjbmljMB4XDTIyMTEyOTE3MjQ1M1oXDTI1MDQwMzE1MDAw
MFowMzExMC8GA1UEAxMoYmNhMjQxYTg0YzI3YmZlMzVlODRkZWE2NWY0YTdkYjAw
ZmFiNTUzYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALU3VbowRved
hrfbR/CCT41uir/vipRWIBiEFw4Wp2KkyTnmiS5ePghONfQtWqVnvyZGfkAIbLiN
92IvG+X0rGmflR+hy6XF7K7f7M6pJL/jYeIjL2UdL5YRGKM3qoPL8tAJiOATDbyi
lLdVYL8hcnB7VPQsDmaXNfIrO+6Y666XpJq9PuXE6jRAp7bcCVk+eHZTk1AStL3K
gChzUADVX9HNFNxTCiiXT/2mSrwLmuyqczeyv1nd0jr7F/zp22egWpI+CfgSNSXo
7KHhx603R108ZWwmzbzwSuNJI69c8EfvgP6q7Fwm2kATzXwisiQlxeu8bB6mHMnY
knfN5DpNqdMCAwEAAaOCA0QwggNAMB0GA1UdDgQWBBT0WGD8jPDsZowSQLd1w+JO
bDYDgDAfBgNVHSMEGDAWgBQUcJS05Efj7i3MP9UnPUbrncR4BzAPBgNVHRMBAf8E
BTADAQH/MA4GA1UdDwEB/wQEAwIBBjByBggrBgEFBQcBAQRmMGQwYgYIKwYBBQUH
MAKGVnJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFjbmljL2Zm
MTRlOTA1NWQ1YWZhYTM3ZmJlMjBmNGEyNmJkMTNjOGYxOGQ3OWEuY2VyMIIBNAYI
KwYBBQUHAQsEggEmMIIBIjA5BggrBgEFBQcwDYYtaHR0cHM6Ly9ycmRwLmxhY25p
Yy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMFsGCCsGAQUFBzAFhk9yc3luYzov
L3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xhY25pYy83ZDdkYTBjMy1jMGEw
LTRkYmItYTM1Ni01MDQ0OGQ3NDkzMTcvMIGHBggrBgEFBQcwCoZ7cnN5bmM6Ly9y
ZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9sYWNuaWMvN2Q3ZGEwYzMtYzBhMC00
ZGJiLWEzNTYtNTA0NDhkNzQ5MzE3L2JjYTI0MWE4NGMyN2JmZTM1ZTg0ZGVhNjVm
NGE3ZGIwMGZhYjU1M2MubWZ0MIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzov
L3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xhY25pYy80OGYwODNiYi1mNjAz
LTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZmYxNGU5MDU1ZDVhZmFhMzdmYmUyMGY0
YTI2YmQxM2M4ZjE4ZDc5YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBm
BggrBgEFBQcBBwEB/wRXMFUwRAQCAAEwPgMDApisAwMBtawDAwK1yAMDAbooAwQH
ukGAAwQGvgTAAwQGvmyAAwMCv3wwCwMEB8m7gAMDAcm8AwQFydzgMA0EAgACMAcD
BQAoAATAMB0GCCsGAQUFBwEIAQH/BA4wDKAKMAgCAkr8AgJsIDANBgkqhkiG9w0B
AQsFAAOCAQEAliIRO7i4dUmQMR0KCLmNPam68KKDPSDU1Mnkl7Fgjt0l9cVqdhwu
8yDUCU9GXJviiuXjGCSPcEipNPCDlo58FQcwPomcamUNB5STTv5GIP9FLzUPoev+
OLxvlzWapDxuvWP33Ia3U3hXXC7LcjPGU+3n09ApGhYu9EmvIHOZcTgqezTH7QcP
WcThAC4MK9mZKDHBo1vczm7pJSiBsDD0fgpawwNP5O308G2TcIu4/w7wyVOhUAXZ
obkzhdina0IaeeMRKRuvl5W3qEvr16GfFJ/rqwq3eJ8DiScU12DACiMEjEQTDJBI
k9HoF6epCiyrxD7uVbo2lHuePQ4FWUlDpA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 18:50:31 2024 by rpki-client on console-ams.rpki-client.org