Certificate

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/cdf3c4883ddca1519ed46106e0af85f1db80392f.cer
File:                     cdf3c4883ddca1519ed46106e0af85f1db80392f.cer (raw, json)
Hash identifier:          f0sI94BY7bakdd4fPCwp55xjmhgYAVf6fQEXQPtC63k=
Subject key identifier:   46:C2:C8:A1:9E:E3:9F:CB:34:26:C6:F1:3E:6F:59:9A:F8:52:B7:E9
Authority key identifier: 14:70:94:B4:E4:47:E3:EE:2D:CC:3F:D5:27:3D:46:EB:9D:C4:78:07
Certificate issuer:       /CN=production O=lacnic
Certificate serial:       E2E840
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
Manifest:                 rsync://repository.lacnic.net/rpki/lacnic/2200a3d3-0721-4a07-b8ef-5041a99c36ec/cdf3c4883ddca1519ed46106e0af85f1db80392f.mft
caRepository:             rsync://repository.lacnic.net/rpki/lacnic/2200a3d3-0721-4a07-b8ef-5041a99c36ec/
Notify URL:               https://rrdp.lacnic.net/rrdp/notification.xml
Certificate not before:   Thu 19 Aug 2021 02:07:07 +0000
Certificate not after:    Mon 29 Apr 2024 22:52:29 +0000
Subordinate resources:    AS: 28120
                          IP: 200.114.88.0/21
                          IP: 2803:420::/32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14870592 (0xe2e840)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=production O=lacnic
        Validity
            Not Before: Aug 19 02:07:07 2021 GMT
            Not After : Apr 29 22:52:29 2024 GMT
        Subject: CN=cdf3c4883ddca1519ed46106e0af85f1db80392f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:5d:53:bb:23:45:d4:9a:82:eb:75:c3:5a:ca:
                    f1:d5:f0:41:7c:ba:48:e9:24:ad:cf:32:6c:25:9c:
                    12:c2:f3:d1:57:01:6c:aa:37:ba:bc:45:2d:33:d6:
                    61:c1:8c:97:29:e0:d2:a6:71:83:a6:e7:9e:f5:8f:
                    fd:b4:7b:a4:58:c6:4c:53:3a:8a:9e:84:59:a1:60:
                    df:f6:dc:89:2e:3a:20:d4:74:3b:b6:86:e9:a8:4f:
                    63:76:91:e7:59:d6:39:81:a4:59:35:fa:55:c6:ac:
                    2b:3f:71:44:e5:ed:f1:59:d6:50:d5:36:21:a7:29:
                    1e:0b:45:d1:d9:b9:fe:36:a8:26:d4:f1:22:a7:4f:
                    1d:4b:31:3b:e4:ea:f5:32:3a:6c:cb:2d:fd:1e:56:
                    aa:55:c4:dd:e8:e4:36:76:51:ce:f8:d1:e8:c7:ee:
                    30:93:92:02:38:20:4e:6f:11:f5:97:7e:33:75:ba:
                    77:f0:d6:b7:43:d7:18:a2:05:10:e8:60:c7:58:8f:
                    da:d5:ee:6f:18:74:21:1a:0c:ac:93:9f:36:48:71:
                    0f:7e:4c:0d:15:22:13:7b:8d:3c:b3:3c:a7:9e:46:
                    59:5b:ec:14:33:d6:4c:20:8e:f8:8d:c6:78:a4:03:
                    ae:fa:01:56:23:20:8a:23:f0:8f:90:6e:a5:17:51:
                    96:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:C2:C8:A1:9E:E3:9F:CB:34:26:C6:F1:3E:6F:59:9A:F8:52:B7:E9
            X509v3 Authority Key Identifier:
                keyid:14:70:94:B4:E4:47:E3:EE:2D:CC:3F:D5:27:3D:46:EB:9D:C4:78:07

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer

            Subject Information Access:
                RPKI Notify - URI:https://rrdp.lacnic.net/rrdp/notification.xml
                CA Repository - URI:rsync://repository.lacnic.net/rpki/lacnic/2200a3d3-0721-4a07-b8ef-5041a99c36ec/
                RPKI Manifest - URI:rsync://repository.lacnic.net/rpki/lacnic/2200a3d3-0721-4a07-b8ef-5041a99c36ec/cdf3c4883ddca1519ed46106e0af85f1db80392f.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.114.88.0/21
                IPv6:
                  2803:420::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  28120

    Signature Algorithm: sha256WithRSAEncryption
         7a:c9:78:e0:aa:47:a7:51:58:45:39:cd:2f:bf:7b:10:d3:56:
         66:55:b7:7e:0c:d7:cf:29:79:52:9a:4b:17:65:fd:37:9c:21:
         15:ff:6f:0e:34:05:0e:34:51:98:b3:87:ba:d8:37:32:be:fb:
         08:26:8d:3f:20:c1:a3:bd:e0:9c:66:8c:da:ba:5a:ad:67:9a:
         3a:2c:ed:5b:78:53:31:53:31:12:da:f8:21:16:26:7c:9a:8e:
         47:f1:f5:a5:62:0b:88:84:af:23:ce:ac:c7:a1:74:89:47:bd:
         1e:56:a8:f9:50:16:04:37:e8:e4:23:f0:13:34:15:e3:28:b0:
         d5:83:b0:e7:17:69:97:e3:3a:6b:ea:26:76:18:3c:2b:74:e8:
         99:15:7f:ba:32:d1:cd:1b:b8:df:52:6e:88:33:43:05:cd:36:
         f6:2d:80:d0:3c:a1:b0:79:3c:bd:d9:33:bb:1f:0c:11:46:ae:
         2c:48:01:6f:6b:90:60:85:6f:b4:1c:a1:b2:85:9e:38:76:1f:
         e1:07:d5:0b:ef:e3:9f:b9:78:df:80:2f:69:8c:37:5d:f9:1b:
         4b:b4:90:24:e8:c0:62:40:6a:62:ba:0f:35:d4:42:97:f0:28:
         f7:20:78:6f:04:48:35:9b:71:7d:ed:61:8c:75:65:d5:0d:c4:
         38:d7:72:f9
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgIEAOLoQDANBgkqhkiG9w0BAQsFADAeMRwwGgYDVQQDExNw
cm9kdWN0aW9uIE89bGFjbmljMB4XDTIxMDgxOTAyMDcwN1oXDTI0MDQyOTIyNTIy
OVowMzExMC8GA1UEAxMoY2RmM2M0ODgzZGRjYTE1MTllZDQ2MTA2ZTBhZjg1ZjFk
YjgwMzkyZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMVdU7sjRdSa
gut1w1rK8dXwQXy6SOkkrc8ybCWcEsLz0VcBbKo3urxFLTPWYcGMlyng0qZxg6bn
nvWP/bR7pFjGTFM6ip6EWaFg3/bciS46INR0O7aG6ahPY3aR51nWOYGkWTX6Vcas
Kz9xROXt8VnWUNU2IacpHgtF0dm5/jaoJtTxIqdPHUsxO+Tq9TI6bMst/R5WqlXE
3ejkNnZRzvjR6MfuMJOSAjggTm8R9Zd+M3W6d/DWt0PXGKIFEOhgx1iP2tXubxh0
IRoMrJOfNkhxD35MDRUiE3uNPLM8p55GWVvsFDPWTCCO+I3GeKQDrvoBViMgiiPw
j5BupRdRlhsCAwEAAaOCAwgwggMEMB0GA1UdDgQWBBRGwsihnuOfyzQmxvE+b1ma
+FK36TAfBgNVHSMEGDAWgBQUcJS05Efj7i3MP9UnPUbrncR4BzAPBgNVHRMBAf8E
BTADAQH/MA4GA1UdDwEB/wQEAwIBBjByBggrBgEFBQcBAQRmMGQwYgYIKwYBBQUH
MAKGVnJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFjbmljL2Zm
MTRlOTA1NWQ1YWZhYTM3ZmJlMjBmNGEyNmJkMTNjOGYxOGQ3OWEuY2VyMIIBNAYI
KwYBBQUHAQsEggEmMIIBIjA5BggrBgEFBQcwDYYtaHR0cHM6Ly9ycmRwLmxhY25p
Yy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMFsGCCsGAQUFBzAFhk9yc3luYzov
L3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xhY25pYy8yMjAwYTNkMy0wNzIx
LTRhMDctYjhlZi01MDQxYTk5YzM2ZWMvMIGHBggrBgEFBQcwCoZ7cnN5bmM6Ly9y
ZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9sYWNuaWMvMjIwMGEzZDMtMDcyMS00
YTA3LWI4ZWYtNTA0MWE5OWMzNmVjL2NkZjNjNDg4M2RkY2ExNTE5ZWQ0NjEwNmUw
YWY4NWYxZGI4MDM5MmYubWZ0MIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzov
L3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xhY25pYy80OGYwODNiYi1mNjAz
LTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZmYxNGU5MDU1ZDVhZmFhMzdmYmUyMGY0
YTI2YmQxM2M4ZjE4ZDc5YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEA8hyWDANBAIAAjAHAwUAKAMEIDAZ
BggrBgEFBQcBCAEB/wQKMAigBjAEAgJt2DANBgkqhkiG9w0BAQsFAAOCAQEAesl4
4KpHp1FYRTnNL797ENNWZlW3fgzXzyl5UppLF2X9N5whFf9vDjQFDjRRmLOHutg3
Mr77CCaNPyDBo73gnGaM2rparWeaOiztW3hTMVMxEtr4IRYmfJqOR/H1pWILiISv
I86sx6F0iUe9Hlao+VAWBDfo5CPwEzQV4yiw1YOw5xdpl+M6a+omdhg8K3TomRV/
ujLRzRu431JuiDNDBc029i2A0DyhsHk8vdkzux8MEUauLEgBb2uQYIVvtByhsoWe
OHYf4QfVC+/jn7l434AvaYw3XfkbS7SQJOjAYkBqYroPNdRCl/Ao9yB4bwRINZtx
fe1hjHVl1Q3EONdy+Q==
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:12:00 2024 by rpki-client on console-ams.rpki-client.org