Certificate

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ddfa19e686467b0a03ac1ed57bc93e8fdbb5b5e2.cer
File:                     ddfa19e686467b0a03ac1ed57bc93e8fdbb5b5e2.cer (raw, json)
Hash identifier:          4jhsC3xE2QhRZS+dzRiK5fjoQzRysNkodDHtWsvP0h0=
Subject key identifier:   3B:E5:5F:6E:48:3B:5B:63:EC:E2:96:F6:4C:D4:58:36:9D:B1:7F:76
Authority key identifier: 14:70:94:B4:E4:47:E3:EE:2D:CC:3F:D5:27:3D:46:EB:9D:C4:78:07
Certificate issuer:       /CN=production O=lacnic
Certificate serial:       E9139C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
Manifest:                 rsync://repository.lacnic.net/rpki/lacnic/cfd54151-ef28-4503-b8fb-cf19444c100d/ddfa19e686467b0a03ac1ed57bc93e8fdbb5b5e2.mft
caRepository:             rsync://repository.lacnic.net/rpki/lacnic/cfd54151-ef28-4503-b8fb-cf19444c100d/
Notify URL:               https://rrdp.lacnic.net/rrdp/notification.xml
Certificate not before:   Tue 09 May 2023 11:13:01 +0000
Certificate not after:    Wed 05 Mar 2025 23:55:40 +0000
Subordinate resources:    AS: 263226
                          IP: 192.100.157.0/24
                          IP: 2801:14:2000::/48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15274908 (0xe9139c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=production O=lacnic
        Validity
            Not Before: May  9 11:13:01 2023 GMT
            Not After : Mar  5 23:55:40 2025 GMT
        Subject: CN=ddfa19e686467b0a03ac1ed57bc93e8fdbb5b5e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:1a:66:a8:6f:94:8a:af:37:6e:9a:a4:4c:b7:
                    76:3c:54:1a:fa:bd:44:a7:8d:7e:0c:e1:58:df:fc:
                    24:2b:18:aa:c3:e8:87:06:33:c9:5b:35:27:cb:8a:
                    00:2c:53:50:31:a1:cc:fc:0f:0f:4e:03:8e:b6:11:
                    79:c6:aa:69:b5:2e:f0:20:d1:b3:eb:4c:19:85:23:
                    21:12:26:fa:3a:58:10:dd:4d:ab:67:db:d1:f0:57:
                    6f:aa:31:b6:8e:f8:5d:b7:0b:45:9a:bd:ca:13:5c:
                    17:cf:77:21:d4:82:37:8b:8c:54:73:2f:62:cf:66:
                    a9:40:91:ab:5e:0a:a2:a3:bd:8c:54:15:30:54:1c:
                    94:10:33:1c:d9:5f:6f:6d:9b:31:f2:ce:64:d9:4e:
                    29:a3:92:e3:2e:11:c8:f4:94:0c:1c:04:20:27:fb:
                    96:1e:29:dd:06:eb:3b:bd:ff:63:7d:32:39:ad:fc:
                    dc:26:10:e7:f2:b5:e5:22:c3:9b:f3:2f:a2:2e:82:
                    d2:ff:49:c3:dd:ef:b3:84:67:03:93:1b:75:79:89:
                    fb:f1:a7:45:06:b3:f3:ec:da:17:fa:91:dc:85:d6:
                    58:6d:63:61:d9:be:84:e0:47:b6:df:75:5f:06:b2:
                    6b:29:02:8c:97:ee:11:ef:5f:9c:4c:bd:7a:af:a9:
                    db:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:E5:5F:6E:48:3B:5B:63:EC:E2:96:F6:4C:D4:58:36:9D:B1:7F:76
            X509v3 Authority Key Identifier:
                keyid:14:70:94:B4:E4:47:E3:EE:2D:CC:3F:D5:27:3D:46:EB:9D:C4:78:07

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer

            Subject Information Access:
                RPKI Notify - URI:https://rrdp.lacnic.net/rrdp/notification.xml
                CA Repository - URI:rsync://repository.lacnic.net/rpki/lacnic/cfd54151-ef28-4503-b8fb-cf19444c100d/
                RPKI Manifest - URI:rsync://repository.lacnic.net/rpki/lacnic/cfd54151-ef28-4503-b8fb-cf19444c100d/ddfa19e686467b0a03ac1ed57bc93e8fdbb5b5e2.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.100.157.0/24
                IPv6:
                  2801:14:2000::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  263226

    Signature Algorithm: sha256WithRSAEncryption
         65:9e:e8:c9:86:b1:d7:d7:bc:75:9c:7d:2d:f9:a2:7a:b4:1c:
         a0:a9:51:b7:45:b2:74:05:7c:1a:8a:54:00:74:87:85:22:af:
         56:04:d6:81:5a:b8:ee:bb:de:fb:35:b7:7a:7c:05:f6:8b:e0:
         71:5a:18:c7:7f:a6:19:de:97:7a:bc:fa:80:5d:93:b5:f0:6f:
         9d:fb:3e:a2:f0:17:e1:0d:64:6a:14:c4:fc:ec:49:58:65:d2:
         36:37:87:d7:64:31:b7:6e:65:3e:cb:ff:09:4e:41:11:22:36:
         b0:6e:a1:24:f9:5e:0e:64:fb:53:ed:15:6c:e5:49:5c:40:87:
         3f:86:0f:66:f8:93:47:7e:9e:4a:f6:56:04:fd:83:d9:4c:aa:
         e2:f9:27:cb:37:83:17:44:74:06:9d:89:a1:c9:77:fd:43:31:
         80:8c:4f:33:e8:4b:76:91:d7:43:af:93:0e:bf:53:89:3c:9d:
         49:55:fb:d8:72:b4:73:18:d2:31:57:ee:2b:95:ec:48:7f:57:
         62:68:96:c1:42:6c:28:4c:9a:de:a4:ff:ca:df:0f:d4:96:2c:
         bf:50:ce:cc:2e:aa:c2:93:d7:34:e8:eb:9a:27:21:2f:6f:45:
         7b:89:86:44:96:7a:02:2f:b5:61:c2:35:45:3f:ef:60:0c:d1:
         df:74:50:39
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgIEAOkTnDANBgkqhkiG9w0BAQsFADAeMRwwGgYDVQQDExNw
cm9kdWN0aW9uIE89bGFjbmljMB4XDTIzMDUwOTExMTMwMVoXDTI1MDMwNTIzNTU0
MFowMzExMC8GA1UEAxMoZGRmYTE5ZTY4NjQ2N2IwYTAzYWMxZWQ1N2JjOTNlOGZk
YmI1YjVlMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALUaZqhvlIqv
N26apEy3djxUGvq9RKeNfgzhWN/8JCsYqsPohwYzyVs1J8uKACxTUDGhzPwPD04D
jrYRecaqabUu8CDRs+tMGYUjIRIm+jpYEN1Nq2fb0fBXb6oxto74XbcLRZq9yhNc
F893IdSCN4uMVHMvYs9mqUCRq14KoqO9jFQVMFQclBAzHNlfb22bMfLOZNlOKaOS
4y4RyPSUDBwEICf7lh4p3QbrO73/Y30yOa383CYQ5/K15SLDm/Mvoi6C0v9Jw93v
s4RnA5MbdXmJ+/GnRQaz8+zaF/qR3IXWWG1jYdm+hOBHtt91XwayaykCjJfuEe9f
nEy9eq+p23MCAwEAAaOCAwswggMHMB0GA1UdDgQWBBQ75V9uSDtbY+zilvZM1Fg2
nbF/djAfBgNVHSMEGDAWgBQUcJS05Efj7i3MP9UnPUbrncR4BzAPBgNVHRMBAf8E
BTADAQH/MA4GA1UdDwEB/wQEAwIBBjByBggrBgEFBQcBAQRmMGQwYgYIKwYBBQUH
MAKGVnJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFjbmljL2Zm
MTRlOTA1NWQ1YWZhYTM3ZmJlMjBmNGEyNmJkMTNjOGYxOGQ3OWEuY2VyMIIBNAYI
KwYBBQUHAQsEggEmMIIBIjA5BggrBgEFBQcwDYYtaHR0cHM6Ly9ycmRwLmxhY25p
Yy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMFsGCCsGAQUFBzAFhk9yc3luYzov
L3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xhY25pYy9jZmQ1NDE1MS1lZjI4
LTQ1MDMtYjhmYi1jZjE5NDQ0YzEwMGQvMIGHBggrBgEFBQcwCoZ7cnN5bmM6Ly9y
ZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9sYWNuaWMvY2ZkNTQxNTEtZWYyOC00
NTAzLWI4ZmItY2YxOTQ0NGMxMDBkL2RkZmExOWU2ODY0NjdiMGEwM2FjMWVkNTdi
YzkzZThmZGJiNWI1ZTIubWZ0MIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzov
L3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xhY25pYy80OGYwODNiYi1mNjAz
LTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZmYxNGU5MDU1ZDVhZmFhMzdmYmUyMGY0
YTI2YmQxM2M4ZjE4ZDc5YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAMBknTAPBAIAAjAJAwcAKAEAFCAA
MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwQEOjANBgkqhkiG9w0BAQsFAAOCAQEA
ZZ7oyYax19e8dZx9LfmierQcoKlRt0WydAV8GopUAHSHhSKvVgTWgVq47rve+zW3
enwF9ovgcVoYx3+mGd6Xerz6gF2TtfBvnfs+ovAX4Q1kahTE/OxJWGXSNjeH12Qx
t25lPsv/CU5BESI2sG6hJPleDmT7U+0VbOVJXECHP4YPZviTR36eSvZWBP2D2Uyq
4vknyzeDF0R0Bp2Jocl3/UMxgIxPM+hLdpHXQ6+TDr9TiTydSVX72HK0cxjSMVfu
K5XsSH9XYmiWwUJsKEya3qT/yt8P1JYsv1DOzC6qwpPXNOjrmichL29Fe4mGRJZ6
Ai+1YcI1RT/vYAzR33RQOQ==
-----END CERTIFICATE-----
Generated at Fri Mar 29 05:45:30 2024 by rpki-client on console-ams.rpki-client.org