Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1AA2EBB687195FD49844E1D0D3115E92CDA6103B3994B0D6303D16B1799B337B/0/3133312e37322e3133382e302f32342d3234203d3e20323733393533.roa
File:                     3133312e37322e3133382e302f32342d3234203d3e20323733393533.roa (raw, json)
Hash identifier:          aEcZ1RvOlfMdVaaqP470GnMoDxfko2w83H42rfqpMu0=
Subject key identifier:   3E:C6:D9:0B:2E:46:96:8C:07:5C:5B:01:E5:0C:BB:48:A9:FC:C8:C9
Certificate issuer:       /CN=AD0AC5C8188314F93F8DAB2961A0B21B0B3B2192
Certificate serial:       390B86758D1C876E65AE27F555BC602092608C35
Authority key identifier: AD:0A:C5:C8:18:83:14:F9:3F:8D:AB:29:61:A0:B2:1B:0B:3B:21:92
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AD0AC5C8188314F93F8DAB2961A0B21B0B3B2192.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1AA2EBB687195FD49844E1D0D3115E92CDA6103B3994B0D6303D16B1799B337B/0/3133312e37322e3133382e302f32342d3234203d3e20323733393533.roa
Signing time:             Thu 18 Jun 2026 19:48:30 +0000
ROA not before:           Thu 18 Jun 2026 19:43:30 +0000
ROA not after:            Thu 17 Jun 2027 19:48:30 +0000
asID:                     273953
IP address blocks:        131.72.138.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1AA2EBB687195FD49844E1D0D3115E92CDA6103B3994B0D6303D16B1799B337B/0/AD0AC5C8188314F93F8DAB2961A0B21B0B3B2192.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1AA2EBB687195FD49844E1D0D3115E92CDA6103B3994B0D6303D16B1799B337B/0/AD0AC5C8188314F93F8DAB2961A0B21B0B3B2192.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AD0AC5C8188314F93F8DAB2961A0B21B0B3B2192.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F25A1B7D8F7ADF94C0DEBE8FEAC1C3BCD6058678.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F25A1B7D8F7ADF94C0DEBE8FEAC1C3BCD6058678.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/F25A1B7D8F7ADF94C0DEBE8FEAC1C3BCD6058678.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 06 Jul 2026 21:06:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:0b:86:75:8d:1c:87:6e:65:ae:27:f5:55:bc:60:20:92:60:8c:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AD0AC5C8188314F93F8DAB2961A0B21B0B3B2192
        Validity
            Not Before: Jun 18 19:43:30 2026 GMT
            Not After : Jun 17 19:48:30 2027 GMT
        Subject: CN=3EC6D90B2E46968C075C5B01E50CBB48A9FCC8C9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:74:4a:da:2e:94:96:c0:07:db:39:15:36:df:
                    b0:9e:42:2a:04:c6:42:3e:b0:62:f5:9f:2e:a6:0d:
                    3e:96:ec:f7:4b:cc:20:f0:76:8d:96:e2:1c:a2:37:
                    f7:fb:e1:69:97:01:59:7b:ec:95:d9:d4:37:37:ae:
                    00:44:91:96:96:68:fd:3d:8b:33:fd:b2:07:38:e6:
                    67:c9:75:d4:7d:a9:aa:fa:c8:35:57:3c:a8:57:1e:
                    5a:e1:24:ec:cf:47:1e:a0:c4:31:6a:e4:4b:8e:9f:
                    21:27:40:29:55:b8:fb:2e:9f:fa:b7:0d:51:ac:67:
                    b4:9e:4c:fb:de:07:44:bc:bb:ac:7c:19:61:a3:70:
                    83:b1:c5:27:ca:de:9f:c7:6d:26:4d:a1:a0:fb:61:
                    5a:62:a2:5c:7b:7c:6d:ec:54:79:f6:b0:89:a3:9d:
                    87:ac:0e:38:87:0b:0e:67:5f:17:dd:f8:ba:53:7a:
                    f7:6e:7c:14:a2:e1:b3:bf:ee:88:68:f0:d7:5c:ef:
                    db:7c:54:e2:c5:b0:9b:54:19:52:2e:48:ed:df:32:
                    a1:be:ec:a4:09:68:e2:47:e7:6d:e0:10:9e:db:7d:
                    83:92:e2:21:6b:dc:69:72:90:09:a7:d3:e6:f6:68:
                    66:97:64:cc:b7:d5:e7:64:1a:23:99:af:15:5f:c4:
                    d4:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:C6:D9:0B:2E:46:96:8C:07:5C:5B:01:E5:0C:BB:48:A9:FC:C8:C9
            X509v3 Authority Key Identifier:
                keyid:AD:0A:C5:C8:18:83:14:F9:3F:8D:AB:29:61:A0:B2:1B:0B:3B:21:92

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1AA2EBB687195FD49844E1D0D3115E92CDA6103B3994B0D6303D16B1799B337B/0/AD0AC5C8188314F93F8DAB2961A0B21B0B3B2192.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AD0AC5C8188314F93F8DAB2961A0B21B0B3B2192.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1AA2EBB687195FD49844E1D0D3115E92CDA6103B3994B0D6303D16B1799B337B/0/3133312e37322e3133382e302f32342d3234203d3e20323733393533.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.72.138.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a1:53:71:40:7b:49:f7:fb:16:f9:d3:09:4d:b5:f8:16:7a:66:
         24:6d:91:06:28:a2:f9:6e:d9:3f:34:73:c9:6a:39:2c:24:94:
         67:33:9c:c6:47:fd:22:cc:91:ad:d0:aa:94:4b:ba:09:5b:d5:
         07:2d:5b:03:c7:fe:05:44:a8:98:fc:a6:1c:49:e8:aa:32:9e:
         36:d7:5a:3f:42:3d:f0:f4:e7:38:86:47:21:99:d8:15:a8:02:
         5f:8b:ab:40:87:b2:65:85:b2:2b:d2:22:77:00:66:66:a5:7b:
         5b:2e:25:ab:54:0b:f7:c0:3c:52:de:d6:ee:b5:f8:04:bb:ab:
         f5:5c:9a:dd:47:05:d5:5c:95:4a:59:12:63:5d:b3:cd:27:e2:
         c7:9b:30:76:30:d4:6e:33:42:4e:4b:56:84:6a:38:34:c9:a2:
         bd:90:57:5b:5b:36:61:f7:a6:2f:1b:b4:dc:10:09:a2:17:81:
         10:cb:8f:ba:14:fa:91:54:79:7e:ef:75:65:ee:71:a6:12:2c:
         7d:48:1e:3e:07:3e:b0:42:4a:3b:74:82:d4:0a:80:0e:7e:f2:
         6e:29:c3:0e:21:1f:d0:c9:51:d2:5a:ac:cc:aa:2c:56:89:20:
         a7:93:82:cc:dd:c6:f1:f2:8d:fc:6e:b4:ef:c7:56:25:f8:82:
         db:b6:fb:a5
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUOQuGdY0ch25lrif1VbxgIJJgjDUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUQwQUM1QzgxODgzMTRGOTNGOERBQjI5NjFBMEIyMUIw
QjNCMjE5MjAeFw0yNjA2MTgxOTQzMzBaFw0yNzA2MTcxOTQ4MzBaMDMxMTAvBgNV
BAMTKDNFQzZEOTBCMkU0Njk2OEMwNzVDNUIwMUU1MENCQjQ4QTlGQ0M4QzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCudEraLpSWwAfbORU237CeQioE
xkI+sGL1ny6mDT6W7PdLzCDwdo2W4hyiN/f74WmXAVl77JXZ1Dc3rgBEkZaWaP09
izP9sgc45mfJddR9qar6yDVXPKhXHlrhJOzPRx6gxDFq5EuOnyEnQClVuPsun/q3
DVGsZ7SeTPveB0S8u6x8GWGjcIOxxSfK3p/HbSZNoaD7YVpiolx7fG3sVHn2sImj
nYesDjiHCw5nXxfd+LpTevdufBSi4bO/7oho8Ndc79t8VOLFsJtUGVIuSO3fMqG+
7KQJaOJH523gEJ7bfYOS4iFr3GlykAmn0+b2aGaXZMy31edkGiOZrxVfxNQjAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUPsbZCy5GlowHXFsB5Qy7SKn8yMkwHwYDVR0j
BBgwFoAUrQrFyBiDFPk/jaspYaCyGws7IZIwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQUEyRUJCNjg3MTk1RkQ0OTg0NEUxRDBEMzExNUU5MkNE
QTYxMDNCMzk5NEIwRDYzMDNEMTZCMTc5OUIzMzdCLzAvQUQwQUM1QzgxODgzMTRG
OTNGOERBQjI5NjFBMEIyMUIwQjNCMjE5Mi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BRDBBQzVDODE4ODMxNEY5M0Y4
REFCMjk2MUEwQjIxQjBCM0IyMTkyLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUFBMkVCQjY4NzE5NUZENDk4NDRFMUQwRDMxMTVFOTJDREE2MTAzQjM5
OTRCMEQ2MzAzRDE2QjE3OTlCMzM3Qi8wLzMxMzMzMTJlMzczMjJlMzEzMzM4MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzMzMzkzNTMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAg0iK
MA0GCSqGSIb3DQEBCwUAA4IBAQChU3FAe0n3+xb50wlNtfgWemYkbZEGKKL5btk/
NHPJajksJJRnM5zGR/0izJGt0KqUS7oJW9UHLVsDx/4FRKiY/KYcSeiqMp4211o/
Qj3w9Oc4hkchmdgVqAJfi6tAh7JlhbIr0iJ3AGZmpXtbLiWrVAv3wDxS3tbutfgE
u6v1XJrdRwXVXJVKWRJjXbPNJ+LHmzB2MNRuM0JOS1aEajg0yaK9kFdbWzZh96Yv
G7TcEAmiF4EQy4+6FPqRVHl+73Vl7nGmEix9SB4+Bz6wQko7dILUCoAOfvJuKcMO
IR/QyVHSWqzMqixWiSCnk4LM3cbx8o38brTvx1Yl+ILbtvul
-----END CERTIFICATE-----
Generated at Thu Jul 2 18:36:33 2026 by rpki-client