$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/099b9a77-34cd-4cb9-b28c-f1db0629ebc7/dfa05ebb7294b8b66822e1168bb7f2b6afe9f032.roa File: dfa05ebb7294b8b66822e1168bb7f2b6afe9f032.roa (raw, json) Hash identifier: 25J5i8YWz10TXvoHz1ZMRqpmrsakpxaFVb1W6QUyrmI= Subject key identifier: E0:1C:5F:CC:DD:EE:02:E6:FD:F5:0F:F2:C2:EE:9B:32:15:B6:EB:57 Certificate issuer: /CN=0f77c18ca0d5e3cd0bcb98f6f1654e193e6c9067 Certificate serial: 1AEEEE Authority key identifier: 7D:14:32:7E:D0:E3:39:25:8E:68:E7:8A:B5:17:AB:D6:C5:F4:69:2E Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0f77c18ca0d5e3cd0bcb98f6f1654e193e6c9067.cer Subject info access: rsync://repository.lacnic.net/rpki/lacnic/099b9a77-34cd-4cb9-b28c-f1db0629ebc7/dfa05ebb7294b8b66822e1168bb7f2b6afe9f032.roa Signing time: Fri 21 Oct 2022 04:53:50 +0000 ROA not before: Mon 22 Mar 2021 14:32:30 +0000 ROA not after: Tue 24 Mar 2026 14:32:30 +0000 asID: 264815 IP address blocks: 170.239.168.0/22 maxlen: 24 170.239.168.0/24 maxlen: 24 170.239.169.0/24 maxlen: 24 170.239.170.0/24 maxlen: 24 170.239.171.0/24 maxlen: 24 Validation: OK Signature path: rsync://repository.lacnic.net/rpki/lacnic/099b9a77-34cd-4cb9-b28c-f1db0629ebc7/0f77c18ca0d5e3cd0bcb98f6f1654e193e6c9067.crl rsync://repository.lacnic.net/rpki/lacnic/099b9a77-34cd-4cb9-b28c-f1db0629ebc7/0f77c18ca0d5e3cd0bcb98f6f1654e193e6c9067.mft rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0f77c18ca0d5e3cd0bcb98f6f1654e193e6c9067.cer rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer Signature path expires: Sat 18 Mar 2023 06:52:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1765102 (0x1aeeee) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0f77c18ca0d5e3cd0bcb98f6f1654e193e6c9067 Validity Not Before: Mar 22 14:32:30 2021 GMT Not After : Mar 24 14:32:30 2026 GMT Subject: CN=dfa05ebb7294b8b66822e1168bb7f2b6afe9f032 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:af:9d:6b:98:b3:5f:2a:5e:5b:75:24:bc:f9: 1c:6d:f8:de:2b:05:49:2d:19:20:db:9a:8a:8a:a4: e2:f5:4d:c7:1a:52:bd:63:d8:ae:3a:33:16:dc:9f: 15:46:11:33:34:5b:9d:46:ed:ea:36:02:de:e9:ac: 88:c6:99:f8:58:3c:3c:f8:fb:ed:56:fe:2d:c1:b4: db:92:e3:9d:2d:a6:df:8d:6a:f5:1b:5b:c4:b4:d4: 5b:d0:95:a9:46:5e:28:b7:29:6c:84:88:56:66:62: 55:d4:ff:3e:a4:25:78:4a:1f:19:e5:8f:bf:f5:22: 63:c8:82:a0:90:48:30:6b:9a:87:43:cf:ce:ff:e4: 64:06:84:96:a3:60:73:34:84:7f:7e:5a:51:8e:1a: d1:ff:6e:0b:7e:8a:48:91:ef:36:48:46:18:f9:c5: 82:5e:fd:79:e9:35:16:af:cb:f2:04:50:97:cb:24: dd:b1:c4:7e:c2:52:1b:43:25:4d:86:ad:b1:a0:a0: 31:38:e9:af:f0:65:04:52:23:dd:2f:10:79:70:6d: e8:b5:5d:8d:03:b7:17:ca:e8:4a:f1:f6:0b:2f:c2: 75:bc:74:15:74:1a:59:87:40:7e:a1:7e:78:84:fb: 01:cd:c3:17:02:be:f6:9c:08:c7:9d:7b:04:33:93: dd:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:1C:5F:CC:DD:EE:02:E6:FD:F5:0F:F2:C2:EE:9B:32:15:B6:EB:57 X509v3 Authority Key Identifier: keyid:7D:14:32:7E:D0:E3:39:25:8E:68:E7:8A:B5:17:AB:D6:C5:F4:69:2E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0f77c18ca0d5e3cd0bcb98f6f1654e193e6c9067.cer Subject Information Access: Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/099b9a77-34cd-4cb9-b28c-f1db0629ebc7/dfa05ebb7294b8b66822e1168bb7f2b6afe9f032.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://repository.lacnic.net/rpki/lacnic/099b9a77-34cd-4cb9-b28c-f1db0629ebc7/0f77c18ca0d5e3cd0bcb98f6f1654e193e6c9067.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 170.239.168.0/22 Signature Algorithm: sha256WithRSAEncryption 7d:1b:a0:1e:f8:cb:03:97:24:08:78:9f:3a:0d:71:1d:8a:70: d0:da:69:49:6d:5c:45:eb:6e:d8:50:c0:e5:07:33:27:8d:2f: 7f:2d:e2:33:78:53:8a:25:df:06:88:10:f8:49:3d:64:0c:2a: ac:01:d4:f9:cc:fe:2e:fb:e1:f4:f9:75:6e:cc:c1:3b:2f:cc: f5:4f:8c:48:2e:26:7d:30:86:ef:b2:82:0e:40:97:97:48:53: 9e:f5:35:03:8c:52:36:5c:14:de:45:2c:ac:c6:57:26:a8:32: 5d:62:f9:c4:e5:ce:32:1c:d6:ad:10:34:31:55:d6:74:89:ab: 4a:6c:b6:ab:0a:5d:f0:f5:b5:9f:0b:48:09:de:1e:7b:9a:43: 55:7d:97:5e:89:c0:3a:98:61:32:17:30:c5:db:0d:eb:72:f7: ca:a4:69:14:ad:7c:fd:65:8e:af:09:3d:15:e9:4f:3f:61:30: 25:50:ce:c5:53:48:11:f4:7b:3d:22:77:8d:66:45:e7:ab:bf: 61:e5:b2:52:d9:f2:75:f0:d0:5f:9c:e7:43:16:a2:23:a5:88: 03:50:2e:c9:71:7f:5a:24:38:4a:bb:cf:4b:ec:87:25:d4:a2: f6:aa:7c:c3:ae:22:0f:84:47:69:74:76:e9:2c:ee:35:22:f8: 1b:77:64:35 -----BEGIN CERTIFICATE----- MIIFQDCCBCigAwIBAgIDGu7uMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBm NzdjMThjYTBkNWUzY2QwYmNiOThmNmYxNjU0ZTE5M2U2YzkwNjcwHhcNMjEwMzIy MTQzMjMwWhcNMjYwMzI0MTQzMjMwWjAzMTEwLwYDVQQDEyhkZmEwNWViYjcyOTRi OGI2NjgyMmUxMTY4YmI3ZjJiNmFmZTlmMDMyMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEAw6+da5izXypeW3UkvPkcbfjeKwVJLRkg25qKiqTi9U3HGlK9 Y9iuOjMW3J8VRhEzNFudRu3qNgLe6ayIxpn4WDw8+PvtVv4twbTbkuOdLabfjWr1 G1vEtNRb0JWpRl4otylshIhWZmJV1P8+pCV4Sh8Z5Y+/9SJjyIKgkEgwa5qHQ8/O /+RkBoSWo2BzNIR/flpRjhrR/24LfopIke82SEYY+cWCXv156TUWr8vyBFCXyyTd scR+wlIbQyVNhq2xoKAxOOmv8GUEUiPdLxB5cG3otV2NA7cXyuhK8fYLL8J1vHQV dBpZh0B+oX54hPsBzcMXAr72nAjHnXsEM5Pd7QIDAQABo4ICWzCCAlcwHQYDVR0O BBYEFOAcX8zd7gLm/fUP8sLumzIVtutXMB8GA1UdIwQYMBaAFH0UMn7Q4zkljmjn irUXq9bF9GkuMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMGY3N2Mx OGNhMGQ1ZTNjZDBiY2I5OGY2ZjE2NTRlMTkzZTZjOTA2Ny5jZXIwgZoGCCsGAQUF BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p Yy5uZXQvcnBraS9sYWNuaWMvMDk5YjlhNzctMzRjZC00Y2I5LWIyOGMtZjFkYjA2 MjllYmM3L2RmYTA1ZWJiNzI5NGI4YjY2ODIyZTExNjhiYjdmMmI2YWZlOWYwMzIu cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj bmljLm5ldC9ycGtpL2xhY25pYy8wOTliOWE3Ny0zNGNkLTRjYjktYjI4Yy1mMWRi MDYyOWViYzcvMGY3N2MxOGNhMGQ1ZTNjZDBiY2I5OGY2ZjE2NTRlMTkzZTZjOTA2 Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAqrvqDANBgkqhkiG9w0BAQsFAAOCAQEAfRugHvjLA5ckCHif Og1xHYpw0NppSW1cRetu2FDA5QczJ40vfy3iM3hTiiXfBogQ+Ek9ZAwqrAHU+cz+ Lvvh9Pl1bszBOy/M9U+MSC4mfTCG77KCDkCXl0hTnvU1A4xSNlwU3kUsrMZXJqgy XWL5xOXOMhzWrRA0MVXWdImrSmy2qwpd8PW1nwtICd4ee5pDVX2XXonAOphhMhcw xdsN63L3yqRpFK18/WWOrwk9FelPP2EwJVDOxVNIEfR7PSJ3jWZF56u/YeWyUtny dfDQX5znQxaiI6WIA1AuyXF/WiQ4SrvPS+yHJdSi9qp8w64iD4RHaXR26SzuNSL4 G3dkNQ== -----END CERTIFICATE-----Generated at Wed Mar 15 11:45:39 2023 by rpki-client on console-fra.rpki-client.org