Certificate

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d21f7315b565f88e18de69169de5a1119c25988f.cer
File:                     d21f7315b565f88e18de69169de5a1119c25988f.cer (raw, json)
Hash identifier:          ot8ibOqCetkB0iE3RMDF7dJeG78zc178xIrgtMF2EA0=
Subject key identifier:   9A:0B:7E:6F:2B:9E:A4:D9:78:9C:53:3D:D2:BE:7E:AD:01:C6:2D:D7
Authority key identifier: 14:70:94:B4:E4:47:E3:EE:2D:CC:3F:D5:27:3D:46:EB:9D:C4:78:07
Certificate issuer:       /CN=production O=lacnic
Certificate serial:       0109721A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
Manifest:                 rsync://repository.lacnic.net/rpki/lacnic/7026ef52-79b0-4fc9-b4fe-006e1d7be606/d21f7315b565f88e18de69169de5a1119c25988f.mft
caRepository:             rsync://repository.lacnic.net/rpki/lacnic/7026ef52-79b0-4fc9-b4fe-006e1d7be606/
Notify URL:               https://rrdp.lacnic.net/rrdp/notification.xml
Certificate not before:   Fri 17 Nov 2017 18:37:30 +0000
Certificate not after:    Sat 08 Mar 2025 06:00:00 +0000
Subordinate resources:    AS: 52245
                          AS: 52468
                          IP: 186.148.96.0/20
                          IP: 2803:2b00::/32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17396250 (0x109721a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=production O=lacnic
        Validity
            Not Before: Nov 17 18:37:30 2017 GMT
            Not After : Mar  8 06:00:00 2025 GMT
        Subject: CN=d21f7315b565f88e18de69169de5a1119c25988f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:c6:f5:83:d3:6f:76:c1:d1:ee:2e:f4:5e:bc:
                    73:45:13:3b:b0:19:6d:2f:ab:f1:7a:07:a5:20:38:
                    92:33:69:12:2c:f3:b5:42:b8:8f:f5:6c:e4:58:da:
                    0d:8d:09:0b:be:36:45:59:83:90:05:9f:36:28:d2:
                    8f:db:6d:08:41:23:9d:a7:ed:d7:7b:11:63:50:21:
                    11:30:1e:fa:a5:c3:29:5a:65:55:53:d1:9b:db:fa:
                    6f:13:aa:25:96:7a:ca:5e:2a:8e:4d:c0:3d:ea:97:
                    ee:ba:db:08:20:fc:ff:58:f5:2f:3b:b1:f3:2a:ac:
                    f2:db:cc:73:94:b2:d7:ac:d6:ec:e0:f8:11:77:da:
                    04:99:fe:f3:6d:23:8a:4c:88:81:6f:1f:74:33:e3:
                    8d:9c:4c:30:c8:26:c0:52:5f:4f:c0:94:7f:c4:e0:
                    a9:49:b7:f5:b4:e9:22:c2:3f:b6:dd:84:b8:87:06:
                    5f:a1:9e:0c:20:39:7e:ba:7d:02:aa:fa:8f:c1:97:
                    90:4e:86:fe:7e:51:e4:17:90:b3:e7:19:f7:64:a2:
                    fc:3e:3d:39:bf:f6:9c:0e:d8:5f:cd:89:81:4d:ca:
                    82:0c:a9:18:64:ac:f2:4b:d9:59:06:24:17:99:5f:
                    4e:be:f8:0c:5e:7d:0c:d7:4a:07:68:68:ba:86:98:
                    88:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:0B:7E:6F:2B:9E:A4:D9:78:9C:53:3D:D2:BE:7E:AD:01:C6:2D:D7
            X509v3 Authority Key Identifier:
                keyid:14:70:94:B4:E4:47:E3:EE:2D:CC:3F:D5:27:3D:46:EB:9D:C4:78:07

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer

            Subject Information Access:
                RPKI Notify - URI:https://rrdp.lacnic.net/rrdp/notification.xml
                CA Repository - URI:rsync://repository.lacnic.net/rpki/lacnic/7026ef52-79b0-4fc9-b4fe-006e1d7be606/
                RPKI Manifest - URI:rsync://repository.lacnic.net/rpki/lacnic/7026ef52-79b0-4fc9-b4fe-006e1d7be606/d21f7315b565f88e18de69169de5a1119c25988f.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.148.96.0/20
                IPv6:
                  2803:2b00::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  52245
                  52468

    Signature Algorithm: sha256WithRSAEncryption
         ae:9e:f3:07:ca:e0:4b:51:7e:62:bb:2a:cf:6b:e4:fb:a4:d8:
         44:d0:17:db:2a:97:41:a3:b0:13:38:d7:86:61:00:3b:1b:81:
         da:cc:ee:3c:53:7b:d2:30:f1:54:ac:2b:33:9a:32:d4:13:ee:
         5c:58:f2:61:78:20:ae:09:74:1b:25:91:d4:2a:3c:1a:9b:13:
         ca:b9:f0:75:63:dc:d4:27:6b:0f:55:20:a7:9c:0a:21:dc:b1:
         a4:f0:67:3d:71:37:36:63:e9:3c:10:19:33:b6:77:79:21:c0:
         4a:c7:1f:e9:4a:67:1e:a3:a7:29:c3:ce:4b:2f:e6:6b:63:1c:
         4f:9f:36:73:ae:53:ac:be:9f:9d:dc:3d:36:25:7c:14:0a:1d:
         bf:9d:4a:d1:28:14:9f:54:fc:9e:a3:b8:ee:fd:0c:0c:b9:b5:
         29:3f:a1:9c:0d:43:3b:77:c6:9c:77:56:a6:7b:65:d2:23:d2:
         c7:ac:29:09:26:43:be:a9:26:0b:20:c0:58:02:9d:5a:84:95:
         be:e3:5e:9d:a5:04:89:7c:65:41:8b:84:7e:08:8c:ec:22:17:
         13:52:bc:a0:70:f8:06:b0:39:a1:d8:d8:fc:b2:49:30:cf:29:
         26:87:8e:9a:56:5f:28:e2:ca:34:4d:44:da:b0:02:78:7f:b4:
         47:91:98:d1
-----BEGIN CERTIFICATE-----
MIIF3zCCBMegAwIBAgIEAQlyGjANBgkqhkiG9w0BAQsFADAeMRwwGgYDVQQDExNw
cm9kdWN0aW9uIE89bGFjbmljMB4XDTE3MTExNzE4MzczMFoXDTI1MDMwODA2MDAw
MFowMzExMC8GA1UEAxMoZDIxZjczMTViNTY1Zjg4ZTE4ZGU2OTE2OWRlNWExMTE5
YzI1OTg4ZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJPG9YPTb3bB
0e4u9F68c0UTO7AZbS+r8XoHpSA4kjNpEizztUK4j/Vs5FjaDY0JC742RVmDkAWf
NijSj9ttCEEjnaft13sRY1AhETAe+qXDKVplVVPRm9v6bxOqJZZ6yl4qjk3APeqX
7rrbCCD8/1j1Lzux8yqs8tvMc5Sy16zW7OD4EXfaBJn+820jikyIgW8fdDPjjZxM
MMgmwFJfT8CUf8TgqUm39bTpIsI/tt2EuIcGX6GeDCA5frp9Aqr6j8GXkE6G/n5R
5BeQs+cZ92Si/D49Ob/2nA7YX82JgU3KggypGGSs8kvZWQYkF5lfTr74DF59DNdK
B2houoaYiLECAwEAAaOCAw4wggMKMB0GA1UdDgQWBBSaC35vK56k2XicUz3Svn6t
AcYt1zAfBgNVHSMEGDAWgBQUcJS05Efj7i3MP9UnPUbrncR4BzAPBgNVHRMBAf8E
BTADAQH/MA4GA1UdDwEB/wQEAwIBBjByBggrBgEFBQcBAQRmMGQwYgYIKwYBBQUH
MAKGVnJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFjbmljL2Zm
MTRlOTA1NWQ1YWZhYTM3ZmJlMjBmNGEyNmJkMTNjOGYxOGQ3OWEuY2VyMIIBNAYI
KwYBBQUHAQsEggEmMIIBIjA5BggrBgEFBQcwDYYtaHR0cHM6Ly9ycmRwLmxhY25p
Yy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMFsGCCsGAQUFBzAFhk9yc3luYzov
L3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xhY25pYy83MDI2ZWY1Mi03OWIw
LTRmYzktYjRmZS0wMDZlMWQ3YmU2MDYvMIGHBggrBgEFBQcwCoZ7cnN5bmM6Ly9y
ZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9sYWNuaWMvNzAyNmVmNTItNzliMC00
ZmM5LWI0ZmUtMDA2ZTFkN2JlNjA2L2QyMWY3MzE1YjU2NWY4OGUxOGRlNjkxNjlk
ZTVhMTExOWMyNTk4OGYubWZ0MIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzov
L3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xhY25pYy80OGYwODNiYi1mNjAz
LTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZmYxNGU5MDU1ZDVhZmFhMzdmYmUyMGY0
YTI2YmQxM2M4ZjE4ZDc5YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBLqUYDANBAIAAjAHAwUAKAMrADAf
BggrBgEFBQcBCAEB/wQQMA6gDDAKAgMAzBUCAwDM9DANBgkqhkiG9w0BAQsFAAOC
AQEArp7zB8rgS1F+Yrsqz2vk+6TYRNAX2yqXQaOwEzjXhmEAOxuB2szuPFN70jDx
VKwrM5oy1BPuXFjyYXggrgl0GyWR1Co8GpsTyrnwdWPc1CdrD1Ugp5wKIdyxpPBn
PXE3NmPpPBAZM7Z3eSHASscf6UpnHqOnKcPOSy/ma2McT582c65TrL6fndw9NiV8
FAodv51K0SgUn1T8nqO47v0MDLm1KT+hnA1DO3fGnHdWpntl0iPSx6wpCSZDvqkm
CyDAWAKdWoSVvuNenaUEiXxlQYuEfgiM7CIXE1K8oHD4BrA5odjY/LJJMM8pJoeO
mlZfKOLKNE1E2rACeH+0R5GY0Q==
-----END CERTIFICATE-----
Generated at Fri Mar 29 04:59:07 2024 by rpki-client on console-fra.rpki-client.org