Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/B33407204E1A9AE7F95A1E7B194891E7ABAF6CC5CEA77650DFB96B0DE6DC7B8F/0/3136382e3132312e3132382e302f32322d3232203d3e203238303035.roa
File: 3136382e3132312e3132382e302f32322d3232203d3e203238303035.roa (raw, json)
Hash identifier: ixiUeQWci8dFcNaC7ef14nS/AG8UnRdZx+A7pL9ATHk=
Subject key identifier: 32:DF:DA:7E:A5:C2:46:90:B7:67:2F:09:D2:C7:24:C3:F7:E7:56:C6
Certificate issuer: /CN=325C30A62A28F1CC676DEC2EF97AF660C7A29985
Certificate serial: 6B0A806481DF05F2502C4BDA6B6CB6BC40DC13A8
Authority key identifier: 32:5C:30:A6:2A:28:F1:CC:67:6D:EC:2E:F9:7A:F6:60:C7:A2:99:85
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/325C30A62A28F1CC676DEC2EF97AF660C7A29985.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/B33407204E1A9AE7F95A1E7B194891E7ABAF6CC5CEA77650DFB96B0DE6DC7B8F/0/3136382e3132312e3132382e302f32322d3232203d3e203238303035.roa
Signing time: Tue 04 Feb 2025 18:33:10 +0000
ROA not before: Tue 04 Feb 2025 18:28:10 +0000
ROA not after: Tue 03 Feb 2026 18:33:10 +0000
asID: 28005
IP address blocks: 168.121.128.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:0a:80:64:81:df:05:f2:50:2c:4b:da:6b:6c:b6:bc:40:dc:13:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=325C30A62A28F1CC676DEC2EF97AF660C7A29985
Validity
Not Before: Feb 4 18:28:10 2025 GMT
Not After : Feb 3 18:33:10 2026 GMT
Subject: CN=32DFDA7EA5C24690B7672F09D2C724C3F7E756C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ce:78:4d:31:ab:30:2c:6a:2d:3d:2a:94:2b:
02:b8:b1:ea:e2:7b:35:6d:88:21:05:26:3a:55:42:
68:1f:c6:fa:a3:ca:a1:5c:e6:d8:da:ab:46:72:46:
a1:ef:88:39:08:12:eb:62:02:4b:68:2c:aa:59:72:
73:37:89:02:62:4e:dd:27:c0:4a:1f:f1:7c:63:86:
97:77:73:8a:e2:e3:f3:42:c3:eb:fe:86:93:9c:56:
f1:9f:8d:7c:78:88:b9:2b:f7:05:24:29:05:8a:0f:
63:83:dc:34:02:bc:a5:2d:56:74:ef:93:7a:93:49:
2d:cb:69:78:bb:1e:13:80:cb:4a:6d:cd:87:c9:16:
04:69:bb:96:c5:f1:ce:8f:5b:3c:f3:7d:07:4f:77:
f1:d2:28:bc:47:64:e7:1b:95:f7:d3:2b:78:b4:d1:
da:b5:c7:16:a4:4e:e9:5d:4d:06:2a:d5:da:ee:40:
bf:9f:b2:3b:f7:62:45:84:62:e6:86:c0:5e:17:0b:
14:8a:f2:9b:6e:6f:27:68:b6:cc:4a:93:53:e9:1d:
c8:83:79:3d:d7:b2:d6:bf:84:51:6b:d3:bf:38:e8:
6a:d6:1d:1c:e8:97:9a:f0:0a:11:80:21:54:b9:91:
e4:35:76:88:8b:06:c3:28:c3:13:94:08:0e:9c:e2:
00:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:DF:DA:7E:A5:C2:46:90:B7:67:2F:09:D2:C7:24:C3:F7:E7:56:C6
X509v3 Authority Key Identifier:
keyid:32:5C:30:A6:2A:28:F1:CC:67:6D:EC:2E:F9:7A:F6:60:C7:A2:99:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/B33407204E1A9AE7F95A1E7B194891E7ABAF6CC5CEA77650DFB96B0DE6DC7B8F/0/325C30A62A28F1CC676DEC2EF97AF660C7A29985.crl
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/325C30A62A28F1CC676DEC2EF97AF660C7A29985.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/B33407204E1A9AE7F95A1E7B194891E7ABAF6CC5CEA77650DFB96B0DE6DC7B8F/0/3136382e3132312e3132382e302f32322d3232203d3e203238303035.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
168.121.128.0/22
Signature Algorithm: sha256WithRSAEncryption
36:b4:4f:76:8f:14:c9:1e:fa:fd:bc:60:c8:88:07:7a:a8:11:
bb:40:ee:45:ea:72:1e:68:74:36:97:80:6b:4c:f1:4d:44:7f:
3e:f5:2e:52:b6:b6:05:5c:f2:e4:e5:0c:61:4c:46:69:50:67:
e5:d6:6a:40:4d:43:c0:46:74:af:d6:bd:d1:35:dc:48:40:3e:
60:e6:c2:2f:10:65:90:9f:28:46:ca:e0:bf:a3:ed:68:6c:fc:
6d:60:4f:d5:cb:ea:6e:a1:fb:41:8b:a5:6e:0e:ed:ba:88:90:
57:f8:fd:19:23:77:fa:63:6e:e7:72:4f:5a:6b:00:77:9d:9a:
8c:28:79:64:ef:8f:c3:0b:a6:60:2c:c7:16:a2:5e:13:b1:d7:
c2:a6:9c:25:db:9e:99:02:d5:ca:39:fc:a1:57:ad:1b:54:25:
ba:fd:99:3a:cb:93:25:de:0f:54:df:06:8c:37:9f:4e:ab:10:
ee:56:d0:1f:af:e6:85:b5:39:5c:48:8e:4b:6e:c2:a3:8b:eb:
71:52:cf:59:f0:3e:d7:03:dd:d5:2d:38:e1:e4:f8:3e:75:cd:
ad:9c:52:be:47:a9:f3:95:c8:b1:7c:33:65:62:4f:f1:20:f9:
97:4b:62:6d:7f:ae:04:d0:c1:33:b4:65:68:c7:82:23:65:bf:
9d:98:8c:7b
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUawqAZIHfBfJQLEvaa2y2vEDcE6gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzI1QzMwQTYyQTI4RjFDQzY3NkRFQzJFRjk3QUY2NjBD
N0EyOTk4NTAeFw0yNTAyMDQxODI4MTBaFw0yNjAyMDMxODMzMTBaMDMxMTAvBgNV
BAMTKDMyREZEQTdFQTVDMjQ2OTBCNzY3MkYwOUQyQzcyNEMzRjdFNzU2QzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWznhNMaswLGotPSqUKwK4seri
ezVtiCEFJjpVQmgfxvqjyqFc5tjaq0ZyRqHviDkIEutiAktoLKpZcnM3iQJiTt0n
wEof8Xxjhpd3c4ri4/NCw+v+hpOcVvGfjXx4iLkr9wUkKQWKD2OD3DQCvKUtVnTv
k3qTSS3LaXi7HhOAy0ptzYfJFgRpu5bF8c6PWzzzfQdPd/HSKLxHZOcblffTK3i0
0dq1xxakTuldTQYq1druQL+fsjv3YkWEYuaGwF4XCxSK8ptubydotsxKk1PpHciD
eT3Xsta/hFFr07846GrWHRzol5rwChGAIVS5keQ1doiLBsMowxOUCA6c4gDXAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUMt/afqXCRpC3Zy8J0sckw/fnVsYwHwYDVR0j
BBgwFoAUMlwwpioo8cxnbewu+Xr2YMeimYUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CMzM0MDcyMDRFMUE5QUU3Rjk1QTFFN0IxOTQ4OTFFN0FC
QUY2Q0M1Q0VBNzc2NTBERkI5NkIwREU2REM3QjhGLzAvMzI1QzMwQTYyQTI4RjFD
QzY3NkRFQzJFRjk3QUY2NjBDN0EyOTk4NS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zMjVDMzBBNjJBMjhGMUNDNjc2
REVDMkVGOTdBRjY2MEM3QTI5OTg1LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQjMzNDA3MjA0RTFBOUFFN0Y5NUExRTdCMTk0ODkxRTdBQkFGNkNDNUNF
QTc3NjUwREZCOTZCMERFNkRDN0I4Ri8wLzMxMzYzODJlMzEzMjMxMmUzMTMyMzgy
ZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMjM4MzAzMDM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCqHmA
MA0GCSqGSIb3DQEBCwUAA4IBAQA2tE92jxTJHvr9vGDIiAd6qBG7QO5F6nIeaHQ2
l4BrTPFNRH8+9S5StrYFXPLk5QxhTEZpUGfl1mpATUPARnSv1r3RNdxIQD5g5sIv
EGWQnyhGyuC/o+1obPxtYE/Vy+puoftBi6VuDu26iJBX+P0ZI3f6Y27nck9aawB3
nZqMKHlk74/DC6ZgLMcWol4TsdfCppwl256ZAtXKOfyhV60bVCW6/Zk6y5Ml3g9U
3waMN59OqxDuVtAfr+aFtTlcSI5LbsKji+txUs9Z8D7XA93VLTjh5Pg+dc2tnFK+
R6nzlcixfDNlYk/xIPmXS2Jtf64E0MEztGVox4IjZb+dmIx7
-----END CERTIFICATE-----
Generated at Fri Apr 11 16:45:32 2025 by rpki-client