Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9EE9B1E0831677ED93803AF0B8ED6B95FE367BA0CC83CED4B0AEF617E1F03150/0/AS52371.roa
File: AS52371.roa (raw, json)
Hash identifier: D1xHrGDmuGsRMOSFZbxRFGNwUIqlEXt74oh7w7lfppA=
Subject key identifier: 70:62:21:AB:E8:05:A8:D1:A5:92:9E:9B:11:6C:0A:6C:A8:1D:B5:2D
Certificate issuer: /CN=274D68F06BB1F2ED094F03B52FED7565F7825D99
Certificate serial: 483676F7D231E7C5D5F41803828AA9B5B6C52F65
Authority key identifier: 27:4D:68:F0:6B:B1:F2:ED:09:4F:03:B5:2F:ED:75:65:F7:82:5D:99
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/274D68F06BB1F2ED094F03B52FED7565F7825D99.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/9EE9B1E0831677ED93803AF0B8ED6B95FE367BA0CC83CED4B0AEF617E1F03150/0/AS52371.roa
Signing time: Tue 04 Feb 2025 20:06:57 +0000
ROA not before: Tue 04 Feb 2025 20:01:57 +0000
ROA not after: Tue 03 Feb 2026 20:06:57 +0000
asID: 52371
IP address blocks: 190.226.32.0/24 maxlen: 24
201.252.229.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:36:76:f7:d2:31:e7:c5:d5:f4:18:03:82:8a:a9:b5:b6:c5:2f:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=274D68F06BB1F2ED094F03B52FED7565F7825D99
Validity
Not Before: Feb 4 20:01:57 2025 GMT
Not After : Feb 3 20:06:57 2026 GMT
Subject: CN=706221ABE805A8D1A5929E9B116C0A6CA81DB52D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e4:75:c8:c0:36:2a:5f:ee:44:30:76:ed:52:
bf:95:8e:8d:b8:40:99:d7:c4:02:ca:58:6e:3c:1d:
d0:c7:80:81:ee:0e:71:55:b9:86:2e:c2:94:54:12:
a0:17:7d:af:62:dd:15:5c:4d:57:c6:a8:16:1f:a3:
30:33:06:95:3d:f8:ef:1f:c3:d7:da:92:74:3e:da:
62:4b:56:92:23:5e:21:a5:cf:eb:3e:a5:11:34:e9:
05:51:fc:ad:30:02:eb:6e:ae:d6:ea:e3:68:62:cc:
8a:95:39:3d:dd:9d:ed:c5:b7:73:e0:89:b2:0a:d4:
94:14:55:10:20:68:13:fb:ba:76:df:3d:2e:82:a1:
36:b8:4d:20:1a:01:24:ab:69:d9:ac:dc:e4:54:ac:
e6:81:a6:33:e4:0a:f1:ae:1d:be:38:f3:5b:0f:06:
a4:bc:d6:71:5a:f6:e7:fb:84:bf:cb:ba:7a:d5:08:
13:2d:2b:f1:c0:ba:dc:4f:30:79:0d:9a:65:d3:02:
61:4e:7d:a1:3c:4f:fd:10:e2:c2:9a:b2:b9:c6:c7:
4d:f1:da:3b:46:b1:32:11:84:34:d1:3b:0f:f3:18:
e4:f7:a9:4a:1c:82:0d:7c:6a:46:3c:92:4b:ef:a5:
71:85:ff:02:1a:cb:a3:33:6c:c6:e7:12:dd:f8:20:
97:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:62:21:AB:E8:05:A8:D1:A5:92:9E:9B:11:6C:0A:6C:A8:1D:B5:2D
X509v3 Authority Key Identifier:
keyid:27:4D:68:F0:6B:B1:F2:ED:09:4F:03:B5:2F:ED:75:65:F7:82:5D:99
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/9EE9B1E0831677ED93803AF0B8ED6B95FE367BA0CC83CED4B0AEF617E1F03150/0/274D68F06BB1F2ED094F03B52FED7565F7825D99.crl
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/274D68F06BB1F2ED094F03B52FED7565F7825D99.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9EE9B1E0831677ED93803AF0B8ED6B95FE367BA0CC83CED4B0AEF617E1F03150/0/AS52371.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
190.226.32.0/24
201.252.229.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:29:b8:82:1c:b9:36:fa:e8:88:e2:14:5c:98:b8:ef:12:a9:
a9:2f:a8:22:ca:1d:f3:00:7c:5a:98:72:e0:dd:4a:8d:eb:4c:
9d:49:b5:b2:f6:4e:96:df:d2:48:5f:cb:b3:9a:e4:14:39:be:
4f:f2:90:e5:7f:78:a5:9b:c6:1f:d6:58:b7:6e:96:86:fe:ec:
39:0d:a2:39:d0:50:14:71:41:c2:e0:3f:14:c1:8d:fe:b1:08:
a5:02:b2:88:1a:c5:e0:37:cf:ec:f1:4a:9c:58:a0:c3:06:04:
5d:71:fa:da:f6:66:54:eb:e0:9c:b7:70:55:50:60:fe:95:bf:
72:cb:82:88:40:c8:c7:96:cc:86:a2:a7:d9:27:2a:56:ec:84:
e2:cd:ba:35:e1:02:18:f6:dd:09:10:21:fd:3e:cd:12:8c:7f:
8b:95:36:1a:65:8b:5d:7b:6c:4e:00:29:81:a8:05:11:c8:73:
ec:ed:98:f6:0b:dc:c4:0b:62:4e:7a:cd:ca:23:2c:26:60:74:
e3:97:7c:82:2a:d4:16:7d:65:f9:af:99:4d:dc:08:cd:64:0d:
a5:02:63:40:e5:a1:4b:0f:dd:df:a1:e5:fc:df:a2:12:fd:b9:
83:91:5f:1b:d4:5f:0f:4c:15:e8:ee:22:17:50:b8:7d:32:01:
c0:84:da:d0
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgIUSDZ299Ix58XV9BgDgoqptbbFL2UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjc0RDY4RjA2QkIxRjJFRDA5NEYwM0I1MkZFRDc1NjVG
NzgyNUQ5OTAeFw0yNTAyMDQyMDAxNTdaFw0yNjAyMDMyMDA2NTdaMDMxMTAvBgNV
BAMTKDcwNjIyMUFCRTgwNUE4RDFBNTkyOUU5QjExNkMwQTZDQTgxREI1MkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDN5HXIwDYqX+5EMHbtUr+Vjo24
QJnXxALKWG48HdDHgIHuDnFVuYYuwpRUEqAXfa9i3RVcTVfGqBYfozAzBpU9+O8f
w9faknQ+2mJLVpIjXiGlz+s+pRE06QVR/K0wAuturtbq42hizIqVOT3dne3Ft3Pg
ibIK1JQUVRAgaBP7unbfPS6CoTa4TSAaASSradms3ORUrOaBpjPkCvGuHb4481sP
BqS81nFa9uf7hL/LunrVCBMtK/HAutxPMHkNmmXTAmFOfaE8T/0Q4sKasrnGx03x
2jtGsTIRhDTROw/zGOT3qUocgg18akY8kkvvpXGF/wIay6MzbMbnEt34IJcnAgMB
AAGjggKeMIICmjAdBgNVHQ4EFgQUcGIhq+gFqNGlkp6bEWwKbKgdtS0wHwYDVR0j
BBgwFoAUJ01o8Gux8u0JTwO1L+11ZfeCXZkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85RUU5QjFFMDgzMTY3N0VEOTM4MDNBRjBCOEVENkI5NUZF
MzY3QkEwQ0M4M0NFRDRCMEFFRjYxN0UxRjAzMTUwLzAvMjc0RDY4RjA2QkIxRjJF
RDA5NEYwM0I1MkZFRDc1NjVGNzgyNUQ5OS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yNzRENjhGMDZCQjFGMkVEMDk0
RjAzQjUyRkVENzU2NUY3ODI1RDk5LmNlcjCBlwYIKwYBBQUHAQsEgYowgYcwgYQG
CCsGAQUFBzALhnhyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy85RUU5QjFFMDgzMTY3N0VEOTM4MDNBRjBCOEVENkI5NUZFMzY3QkEwQ0M4
M0NFRDRCMEFFRjYxN0UxRjAzMTUwLzAvQVM1MjM3MS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAL7iIAME
AMn85TANBgkqhkiG9w0BAQsFAAOCAQEATym4ghy5NvroiOIUXJi47xKpqS+oIsod
8wB8Wphy4N1KjetMnUm1svZOlt/SSF/Ls5rkFDm+T/KQ5X94pZvGH9ZYt26Whv7s
OQ2iOdBQFHFBwuA/FMGN/rEIpQKyiBrF4DfP7PFKnFigwwYEXXH62vZmVOvgnLdw
VVBg/pW/csuCiEDIx5bMhqKn2ScqVuyE4s26NeECGPbdCRAh/T7NEox/i5U2GmWL
XXtsTgApgagFEchz7O2Y9gvcxAtiTnrNyiMsJmB045d8girUFn1l+a+ZTdwIzWQN
pQJjQOWhSw/d36Hl/N+iEv25g5FfG9RfD0wV6O4iF1C4fTIBwITa0A==
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:09:02 2025 by rpki-client