Certificate

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D2709F777988D8BB9C29DBBB53968812568C616E.cer
File:                     D2709F777988D8BB9C29DBBB53968812568C616E.cer (raw, json)
Hash identifier:          2UWgLA4B8J78EzOsVch1LOcw63kJXskhamGHtEZKjcg=
Subject key identifier:   D2:70:9F:77:79:88:D8:BB:9C:29:DB:BB:53:96:88:12:56:8C:61:6E
Authority key identifier: BC:C0:66:5E:CF:8A:97:B8:3E:39:82:68:D9:2A:25:5B:AE:66:18:16
Certificate issuer:       /CN=BCC0665ECF8A97B83E398268D92A255BAE661816
Certificate serial:       712383F7514A689270E1A6362A2E87E6805E6D9F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
Manifest:                 rsync://repository.lacnic.net/rpki/lacnic/1CBDA3CBE3F94B19EDF009953C0F455D7053B060883FF74AB3FFCA12818F0932/0/D2709F777988D8BB9C29DBBB53968812568C616E.mft
caRepository:             rsync://repository.lacnic.net/rpki/lacnic/1CBDA3CBE3F94B19EDF009953C0F455D7053B060883FF74AB3FFCA12818F0932/0/
Notify URL:               https://rrdp.lacnic.net/rrdp/notification.xml
Certificate not before:   Tue 04 Feb 2025 21:08:45 +0000
Certificate not after:    Tue 03 Feb 2026 21:13:45 +0000
Subordinate resources:    AS: 28041
                          IP: 190.9.179.0/24
                          IP: 190.9.181.0 -- 190.9.191.255
                          IP: 200.125.128.0/24
                          IP: 200.125.130.0 -- 200.125.159.255
                          IP: 2803:a400::/32
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Feb 2025 16:58:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:23:83:f7:51:4a:68:92:70:e1:a6:36:2a:2e:87:e6:80:5e:6d:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BCC0665ECF8A97B83E398268D92A255BAE661816
        Validity
            Not Before: Feb  4 21:08:45 2025 GMT
            Not After : Feb  3 21:13:45 2026 GMT
        Subject: CN=D2709F777988D8BB9C29DBBB53968812568C616E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:32:9d:89:4b:d8:2c:1b:78:29:cd:b7:32:40:
                    84:f1:b0:75:64:b4:aa:3d:61:62:ca:3f:c1:81:c1:
                    08:bc:a2:be:38:af:c9:12:2d:2b:e5:1f:95:61:f6:
                    86:3f:d5:d7:d5:64:46:17:fb:03:38:a2:e1:7f:70:
                    0e:88:2e:85:92:cb:56:09:56:9f:3f:cd:51:ca:07:
                    e3:b7:56:69:88:0f:c6:e1:ee:fd:4d:1d:f4:36:81:
                    17:8b:cb:83:b1:5b:1e:33:b5:98:b5:41:09:bd:47:
                    f9:d9:86:e5:8b:08:a2:aa:f6:69:aa:cd:e6:90:1d:
                    16:66:41:53:1c:f1:8b:45:a1:0d:1c:6e:74:db:9c:
                    63:1b:59:8d:4f:d9:b7:9e:a8:3d:3a:00:a6:db:35:
                    c0:81:79:59:eb:68:a3:b7:86:08:f2:6c:88:e1:76:
                    4c:31:08:9c:98:a0:bc:6c:78:1a:31:da:6b:eb:37:
                    7c:e4:88:55:39:49:ca:28:71:4d:5b:94:67:26:fe:
                    79:ed:27:a7:26:24:d4:36:be:6d:ff:5b:7f:18:60:
                    76:a0:e5:57:26:07:93:f6:25:9d:fa:e5:d2:ad:bc:
                    0a:91:da:ed:4c:e5:24:e4:b3:a8:77:ca:bb:e9:e4:
                    1a:d6:d2:14:6d:d4:f1:1d:75:9c:ec:63:1e:88:6b:
                    f6:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                D2:70:9F:77:79:88:D8:BB:9C:29:DB:BB:53:96:88:12:56:8C:61:6E
            X509v3 Authority Key Identifier:
                keyid:BC:C0:66:5E:CF:8A:97:B8:3E:39:82:68:D9:2A:25:5B:AE:66:18:16

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer

            Subject Information Access:
                CA Repository - URI:rsync://repository.lacnic.net/rpki/lacnic/1CBDA3CBE3F94B19EDF009953C0F455D7053B060883FF74AB3FFCA12818F0932/0/
                RPKI Manifest - URI:rsync://repository.lacnic.net/rpki/lacnic/1CBDA3CBE3F94B19EDF009953C0F455D7053B060883FF74AB3FFCA12818F0932/0/D2709F777988D8BB9C29DBBB53968812568C616E.mft
                RPKI Notify - URI:https://rrdp.lacnic.net/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.9.179.0/24
                  190.9.181.0-190.9.191.255
                  200.125.128.0/24
                  200.125.130.0-200.125.159.255
                IPv6:
                  2803:a400::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  28041

    Signature Algorithm: sha256WithRSAEncryption
         36:f4:b8:57:1c:c9:8a:ce:02:db:b5:a2:1d:e3:da:30:61:cb:
         25:30:ac:e4:64:d7:95:47:b7:15:b0:b4:0c:a8:88:29:b5:7f:
         63:11:fe:16:04:e0:90:de:ab:cb:50:6c:ae:89:5f:0c:42:b7:
         db:c4:78:ba:40:b5:78:c5:30:45:88:28:0d:67:a1:18:da:2d:
         10:4f:52:c0:5a:df:3f:7b:69:f8:68:68:cf:f0:f1:42:0f:e0:
         ae:54:cf:39:0d:2e:59:1a:2d:e8:69:08:07:61:df:ae:1b:9c:
         e9:7d:7d:ad:5d:34:92:e5:dd:d7:79:55:6a:b0:8c:d1:5e:a4:
         60:97:15:78:33:4f:1f:25:48:39:49:e2:86:17:3c:d1:ab:15:
         90:63:47:c6:44:d7:dc:64:e7:90:84:e8:a9:a9:c6:b0:b5:25:
         b4:d6:64:d7:24:4b:b5:5a:7d:bc:f2:2e:6d:85:84:31:e1:b4:
         9b:8b:50:14:41:98:bc:3a:85:4d:b9:3f:01:1c:dc:4e:91:79:
         b5:75:fd:50:5f:1b:55:b2:b6:26:e4:77:63:9c:ed:3f:df:92:
         e8:29:5f:df:90:b3:71:c0:e5:a7:39:b4:ed:73:aa:6b:4c:cb:
         75:31:33:1b:ba:24:5c:68:cd:22:22:9b:dc:90:97:79:ec:fb:
         c7:a6:e9:a9
-----BEGIN CERTIFICATE-----
MIIGxjCCBa6gAwIBAgIUcSOD91FKaJJw4aY2Ki6H5oBebZ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkNDMDY2NUVDRjhBOTdCODNFMzk4MjY4RDkyQTI1NUJB
RTY2MTgxNjAeFw0yNTAyMDQyMTA4NDVaFw0yNjAyMDMyMTEzNDVaMDMxMTAvBgNV
BAMTKEQyNzA5Rjc3Nzk4OEQ4QkI5QzI5REJCQjUzOTY4ODEyNTY4QzYxNkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEMp2JS9gsG3gpzbcyQITxsHVk
tKo9YWLKP8GBwQi8or44r8kSLSvlH5Vh9oY/1dfVZEYX+wM4ouF/cA6ILoWSy1YJ
Vp8/zVHKB+O3VmmID8bh7v1NHfQ2gReLy4OxWx4ztZi1QQm9R/nZhuWLCKKq9mmq
zeaQHRZmQVMc8YtFoQ0cbnTbnGMbWY1P2beeqD06AKbbNcCBeVnraKO3hgjybIjh
dkwxCJyYoLxseBox2mvrN3zkiFU5ScoocU1blGcm/nntJ6cmJNQ2vm3/W38YYHag
5VcmB5P2JZ365dKtvAqR2u1M5STks6h3yrvp5BrW0hRt1PEddZzsYx6Ia/a9AgMB
AAGjggPQMIIDzDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTScJ93eYjYu5wp
27tTlogSVoxhbjAfBgNVHSMEGDAWgBS8wGZez4qXuD45gmjZKiVbrmYYFjAOBgNV
HQ8BAf8EBAMCAQYwgbAGA1UdHwSBqDCBpTCBoqCBn6CBnIaBmXJzeW5jOi8vcmVw
b3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURF
NzA5QUMwRDI1NUNGMjc5QzQ3NzE2RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQv
MC9CQ0MwNjY1RUNGOEE5N0I4M0UzOTgyNjhEOTJBMjU1QkFFNjYxODE2LmNybDCB
uQYIKwYBBQUHAQEEgawwgakwgaYGCCsGAQUFBzAChoGZcnN5bmM6Ly9yZXBvc2l0
b3J5LmxhY25pYy5uZXQvcnBraS9sYWNuaWMvRTVBQTFCMkM2OTBEMzRERDNBNDJF
MEMwMjY4QzMyMThFRDE1OEUxNUQyOUZDQkQwQkFCNjZCNDc4NkQ2MzJFNi8wL0JD
QzA2NjVFQ0Y4QTk3QjgzRTM5ODI2OEQ5MkEyNTVCQUU2NjE4MTYuY2VyMIIBcQYI
KwYBBQUHAQsEggFjMIIBXzB5BggrBgEFBQcwBYZtcnN5bmM6Ly9yZXBvc2l0b3J5
LmxhY25pYy5uZXQvcnBraS9sYWNuaWMvMUNCREEzQ0JFM0Y5NEIxOUVERjAwOTk1
M0MwRjQ1NUQ3MDUzQjA2MDg4M0ZGNzRBQjNGRkNBMTI4MThGMDkzMi8wLzCBpgYI
KwYBBQUHMAqGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy8xQ0JEQTNDQkUzRjk0QjE5RURGMDA5OTUzQzBGNDU1RDcwNTNCMDYwODgz
RkY3NEFCM0ZGQ0ExMjgxOEYwOTMyLzAvRDI3MDlGNzc3OTg4RDhCQjlDMjlEQkJC
NTM5Njg4MTI1NjhDNjE2RS5tZnQwOQYIKwYBBQUHMA2GLWh0dHBzOi8vcnJkcC5s
YWNuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwQAvgmzMAwDBAC+
CbUDBAa+CYADBADIfYAwDAMEAch9ggMEBch9gDANBAIAAjAHAwUAKAOkADAZBggr
BgEFBQcBCAEB/wQKMAigBjAEAgJtiTANBgkqhkiG9w0BAQsFAAOCAQEANvS4VxzJ
is4C27WiHePaMGHLJTCs5GTXlUe3FbC0DKiIKbV/YxH+FgTgkN6ry1BsrolfDEK3
28R4ukC1eMUwRYgoDWehGNotEE9SwFrfP3tp+Ghoz/DxQg/grlTPOQ0uWRot6GkI
B2Hfrhuc6X19rV00kuXd13lVarCM0V6kYJcVeDNPHyVIOUnihhc80asVkGNHxkTX
3GTnkIToqanGsLUltNZk1yRLtVp9vPIubYWEMeG0m4tQFEGYvDqFTbk/ARzcTpF5
tXX9UF8bVbK2JuR3Y5ztP9+S6Clf35CzccDlpzm07XOqa0zLdTEzG7okXGjNIiKb
3JCXeez7x6bpqQ==
-----END CERTIFICATE-----
Generated at Thu Feb 13 19:37:38 2025 by rpki-client