Certificate

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ebf4a0c8d4c6716e2aaa8b33e14548310aa2216f.cer
File:                     ebf4a0c8d4c6716e2aaa8b33e14548310aa2216f.cer (raw, json)
Hash identifier:          E1/jgp7ytfTNb6kUT56ewogNI+aOJuBHbmW6IZ1ZG08=
Subject key identifier:   1C:1B:F3:44:B3:FB:ED:42:20:50:0C:69:37:6C:1A:D4:B4:71:FA:20
Authority key identifier: 14:70:94:B4:E4:47:E3:EE:2D:CC:3F:D5:27:3D:46:EB:9D:C4:78:07
Certificate issuer:       /CN=production O=lacnic
Certificate serial:       EB72F8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
Manifest:                 rsync://repository.lacnic.net/rpki/lacnic/61e76bb2-982a-41d3-bcd9-5daab3fcdae1/ebf4a0c8d4c6716e2aaa8b33e14548310aa2216f.mft
caRepository:             rsync://repository.lacnic.net/rpki/lacnic/61e76bb2-982a-41d3-bcd9-5daab3fcdae1/
Notify URL:               https://rrdp.lacnic.net/rrdp/notification.xml
Certificate not before:   Tue 19 Jan 2021 17:05:15 +0000
Certificate not after:    Wed 26 Jun 2024 22:16:20 +0000
Subordinate resources:    AS: 61487
                          IP: 131.108.0.0/22
                          IP: 170.244.48.0/22
                          IP: 2803:3d80::/32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15430392 (0xeb72f8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=production O=lacnic
        Validity
            Not Before: Jan 19 17:05:15 2021 GMT
            Not After : Jun 26 22:16:20 2024 GMT
        Subject: CN=ebf4a0c8d4c6716e2aaa8b33e14548310aa2216f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:2d:fc:20:50:cc:d1:47:4a:3a:49:06:74:e8:
                    0e:e3:60:e7:8e:e3:e5:ab:52:d4:b1:f1:38:68:be:
                    35:52:c1:07:60:45:53:a6:98:93:ec:6c:df:b6:2f:
                    69:a6:7c:b7:65:2e:c7:8f:19:dc:16:84:e0:da:ae:
                    88:8f:3f:50:b8:59:65:7a:f0:6a:09:81:99:60:f9:
                    16:70:2e:c6:c0:6f:95:4d:a9:91:ff:fc:bd:86:fd:
                    ac:f0:75:9e:73:58:a4:d0:0f:43:2d:44:fc:f8:ec:
                    c1:79:4d:63:9f:5d:88:9a:de:7a:e9:63:bb:2e:30:
                    6c:7a:f0:61:1f:a4:27:ad:76:5e:c2:56:84:c8:51:
                    81:14:49:66:ee:12:34:a9:2e:e4:74:0d:c6:88:68:
                    ca:38:b2:56:ac:7a:07:de:78:26:e3:a2:86:3c:13:
                    66:66:a8:e1:17:9f:72:7a:3b:97:ff:80:82:d5:c5:
                    c7:86:e7:ac:6b:1b:c1:97:2c:9b:bc:1e:32:20:f3:
                    29:6c:10:72:f2:b4:0a:1a:73:15:83:1d:d2:b2:bb:
                    6f:8b:d1:83:6f:2b:04:da:dc:28:4c:6f:76:b8:23:
                    cb:f6:cd:b0:e7:9b:fc:83:ad:17:8f:75:01:82:3a:
                    1d:ac:5b:c7:68:e1:88:02:a3:b1:2f:97:ab:7d:94:
                    80:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:1B:F3:44:B3:FB:ED:42:20:50:0C:69:37:6C:1A:D4:B4:71:FA:20
            X509v3 Authority Key Identifier:
                keyid:14:70:94:B4:E4:47:E3:EE:2D:CC:3F:D5:27:3D:46:EB:9D:C4:78:07

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer

            Subject Information Access:
                RPKI Notify - URI:https://rrdp.lacnic.net/rrdp/notification.xml
                CA Repository - URI:rsync://repository.lacnic.net/rpki/lacnic/61e76bb2-982a-41d3-bcd9-5daab3fcdae1/
                RPKI Manifest - URI:rsync://repository.lacnic.net/rpki/lacnic/61e76bb2-982a-41d3-bcd9-5daab3fcdae1/ebf4a0c8d4c6716e2aaa8b33e14548310aa2216f.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.108.0.0/22
                  170.244.48.0/22
                IPv6:
                  2803:3d80::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  61487

    Signature Algorithm: sha256WithRSAEncryption
         a9:3f:56:11:35:9e:e6:86:5b:41:4d:a0:80:e4:36:8e:9a:10:
         a7:06:bf:ec:eb:b3:10:fe:48:df:ae:93:88:76:b3:62:19:e3:
         ff:9a:e1:b6:20:2b:2f:76:9e:55:68:4a:2c:60:07:5d:a1:3a:
         bf:3a:62:9e:2a:ed:e5:9c:c8:bc:82:0c:0e:5f:11:10:12:4e:
         c9:32:42:c3:5b:12:5e:77:0c:44:e6:07:8f:c6:8f:6d:49:b1:
         34:eb:72:2e:a0:fc:37:81:20:76:bc:53:7f:b7:23:39:8f:a8:
         0e:c9:70:32:bf:59:a0:7c:62:fa:d0:60:e4:65:b8:2d:9d:7b:
         97:c9:a4:4b:99:a1:3b:a7:49:a8:fa:ed:3e:1f:c4:be:bf:33:
         f8:8a:c7:3b:86:62:7f:8c:e0:4f:71:72:70:ed:fd:61:4f:19:
         79:fc:8b:f6:a8:cf:06:84:a6:b9:e1:82:6c:12:0f:0d:37:df:
         3f:b7:7f:ce:c8:19:23:9e:87:bd:d8:92:c6:f2:b4:98:b9:b0:
         20:1a:a0:5d:2e:a9:8c:b5:ce:d7:43:71:b9:fd:78:47:3a:64:
         89:23:e0:64:84:f9:0e:99:59:c6:37:c5:f4:a6:ee:f8:e0:26:
         9c:3a:09:00:50:0c:65:70:64:65:ac:cb:6b:3a:7a:fd:fb:16:
         e2:f4:64:67
-----BEGIN CERTIFICATE-----
MIIF4DCCBMigAwIBAgIEAOty+DANBgkqhkiG9w0BAQsFADAeMRwwGgYDVQQDExNw
cm9kdWN0aW9uIE89bGFjbmljMB4XDTIxMDExOTE3MDUxNVoXDTI0MDYyNjIyMTYy
MFowMzExMC8GA1UEAxMoZWJmNGEwYzhkNGM2NzE2ZTJhYWE4YjMzZTE0NTQ4MzEw
YWEyMjE2ZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMct/CBQzNFH
SjpJBnToDuNg547j5atS1LHxOGi+NVLBB2BFU6aYk+xs37YvaaZ8t2Uux48Z3BaE
4NquiI8/ULhZZXrwagmBmWD5FnAuxsBvlU2pkf/8vYb9rPB1nnNYpNAPQy1E/Pjs
wXlNY59diJreeuljuy4wbHrwYR+kJ612XsJWhMhRgRRJZu4SNKku5HQNxohoyjiy
Vqx6B954JuOihjwTZmao4Refcno7l/+AgtXFx4bnrGsbwZcsm7weMiDzKWwQcvK0
ChpzFYMd0rK7b4vRg28rBNrcKExvdrgjy/bNsOeb/IOtF491AYI6Haxbx2jhiAKj
sS+Xq32UgC8CAwEAAaOCAw8wggMLMB0GA1UdDgQWBBQcG/NEs/vtQiBQDGk3bBrU
tHH6IDAfBgNVHSMEGDAWgBQUcJS05Efj7i3MP9UnPUbrncR4BzAPBgNVHRMBAf8E
BTADAQH/MA4GA1UdDwEB/wQEAwIBBjByBggrBgEFBQcBAQRmMGQwYgYIKwYBBQUH
MAKGVnJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFjbmljL2Zm
MTRlOTA1NWQ1YWZhYTM3ZmJlMjBmNGEyNmJkMTNjOGYxOGQ3OWEuY2VyMIIBNAYI
KwYBBQUHAQsEggEmMIIBIjA5BggrBgEFBQcwDYYtaHR0cHM6Ly9ycmRwLmxhY25p
Yy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMFsGCCsGAQUFBzAFhk9yc3luYzov
L3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xhY25pYy82MWU3NmJiMi05ODJh
LTQxZDMtYmNkOS01ZGFhYjNmY2RhZTEvMIGHBggrBgEFBQcwCoZ7cnN5bmM6Ly9y
ZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9sYWNuaWMvNjFlNzZiYjItOTgyYS00
MWQzLWJjZDktNWRhYWIzZmNkYWUxL2ViZjRhMGM4ZDRjNjcxNmUyYWFhOGIzM2Ux
NDU0ODMxMGFhMjIxNmYubWZ0MIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzov
L3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xhY25pYy80OGYwODNiYi1mNjAz
LTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZmYxNGU5MDU1ZDVhZmFhMzdmYmUyMGY0
YTI2YmQxM2M4ZjE4ZDc5YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAoNsAAMEAqr0MDANBAIAAjAHAwUA
KAM9gDAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMA8C8wDQYJKoZIhvcNAQELBQAD
ggEBAKk/VhE1nuaGW0FNoIDkNo6aEKcGv+zrsxD+SN+uk4h2s2IZ4/+a4bYgKy92
nlVoSixgB12hOr86Yp4q7eWcyLyCDA5fERASTskyQsNbEl53DETmB4/Gj21JsTTr
ci6g/DeBIHa8U3+3IzmPqA7JcDK/WaB8YvrQYORluC2de5fJpEuZoTunSaj67T4f
xL6/M/iKxzuGYn+M4E9xcnDt/WFPGXn8i/aozwaEprnhgmwSDw033z+3f87IGSOe
h73YksbytJi5sCAaoF0uqYy1ztdDcbn9eEc6ZIkj4GSE+Q6ZWcY3xfSm7vjgJpw6
CQBQDGVwZGWsy2s6ev37FuL0ZGc=
-----END CERTIFICATE-----