Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2af7cee6-f2a7-4137-8cf1-f51c58e4d7d6/76e906f5555ef704b025b71cd1dac5aca1d3387c.roa
File: 76e906f5555ef704b025b71cd1dac5aca1d3387c.roa (raw, json)
Hash identifier: HdwsMBbQyLo1Tg7p9gFedorChNTeyX48BBCk2QttjcI=
Subject key identifier: 6E:EF:9D:1E:5F:2E:31:EC:59:56:3B:C6:24:D0:89:9F:93:7B:C3:93
Certificate issuer: /CN=0d3fd40f1570dd6e7ef4b855d45ec68703ec8cb2
Certificate serial: 0969
Authority key identifier: 23:0C:88:03:8A:F4:DE:38:2C:6C:59:D6:5B:FE:FF:E0:74:3D:73:8C
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0d3fd40f1570dd6e7ef4b855d45ec68703ec8cb2.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/2af7cee6-f2a7-4137-8cf1-f51c58e4d7d6/76e906f5555ef704b025b71cd1dac5aca1d3387c.roa
Signing time: Wed 30 Jun 2021 17:46:09 +0000
ROA not before: Wed 30 Jun 2021 03:00:00 +0000
ROA not after: Fri 30 Jun 2023 03:00:00 +0000
asID: 52449
IP address blocks: 138.97.156.0/22 maxlen: 22
167.249.200.0/22 maxlen: 22
168.195.76.0/22 maxlen: 22
170.247.220.0/22 maxlen: 22
2803:3d00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2409 (0x969)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d3fd40f1570dd6e7ef4b855d45ec68703ec8cb2
Validity
Not Before: Jun 30 03:00:00 2021 GMT
Not After : Jun 30 03:00:00 2023 GMT
Subject: CN=76e906f5555ef704b025b71cd1dac5aca1d3387c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:cd:b1:c6:92:d3:f3:52:2f:eb:bc:56:3a:af:
f1:33:25:76:89:a7:06:df:02:2e:3c:cb:5b:71:f1:
ad:57:c3:89:f6:5c:e2:fc:f2:a9:cd:e1:9b:c1:d6:
2c:1b:57:5c:9d:56:c7:be:3d:3b:80:86:68:ee:b4:
c3:55:e1:9a:0c:8c:4d:1d:2a:35:c3:fe:e1:8c:a3:
b1:a8:14:ca:b2:69:0f:bb:bd:6e:79:22:32:e8:0b:
68:0c:e5:f8:eb:9a:bb:fc:7b:b7:c4:6e:ae:2d:05:
00:a6:19:49:bf:70:95:d5:e7:63:5d:bb:06:8c:ec:
52:59:e9:a5:02:65:b7:cc:a1:a3:b5:3a:b2:08:fe:
e8:a6:8b:2d:be:85:75:08:72:a0:db:59:cc:8a:02:
6d:3f:01:63:27:3f:d5:f6:60:a2:05:ef:21:cf:13:
74:22:d2:ce:5c:cd:61:80:62:37:a9:36:b5:83:f6:
b4:f8:14:e5:20:b2:ee:7d:c6:f6:6e:b3:50:2d:82:
11:81:6e:26:48:54:91:0a:b3:2d:4f:75:43:e5:fa:
6f:71:17:e7:63:55:d9:20:0c:0b:9d:9a:f9:67:8c:
71:9a:bf:f6:8c:a7:4b:27:c3:84:27:bd:27:ad:e5:
53:ed:8f:f8:53:42:75:78:de:85:3b:7f:29:8d:ad:
65:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:EF:9D:1E:5F:2E:31:EC:59:56:3B:C6:24:D0:89:9F:93:7B:C3:93
X509v3 Authority Key Identifier:
keyid:23:0C:88:03:8A:F4:DE:38:2C:6C:59:D6:5B:FE:FF:E0:74:3D:73:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0d3fd40f1570dd6e7ef4b855d45ec68703ec8cb2.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2af7cee6-f2a7-4137-8cf1-f51c58e4d7d6/76e906f5555ef704b025b71cd1dac5aca1d3387c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/2af7cee6-f2a7-4137-8cf1-f51c58e4d7d6/0d3fd40f1570dd6e7ef4b855d45ec68703ec8cb2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.97.156.0/22
167.249.200.0/22
168.195.76.0/22
170.247.220.0/22
IPv6:
2803:3d00::/32
Signature Algorithm: sha256WithRSAEncryption
64:d8:3d:a8:eb:99:13:32:47:9d:ca:9b:26:fe:84:88:a3:59:
45:51:de:d1:40:0c:ea:65:b2:e1:27:c1:11:71:1c:59:bc:fe:
b9:e2:03:71:a5:69:cd:48:42:2f:a2:d1:0b:cc:bf:fa:12:64:
18:e7:fd:52:a7:43:4d:f5:75:14:43:70:98:4d:09:14:c6:57:
d6:b2:11:ff:55:7c:df:68:e5:a5:11:6d:35:4c:1e:51:71:b1:
ae:85:71:51:8a:03:20:0f:5b:b4:f9:93:ec:2c:5c:2d:5d:e0:
9a:05:bc:1a:07:e2:ff:e7:e4:d0:6d:97:af:a5:dc:58:3e:53:
e0:1d:45:b9:a8:af:c6:83:bf:6e:a1:5d:53:2a:62:f0:f6:f5:
76:bd:bf:6d:57:71:ae:68:94:20:c4:fe:d7:73:1f:7e:8b:45:
19:6a:47:2b:98:18:53:a4:6b:b9:9a:63:3f:f9:aa:7a:51:f7:
08:a7:4f:7e:a5:a1:1d:3b:f1:40:47:d6:ea:fe:9f:fe:15:b4:
a9:2e:03:e8:15:04:32:41:b7:c0:70:fe:8a:e0:86:ea:95:3c:
21:18:0e:4a:52:fd:b6:9c:35:d4:44:7a:8a:79:3e:6e:d6:71:
b1:7c:00:fd:d7:6a:92:1f:48:a3:71:4d:7b:0b:77:5a:30:fa:
aa:e8:66:e4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgICCWkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMGQz
ZmQ0MGYxNTcwZGQ2ZTdlZjRiODU1ZDQ1ZWM2ODcwM2VjOGNiMjAeFw0yMTA2MzAw
MzAwMDBaFw0yMzA2MzAwMzAwMDBaMDMxMTAvBgNVBAMTKDc2ZTkwNmY1NTU1ZWY3
MDRiMDI1YjcxY2QxZGFjNWFjYTFkMzM4N2MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJzbHGktPzUi/rvFY6r/EzJXaJpwbfAi48y1tx8a1Xw4n2XOL8
8qnN4ZvB1iwbV1ydVse+PTuAhmjutMNV4ZoMjE0dKjXD/uGMo7GoFMqyaQ+7vW55
IjLoC2gM5fjrmrv8e7fEbq4tBQCmGUm/cJXV52NduwaM7FJZ6aUCZbfMoaO1OrII
/uimiy2+hXUIcqDbWcyKAm0/AWMnP9X2YKIF7yHPE3Qi0s5czWGAYjepNrWD9rT4
FOUgsu59xvZus1AtghGBbiZIVJEKsy1PdUPl+m9xF+djVdkgDAudmvlnjHGav/aM
p0snw4QnvSet5VPtj/hTQnV43oU7fymNrWVvAgMBAAGjggJ8MIICeDAdBgNVHQ4E
FgQUbu+dHl8uMexZVjvGJNCJn5N7w5MwHwYDVR0jBBgwFoAUIwyIA4r03jgsbFnW
W/7/4HQ9c4wwDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS8wZDNmZDQw
ZjE1NzBkZDZlN2VmNGI4NTVkNDVlYzY4NzAzZWM4Y2IyLmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy8yYWY3Y2VlNi1mMmE3LTQxMzctOGNmMS1mNTFjNThl
NGQ3ZDYvNzZlOTA2ZjU1NTVlZjcwNGIwMjViNzFjZDFkYWM1YWNhMWQzMzg3Yy5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljLzJhZjdjZWU2LWYyYTctNDEzNy04Y2YxLWY1MWM1
OGU0ZDdkNi8wZDNmZDQwZjE1NzBkZDZlN2VmNGI4NTVkNDVlYzY4NzAzZWM4Y2Iy
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEw
LzAeBAIAATAYAwQCimGcAwQCp/nIAwQCqMNMAwQCqvfcMA0EAgACMAcDBQAoAz0A
MA0GCSqGSIb3DQEBCwUAA4IBAQBk2D2o65kTMkedypsm/oSIo1lFUd7RQAzqZbLh
J8ERcRxZvP654gNxpWnNSEIvotELzL/6EmQY5/1Sp0NN9XUUQ3CYTQkUxlfWshH/
VXzfaOWlEW01TB5RcbGuhXFRigMgD1u0+ZPsLFwtXeCaBbwaB+L/5+TQbZevpdxY
PlPgHUW5qK/Gg79uoV1TKmLw9vV2vb9tV3GuaJQgxP7Xcx9+i0UZakcrmBhTpGu5
mmM/+ap6UfcIp09+paEdO/FAR9bq/p/+FbSpLgPoFQQyQbfAcP6K4IbqlTwhGA5K
Uv22nDXURHqKeT5u1nGxfAD912qSH0ijcU17C3daMPqq6Gbk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:05 2024 by rpki-client on console-ams.rpki-client.org