Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A16E8F103146B2850335023A70A6D39874766368DBDA5F048D55972B98FD8367/0/3136382e3132312e3232302e302f32322d3234203d3e203237383433.roa
File: 3136382e3132312e3232302e302f32322d3234203d3e203237383433.roa (raw, json)
Hash identifier: 91TLTWpLj9iccGCfKhyx4SoEbMojD3b24nJ9lcZ9VTk=
Subject key identifier: C2:4B:2B:83:72:15:14:29:17:B7:14:51:B9:25:61:B7:FE:61:C0:84
Certificate issuer: /CN=9F08D38D4571C09A83B45ACFD10AEB7826CE8F84
Certificate serial: 17637ECCA2B6345071BD53B16212009013B52BFE
Authority key identifier: 9F:08:D3:8D:45:71:C0:9A:83:B4:5A:CF:D1:0A:EB:78:26:CE:8F:84
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9F08D38D4571C09A83B45ACFD10AEB7826CE8F84.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/A16E8F103146B2850335023A70A6D39874766368DBDA5F048D55972B98FD8367/0/3136382e3132312e3232302e302f32322d3234203d3e203237383433.roa
Signing time: Tue 04 Feb 2025 18:06:08 +0000
ROA not before: Tue 04 Feb 2025 18:01:08 +0000
ROA not after: Tue 03 Feb 2026 18:06:08 +0000
asID: 27843
IP address blocks: 168.121.220.0/22 maxlen: 24
Validation: OK
Signature path: rsync://repository.lacnic.net/rpki/lacnic/A16E8F103146B2850335023A70A6D39874766368DBDA5F048D55972B98FD8367/0/9F08D38D4571C09A83B45ACFD10AEB7826CE8F84.crl
rsync://repository.lacnic.net/rpki/lacnic/A16E8F103146B2850335023A70A6D39874766368DBDA5F048D55972B98FD8367/0/9F08D38D4571C09A83B45ACFD10AEB7826CE8F84.mft
rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9F08D38D4571C09A83B45ACFD10AEB7826CE8F84.cer
rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires: Thu 17 Apr 2025 23:06:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:63:7e:cc:a2:b6:34:50:71:bd:53:b1:62:12:00:90:13:b5:2b:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9F08D38D4571C09A83B45ACFD10AEB7826CE8F84
Validity
Not Before: Feb 4 18:01:08 2025 GMT
Not After : Feb 3 18:06:08 2026 GMT
Subject: CN=C24B2B837215142917B71451B92561B7FE61C084
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:88:35:d1:29:ee:28:4d:33:76:64:f1:3d:bb:
52:ef:9b:20:8e:c8:8e:4c:60:75:13:64:ec:36:3c:
e4:b5:dd:4c:fc:7d:80:ac:d4:7d:dd:f8:0e:90:5d:
86:b3:84:39:d2:cf:3d:f8:2d:4d:df:50:a6:d5:2a:
03:9d:0c:21:5a:cf:45:7c:41:45:a2:b8:91:cc:8c:
63:00:14:9b:6e:79:09:56:3b:47:d8:42:a8:ed:a8:
f4:01:94:80:d7:15:89:90:8f:89:3d:19:5a:77:a2:
ca:35:a9:df:33:01:18:e0:78:76:8a:4b:81:1f:4b:
72:69:1e:b7:c9:cb:0e:26:48:43:08:82:ee:06:eb:
07:c8:8e:51:83:b4:c6:a1:a6:a5:29:4a:a4:97:15:
f8:47:5f:9c:9b:d9:cd:7d:f6:23:07:5e:ed:a4:17:
b2:d6:dd:b9:60:40:b2:0e:18:b7:78:bf:c1:3a:93:
a5:00:80:c2:e1:04:19:39:b4:6c:a2:ec:25:4b:d7:
74:7f:25:b9:e4:90:ce:a0:58:8e:e1:12:94:26:50:
e2:7b:e5:db:80:ae:17:e4:82:54:89:8d:83:47:17:
9b:a1:8d:ed:d3:b2:81:2a:59:7e:88:7a:e1:ac:d7:
3c:eb:05:af:3c:e2:09:6d:f2:43:81:bd:dc:c4:de:
78:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:4B:2B:83:72:15:14:29:17:B7:14:51:B9:25:61:B7:FE:61:C0:84
X509v3 Authority Key Identifier:
keyid:9F:08:D3:8D:45:71:C0:9A:83:B4:5A:CF:D1:0A:EB:78:26:CE:8F:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/A16E8F103146B2850335023A70A6D39874766368DBDA5F048D55972B98FD8367/0/9F08D38D4571C09A83B45ACFD10AEB7826CE8F84.crl
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9F08D38D4571C09A83B45ACFD10AEB7826CE8F84.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A16E8F103146B2850335023A70A6D39874766368DBDA5F048D55972B98FD8367/0/3136382e3132312e3232302e302f32322d3234203d3e203237383433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
168.121.220.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:78:2f:cc:81:a2:18:56:89:97:72:e0:00:9c:ec:b2:1a:2c:
d9:69:06:9b:90:4a:30:24:10:0e:d6:5a:b3:4b:a8:eb:b6:43:
6a:a1:91:99:82:fe:be:27:98:f7:0f:ac:17:34:9f:6e:e5:f8:
df:54:8f:cd:59:59:84:09:76:fe:9b:70:85:bf:a7:3f:fc:bb:
97:bb:2e:72:71:12:be:7f:a9:92:07:32:12:0b:04:09:49:cf:
b8:62:4e:7e:ce:48:90:83:0b:84:b6:f1:71:ac:80:db:e3:2b:
c1:94:b4:6d:26:e2:f6:29:da:dc:36:bf:33:01:50:b1:b0:f7:
81:2b:d3:a4:44:9c:43:59:70:bb:30:44:23:9d:34:eb:4c:87:
78:49:ce:1f:97:06:34:57:98:05:ee:4d:79:b7:06:8a:08:80:
04:35:11:21:b3:6f:d2:02:a7:87:0a:69:7b:0d:70:14:5f:c0:
48:48:a0:4c:79:d0:cc:46:34:1e:86:b2:49:38:8e:6f:44:36:
94:98:aa:ac:0e:42:a6:01:b6:8e:b4:af:38:29:be:19:5d:c4:
f1:a1:51:dd:b9:26:71:b2:c5:a0:34:50:2d:ba:77:c2:f9:93:
ef:2d:ac:cb:a5:14:48:25:34:98:a8:ea:10:13:9d:1f:ba:b4:
85:e9:38:73
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUF2N+zKK2NFBxvVOxYhIAkBO1K/4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUYwOEQzOEQ0NTcxQzA5QTgzQjQ1QUNGRDEwQUVCNzgy
NkNFOEY4NDAeFw0yNTAyMDQxODAxMDhaFw0yNjAyMDMxODA2MDhaMDMxMTAvBgNV
BAMTKEMyNEIyQjgzNzIxNTE0MjkxN0I3MTQ1MUI5MjU2MUI3RkU2MUMwODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWiDXRKe4oTTN2ZPE9u1LvmyCO
yI5MYHUTZOw2POS13Uz8fYCs1H3d+A6QXYazhDnSzz34LU3fUKbVKgOdDCFaz0V8
QUWiuJHMjGMAFJtueQlWO0fYQqjtqPQBlIDXFYmQj4k9GVp3oso1qd8zARjgeHaK
S4EfS3JpHrfJyw4mSEMIgu4G6wfIjlGDtMahpqUpSqSXFfhHX5yb2c199iMHXu2k
F7LW3blgQLIOGLd4v8E6k6UAgMLhBBk5tGyi7CVL13R/JbnkkM6gWI7hEpQmUOJ7
5duArhfkglSJjYNHF5uhje3TsoEqWX6IeuGs1zzrBa884glt8kOBvdzE3njxAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUwksrg3IVFCkXtxRRuSVht/5hwIQwHwYDVR0j
BBgwFoAUnwjTjUVxwJqDtFrP0QrreCbOj4QwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMTZFOEYxMDMxNDZCMjg1MDMzNTAyM0E3MEE2RDM5ODc0
NzY2MzY4REJEQTVGMDQ4RDU1OTcyQjk4RkQ4MzY3LzAvOUYwOEQzOEQ0NTcxQzA5
QTgzQjQ1QUNGRDEwQUVCNzgyNkNFOEY4NC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85RjA4RDM4RDQ1NzFDMDlBODNC
NDVBQ0ZEMTBBRUI3ODI2Q0U4Rjg0LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTE2RThGMTAzMTQ2QjI4NTAzMzUwMjNBNzBBNkQzOTg3NDc2NjM2OERC
REE1RjA0OEQ1NTk3MkI5OEZEODM2Ny8wLzMxMzYzODJlMzEzMjMxMmUzMjMyMzAy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM3MzgzNDMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCqHnc
MA0GCSqGSIb3DQEBCwUAA4IBAQBueC/MgaIYVomXcuAAnOyyGizZaQabkEowJBAO
1lqzS6jrtkNqoZGZgv6+J5j3D6wXNJ9u5fjfVI/NWVmECXb+m3CFv6c//LuXuy5y
cRK+f6mSBzISCwQJSc+4Yk5+zkiQgwuEtvFxrIDb4yvBlLRtJuL2KdrcNr8zAVCx
sPeBK9OkRJxDWXC7MEQjnTTrTId4Sc4flwY0V5gF7k15twaKCIAENREhs2/SAqeH
Cml7DXAUX8BISKBMedDMRjQehrJJOI5vRDaUmKqsDkKmAbaOtK84Kb4ZXcTxoVHd
uSZxssWgNFAtunfC+ZPvLazLpRRIJTSYqOoQE50furSF6Thz
-----END CERTIFICATE-----
Generated at Mon Apr 14 03:09:45 2025 by rpki-client