Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9d2fd41d-f92d-4048-be53-748543426001/aa70133fab09c9f60adeee1175f32d3ded355a8f.roa
File: aa70133fab09c9f60adeee1175f32d3ded355a8f.roa (raw, json)
Hash identifier: f0MTcvIW12sCTd0X/SBPg4qm/2AuTVJ55tjCV9y2Hvc=
Subject key identifier: 9F:4F:6B:04:93:E6:A5:D2:5F:DD:6D:B4:2D:A1:66:AF:42:09:5E:DA
Certificate issuer: /CN=ef2d0ae672567bf0e707903589365faae1ff0bbc
Certificate serial: 1F2B82
Authority key identifier: 72:63:61:20:20:8A:C6:CE:8A:0F:E5:98:7E:0E:C5:8D:74:C5:69:D5
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ef2d0ae672567bf0e707903589365faae1ff0bbc.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/9d2fd41d-f92d-4048-be53-748543426001/aa70133fab09c9f60adeee1175f32d3ded355a8f.roa
Signing time: Fri 07 Apr 2023 08:30:04 +0000
ROA not before: Thu 06 Apr 2023 08:30:04 +0000
ROA not after: Sat 05 Apr 2025 08:30:04 +0000
asID: 21826
IP address blocks: 167.249.32.0/24 maxlen: 24
167.249.33.0/24 maxlen: 24
167.249.34.0/24 maxlen: 24
167.249.35.0/24 maxlen: 24
170.84.136.0/22 maxlen: 24
200.229.152.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2042754 (0x1f2b82)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef2d0ae672567bf0e707903589365faae1ff0bbc
Validity
Not Before: Apr 6 08:30:04 2023 GMT
Not After : Apr 5 08:30:04 2025 GMT
Subject: CN=aa70133fab09c9f60adeee1175f32d3ded355a8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:79:51:8a:91:75:8d:4b:a2:42:4b:ab:e7:c2:
da:75:fd:fe:a2:30:e0:86:fb:ce:84:6b:74:07:4e:
49:55:60:9f:1e:dd:97:58:68:0c:19:6e:60:b3:c9:
27:57:9f:65:a3:30:80:0f:7e:21:18:04:28:e1:83:
fd:2a:0c:49:f8:33:6b:d9:5c:89:04:0a:e3:9c:81:
a5:63:c7:8e:dd:6d:d1:bc:c9:4d:20:e4:37:be:85:
83:1b:b9:00:20:5a:8e:99:f4:fe:1a:19:0c:4d:d2:
ab:38:bf:b9:2d:97:02:76:d9:13:ff:56:13:35:4c:
59:8e:0c:2f:c7:f2:73:2e:c8:27:5d:22:45:cf:81:
7d:88:8c:58:0f:8b:ad:90:9c:8c:87:1b:e6:b4:47:
0e:ac:c1:a7:64:02:58:0f:3c:9c:9e:54:17:2b:e2:
d3:90:0d:b0:b9:e5:7f:28:61:b1:d2:ca:48:c5:6c:
7f:f6:21:f4:23:1d:e7:9f:d0:47:77:47:9b:d4:eb:
49:d3:7c:29:f2:c0:cc:dd:d1:f1:61:e4:e0:24:82:
a6:77:12:24:e6:64:68:ca:7c:e8:ab:d3:68:ef:1f:
f3:b2:b0:88:44:81:2a:70:4c:f3:94:b0:6e:c6:1a:
ac:05:89:a4:9f:29:e4:a4:1f:ce:5f:39:7e:3b:8f:
cb:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:4F:6B:04:93:E6:A5:D2:5F:DD:6D:B4:2D:A1:66:AF:42:09:5E:DA
X509v3 Authority Key Identifier:
keyid:72:63:61:20:20:8A:C6:CE:8A:0F:E5:98:7E:0E:C5:8D:74:C5:69:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ef2d0ae672567bf0e707903589365faae1ff0bbc.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9d2fd41d-f92d-4048-be53-748543426001/aa70133fab09c9f60adeee1175f32d3ded355a8f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/9d2fd41d-f92d-4048-be53-748543426001/ef2d0ae672567bf0e707903589365faae1ff0bbc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.249.32.0/22
170.84.136.0/22
200.229.152.0/22
Signature Algorithm: sha256WithRSAEncryption
05:ab:d4:8c:1d:bb:98:00:85:73:31:23:da:68:45:ed:cd:d0:
ce:81:f7:34:f8:be:c5:5e:11:41:ae:d8:c4:69:6c:2c:b4:10:
b2:92:91:13:1d:fc:51:59:65:09:1b:25:cd:13:58:af:58:f7:
10:9e:02:26:06:6b:7b:fd:2b:5a:32:1b:4d:c7:f9:19:6a:e6:
78:b0:8a:18:0e:7e:a7:8d:ab:19:54:2a:e2:e8:60:36:22:41:
89:40:ba:58:a2:35:8f:3b:cf:d4:b3:4c:d1:72:17:be:5c:22:
ea:e9:be:e6:f2:af:f1:8c:f3:1a:4a:13:3b:0e:bc:55:70:17:
94:cb:ca:1d:a0:29:32:7e:59:e5:a7:22:4c:4b:28:59:9c:47:
c5:65:a5:34:ae:bd:04:e2:4d:c9:b8:98:9b:e9:82:87:ae:6f:
38:36:0e:82:89:b7:dc:60:2f:e7:18:b9:3b:b3:2a:6e:4a:84:
b4:2a:54:38:c0:fc:e9:2a:03:7f:2c:88:6f:45:a8:7b:5a:af:
ec:7b:50:1d:24:b6:98:00:95:b6:0f:d5:13:ae:81:32:85:9f:
16:8c:ae:b4:96:ba:5d:ad:c7:99:79:89:c6:70:a5:2d:32:07:
7e:fd:df:ed:15:c2:c8:d1:72:15:01:0b:7c:61:c4:b2:ae:5c:
a7:d9:31:35
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgIDHyuCMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGVm
MmQwYWU2NzI1NjdiZjBlNzA3OTAzNTg5MzY1ZmFhZTFmZjBiYmMwHhcNMjMwNDA2
MDgzMDA0WhcNMjUwNDA1MDgzMDA0WjAzMTEwLwYDVQQDEyhhYTcwMTMzZmFiMDlj
OWY2MGFkZWVlMTE3NWYzMmQzZGVkMzU1YThmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA2nlRipF1jUuiQkur58Ladf3+ojDghvvOhGt0B05JVWCfHt2X
WGgMGW5gs8knV59lozCAD34hGAQo4YP9KgxJ+DNr2VyJBArjnIGlY8eO3W3RvMlN
IOQ3voWDG7kAIFqOmfT+GhkMTdKrOL+5LZcCdtkT/1YTNUxZjgwvx/JzLsgnXSJF
z4F9iIxYD4utkJyMhxvmtEcOrMGnZAJYDzycnlQXK+LTkA2wueV/KGGx0spIxWx/
9iH0Ix3nn9BHd0eb1OtJ03wp8sDM3dHxYeTgJIKmdxIk5mRoynzoq9No7x/zsrCI
RIEqcEzzlLBuxhqsBYmknynkpB/OXzl+O4/LYQIDAQABo4ICZzCCAmMwHQYDVR0O
BBYEFJ9PawST5qXSX91ttC2hZq9CCV7aMB8GA1UdIwQYMBaAFHJjYSAgisbOig/l
mH4OxY10xWnVMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZWYyZDBh
ZTY3MjU2N2JmMGU3MDc5MDM1ODkzNjVmYWFlMWZmMGJiYy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOWQyZmQ0MWQtZjkyZC00MDQ4LWJlNTMtNzQ4NTQz
NDI2MDAxL2FhNzAxMzNmYWIwOWM5ZjYwYWRlZWUxMTc1ZjMyZDNkZWQzNTVhOGYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85ZDJmZDQxZC1mOTJkLTQwNDgtYmU1My03NDg1
NDM0MjYwMDEvZWYyZDBhZTY3MjU2N2JmMGU3MDc5MDM1ODkzNjVmYWFlMWZmMGJi
Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQc
MBowGAQCAAEwEgMEAqf5IAMEAqpUiAMEAsjlmDANBgkqhkiG9w0BAQsFAAOCAQEA
BavUjB27mACFczEj2mhF7c3QzoH3NPi+xV4RQa7YxGlsLLQQspKREx38UVllCRsl
zRNYr1j3EJ4CJgZre/0rWjIbTcf5GWrmeLCKGA5+p42rGVQq4uhgNiJBiUC6WKI1
jzvP1LNM0XIXvlwi6um+5vKv8YzzGkoTOw68VXAXlMvKHaApMn5Z5aciTEsoWZxH
xWWlNK69BOJNybiYm+mCh65vODYOgom33GAv5xi5O7MqbkqEtCpUOMD86SoDfyyI
b0Woe1qv7HtQHSS2mACVtg/VE66BMoWfFoyutJa6Xa3HmXmJxnClLTIHfv3f7RXC
yNFyFQELfGHEsq5cp9kxNQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-ams.rpki-client.org