Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/622c0c28-cc7d-421d-b45b-9ac2b7ced209/a3add11000bce8602861fc85a53522442ca7b74b.roa
File: a3add11000bce8602861fc85a53522442ca7b74b.roa (raw, json)
Hash identifier: nKRTnHwy6COZIEdUxCCAtOHBgdXRABPD7ncQXQXsgjc=
Subject key identifier: 8D:A2:CD:D7:A1:EE:55:C0:BA:36:A4:10:B8:52:7F:4B:BD:5F:C3:1A
Certificate issuer: /CN=7c0f314c1d3ae8c8fbd69f9c3163397243f8766e
Certificate serial: 2A3AD0
Authority key identifier: E7:0F:90:71:1A:2B:71:90:DF:5A:AD:73:41:16:3D:FA:E1:58:2C:28
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7c0f314c1d3ae8c8fbd69f9c3163397243f8766e.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/622c0c28-cc7d-421d-b45b-9ac2b7ced209/a3add11000bce8602861fc85a53522442ca7b74b.roa
Signing time: Thu 18 Jan 2024 14:39:34 +0000
ROA not before: Thu 18 Jan 2024 14:39:31 +0000
ROA not after: Thu 18 Jan 2029 14:39:31 +0000
asID: 52224
IP address blocks: 200.0.88.0/24 maxlen: 24
200.10.60.0/24 maxlen: 24
200.7.86.0/24 maxlen: 24
2001:13c7:7010::/48 maxlen: 48
2001:13c7:7012::/48 maxlen: 48
2801::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2767568 (0x2a3ad0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c0f314c1d3ae8c8fbd69f9c3163397243f8766e
Validity
Not Before: Jan 18 14:39:31 2024 GMT
Not After : Jan 18 14:39:31 2029 GMT
Subject: CN=a3add11000bce8602861fc85a53522442ca7b74b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ca:59:35:4f:bb:85:2e:5b:1b:5e:6b:c0:2a:
2f:00:4d:7e:30:9a:4b:38:9c:26:d4:16:fb:57:1f:
45:69:dc:ca:86:43:83:38:98:cd:29:19:69:bc:cf:
b4:fa:86:37:b1:34:f1:1d:81:55:c2:8e:60:75:43:
5e:a0:9b:fb:0b:0b:37:19:76:f2:4b:59:6a:19:e8:
40:2d:a8:d2:e0:03:88:4f:72:67:23:d3:0f:d7:53:
16:2d:0e:f5:36:90:7a:20:7d:f8:56:31:77:b2:46:
99:12:51:d0:a6:07:86:52:41:b6:d7:fd:50:ce:6f:
8d:a0:04:08:5b:32:9a:21:83:09:fe:ed:04:1a:01:
ff:b6:c1:c0:96:b3:ec:01:a0:a5:9c:f3:a1:fc:3c:
69:0d:27:71:b8:62:ff:bd:0a:63:e3:1d:fd:34:cb:
c1:ea:e0:19:6d:66:ad:1b:92:f0:7a:22:5e:39:f2:
9e:31:b4:9f:32:55:0b:e9:63:92:4e:b6:29:ce:ef:
71:b8:fa:c0:62:b9:a4:05:4d:7f:f3:6a:1a:7a:18:
be:ae:44:69:65:46:9a:e7:d0:ed:82:91:69:8e:14:
45:77:cf:35:c1:2f:f2:f0:44:7a:a3:16:60:93:91:
81:c4:5d:a7:fd:c1:94:1b:49:7e:94:ea:b8:60:99:
01:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:A2:CD:D7:A1:EE:55:C0:BA:36:A4:10:B8:52:7F:4B:BD:5F:C3:1A
X509v3 Authority Key Identifier:
keyid:E7:0F:90:71:1A:2B:71:90:DF:5A:AD:73:41:16:3D:FA:E1:58:2C:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7c0f314c1d3ae8c8fbd69f9c3163397243f8766e.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/622c0c28-cc7d-421d-b45b-9ac2b7ced209/a3add11000bce8602861fc85a53522442ca7b74b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/622c0c28-cc7d-421d-b45b-9ac2b7ced209/7c0f314c1d3ae8c8fbd69f9c3163397243f8766e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.0.88.0/24
200.7.86.0/24
200.10.60.0/24
IPv6:
2001:13c7:7010::/48
2001:13c7:7012::/48
2801::/48
Signature Algorithm: sha256WithRSAEncryption
4d:68:11:ec:ed:63:90:c3:82:75:c7:17:f0:76:29:99:47:97:
86:24:bc:49:18:83:d4:a6:4f:58:c9:26:fb:39:95:1c:e9:5d:
02:2d:a0:c6:05:fe:d8:de:ca:f0:2f:ba:3e:47:d4:00:6f:ef:
3e:d8:c5:68:96:83:75:d3:f7:83:76:8a:36:50:6f:38:4f:20:
00:c2:cd:f3:42:74:cc:ab:62:01:6e:18:1c:c4:52:2e:74:e0:
79:b9:28:90:04:94:4a:44:aa:05:99:97:0d:e5:f9:f5:2a:13:
ab:8a:1a:44:4c:e8:31:a5:92:57:a2:45:b3:8d:67:97:80:b5:
77:7e:66:2e:f2:6a:63:17:6e:77:ef:5b:cc:89:7e:7e:d8:cc:
6b:07:09:15:73:e7:db:91:7a:74:cb:e7:1d:a6:68:aa:7c:fa:
41:be:25:dd:c3:b2:4d:0e:f7:37:61:87:88:64:34:82:b6:7d:
76:25:f5:70:d6:fc:a5:13:af:b5:c9:61:26:e9:ca:24:39:36:
f9:c9:5f:0b:fd:60:07:95:e2:be:80:8b:84:27:2c:92:4f:0c:
9f:df:12:67:8d:8e:7a:2e:0e:ae:d7:41:86:f0:89:b2:fd:a1:
0f:f5:e2:ba:5a:f9:d3:e4:18:8c:04:7e:46:f8:8e:26:fd:24:
38:a8:a6:3e
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgIDKjrQMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDdj
MGYzMTRjMWQzYWU4YzhmYmQ2OWY5YzMxNjMzOTcyNDNmODc2NmUwHhcNMjQwMTE4
MTQzOTMxWhcNMjkwMTE4MTQzOTMxWjAzMTEwLwYDVQQDEyhhM2FkZDExMDAwYmNl
ODYwMjg2MWZjODVhNTM1MjI0NDJjYTdiNzRiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAncpZNU+7hS5bG15rwCovAE1+MJpLOJwm1Bb7Vx9FadzKhkOD
OJjNKRlpvM+0+oY3sTTxHYFVwo5gdUNeoJv7Cws3GXbyS1lqGehALajS4AOIT3Jn
I9MP11MWLQ71NpB6IH34VjF3skaZElHQpgeGUkG21/1Qzm+NoAQIWzKaIYMJ/u0E
GgH/tsHAlrPsAaClnPOh/DxpDSdxuGL/vQpj4x39NMvB6uAZbWatG5LweiJeOfKe
MbSfMlUL6WOSTrYpzu9xuPrAYrmkBU1/82oaehi+rkRpZUaa59DtgpFpjhRFd881
wS/y8ER6oxZgk5GBxF2n/cGUG0l+lOq4YJkBYQIDAQABo4ICijCCAoYwHQYDVR0O
BBYEFI2izdeh7lXAujakELhSf0u9X8MaMB8GA1UdIwQYMBaAFOcPkHEaK3GQ31qt
c0EWPfrhWCwoMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvN2MwZjMx
NGMxZDNhZThjOGZiZDY5ZjljMzE2MzM5NzI0M2Y4NzY2ZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNjIyYzBjMjgtY2M3ZC00MjFkLWI0NWItOWFjMmI3
Y2VkMjA5L2EzYWRkMTEwMDBiY2U4NjAyODYxZmM4NWE1MzUyMjQ0MmNhN2I3NGIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82MjJjMGMyOC1jYzdkLTQyMWQtYjQ1Yi05YWMy
YjdjZWQyMDkvN2MwZjMxNGMxZDNhZThjOGZiZDY5ZjljMzE2MzM5NzI0M2Y4NzY2
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBOBggrBgEFBQcBBwEB/wQ/
MD0wGAQCAAEwEgMEAMgAWAMEAMgHVgMEAMgKPDAhBAIAAjAbAwcAIAETx3AQAwcA
IAETx3ASAwcAKAEAAAAAMA0GCSqGSIb3DQEBCwUAA4IBAQBNaBHs7WOQw4J1xxfw
dimZR5eGJLxJGIPUpk9YySb7OZUc6V0CLaDGBf7Y3srwL7o+R9QAb+8+2MVoloN1
0/eDdoo2UG84TyAAws3zQnTMq2IBbhgcxFIudOB5uSiQBJRKRKoFmZcN5fn1KhOr
ihpETOgxpZJXokWzjWeXgLV3fmYu8mpjF25371vMiX5+2MxrBwkVc+fbkXp0y+cd
pmiqfPpBviXdw7JNDvc3YYeIZDSCtn12JfVw1vylE6+1yWEm6cokOTb5yV8L/WAH
leK+gIuEJyySTwyf3xJnjY56Lg6u10GG8Imy/aEP9eK6WvnT5BiMBH5G+I4m/SQ4
qKY+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:48 2024 by rpki-client on console-ams.rpki-client.org