Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C3B3C59E236C329AC389A06069BAAA611D89A6B9773ADB9FCB58348A73F9F8B3/0/34352e3233392e33322e302f32322d3232203d3e20323636383435.roa
File: 34352e3233392e33322e302f32322d3232203d3e20323636383435.roa (raw, json)
Hash identifier: 75wrfZlk17sWAxUrceYfVu0N2eMC7p3EkAX8+wCVTyU=
Subject key identifier: 3F:EF:12:AB:30:B2:0C:31:D1:74:72:0C:E9:95:E3:8A:26:41:EE:D2
Certificate issuer: /CN=9C47A2CE71365140A7ACBE7252BB0916C054BE16
Certificate serial: 6315969642D32D6C80D77747E28E71A1359069A4
Authority key identifier: 9C:47:A2:CE:71:36:51:40:A7:AC:BE:72:52:BB:09:16:C0:54:BE:16
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9C47A2CE71365140A7ACBE7252BB0916C054BE16.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/C3B3C59E236C329AC389A06069BAAA611D89A6B9773ADB9FCB58348A73F9F8B3/0/34352e3233392e33322e302f32322d3232203d3e20323636383435.roa
Signing time: Tue 04 Feb 2025 18:18:25 +0000
ROA not before: Tue 04 Feb 2025 18:13:25 +0000
ROA not after: Tue 03 Feb 2026 18:18:25 +0000
asID: 266845
IP address blocks: 45.239.32.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:15:96:96:42:d3:2d:6c:80:d7:77:47:e2:8e:71:a1:35:90:69:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9C47A2CE71365140A7ACBE7252BB0916C054BE16
Validity
Not Before: Feb 4 18:13:25 2025 GMT
Not After : Feb 3 18:18:25 2026 GMT
Subject: CN=3FEF12AB30B20C31D174720CE995E38A2641EED2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:af:51:a8:da:1c:44:55:ab:84:4d:d8:51:f4:
9d:da:0c:63:d4:72:9f:29:28:c6:87:e5:85:7d:7a:
38:97:c5:ca:f5:22:d9:46:d2:f9:a0:b0:54:61:5d:
3f:25:4d:92:cb:fd:92:33:91:f1:13:28:2f:41:44:
f4:22:fe:07:d7:6b:75:59:37:ca:13:96:6a:c3:cc:
17:9f:6e:8d:88:ee:bf:aa:2c:36:58:5b:a8:f4:22:
46:20:49:99:fc:80:a8:5a:9b:27:ee:39:21:02:a9:
af:ae:c1:55:f1:78:bd:26:a9:8a:ee:b5:9c:31:98:
66:f5:b9:d1:5b:91:50:1a:dc:eb:d1:30:4c:68:36:
29:98:cd:a9:51:e8:ab:a6:6e:34:ea:17:a8:75:58:
b0:bf:ee:01:73:28:b2:a4:af:10:06:07:d7:d5:c6:
ec:15:4d:c5:0e:9c:0f:88:a1:47:56:e5:82:7f:ea:
43:f4:cf:a6:c9:9b:3f:29:98:17:04:0f:bf:4b:ee:
77:9e:77:d6:1d:44:8c:0d:6a:f3:56:87:5e:ca:50:
63:12:a9:17:69:e2:3f:bf:20:30:07:51:70:b2:05:
d8:a8:25:62:a8:6d:71:87:21:1f:1d:eb:1d:35:83:
d2:a8:35:bd:7b:cf:2f:e3:36:94:ea:0d:66:2f:9b:
ca:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:EF:12:AB:30:B2:0C:31:D1:74:72:0C:E9:95:E3:8A:26:41:EE:D2
X509v3 Authority Key Identifier:
keyid:9C:47:A2:CE:71:36:51:40:A7:AC:BE:72:52:BB:09:16:C0:54:BE:16
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/C3B3C59E236C329AC389A06069BAAA611D89A6B9773ADB9FCB58348A73F9F8B3/0/9C47A2CE71365140A7ACBE7252BB0916C054BE16.crl
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9C47A2CE71365140A7ACBE7252BB0916C054BE16.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C3B3C59E236C329AC389A06069BAAA611D89A6B9773ADB9FCB58348A73F9F8B3/0/34352e3233392e33322e302f32322d3232203d3e20323636383435.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.239.32.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:6c:74:ca:18:f6:5c:a1:f7:2f:c0:1a:45:df:b8:04:0e:f2:
0f:71:d2:79:82:75:2f:43:98:f1:28:dc:1c:18:d3:47:18:83:
fb:d0:95:bb:1e:90:6e:e9:f4:6d:d7:9a:b5:e3:67:41:09:65:
b6:85:99:7e:43:de:37:57:94:7f:b5:d9:eb:0d:ed:0b:d4:a3:
72:69:2f:4c:0e:3e:ec:58:82:4a:1e:b0:2b:a4:cd:47:b4:ee:
21:54:da:98:d3:54:73:d0:06:17:fe:68:ae:b0:43:87:a3:74:
10:12:66:4e:1f:ee:05:3a:3b:91:ae:6d:58:57:26:09:e3:f8:
44:2c:0b:db:d5:8d:31:a9:8c:04:66:2c:da:80:ff:0e:30:cc:
93:77:77:1d:25:d4:c4:d8:bf:d7:3e:d1:9a:70:d8:eb:54:4e:
ad:2c:dd:45:97:78:99:6a:ee:cb:6b:7d:d9:b1:df:b3:d9:bd:
51:f9:94:4e:1b:90:a4:e9:1a:3b:6b:24:24:73:06:d3:cc:14:
3b:4d:be:b6:e1:be:30:8f:b6:20:df:4b:66:6d:e9:49:db:28:
59:29:02:c3:1c:b9:f4:25:dc:e3:45:a6:53:c1:56:02:b3:02:
83:a2:a4:22:b0:39:02:8e:be:b7:4a:b5:47:e6:84:0a:d2:9f:
68:8f:a6:17
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUYxWWlkLTLWyA13dH4o5xoTWQaaQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUM0N0EyQ0U3MTM2NTE0MEE3QUNCRTcyNTJCQjA5MTZD
MDU0QkUxNjAeFw0yNTAyMDQxODEzMjVaFw0yNjAyMDMxODE4MjVaMDMxMTAvBgNV
BAMTKDNGRUYxMkFCMzBCMjBDMzFEMTc0NzIwQ0U5OTVFMzhBMjY0MUVFRDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLr1Go2hxEVauETdhR9J3aDGPU
cp8pKMaH5YV9ejiXxcr1ItlG0vmgsFRhXT8lTZLL/ZIzkfETKC9BRPQi/gfXa3VZ
N8oTlmrDzBefbo2I7r+qLDZYW6j0IkYgSZn8gKhamyfuOSECqa+uwVXxeL0mqYru
tZwxmGb1udFbkVAa3OvRMExoNimYzalR6KumbjTqF6h1WLC/7gFzKLKkrxAGB9fV
xuwVTcUOnA+IoUdW5YJ/6kP0z6bJmz8pmBcED79L7need9YdRIwNavNWh17KUGMS
qRdp4j+/IDAHUXCyBdioJWKobXGHIR8d6x01g9KoNb17zy/jNpTqDWYvm8pDAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUP+8SqzCyDDHRdHIM6ZXjiiZB7tIwHwYDVR0j
BBgwFoAUnEeiznE2UUCnrL5yUrsJFsBUvhYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DM0IzQzU5RTIzNkMzMjlBQzM4OUEwNjA2OUJBQUE2MTFE
ODlBNkI5NzczQURCOUZDQjU4MzQ4QTczRjlGOEIzLzAvOUM0N0EyQ0U3MTM2NTE0
MEE3QUNCRTcyNTJCQjA5MTZDMDU0QkUxNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85QzQ3QTJDRTcxMzY1MTQwQTdB
Q0JFNzI1MkJCMDkxNkMwNTRCRTE2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzNCM0M1OUUyMzZDMzI5QUMzODlBMDYwNjlCQUFBNjExRDg5QTZCOTc3
M0FEQjlGQ0I1ODM0OEE3M0Y5RjhCMy8wLzM0MzUyZTMyMzMzOTJlMzMzMjJlMzAy
ZjMyMzIyZDMyMzIyMDNkM2UyMDMyMzYzNjM4MzQzNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi3vIDAN
BgkqhkiG9w0BAQsFAAOCAQEAmmx0yhj2XKH3L8AaRd+4BA7yD3HSeYJ1L0OY8Sjc
HBjTRxiD+9CVux6Qbun0bdeateNnQQlltoWZfkPeN1eUf7XZ6w3tC9SjcmkvTA4+
7FiCSh6wK6TNR7TuIVTamNNUc9AGF/5orrBDh6N0EBJmTh/uBTo7ka5tWFcmCeP4
RCwL29WNMamMBGYs2oD/DjDMk3d3HSXUxNi/1z7RmnDY61ROrSzdRZd4mWruy2t9
2bHfs9m9UfmUThuQpOkaO2skJHMG08wUO02+tuG+MI+2IN9LZm3pSdsoWSkCwxy5
9CXc40WmU8FWArMCg6KkIrA5Ao6+t0q1R+aECtKfaI+mFw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:08:04 2025 by rpki-client