$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/7B4531BAA384EF4D91078C105290C4F0FBC052138FC9B21E7D912FBE9AA8A7F0/0/AS28511.roa File: AS28511.roa (raw, json) Hash identifier: c28zhaw45VYV/bZRUkzSj7xjcttyghLziDzTnlB1iH8= Subject key identifier: FE:3D:47:C8:AC:A9:B3:0F:36:06:E0:54:CE:95:06:85:5B:0B:88:C3 Certificate issuer: /CN=55E5523033B41B7E990D9D490339137189366F33 Certificate serial: 159C86DC3D749A57B8FE7A5D215F4ABB662D7672 Authority key identifier: 55:E5:52:30:33:B4:1B:7E:99:0D:9D:49:03:39:13:71:89:36:6F:33 Authority info access: rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/55E5523033B41B7E990D9D490339137189366F33.cer Subject info access: rsync://repository.lacnic.net/rpki/lacnic/7B4531BAA384EF4D91078C105290C4F0FBC052138FC9B21E7D912FBE9AA8A7F0/0/AS28511.roa Signing time: Wed 29 Jan 2025 17:30:03 +0000 ROA not before: Wed 29 Jan 2025 17:25:03 +0000 ROA not after: Wed 28 Jan 2026 17:30:03 +0000 asID: 28511 IP address blocks: 200.33.80.0/24 maxlen: 24 201.131.248.0/24 maxlen: 24 201.131.249.0/24 maxlen: 24 201.131.250.0/24 maxlen: 24 201.131.251.0/24 maxlen: 24 207.248.64.0/24 maxlen: 24 207.248.65.0/24 maxlen: 24 2001:1250:1000::/44 maxlen: 44 2001:1250:2000::/44 maxlen: 44 2001:1250:3000::/44 maxlen: 44 2001:1250:a000::/44 maxlen: 44 2001:1250:b000::/44 maxlen: 44 2001:1250:c000::/44 maxlen: 44 2001:1250:fe00::/48 maxlen: 48 Validation: OK Signature path: rsync://repository.lacnic.net/rpki/lacnic/7B4531BAA384EF4D91078C105290C4F0FBC052138FC9B21E7D912FBE9AA8A7F0/0/55E5523033B41B7E990D9D490339137189366F33.crl rsync://repository.lacnic.net/rpki/lacnic/7B4531BAA384EF4D91078C105290C4F0FBC052138FC9B21E7D912FBE9AA8A7F0/0/55E5523033B41B7E990D9D490339137189366F33.mft rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/55E5523033B41B7E990D9D490339137189366F33.cer rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer Signature path expires: Mon 21 Apr 2025 08:07:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:9c:86:dc:3d:74:9a:57:b8:fe:7a:5d:21:5f:4a:bb:66:2d:76:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=55E5523033B41B7E990D9D490339137189366F33 Validity Not Before: Jan 29 17:25:03 2025 GMT Not After : Jan 28 17:30:03 2026 GMT Subject: CN=FE3D47C8ACA9B30F3606E054CE9506855B0B88C3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:14:e4:a7:e4:e6:e5:21:48:15:df:d9:32:98: b0:f4:3d:4a:30:30:87:84:4e:68:51:4e:3e:5d:93: 12:77:e2:b2:8c:45:f2:71:f1:dd:72:a8:de:4c:43: 3c:b4:64:e7:95:7d:41:6f:8a:76:fc:5d:16:98:12: 50:b2:fb:90:1d:2a:d5:c6:9d:62:b9:b2:f3:20:f0: 9e:36:48:08:47:91:05:45:18:00:f6:25:4b:6a:c1: 67:59:06:46:15:44:b4:39:5c:5e:78:ac:02:8e:2e: 16:0f:08:12:01:69:cd:91:6e:89:59:fc:3d:fc:de: 88:ad:8d:8c:f9:50:b6:76:2d:72:f2:af:00:0f:9a: 08:cf:ae:3e:82:52:83:64:71:b5:e3:2b:e9:2c:ac: 6a:f3:f6:1a:e3:43:d5:48:e8:27:ba:6b:6e:0f:a3: f8:94:fe:2d:ac:21:ed:c9:8d:37:04:5a:49:32:bb: 45:a6:3a:90:0f:4c:3f:59:60:76:96:6e:2a:6a:d1: 9d:68:5b:a1:7c:64:cd:57:74:00:9c:48:7b:41:74: d1:13:cb:0e:ec:86:9b:6e:ec:09:3f:cf:52:59:fc: 36:00:36:d1:d0:de:3d:03:4f:30:70:f5:44:b8:d9: 8d:03:b7:6c:69:d6:27:69:98:27:50:8a:ea:42:c3: 58:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:3D:47:C8:AC:A9:B3:0F:36:06:E0:54:CE:95:06:85:5B:0B:88:C3 X509v3 Authority Key Identifier: keyid:55:E5:52:30:33:B4:1B:7E:99:0D:9D:49:03:39:13:71:89:36:6F:33 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repository.lacnic.net/rpki/lacnic/7B4531BAA384EF4D91078C105290C4F0FBC052138FC9B21E7D912FBE9AA8A7F0/0/55E5523033B41B7E990D9D490339137189366F33.crl Authority Information Access: CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/55E5523033B41B7E990D9D490339137189366F33.cer Subject Information Access: Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/7B4531BAA384EF4D91078C105290C4F0FBC052138FC9B21E7D912FBE9AA8A7F0/0/AS28511.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 200.33.80.0/24 201.131.248.0/22 207.248.64.0/23 IPv6: 2001:1250:1000::/44 2001:1250:2000::/44 2001:1250:3000::/44 2001:1250:a000::/44 2001:1250:b000::/44 2001:1250:c000::/44 2001:1250:fe00::/48 Signature Algorithm: sha256WithRSAEncryption a3:30:ec:80:e5:25:9f:2a:40:bc:61:2b:87:52:dc:63:ed:39: 0c:78:9a:4e:25:5c:e3:0b:5f:cd:ec:15:c9:b9:4f:b8:93:d3: 4f:b9:79:14:f6:c5:f1:f8:6c:98:33:a6:06:d0:27:e4:65:b0: 4b:f5:d0:a6:25:7d:b6:01:35:30:fc:99:48:6f:94:3d:62:7e: 22:ff:d2:f8:df:1a:33:1e:bc:16:ae:a8:1a:e5:88:e5:41:a7: 1c:5d:1b:e4:1e:12:4c:c9:82:dd:c9:e1:82:e8:35:cc:f5:cd: ed:e9:53:8d:fd:44:39:13:04:b6:5f:5b:34:c8:ff:01:4f:86: ab:c7:ba:f5:05:f6:8a:16:ad:66:9b:30:2f:15:de:6e:2c:46: 99:ef:23:a9:7b:ec:93:2c:50:ee:a5:50:a9:80:cf:8a:de:3c: fa:1a:40:da:b3:da:e8:15:9a:12:a5:1c:de:af:47:5b:1d:17: 65:18:25:11:81:1e:e8:03:03:6c:24:19:33:5e:b0:7f:bf:ac: 71:b2:26:5a:0c:71:9d:1f:b3:75:c0:51:63:4a:cd:58:a8:55: 4d:76:27:29:93:5b:fd:6d:a3:7a:70:05:cc:64:03:81:92:f8: 62:ed:7d:c1:4f:48:3c:44:6a:af:dd:29:3c:db:42:37:b1:ea: c3:2f:cb:e5 -----BEGIN CERTIFICATE----- MIIF4TCCBMmgAwIBAgIUFZyG3D10mle4/npdIV9Ku2YtdnIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTVFNTUyMzAzM0I0MUI3RTk5MEQ5RDQ5MDMzOTEzNzE4 OTM2NkYzMzAeFw0yNTAxMjkxNzI1MDNaFw0yNjAxMjgxNzMwMDNaMDMxMTAvBgNV BAMTKEZFM0Q0N0M4QUNBOUIzMEYzNjA2RTA1NENFOTUwNjg1NUIwQjg4QzMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiFOSn5OblIUgV39kymLD0PUow MIeETmhRTj5dkxJ34rKMRfJx8d1yqN5MQzy0ZOeVfUFvinb8XRaYElCy+5AdKtXG nWK5svMg8J42SAhHkQVFGAD2JUtqwWdZBkYVRLQ5XF54rAKOLhYPCBIBac2RbolZ /D383oitjYz5ULZ2LXLyrwAPmgjPrj6CUoNkcbXjK+ksrGrz9hrjQ9VI6Ce6a24P o/iU/i2sIe3JjTcEWkkyu0WmOpAPTD9ZYHaWbipq0Z1oW6F8ZM1XdACcSHtBdNET yw7shptu7Ak/z1JZ/DYANtHQ3j0DTzBw9US42Y0Dt2xp1idpmCdQiupCw1htAgMB AAGjggLrMIIC5zAdBgNVHQ4EFgQU/j1HyKypsw82BuBUzpUGhVsLiMMwHwYDVR0j BBgwFoAUVeVSMDO0G36ZDZ1JAzkTcYk2bzMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l dC9ycGtpL2xhY25pYy83QjQ1MzFCQUEzODRFRjREOTEwNzhDMTA1MjkwQzRGMEZC QzA1MjEzOEZDOUIyMUU3RDkxMkZCRTlBQThBN0YwLzAvNTVFNTUyMzAzM0I0MUI3 RTk5MEQ5RDQ5MDMzOTEzNzE4OTM2NkYzMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2 RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81NUU1NTIzMDMzQjQxQjdFOTkw RDlENDkwMzM5MTM3MTg5MzY2RjMzLmNlcjCBlwYIKwYBBQUHAQsEgYowgYcwgYQG CCsGAQUFBzALhnhyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh Y25pYy83QjQ1MzFCQUEzODRFRjREOTEwNzhDMTA1MjkwQzRGMEZCQzA1MjEzOEZD OUIyMUU3RDkxMkZCRTlBQThBN0YwLzAvQVMyODUxMS5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjByBggrBgEFBQcBBwEB/wRjMGEwGAQCAAEwEgMEAMghUAME AsmD+AMEAc/4QDBFBAIAAjA/AwcEIAESUBAAAwcEIAESUCAAAwcEIAESUDAAAwcE IAESUKAAAwcEIAESULAAAwcEIAESUMAAAwcAIAESUP4AMA0GCSqGSIb3DQEBCwUA A4IBAQCjMOyA5SWfKkC8YSuHUtxj7TkMeJpOJVzjC1/N7BXJuU+4k9NPuXkU9sXx +GyYM6YG0CfkZbBL9dCmJX22ATUw/JlIb5Q9Yn4i/9L43xozHrwWrqga5YjlQacc XRvkHhJMyYLdyeGC6DXM9c3t6VON/UQ5EwS2X1s0yP8BT4arx7r1BfaKFq1mmzAv Fd5uLEaZ7yOpe+yTLFDupVCpgM+K3jz6GkDas9roFZoSpRzer0dbHRdlGCURgR7o AwNsJBkzXrB/v6xxsiZaDHGdH7N1wFFjSs1YqFVNdicpk1v9baN6cAXMZAOBkvhi 7X3BT0g8RGqv3Sk820I3serDL8vl -----END CERTIFICATE-----Generated at Thu Apr 17 23:09:59 2025 by rpki-client