Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9EE9B1E0831677ED93803AF0B8ED6B95FE367BA0CC83CED4B0AEF617E1F03150/0/AS7303.roa
File: AS7303.roa (raw, json)
Hash identifier: zSbaOE8mb9F14UaSw21p53/z0wHPyqqfAi17jJtrNoM=
Subject key identifier: 65:BC:D7:9D:6A:6F:B7:75:C4:DB:41:D3:A4:83:4E:10:CE:1D:6A:0F
Certificate issuer: /CN=274D68F06BB1F2ED094F03B52FED7565F7825D99
Certificate serial: 083F803147E2D2F72D0C332A7EE938B9FB96684B
Authority key identifier: 27:4D:68:F0:6B:B1:F2:ED:09:4F:03:B5:2F:ED:75:65:F7:82:5D:99
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/274D68F06BB1F2ED094F03B52FED7565F7825D99.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/9EE9B1E0831677ED93803AF0B8ED6B95FE367BA0CC83CED4B0AEF617E1F03150/0/AS7303.roa
Signing time: Tue 01 Oct 2024 12:45:00 +0000
ROA not before: Tue 01 Oct 2024 12:40:00 +0000
ROA not after: Tue 30 Sep 2025 12:45:00 +0000
asID: 7303
IP address blocks: 24.232.0.0/16 maxlen: 24
66.60.0.0/18 maxlen: 24
152.168.0.0/14 maxlen: 24
170.150.196.0/22 maxlen: 24
170.231.136.0/22 maxlen: 24
181.0.0.0/16 maxlen: 24
181.1.0.0/17 maxlen: 24
181.1.128.0/20 maxlen: 24
181.1.144.0/21 maxlen: 24
181.1.156.0/22 maxlen: 24
181.1.160.0/19 maxlen: 24
181.1.192.0/18 maxlen: 24
181.2.0.0/15 maxlen: 15
181.2.0.0/15 maxlen: 24
181.4.0.0/14 maxlen: 15
181.4.0.0/14 maxlen: 24
181.8.0.0/13 maxlen: 24
181.28.0.0/14 maxlen: 24
181.80.0.0/14 maxlen: 15
181.80.0.0/14 maxlen: 24
181.86.0.0/15 maxlen: 15
181.86.0.0/15 maxlen: 24
181.88.0.0/15 maxlen: 15
181.88.0.0/15 maxlen: 24
181.92.0.0/15 maxlen: 15
181.92.0.0/15 maxlen: 24
181.94.100.0/24 maxlen: 24
181.96.0.0/14 maxlen: 24
181.100.0.0/15 maxlen: 24
181.102.0.0/16 maxlen: 24
181.103.16.0/20 maxlen: 24
181.103.32.0/19 maxlen: 24
181.103.80.0/20 maxlen: 24
181.103.96.0/19 maxlen: 24
181.103.128.0/17 maxlen: 24
181.104.0.0/13 maxlen: 24
181.164.0.0/14 maxlen: 24
181.168.0.0/14 maxlen: 24
181.228.0.0/14 maxlen: 24
186.108.0.0/14 maxlen: 24
186.124.0.0/14 maxlen: 24
186.136.0.0/14 maxlen: 24
186.152.0.0/15 maxlen: 24
190.16.0.0/14 maxlen: 24
190.30.0.0/15 maxlen: 24
190.136.0.0/14 maxlen: 24
190.188.0.0/14 maxlen: 24
190.192.0.0/14 maxlen: 24
190.224.0.0/13 maxlen: 24
190.244.0.0/14 maxlen: 24
191.97.128.0/17 maxlen: 24
196.32.64.0/19 maxlen: 24
200.3.32.0/19 maxlen: 24
200.3.64.0/19 maxlen: 24
200.32.0.0/19 maxlen: 24
200.42.0.0/17 maxlen: 24
200.42.128.0/19 maxlen: 24
200.43.0.0/16 maxlen: 24
200.45.0.0/16 maxlen: 24
200.49.96.0/20 maxlen: 24
200.49.128.0/19 maxlen: 24
200.55.64.0/18 maxlen: 24
200.61.192.0/19 maxlen: 24
200.63.0.0/19 maxlen: 24
200.71.224.0/20 maxlen: 24
200.73.128.0/18 maxlen: 24
200.80.64.0/20 maxlen: 24
200.82.0.0/17 maxlen: 24
200.89.128.0/18 maxlen: 24
200.105.0.0/18 maxlen: 24
200.105.64.0/19 maxlen: 24
200.110.224.0/21 maxlen: 24
200.114.128.0/17 maxlen: 24
200.117.0.0/16 maxlen: 24
200.122.0.0/17 maxlen: 24
200.126.128.0/17 maxlen: 24
200.127.0.0/16 maxlen: 24
201.212.0.0/15 maxlen: 24
201.231.0.0/16 maxlen: 24
201.235.0.0/16 maxlen: 24
201.252.0.0/15 maxlen: 24
2001:13d0::/29 maxlen: 48
2800:2000::/20 maxlen: 48
2800:b000::/32 maxlen: 48
2803:da80::/32 maxlen: 48
Validation: OK
Signature path: rsync://repository.lacnic.net/rpki/lacnic/9EE9B1E0831677ED93803AF0B8ED6B95FE367BA0CC83CED4B0AEF617E1F03150/0/274D68F06BB1F2ED094F03B52FED7565F7825D99.crl
rsync://repository.lacnic.net/rpki/lacnic/9EE9B1E0831677ED93803AF0B8ED6B95FE367BA0CC83CED4B0AEF617E1F03150/0/274D68F06BB1F2ED094F03B52FED7565F7825D99.mft
rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/274D68F06BB1F2ED094F03B52FED7565F7825D99.cer
rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires: Wed 27 Nov 2024 03:32:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:3f:80:31:47:e2:d2:f7:2d:0c:33:2a:7e:e9:38:b9:fb:96:68:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=274D68F06BB1F2ED094F03B52FED7565F7825D99
Validity
Not Before: Oct 1 12:40:00 2024 GMT
Not After : Sep 30 12:45:00 2025 GMT
Subject: CN=65BCD79D6A6FB775C4DB41D3A4834E10CE1D6A0F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:5c:82:bc:aa:e0:79:21:96:6e:a0:ed:18:43:
0a:19:76:89:0b:98:a2:ee:4e:fc:99:d8:c3:4b:06:
5b:50:86:af:60:e6:4c:ad:4b:c9:f4:25:6e:59:ad:
91:98:27:1b:f8:23:44:5c:eb:cd:42:9b:98:ad:4d:
56:1b:97:43:e1:0e:74:5b:25:72:37:38:77:63:f4:
c8:28:d5:20:3d:c7:ce:fe:0d:74:7a:f0:d0:6f:91:
c2:4c:ad:1a:ac:c8:89:fe:65:99:19:0c:85:e4:3a:
dd:05:0b:1b:c1:fa:00:fa:98:15:f1:45:51:27:38:
4c:df:96:b6:7b:0e:af:6a:04:2f:66:f1:bb:88:42:
80:74:98:c6:44:db:09:d6:2b:09:d1:ba:7b:54:7e:
e2:1e:45:21:11:75:8f:3b:73:53:95:58:80:3d:1d:
aa:b6:eb:4e:b8:1e:68:81:65:26:cc:e7:32:05:57:
3b:5d:d4:52:ff:74:26:e1:3c:14:74:5c:e8:02:a8:
1e:2a:44:83:f8:be:60:19:77:6a:ee:b8:33:b8:d2:
8a:cd:f8:ee:c7:96:7d:a3:b1:30:7e:d2:1d:2c:3f:
9c:9d:26:fb:dd:34:b7:f6:b0:5e:19:5d:13:c0:a4:
15:45:fd:67:bc:1c:ef:6e:26:e4:76:b2:a5:4d:93:
dd:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:BC:D7:9D:6A:6F:B7:75:C4:DB:41:D3:A4:83:4E:10:CE:1D:6A:0F
X509v3 Authority Key Identifier:
keyid:27:4D:68:F0:6B:B1:F2:ED:09:4F:03:B5:2F:ED:75:65:F7:82:5D:99
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/9EE9B1E0831677ED93803AF0B8ED6B95FE367BA0CC83CED4B0AEF617E1F03150/0/274D68F06BB1F2ED094F03B52FED7565F7825D99.crl
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/274D68F06BB1F2ED094F03B52FED7565F7825D99.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9EE9B1E0831677ED93803AF0B8ED6B95FE367BA0CC83CED4B0AEF617E1F03150/0/AS7303.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
24.232.0.0/16
66.60.0.0/18
152.168.0.0/14
170.150.196.0/22
170.231.136.0/22
181.0.0.0-181.1.151.255
181.1.156.0-181.15.255.255
181.28.0.0/14
181.80.0.0/14
181.86.0.0-181.89.255.255
181.92.0.0/15
181.94.100.0/24
181.96.0.0-181.102.255.255
181.103.16.0-181.103.63.255
181.103.80.0-181.111.255.255
181.164.0.0-181.171.255.255
181.228.0.0/14
186.108.0.0/14
186.124.0.0/14
186.136.0.0/14
186.152.0.0/15
190.16.0.0/14
190.30.0.0/15
190.136.0.0/14
190.188.0.0-190.195.255.255
190.224.0.0/13
190.244.0.0/14
191.97.128.0/17
196.32.64.0/19
200.3.32.0-200.3.95.255
200.32.0.0/19
200.42.0.0-200.42.159.255
200.43.0.0/16
200.45.0.0/16
200.49.96.0/20
200.49.128.0/19
200.55.64.0/18
200.61.192.0/19
200.63.0.0/19
200.71.224.0/20
200.73.128.0/18
200.80.64.0/20
200.82.0.0/17
200.89.128.0/18
200.105.0.0-200.105.95.255
200.110.224.0/21
200.114.128.0/17
200.117.0.0/16
200.122.0.0/17
200.126.128.0-200.127.255.255
201.212.0.0/15
201.231.0.0/16
201.235.0.0/16
201.252.0.0/15
IPv6:
2001:13d0::/29
2800:2000::/20
2800:b000::/32
2803:da80::/32
Signature Algorithm: sha256WithRSAEncryption
41:8f:89:8f:cc:57:c4:69:92:e8:e2:74:84:f4:87:a3:b3:17:
36:c9:40:da:61:b0:f3:46:a0:d8:8e:3a:aa:d5:16:7c:35:91:
81:a6:07:cc:76:3c:a8:d4:15:65:95:fc:39:3e:ab:61:dd:d7:
df:1e:df:c2:73:bd:9c:f5:95:e9:52:1b:0b:83:c1:6d:51:43:
da:5c:26:15:5b:da:22:3c:5d:98:a9:89:2d:e6:c4:45:e5:bf:
68:0d:20:0c:fa:37:24:ec:58:8b:93:c5:9e:65:04:a0:ae:09:
41:99:83:39:1c:ad:19:4b:b4:75:65:39:2c:e6:13:51:9b:98:
26:37:4b:3b:2c:20:f7:a1:c9:26:c5:3a:3d:57:40:eb:62:6c:
0e:cb:b1:0e:76:46:a5:6e:27:5b:b0:5b:9c:35:96:db:db:10:
17:7f:93:42:9b:b0:fb:4d:ae:13:91:85:94:67:ec:84:38:96:
3d:3a:9d:9c:b7:09:ff:94:b8:82:9b:32:e6:14:6d:dd:45:c1:
84:19:62:3e:2e:df:67:67:48:cb:93:64:76:40:b0:38:a3:ca:
4d:08:47:68:f5:36:14:1d:5d:8b:80:d4:96:bd:cc:f5:72:c8:
98:ae:5a:8f:5b:86:4d:c9:04:f8:6b:ff:91:c6:ec:bf:e1:9b:
98:70:17:b9
-----BEGIN CERTIFICATE-----
MIIHMzCCBhugAwIBAgIUCD+AMUfi0vctDDMqfuk4ufuWaEswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjc0RDY4RjA2QkIxRjJFRDA5NEYwM0I1MkZFRDc1NjVG
NzgyNUQ5OTAeFw0yNDEwMDExMjQwMDBaFw0yNTA5MzAxMjQ1MDBaMDMxMTAvBgNV
BAMTKDY1QkNENzlENkE2RkI3NzVDNERCNDFEM0E0ODM0RTEwQ0UxRDZBMEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6XIK8quB5IZZuoO0YQwoZdokL
mKLuTvyZ2MNLBltQhq9g5kytS8n0JW5ZrZGYJxv4I0Rc681Cm5itTVYbl0PhDnRb
JXI3OHdj9Mgo1SA9x87+DXR68NBvkcJMrRqsyIn+ZZkZDIXkOt0FCxvB+gD6mBXx
RVEnOEzflrZ7Dq9qBC9m8buIQoB0mMZE2wnWKwnRuntUfuIeRSERdY87c1OVWIA9
Haq26064HmiBZSbM5zIFVztd1FL/dCbhPBR0XOgCqB4qRIP4vmAZd2ruuDO40orN
+O7Hln2jsTB+0h0sP5ydJvvdNLf2sF4ZXRPApBVF/We8HO9uJuR2sqVNk93TAgMB
AAGjggQ9MIIEOTAdBgNVHQ4EFgQUZbzXnWpvt3XE20HTpINOEM4dag8wHwYDVR0j
BBgwFoAUJ01o8Gux8u0JTwO1L+11ZfeCXZkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85RUU5QjFFMDgzMTY3N0VEOTM4MDNBRjBCOEVENkI5NUZF
MzY3QkEwQ0M4M0NFRDRCMEFFRjYxN0UxRjAzMTUwLzAvMjc0RDY4RjA2QkIxRjJF
RDA5NEYwM0I1MkZFRDc1NjVGNzgyNUQ5OS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yNzRENjhGMDZCQjFGMkVEMDk0
RjAzQjUyRkVENzU2NUY3ODI1RDk5LmNlcjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMG
CCsGAQUFBzALhndyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy85RUU5QjFFMDgzMTY3N0VEOTM4MDNBRjBCOEVENkI5NUZFMzY3QkEwQ0M4
M0NFRDRCMEFFRjYxN0UxRjAzMTUwLzAvQVM3MzAzLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBwwYIKwYBBQUHAQcBAf8EggGyMIIBrjCCAYcEAgABMIIB
fwMDABjoAwQGQjwAAwMCmKgDBAKqlsQDBAKq54gwCgMCALUDBAO1AZAwCwMEArUB
nAMDBLUAAwMCtRwDAwK1UDAKAwMBtVYDAwG1WAMDAbVcAwQAtV5kMAoDAwW1YAMD
ALVmMAwDBAS1ZxADBAa1ZwAwCwMEBLVnUAMDBLVgMAoDAwK1pAMDArWoAwMCteQD
AwK6bAMDArp8AwMCuogDAwG6mAMDAr4QAwMBvh4DAwK+iDAKAwMCvrwDAwK+wAMD
A77gAwMCvvQDBAe/YYADBAXEIEAwDAMEBcgDIAMEBcgDQAMEBcggADALAwMByCoD
BAXIKoADAwDIKwMDAMgtAwQEyDFgAwQFyDGAAwQGyDdAAwQFyD3AAwQFyD8AAwQE
yEfgAwQGyEmAAwQEyFBAAwQHyFIAAwQGyFmAMAsDAwDIaQMEBchpQAMEA8hu4AME
B8hygAMDAMh1AwQHyHoAMAsDBAfIfoADAwfIAAMDAcnUAwMAyecDAwDJ6wMDAcn8
MCEEAgACMBsDBQMgARPQAwQEKAAgAwUAKACwAAMFACgD2oAwDQYJKoZIhvcNAQEL
BQADggEBAEGPiY/MV8RpkujidIT0h6OzFzbJQNphsPNGoNiOOqrVFnw1kYGmB8x2
PKjUFWWV/Dk+q2Hd198e38JzvZz1lelSGwuDwW1RQ9pcJhVb2iI8XZipiS3mxEXl
v2gNIAz6NyTsWIuTxZ5lBKCuCUGZgzkcrRlLtHVlOSzmE1GbmCY3SzssIPehySbF
Oj1XQOtibA7LsQ52RqVuJ1uwW5w1ltvbEBd/k0KbsPtNrhORhZRn7IQ4lj06nZy3
Cf+UuIKbMuYUbd1FwYQZYj4u32dnSMuTZHZAsDijyk0IR2j1NhQdXYuA1Ja9zPVy
yJiuWo9bhk3JBPhr/5HG7L/hm5hwF7k=
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:00:47 2024 by rpki-client on console-fra.rpki-client.org