Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/79fafa28-d62d-477f-979c-57c06d7c1204/af96563417b0fec986e8604c9788be949ba85617.roa
File: af96563417b0fec986e8604c9788be949ba85617.roa (raw, json)
Hash identifier: Vxx5F7fpY4XnzWKCn9qR/9LkJofUiM6Gy2Nuhl8jiaE=
Subject key identifier: 78:0F:B2:4F:F9:87:5E:31:06:CD:27:D9:E7:17:09:69:1B:77:27:1A
Certificate issuer: /CN=db621b88a3f513a5b25e83dde333801d0583bd90
Certificate serial: 0C86F9
Authority key identifier: 8F:72:21:AD:C5:B0:4A:1F:76:B2:16:F3:DA:11:BE:C9:1D:62:AA:D1
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/db621b88a3f513a5b25e83dde333801d0583bd90.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/79fafa28-d62d-477f-979c-57c06d7c1204/af96563417b0fec986e8604c9788be949ba85617.roa
Signing time: Wed 24 Mar 2021 14:31:16 +0000
ROA not before: Wed 24 Mar 2021 14:31:16 +0000
ROA not after: Tue 24 Mar 2026 14:31:16 +0000
asID: 52339
IP address blocks: 131.72.28.0/22 maxlen: 22
190.13.112.0/22 maxlen: 22
190.107.212.0/22 maxlen: 22
190.151.144.0/20 maxlen: 20
190.107.216.0/21 maxlen: 24
2803:7580::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 820985 (0xc86f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db621b88a3f513a5b25e83dde333801d0583bd90
Validity
Not Before: Mar 24 14:31:16 2021 GMT
Not After : Mar 24 14:31:16 2026 GMT
Subject: CN=af96563417b0fec986e8604c9788be949ba85617
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ee:74:f5:8b:f9:a0:a8:53:4d:bf:e1:f0:7a:
a9:98:81:68:6e:5a:f3:01:51:ce:66:8a:b3:13:28:
f6:fd:33:36:2a:94:2e:f6:c6:38:c7:45:78:68:63:
3e:5b:81:d5:28:4c:3f:92:8d:7b:dc:9a:0e:ee:60:
13:c9:31:2a:ee:3e:16:f1:cb:61:22:47:c9:b2:89:
5f:68:d4:30:06:ad:a2:6c:e5:50:e9:81:9d:d8:6b:
e8:af:4f:ca:90:7e:63:8e:ec:2f:26:da:85:29:d7:
b3:3d:f1:ef:47:4a:81:01:84:22:86:31:68:8f:63:
30:db:d7:c6:9b:be:e3:61:d9:22:f8:6b:bb:2a:95:
21:2b:75:12:8f:af:3c:ca:79:0a:ee:23:58:04:27:
6d:30:14:f1:82:26:02:98:29:3b:7a:ef:eb:3b:0f:
bc:72:db:f0:14:12:80:42:1e:26:42:08:dd:59:4b:
7c:23:95:1e:e8:48:1f:7c:e9:80:19:c7:a3:1e:5a:
ac:06:0a:c1:33:bd:82:60:ef:23:7f:d2:c5:21:7f:
28:d8:a0:dc:da:b5:62:89:e9:f6:58:5b:dd:d7:4b:
09:da:11:08:92:13:cc:08:26:68:f0:07:83:44:0c:
3e:a3:82:d6:48:25:0d:eb:2c:6e:6d:f7:42:f9:59:
d5:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:0F:B2:4F:F9:87:5E:31:06:CD:27:D9:E7:17:09:69:1B:77:27:1A
X509v3 Authority Key Identifier:
keyid:8F:72:21:AD:C5:B0:4A:1F:76:B2:16:F3:DA:11:BE:C9:1D:62:AA:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/db621b88a3f513a5b25e83dde333801d0583bd90.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/79fafa28-d62d-477f-979c-57c06d7c1204/af96563417b0fec986e8604c9788be949ba85617.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/79fafa28-d62d-477f-979c-57c06d7c1204/db621b88a3f513a5b25e83dde333801d0583bd90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.72.28.0/22
190.13.112.0/22
190.107.212.0-190.107.223.255
190.151.144.0/20
IPv6:
2803:7580::/32
Signature Algorithm: sha256WithRSAEncryption
0a:74:cd:3b:ce:a9:d5:30:b4:4a:04:d5:ac:d4:44:aa:e0:fd:
15:10:44:71:59:f6:66:d6:82:06:9d:15:84:e7:fc:ec:d4:38:
93:e0:15:2f:8d:3e:7a:db:b3:b0:87:6d:14:c3:61:b7:69:76:
0d:e9:a7:2d:a7:07:4e:26:dc:8c:3e:24:f2:f4:14:c7:5f:9b:
e4:70:a8:01:f6:a6:db:7e:c6:32:e1:eb:24:c5:a2:3c:a8:fb:
9d:4d:ff:79:61:bd:43:86:8f:0b:45:bc:c6:ac:82:39:d4:60:
31:3a:5c:1d:57:e7:fc:c0:f1:bd:8a:fc:84:68:84:01:a0:18:
9d:1d:84:af:c4:93:7f:4c:75:20:a4:c3:f7:a0:8d:ed:1f:e8:
2e:dd:e7:67:53:f1:85:a8:18:28:43:60:b1:a4:c4:76:77:52:
08:1a:9b:4a:56:64:50:25:8f:6c:0f:c9:3d:45:61:a4:d7:68:
5e:e3:8d:74:6a:f1:d6:41:bf:1f:c3:20:01:47:fe:8a:2a:25:
4b:13:1c:0b:f9:32:6e:7e:9e:0f:51:a3:33:c2:ac:e3:4a:f6:
8e:ae:da:ce:39:fe:df:98:4e:ce:f4:ea:2d:7c:c2:04:87:7d:
c5:3c:23:68:49:fb:52:8e:8b:bf:82:3b:af:e7:60:bf:6e:53:
97:14:bf:5d
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgIDDIb5MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGRi
NjIxYjg4YTNmNTEzYTViMjVlODNkZGUzMzM4MDFkMDU4M2JkOTAwHhcNMjEwMzI0
MTQzMTE2WhcNMjYwMzI0MTQzMTE2WjAzMTEwLwYDVQQDEyhhZjk2NTYzNDE3YjBm
ZWM5ODZlODYwNGM5Nzg4YmU5NDliYTg1NjE3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAx+509Yv5oKhTTb/h8HqpmIFoblrzAVHOZoqzEyj2/TM2KpQu
9sY4x0V4aGM+W4HVKEw/ko173JoO7mATyTEq7j4W8cthIkfJsolfaNQwBq2ibOVQ
6YGd2Gvor0/KkH5jjuwvJtqFKdezPfHvR0qBAYQihjFoj2Mw29fGm77jYdki+Gu7
KpUhK3USj688ynkK7iNYBCdtMBTxgiYCmCk7eu/rOw+8ctvwFBKAQh4mQgjdWUt8
I5Ue6EgffOmAGcejHlqsBgrBM72CYO8jf9LFIX8o2KDc2rViien2WFvd10sJ2hEI
khPMCCZo8AeDRAw+o4LWSCUN6yxubfdC+VnVbQIDAQABo4IChDCCAoAwHQYDVR0O
BBYEFHgPsk/5h14xBs0n2ecXCWkbdycaMB8GA1UdIwQYMBaAFI9yIa3FsEofdrIW
89oRvskdYqrRMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZGI2MjFi
ODhhM2Y1MTNhNWIyNWU4M2RkZTMzMzgwMWQwNTgzYmQ5MC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNzlmYWZhMjgtZDYyZC00NzdmLTk3OWMtNTdjMDZk
N2MxMjA0L2FmOTY1NjM0MTdiMGZlYzk4NmU4NjA0Yzk3ODhiZTk0OWJhODU2MTcu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy83OWZhZmEyOC1kNjJkLTQ3N2YtOTc5Yy01N2Mw
NmQ3YzEyMDQvZGI2MjFiODhhM2Y1MTNhNWIyNWU4M2RkZTMzMzgwMWQwNTgzYmQ5
MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBIBggrBgEFBQcBBwEB/wQ5
MDcwJgQCAAEwIAMEAoNIHAMEAr4NcDAMAwQCvmvUAwQFvmvAAwQEvpeQMA0EAgAC
MAcDBQAoA3WAMA0GCSqGSIb3DQEBCwUAA4IBAQAKdM07zqnVMLRKBNWs1ESq4P0V
EERxWfZm1oIGnRWE5/zs1DiT4BUvjT5627Owh20Uw2G3aXYN6actpwdOJtyMPiTy
9BTHX5vkcKgB9qbbfsYy4eskxaI8qPudTf95Yb1Dho8LRbzGrII51GAxOlwdV+f8
wPG9ivyEaIQBoBidHYSvxJN/THUgpMP3oI3tH+gu3ednU/GFqBgoQ2CxpMR2d1II
GptKVmRQJY9sD8k9RWGk12he4410avHWQb8fwyABR/6KKiVLExwL+TJufp4PUaMz
wqzjSvaOrtrOOf7fmE7O9OotfMIEh33FPCNoSftSjou/gjuv52C/blOXFL9d
-----END CERTIFICATE-----
Generated at Mon Apr 15 17:25:39 2024 by rpki-client on console-ams.rpki-client.org