Certificate

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/df1415c33947c25ca12181e4eb1643c5c66272bc.cer
File:                     df1415c33947c25ca12181e4eb1643c5c66272bc.cer (raw, json)
Hash identifier:          rhjy1+TVNhYHrrXveZvCXlNcgFjTdevcWA6dUFVxxGQ=
Subject key identifier:   21:DD:C1:4B:9C:0D:13:17:80:3C:22:23:41:CE:8B:82:3C:F5:33:89
Authority key identifier: 14:70:94:B4:E4:47:E3:EE:2D:CC:3F:D5:27:3D:46:EB:9D:C4:78:07
Certificate issuer:       /CN=production O=lacnic
Certificate serial:       E31067
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
Manifest:                 rsync://repository.lacnic.net/rpki/lacnic/878fb5a9-a616-447c-9379-b7ad7adde0ec/df1415c33947c25ca12181e4eb1643c5c66272bc.mft
caRepository:             rsync://repository.lacnic.net/rpki/lacnic/878fb5a9-a616-447c-9379-b7ad7adde0ec/
Notify URL:               https://rrdp.lacnic.net/rrdp/notification.xml
Certificate not before:   Sat 01 Apr 2023 03:16:56 +0000
Certificate not after:    Thu 21 Nov 2024 18:58:08 +0000
Subordinate resources:    AS: 272061
                          IP: 181.189.27.0/24
                          IP: 181.233.62.0/23
                          IP: 2803:fd10::/32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14880871 (0xe31067)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=production O=lacnic
        Validity
            Not Before: Apr  1 03:16:56 2023 GMT
            Not After : Nov 21 18:58:08 2024 GMT
        Subject: CN=df1415c33947c25ca12181e4eb1643c5c66272bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:be:0f:59:b1:ca:bb:07:c8:c0:26:c6:53:0d:
                    b8:30:03:d6:af:df:d5:45:bd:b2:c7:6b:78:72:3c:
                    03:dc:94:26:76:17:f1:78:9e:67:6d:23:a8:7a:12:
                    cf:34:8b:1a:d3:db:8a:cd:87:24:1b:ec:d2:27:2d:
                    94:36:69:9b:f3:5a:3b:d6:6d:d4:c4:ad:9d:3d:ce:
                    4c:bc:6a:39:ff:96:51:0c:be:a3:9a:78:ff:61:19:
                    3f:93:e1:05:7c:f8:c2:a2:eb:bb:c1:f6:f2:74:5f:
                    ca:7c:42:10:c5:24:c5:5e:35:12:92:d5:a3:fa:5f:
                    4f:6e:9d:51:e1:d5:fe:6e:f6:23:e1:25:45:f7:cb:
                    80:2b:f4:1e:b7:8f:8c:37:34:28:aa:dc:8e:34:b6:
                    b5:ae:d7:a9:da:aa:e1:3d:c4:c5:c2:51:ea:14:ab:
                    dd:42:98:a7:c7:6f:65:cd:d4:cb:05:8f:8f:e8:31:
                    76:56:76:62:94:56:cf:fd:8f:54:94:26:82:32:33:
                    75:df:5a:ad:f2:77:06:0a:6a:05:92:ae:ca:7e:a3:
                    66:09:f4:31:3e:f3:ee:9a:25:7d:83:65:86:04:32:
                    73:78:2e:dc:ab:bf:ea:38:9a:b7:ae:c8:4a:94:42:
                    99:14:6b:ab:85:ba:68:6d:14:c0:d9:85:4f:e5:21:
                    23:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:DD:C1:4B:9C:0D:13:17:80:3C:22:23:41:CE:8B:82:3C:F5:33:89
            X509v3 Authority Key Identifier:
                keyid:14:70:94:B4:E4:47:E3:EE:2D:CC:3F:D5:27:3D:46:EB:9D:C4:78:07

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer

            Subject Information Access:
                RPKI Notify - URI:https://rrdp.lacnic.net/rrdp/notification.xml
                CA Repository - URI:rsync://repository.lacnic.net/rpki/lacnic/878fb5a9-a616-447c-9379-b7ad7adde0ec/
                RPKI Manifest - URI:rsync://repository.lacnic.net/rpki/lacnic/878fb5a9-a616-447c-9379-b7ad7adde0ec/df1415c33947c25ca12181e4eb1643c5c66272bc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.189.27.0/24
                  181.233.62.0/23
                IPv6:
                  2803:fd10::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  272061

    Signature Algorithm: sha256WithRSAEncryption
         47:9a:09:f3:3e:35:fc:ca:df:23:16:0d:99:fc:e6:02:5b:30:
         a2:3a:38:0a:44:ca:6a:16:27:70:03:58:dc:23:2d:4b:b4:19:
         6d:ea:12:4e:2e:95:0c:ba:9a:b3:b1:60:99:98:b9:8f:53:de:
         47:f0:25:06:6d:49:9c:b3:5e:1f:68:89:80:68:25:31:bf:b1:
         5a:e2:d3:64:4a:40:f7:e1:95:1f:5d:31:c6:4e:72:74:91:1d:
         c0:1d:b8:e7:73:89:13:01:2c:ee:71:de:18:1c:99:0d:da:2b:
         3b:36:2c:4d:27:32:c9:fd:4c:56:fa:65:61:aa:34:4c:b2:28:
         42:01:c3:31:27:0a:32:ab:2d:44:93:71:2b:e3:06:06:e2:96:
         28:09:41:44:c2:03:7b:71:1d:b4:5b:46:5a:c0:d6:0b:1b:00:
         65:a8:fe:24:bc:0d:c4:de:ba:bc:3f:02:3d:55:ba:c8:7f:fc:
         57:c7:a3:2b:eb:d0:d0:20:85:8b:6d:ce:20:28:be:d0:a9:b3:
         72:59:80:e0:cf:1d:2d:47:d3:54:9c:f9:08:05:92:75:9c:a3:
         0b:b4:0f:a8:cd:45:0c:94:63:1e:b1:bd:1c:b7:c6:62:8a:aa:
         94:8c:91:8b:06:43:67:69:d6:8e:36:1f:b9:7a:00:b6:46:e0:
         cb:c1:59:c8
-----BEGIN CERTIFICATE-----
MIIF4DCCBMigAwIBAgIEAOMQZzANBgkqhkiG9w0BAQsFADAeMRwwGgYDVQQDExNw
cm9kdWN0aW9uIE89bGFjbmljMB4XDTIzMDQwMTAzMTY1NloXDTI0MTEyMTE4NTgw
OFowMzExMC8GA1UEAxMoZGYxNDE1YzMzOTQ3YzI1Y2ExMjE4MWU0ZWIxNjQzYzVj
NjYyNzJiYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKW+D1mxyrsH
yMAmxlMNuDAD1q/f1UW9ssdreHI8A9yUJnYX8XieZ20jqHoSzzSLGtPbis2HJBvs
0ictlDZpm/NaO9Zt1MStnT3OTLxqOf+WUQy+o5p4/2EZP5PhBXz4wqLru8H28nRf
ynxCEMUkxV41EpLVo/pfT26dUeHV/m72I+ElRffLgCv0HrePjDc0KKrcjjS2ta7X
qdqq4T3ExcJR6hSr3UKYp8dvZc3UywWPj+gxdlZ2YpRWz/2PVJQmgjIzdd9arfJ3
BgpqBZKuyn6jZgn0MT7z7polfYNlhgQyc3gu3Ku/6jiat67ISpRCmRRrq4W6aG0U
wNmFT+UhI5cCAwEAAaOCAw8wggMLMB0GA1UdDgQWBBQh3cFLnA0TF4A8IiNBzouC
PPUziTAfBgNVHSMEGDAWgBQUcJS05Efj7i3MP9UnPUbrncR4BzAPBgNVHRMBAf8E
BTADAQH/MA4GA1UdDwEB/wQEAwIBBjByBggrBgEFBQcBAQRmMGQwYgYIKwYBBQUH
MAKGVnJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFjbmljL2Zm
MTRlOTA1NWQ1YWZhYTM3ZmJlMjBmNGEyNmJkMTNjOGYxOGQ3OWEuY2VyMIIBNAYI
KwYBBQUHAQsEggEmMIIBIjA5BggrBgEFBQcwDYYtaHR0cHM6Ly9ycmRwLmxhY25p
Yy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMFsGCCsGAQUFBzAFhk9yc3luYzov
L3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xhY25pYy84NzhmYjVhOS1hNjE2
LTQ0N2MtOTM3OS1iN2FkN2FkZGUwZWMvMIGHBggrBgEFBQcwCoZ7cnN5bmM6Ly9y
ZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9sYWNuaWMvODc4ZmI1YTktYTYxNi00
NDdjLTkzNzktYjdhZDdhZGRlMGVjL2RmMTQxNWMzMzk0N2MyNWNhMTIxODFlNGVi
MTY0M2M1YzY2MjcyYmMubWZ0MIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzov
L3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xhY25pYy80OGYwODNiYi1mNjAz
LTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZmYxNGU5MDU1ZDVhZmFhMzdmYmUyMGY0
YTI2YmQxM2M4ZjE4ZDc5YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEALW9GwMEAbXpPjANBAIAAjAHAwUA
KAP9EDAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMEJr0wDQYJKoZIhvcNAQELBQAD
ggEBAEeaCfM+NfzK3yMWDZn85gJbMKI6OApEymoWJ3ADWNwjLUu0GW3qEk4ulQy6
mrOxYJmYuY9T3kfwJQZtSZyzXh9oiYBoJTG/sVri02RKQPfhlR9dMcZOcnSRHcAd
uOdziRMBLO5x3hgcmQ3aKzs2LE0nMsn9TFb6ZWGqNEyyKEIBwzEnCjKrLUSTcSvj
BgbiligJQUTCA3txHbRbRlrA1gsbAGWo/iS8DcTeurw/Aj1Vush//FfHoyvr0NAg
hYttziAovtCps3JZgODPHS1H01Sc+QgFknWcowu0D6jNRQyUYx6xvRy3xmKKqpSM
kYsGQ2dp1o42H7l6ALZG4MvBWcg=
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:03:56 2024 by rpki-client on console-ams.rpki-client.org