Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/b47f3236c1f65a32f404879308bd5b6a5c19f19b.roa
File: b47f3236c1f65a32f404879308bd5b6a5c19f19b.roa (raw, json)
Hash identifier: ddMkIVwNl8k6O9ok5D9tjAPNvXr6bR7SlN0Ui/YhHJ8=
Subject key identifier: 5F:A5:81:E4:45:FE:A1:D6:54:8F:E0:55:A7:C1:70:26:A8:2A:1C:2E
Certificate issuer: /CN=a7237d32fd35bbf0fdba7734a8368fd9626eca5a
Certificate serial: 27F738
Authority key identifier: BE:02:D2:36:F8:B0:06:BA:87:81:2A:20:2E:F5:B7:66:DC:8E:30:3F
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/b47f3236c1f65a32f404879308bd5b6a5c19f19b.roa
Signing time: Mon 12 Feb 2024 15:10:10 +0000
ROA not before: Mon 12 Feb 2024 15:09:57 +0000
ROA not after: Mon 12 Feb 2029 15:09:57 +0000
asID: 26426
IP address blocks: 190.242.8.0/24 maxlen: 24
190.242.13.0/24 maxlen: 24
190.242.21.0/24 maxlen: 24
190.242.68.0/23 maxlen: 24
190.242.70.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2619192 (0x27f738)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7237d32fd35bbf0fdba7734a8368fd9626eca5a
Validity
Not Before: Feb 12 15:09:57 2024 GMT
Not After : Feb 12 15:09:57 2029 GMT
Subject: CN=b47f3236c1f65a32f404879308bd5b6a5c19f19b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ff:79:13:d1:e6:4c:af:ce:75:b5:e3:fc:6d:
4c:c0:58:89:e2:93:85:bc:61:0f:f2:e4:bf:f5:ca:
08:70:c7:29:e8:a8:81:51:c1:3c:51:01:9b:4d:17:
f2:17:ca:70:8f:ea:0b:32:6d:e1:c2:2c:24:60:7c:
67:38:03:77:e0:ef:30:a5:95:5a:58:e6:a1:33:d2:
80:47:e3:57:27:c0:a9:fd:64:53:b0:c6:11:2f:57:
c1:54:77:2c:4d:b0:8d:cf:e7:bd:62:5c:0e:01:b5:
68:5f:46:26:d0:24:3b:05:51:15:e4:a4:37:d0:c8:
20:1f:12:9c:6a:e1:d7:c5:d1:e8:9d:27:10:55:96:
5b:5d:50:ea:1c:d8:eb:42:b0:0d:9e:d5:72:c1:1c:
9b:33:90:14:80:3e:b4:e4:eb:f2:76:49:a7:9a:f1:
8d:98:c3:01:e2:b7:91:35:1c:78:c3:c7:7a:38:39:
49:05:1b:de:25:46:f5:79:aa:d4:df:64:8e:94:f2:
68:ae:15:58:61:c7:f4:e3:f1:99:0d:ba:43:af:e6:
94:8c:c7:29:3c:10:7a:1e:d3:80:6f:93:21:2b:4b:
7a:5d:f2:1f:b3:1b:88:98:53:e6:16:d1:a5:48:77:
6e:07:df:cf:bc:0a:37:8a:41:38:4e:0a:db:2a:23:
27:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:A5:81:E4:45:FE:A1:D6:54:8F:E0:55:A7:C1:70:26:A8:2A:1C:2E
X509v3 Authority Key Identifier:
keyid:BE:02:D2:36:F8:B0:06:BA:87:81:2A:20:2E:F5:B7:66:DC:8E:30:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/b47f3236c1f65a32f404879308bd5b6a5c19f19b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
190.242.8.0/24
190.242.13.0/24
190.242.21.0/24
190.242.68.0-190.242.70.255
Signature Algorithm: sha256WithRSAEncryption
17:19:7d:fb:37:8a:1e:ab:b9:c9:e1:1b:2c:8e:0c:cf:01:6e:
3f:ad:63:d4:f2:90:02:c8:62:a4:67:36:72:79:ce:4d:3e:a5:
58:d7:a8:27:1c:62:46:a2:31:28:20:73:8c:73:f1:5b:31:fa:
cf:74:58:a6:27:ed:21:65:12:a6:cf:a6:6a:da:60:0b:90:85:
19:01:59:6c:78:26:77:3c:82:78:03:30:70:3a:60:b0:2b:9e:
d2:ad:9b:c8:dc:09:5d:56:43:a6:3c:92:0d:a0:b2:e8:ff:ea:
f1:4f:fb:4c:46:78:3b:d1:40:3d:c7:0c:c1:cd:c9:1a:b3:47:
c5:d5:8b:51:26:20:66:e1:a6:d2:88:7f:60:ac:30:1a:0c:56:
4f:fa:43:6d:6e:12:48:e0:e5:58:a0:8b:a8:60:80:7d:7b:d0:
0f:80:93:fc:c7:b1:54:e3:4c:b6:36:e5:30:09:c1:ba:c6:fc:
56:b4:ee:d9:a1:a9:6c:a0:b5:e6:7b:df:a9:60:c2:14:d1:6f:
b2:f3:19:d8:26:c3:0b:e1:88:8d:bf:7b:c5:0e:bd:24:5a:64:
32:4b:1f:74:fb:2f:9b:d6:c7:ba:de:6c:3f:90:b9:6a:4c:11:
d2:13:5e:7a:a9:88:3c:68:28:39:d8:60:57:75:bc:3f:92:19:
eb:ca:43:74
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgIDJ/c4MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE3
MjM3ZDMyZmQzNWJiZjBmZGJhNzczNGE4MzY4ZmQ5NjI2ZWNhNWEwHhcNMjQwMjEy
MTUwOTU3WhcNMjkwMjEyMTUwOTU3WjAzMTEwLwYDVQQDEyhiNDdmMzIzNmMxZjY1
YTMyZjQwNDg3OTMwOGJkNWI2YTVjMTlmMTliMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAov95E9HmTK/OdbXj/G1MwFiJ4pOFvGEP8uS/9coIcMcp6KiB
UcE8UQGbTRfyF8pwj+oLMm3hwiwkYHxnOAN34O8wpZVaWOahM9KAR+NXJ8Cp/WRT
sMYRL1fBVHcsTbCNz+e9YlwOAbVoX0Ym0CQ7BVEV5KQ30MggHxKcauHXxdHonScQ
VZZbXVDqHNjrQrANntVywRybM5AUgD605OvydkmnmvGNmMMB4reRNRx4w8d6ODlJ
BRveJUb1earU32SOlPJorhVYYcf04/GZDbpDr+aUjMcpPBB6HtOAb5MhK0t6XfIf
sxuImFPmFtGlSHduB9/PvAo3ikE4TgrbKiMnEQIDAQABo4ICdTCCAnEwHQYDVR0O
BBYEFF+lgeRF/qHWVI/gVafBcCaoKhwuMB8GA1UdIwQYMBaAFL4C0jb4sAa6h4Eq
IC71t2bcjjA/MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTcyMzdk
MzJmZDM1YmJmMGZkYmE3NzM0YTgzNjhmZDk2MjZlY2E1YS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNjdlZDkwMDgtYWUzNC00NGJlLTg4MmYtNTkzODEy
MDFiMWUxL2I0N2YzMjM2YzFmNjVhMzJmNDA0ODc5MzA4YmQ1YjZhNWMxOWYxOWIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82N2VkOTAwOC1hZTM0LTQ0YmUtODgyZi01OTM4
MTIwMWIxZTEvYTcyMzdkMzJmZDM1YmJmMGZkYmE3NzM0YTgzNjhmZDk2MjZlY2E1
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5BggrBgEFBQcBBwEB/wQq
MCgwJgQCAAEwIAMEAL7yCAMEAL7yDQMEAL7yFTAMAwQCvvJEAwQAvvJGMA0GCSqG
SIb3DQEBCwUAA4IBAQAXGX37N4oeq7nJ4RssjgzPAW4/rWPU8pACyGKkZzZyec5N
PqVY16gnHGJGojEoIHOMc/FbMfrPdFimJ+0hZRKmz6Zq2mALkIUZAVlseCZ3PIJ4
AzBwOmCwK57SrZvI3AldVkOmPJINoLLo/+rxT/tMRng70UA9xwzBzckas0fF1YtR
JiBm4abSiH9grDAaDFZP+kNtbhJI4OVYoIuoYIB9e9APgJP8x7FU40y2NuUwCcG6
xvxWtO7ZoalsoLXme9+pYMIU0W+y8xnYJsML4YiNv3vFDr0kWmQySx90+y+b1se6
3mw/kLlqTBHSE156qYg8aCg52GBXdbw/khnrykN0
-----END CERTIFICATE-----
Generated at Mon Apr 15 17:25:37 2024 by rpki-client on console-ams.rpki-client.org