Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/60351cdf6322d835efbf77cc99aff9a73980935a.roa
File: 60351cdf6322d835efbf77cc99aff9a73980935a.roa (raw, json)
Hash identifier: /kiLXLSHYq0zrvcevUrBJ4Es/IgszA97p6Vwr2u5Htw=
Subject key identifier: 35:15:5D:E4:72:FB:39:96:39:7C:8C:87:C0:2C:65:DE:18:13:42:AA
Certificate issuer: /CN=529d28a5769af1e1987aada52d4d9ac3bec39b68
Certificate serial: 29D5DF
Authority key identifier: 43:76:7A:C8:B9:C4:46:E4:13:DD:A2:B5:C9:85:3A:17:68:A4:E1:C5
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/529d28a5769af1e1987aada52d4d9ac3bec39b68.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/60351cdf6322d835efbf77cc99aff9a73980935a.roa
Signing time: Tue 30 Jan 2024 15:00:51 +0000
ROA not before: Tue 30 Jan 2024 15:00:49 +0000
ROA not after: Tue 30 Jan 2029 15:00:49 +0000
asID: 263699
IP address blocks: 190.114.96.0/22 maxlen: 24
190.114.96.0/22 maxlen: 24
190.114.100.0/23 maxlen: 24
200.123.36.0/22 maxlen: 24
200.123.40.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2741727 (0x29d5df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=529d28a5769af1e1987aada52d4d9ac3bec39b68
Validity
Not Before: Jan 30 15:00:49 2024 GMT
Not After : Jan 30 15:00:49 2029 GMT
Subject: CN=60351cdf6322d835efbf77cc99aff9a73980935a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b6:13:02:5e:b8:d8:86:8d:e2:f7:74:d4:71:
b1:89:69:a4:9a:10:e3:ed:95:7f:70:ce:59:9d:c9:
12:99:72:c3:70:80:35:b1:12:b4:b2:c2:e2:bb:7d:
ff:52:4e:71:35:70:d1:ae:f2:38:e2:db:47:18:c2:
c8:ee:96:d6:b6:c0:8d:81:3d:42:fd:00:6f:40:9a:
b0:be:bd:64:64:3a:7a:28:db:e9:6c:89:c8:1f:ef:
e1:14:26:68:65:a0:2b:c0:c1:5d:da:0d:d9:4a:6e:
e2:5c:13:87:0c:b1:0d:17:c5:f0:f4:73:38:3e:8c:
1c:53:e9:15:eb:62:78:25:b6:8b:84:10:bd:0b:ed:
f1:e4:c3:29:ec:2d:9a:f8:4e:1c:d8:c1:0e:2e:48:
c2:41:92:39:6d:cc:81:40:b8:ab:3d:dc:1a:07:5b:
47:a2:7b:ee:1a:e9:85:cf:28:15:ea:fa:ba:60:62:
92:fe:0a:4f:62:52:d1:be:2b:41:28:2e:51:38:f5:
69:e8:88:ff:4d:8f:65:20:2b:db:d3:ac:27:a9:f2:
0c:e1:2d:16:81:ab:44:65:f6:a9:67:19:f6:f3:6a:
e7:30:fe:fd:a8:a3:5b:ab:e5:69:1e:d4:9d:1e:4b:
53:8f:a3:15:04:e4:16:c1:2a:bf:92:d0:a4:90:28:
b9:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:15:5D:E4:72:FB:39:96:39:7C:8C:87:C0:2C:65:DE:18:13:42:AA
X509v3 Authority Key Identifier:
keyid:43:76:7A:C8:B9:C4:46:E4:13:DD:A2:B5:C9:85:3A:17:68:A4:E1:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/529d28a5769af1e1987aada52d4d9ac3bec39b68.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/60351cdf6322d835efbf77cc99aff9a73980935a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/529d28a5769af1e1987aada52d4d9ac3bec39b68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
190.114.96.0-190.114.101.255
200.123.36.0-200.123.47.255
Signature Algorithm: sha256WithRSAEncryption
21:bd:17:30:9f:56:a9:65:de:fe:e2:33:30:70:4e:bd:7a:44:
2b:a6:8b:93:33:7f:c9:28:09:50:6a:4a:4d:10:22:e2:e2:0f:
9b:0c:74:12:02:c5:15:bb:57:95:58:f9:35:25:52:26:d4:36:
16:99:cc:4b:47:0a:3b:ca:34:27:d5:9c:1f:9d:8e:bf:6c:64:
40:7b:81:f4:1d:e1:ff:70:83:d2:04:88:2c:37:62:84:0b:f1:
06:45:f8:cd:75:7e:01:1c:4f:dc:7a:c9:57:6d:6f:fe:95:b6:
e7:7b:b4:5a:ee:24:e5:3a:10:71:f2:6d:ad:7a:d2:cf:d8:72:
b6:e5:1f:b2:ea:a4:c7:15:6d:ab:22:9a:3f:dd:7c:d8:85:e1:
84:b1:12:70:7f:51:61:6b:da:1a:da:ef:20:4e:c5:e5:b2:92:
d8:7c:bf:19:9b:c8:8c:81:12:e7:4b:d2:f3:83:7a:2c:91:34:
18:66:7e:a7:06:03:fd:9c:6b:8a:78:12:32:cf:b9:95:b1:ef:
cb:28:0e:82:df:d4:95:f5:5c:25:f1:d2:cb:d4:09:7f:79:38:
28:d7:c7:0a:e0:b7:47:d6:17:a6:fd:93:25:f3:96:70:12:10:
a4:ab:df:8f:73:51:5c:5b:2f:90:88:04:7a:93:11:e8:e9:89:
a6:e8:db:ae
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgIDKdXfMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDUy
OWQyOGE1NzY5YWYxZTE5ODdhYWRhNTJkNGQ5YWMzYmVjMzliNjgwHhcNMjQwMTMw
MTUwMDQ5WhcNMjkwMTMwMTUwMDQ5WjAzMTEwLwYDVQQDEyg2MDM1MWNkZjYzMjJk
ODM1ZWZiZjc3Y2M5OWFmZjlhNzM5ODA5MzVhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAu7YTAl642IaN4vd01HGxiWmkmhDj7ZV/cM5ZnckSmXLDcIA1
sRK0ssLiu33/Uk5xNXDRrvI44ttHGMLI7pbWtsCNgT1C/QBvQJqwvr1kZDp6KNvp
bInIH+/hFCZoZaArwMFd2g3ZSm7iXBOHDLENF8Xw9HM4PowcU+kV62J4JbaLhBC9
C+3x5MMp7C2a+E4c2MEOLkjCQZI5bcyBQLirPdwaB1tHonvuGumFzygV6vq6YGKS
/gpPYlLRvitBKC5ROPVp6Ij/TY9lICvb06wnqfIM4S0WgatEZfapZxn282rnMP79
qKNbq+VpHtSdHktTj6MVBOQWwSq/ktCkkCi5XQIDAQABo4ICcTCCAm0wHQYDVR0O
BBYEFDUVXeRy+zmWOXyMh8AsZd4YE0KqMB8GA1UdIwQYMBaAFEN2esi5xEbkE92i
tcmFOhdopOHFMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNTI5ZDI4
YTU3NjlhZjFlMTk4N2FhZGE1MmQ0ZDlhYzNiZWMzOWI2OC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMzgyODMwNDctODgzNC00M2Q1LTgyZjctNGQ5Mzhl
NjA1NzFlLzYwMzUxY2RmNjMyMmQ4MzVlZmJmNzdjYzk5YWZmOWE3Mzk4MDkzNWEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zODI4MzA0Ny04ODM0LTQzZDUtODJmNy00ZDkz
OGU2MDU3MWUvNTI5ZDI4YTU3NjlhZjFlMTk4N2FhZGE1MmQ0ZDlhYzNiZWMzOWI2
OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1BggrBgEFBQcBBwEB/wQm
MCQwIgQCAAEwHDAMAwQFvnJgAwQBvnJkMAwDBALIeyQDBATIeyAwDQYJKoZIhvcN
AQELBQADggEBACG9FzCfVqll3v7iMzBwTr16RCumi5Mzf8koCVBqSk0QIuLiD5sM
dBICxRW7V5VY+TUlUibUNhaZzEtHCjvKNCfVnB+djr9sZEB7gfQd4f9wg9IEiCw3
YoQL8QZF+M11fgEcT9x6yVdtb/6Vtud7tFruJOU6EHHyba160s/YcrblH7LqpMcV
basimj/dfNiF4YSxEnB/UWFr2hra7yBOxeWykth8vxmbyIyBEudL0vODeiyRNBhm
fqcGA/2ca4p4EjLPuZWx78soDoLf1JX1XCXx0svUCX95OCjXxwrgt0fWF6b9kyXz
lnASEKSr349zUVxbL5CIBHqTEejpiabo264=
-----END CERTIFICATE-----
Generated at Thu Feb 15 21:34:55 2024 by rpki-client on console-ams.rpki-client.org