Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/493fe8dc-9381-4b65-924c-e37d7fc847ad/9409b4992881a16ac2e310bcd09a98182c3b43a4.roa
File: 9409b4992881a16ac2e310bcd09a98182c3b43a4.roa (raw, json)
Hash identifier: sitvTqVNJlUUe/a5ZSfFE3IwlIpAHQPJory/JqEj1Es=
Subject key identifier: FB:E3:A8:54:B5:A3:4A:B9:01:DB:70:42:32:32:8F:F8:A2:07:16:66
Certificate issuer: /CN=36db2a9dc7f54f37a110e0c2fb87e02babea4634
Certificate serial: 1035C1
Authority key identifier: AD:1E:18:01:5D:B9:7A:96:FA:44:6D:6F:FE:CE:11:50:A8:02:E9:48
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/36db2a9dc7f54f37a110e0c2fb87e02babea4634.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/493fe8dc-9381-4b65-924c-e37d7fc847ad/9409b4992881a16ac2e310bcd09a98182c3b43a4.roa
Signing time: Wed 18 Jan 2023 03:52:07 +0000
ROA not before: Tue 17 Jan 2023 03:52:06 +0000
ROA not after: Tue 18 Jan 2028 03:52:06 +0000
asID: 28398
IP address blocks: 138.99.148.0/22 maxlen: 22
138.99.148.0/24 maxlen: 24
138.99.149.0/24 maxlen: 24
138.99.150.0/24 maxlen: 24
138.99.151.0/24 maxlen: 24
2806:206::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1062337 (0x1035c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36db2a9dc7f54f37a110e0c2fb87e02babea4634
Validity
Not Before: Jan 17 03:52:06 2023 GMT
Not After : Jan 18 03:52:06 2028 GMT
Subject: CN=9409b4992881a16ac2e310bcd09a98182c3b43a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:2a:e4:34:93:ed:58:ad:1c:3b:f2:23:75:7e:
fb:22:1b:51:49:2d:fb:6c:30:be:5a:68:2d:52:14:
8e:54:78:7b:95:6e:8e:89:ff:61:86:0b:bb:3b:77:
16:8c:65:c7:25:f3:a9:00:37:a5:11:40:b6:17:06:
fb:3f:27:ed:b3:ad:ca:1b:dd:08:fa:15:0b:f0:72:
f4:20:b1:0f:20:bd:3b:bc:8a:df:52:e9:10:c9:8c:
d7:7f:e2:88:0f:b0:2a:de:b4:c6:d3:dc:3d:99:f0:
87:4e:c7:b2:30:8d:70:1d:08:fc:df:d5:92:ed:f1:
31:44:b5:8f:41:f3:02:48:90:7a:a6:a4:59:b7:fa:
d1:67:20:f5:12:36:75:d8:8a:52:6a:6f:46:f6:37:
84:c8:b3:12:53:c3:50:80:83:21:fe:37:ff:3b:14:
c0:ed:85:9c:a1:b3:4d:9b:b0:cc:b0:16:80:ab:56:
19:5c:71:bc:22:b3:28:8f:c0:a5:ee:c6:63:6e:93:
1d:56:e5:38:05:63:67:3c:82:87:49:60:d5:b9:01:
9a:fd:46:5b:41:5a:19:4f:af:26:2d:b7:20:c5:8d:
50:ca:1e:97:09:ea:a2:54:ae:1b:c3:ed:ea:7b:5a:
33:84:21:c2:83:71:da:2e:b9:80:bb:68:c3:aa:9d:
9c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:E3:A8:54:B5:A3:4A:B9:01:DB:70:42:32:32:8F:F8:A2:07:16:66
X509v3 Authority Key Identifier:
keyid:AD:1E:18:01:5D:B9:7A:96:FA:44:6D:6F:FE:CE:11:50:A8:02:E9:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/36db2a9dc7f54f37a110e0c2fb87e02babea4634.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/493fe8dc-9381-4b65-924c-e37d7fc847ad/9409b4992881a16ac2e310bcd09a98182c3b43a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/493fe8dc-9381-4b65-924c-e37d7fc847ad/36db2a9dc7f54f37a110e0c2fb87e02babea4634.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.99.148.0/22
IPv6:
2806:206::/32
Signature Algorithm: sha256WithRSAEncryption
81:6a:07:1d:e9:71:dc:41:27:75:67:a3:a5:3c:22:dd:d3:19:
35:9a:b9:e6:8e:1f:0a:83:57:d7:1c:d2:9a:a8:f3:aa:c0:1d:
bf:12:e4:16:d3:fb:ca:a3:e0:e9:a7:18:7a:d0:0e:bb:5a:b6:
36:c9:14:ed:73:91:d4:4e:2e:5a:a3:a6:20:3d:13:b1:e7:d3:
1e:55:45:25:e5:7f:00:c2:6e:31:2a:08:f0:76:03:40:3b:b8:
61:bf:9d:5a:45:9c:f7:22:09:02:2a:36:05:5e:e0:d3:b8:2f:
a1:ab:f9:22:df:f6:a8:7d:52:dd:40:6b:59:37:5f:27:ab:2c:
8a:3d:2f:40:54:f4:fb:7f:05:8e:71:88:30:d0:69:ac:ee:4c:
48:7d:95:49:4d:51:23:8c:3d:e9:6d:87:34:8f:9c:72:eb:dc:
b1:1e:39:de:c5:5c:a8:10:e3:c0:c7:a8:c7:cd:ee:71:23:5e:
8e:80:51:cf:42:af:db:99:3e:58:90:01:18:47:18:44:80:65:
12:a8:14:96:f4:6a:a2:9b:21:f5:3e:e0:ae:37:e8:24:f8:39:
f2:ed:7c:13:e7:03:bc:b2:6d:08:72:d7:99:42:6c:6a:bd:04:
2f:d8:6c:a5:72:c9:fd:35:f0:5d:63:d5:fd:45:21:59:0c:6f:
a0:42:7d:6a
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDEDXBMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM2
ZGIyYTlkYzdmNTRmMzdhMTEwZTBjMmZiODdlMDJiYWJlYTQ2MzQwHhcNMjMwMTE3
MDM1MjA2WhcNMjgwMTE4MDM1MjA2WjAzMTEwLwYDVQQDEyg5NDA5YjQ5OTI4ODFh
MTZhYzJlMzEwYmNkMDlhOTgxODJjM2I0M2E0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhirkNJPtWK0cO/IjdX77IhtRSS37bDC+WmgtUhSOVHh7lW6O
if9hhgu7O3cWjGXHJfOpADelEUC2Fwb7Pyfts63KG90I+hUL8HL0ILEPIL07vIrf
UukQyYzXf+KID7Aq3rTG09w9mfCHTseyMI1wHQj839WS7fExRLWPQfMCSJB6pqRZ
t/rRZyD1EjZ12IpSam9G9jeEyLMSU8NQgIMh/jf/OxTA7YWcobNNm7DMsBaAq1YZ
XHG8IrMoj8Cl7sZjbpMdVuU4BWNnPIKHSWDVuQGa/UZbQVoZT68mLbcgxY1Qyh6X
CeqiVK4bw+3qe1ozhCHCg3HaLrmAu2jDqp2cJwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFPvjqFS1o0q5AdtwQjIyj/iiBxZmMB8GA1UdIwQYMBaAFK0eGAFduXqW+kRt
b/7OEVCoAulIMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzZkYjJh
OWRjN2Y1NGYzN2ExMTBlMGMyZmI4N2UwMmJhYmVhNDYzNC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNDkzZmU4ZGMtOTM4MS00YjY1LTkyNGMtZTM3ZDdm
Yzg0N2FkLzk0MDliNDk5Mjg4MWExNmFjMmUzMTBiY2QwOWE5ODE4MmMzYjQzYTQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy80OTNmZThkYy05MzgxLTRiNjUtOTI0Yy1lMzdk
N2ZjODQ3YWQvMzZkYjJhOWRjN2Y1NGYzN2ExMTBlMGMyZmI4N2UwMmJhYmVhNDYz
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAopjlDANBAIAAjAHAwUAKAYCBjANBgkqhkiG9w0BAQsFAAOC
AQEAgWoHHelx3EEndWejpTwi3dMZNZq55o4fCoNX1xzSmqjzqsAdvxLkFtP7yqPg
6acYetAOu1q2NskU7XOR1E4uWqOmID0TsefTHlVFJeV/AMJuMSoI8HYDQDu4Yb+d
WkWc9yIJAio2BV7g07gvoav5It/2qH1S3UBrWTdfJ6ssij0vQFT0+38FjnGIMNBp
rO5MSH2VSU1RI4w96W2HNI+ccuvcsR453sVcqBDjwMeox83ucSNejoBRz0Kv25k+
WJABGEcYRIBlEqgUlvRqopsh9T7grjfoJPg58u18E+cDvLJtCHLXmUJsar0EL9hs
pXLJ/TXwXWPV/UUhWQxvoEJ9ag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:41 2024 by rpki-client on console-fra.rpki-client.org