Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C954A8464236F1BA8E61C7B6D67286A0093FFD409344653FF0D9A78691F4740F/0/3230302e37362e3131322e302f32302d3234203d3e203136353331.roa
File: 3230302e37362e3131322e302f32302d3234203d3e203136353331.roa (raw, json)
Hash identifier: /PeVwMxXry9FxaapDh5cndlNCreI33t50GP9BJQIAQQ=
Subject key identifier: 96:75:1A:3A:3F:E0:9F:2E:71:C8:AC:79:0A:67:4B:00:6B:B0:F3:9E
Certificate issuer: /CN=2FB06EBD28FE83A564FA3DFC83F4F98AC620C98A
Certificate serial: 16672C66EE84E2399A192C17D236596B55F0AEAF
Authority key identifier: 2F:B0:6E:BD:28:FE:83:A5:64:FA:3D:FC:83:F4:F9:8A:C6:20:C9:8A
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2FB06EBD28FE83A564FA3DFC83F4F98AC620C98A.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/C954A8464236F1BA8E61C7B6D67286A0093FFD409344653FF0D9A78691F4740F/0/3230302e37362e3131322e302f32302d3234203d3e203136353331.roa
Signing time: Tue 04 Feb 2025 18:29:34 +0000
ROA not before: Tue 04 Feb 2025 18:24:34 +0000
ROA not after: Tue 03 Feb 2026 18:29:34 +0000
asID: 16531
IP address blocks: 200.76.112.0/20 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:67:2c:66:ee:84:e2:39:9a:19:2c:17:d2:36:59:6b:55:f0:ae:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2FB06EBD28FE83A564FA3DFC83F4F98AC620C98A
Validity
Not Before: Feb 4 18:24:34 2025 GMT
Not After : Feb 3 18:29:34 2026 GMT
Subject: CN=96751A3A3FE09F2E71C8AC790A674B006BB0F39E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b6:4d:5a:1e:aa:e3:98:02:e2:b0:33:84:e4:
77:61:7e:1f:85:95:5b:2d:19:d8:4a:0b:f3:3a:42:
e9:56:1b:8c:8a:32:dc:94:91:3e:dd:9f:c9:36:ed:
05:8f:e9:b4:e0:cd:65:32:8c:8e:49:70:97:2e:c4:
53:ee:6b:4b:e3:10:dc:3f:46:34:d2:85:bf:95:3a:
b7:35:24:da:df:15:f8:78:8b:c6:2d:bb:c4:1d:6e:
6f:41:dd:d4:e7:28:72:2c:43:57:01:cc:40:35:76:
5c:fe:05:d5:0c:2a:91:21:53:ca:e2:1d:8f:c5:50:
b9:96:69:b5:41:02:91:c8:f7:b3:b5:25:f1:98:6f:
56:36:b7:5f:7e:e9:f6:ef:97:74:8b:b0:fc:57:5c:
c9:2b:d7:6e:e0:4b:5a:49:db:7c:44:6c:f9:3c:b0:
77:71:ba:38:8d:54:30:a8:0a:cf:cf:fb:56:1d:44:
95:d0:30:61:99:09:aa:0b:e1:45:87:dd:91:97:b1:
25:b7:a2:58:c6:ed:55:25:b8:8d:9a:e1:4b:63:35:
d9:57:f1:c5:84:db:2c:72:30:77:23:09:55:78:f5:
15:90:a6:cd:83:b7:8a:d5:bf:27:89:29:c4:d5:57:
b8:46:ff:30:11:77:26:96:e0:00:2b:f9:16:c1:94:
f5:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:75:1A:3A:3F:E0:9F:2E:71:C8:AC:79:0A:67:4B:00:6B:B0:F3:9E
X509v3 Authority Key Identifier:
keyid:2F:B0:6E:BD:28:FE:83:A5:64:FA:3D:FC:83:F4:F9:8A:C6:20:C9:8A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/C954A8464236F1BA8E61C7B6D67286A0093FFD409344653FF0D9A78691F4740F/0/2FB06EBD28FE83A564FA3DFC83F4F98AC620C98A.crl
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2FB06EBD28FE83A564FA3DFC83F4F98AC620C98A.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C954A8464236F1BA8E61C7B6D67286A0093FFD409344653FF0D9A78691F4740F/0/3230302e37362e3131322e302f32302d3234203d3e203136353331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.76.112.0/20
Signature Algorithm: sha256WithRSAEncryption
2d:9e:3d:5d:43:54:e5:d2:2b:3b:75:92:7e:b2:1e:5f:e8:42:
7e:20:63:01:6b:d0:ea:0c:b2:16:0b:72:95:c9:69:c6:af:a3:
2a:44:8d:3f:1e:4a:f2:d3:31:0d:16:fd:1e:71:3d:1c:bb:31:
6f:ef:a9:9e:28:95:d5:0c:46:28:42:b5:29:1e:ae:3a:7a:ba:
22:3d:f5:1a:0a:93:e4:fb:b2:d4:74:76:94:65:35:1c:d4:7c:
00:33:bd:42:10:3b:7a:20:3c:68:1a:31:c2:02:07:f9:8c:b3:
81:83:a7:4c:c5:2f:4d:25:ea:5c:41:aa:64:6f:0f:81:43:db:
80:3f:f5:c6:72:b5:9b:77:e6:84:39:fa:fd:89:4b:e0:a9:6c:
73:0e:21:8f:65:a6:1d:63:1e:81:ba:8c:92:ec:7c:48:64:92:
99:08:96:6a:62:ac:8b:dd:9b:66:fa:c1:df:40:85:7b:7d:8d:
85:3a:52:6e:45:9d:6c:be:53:73:c2:fc:e7:9a:b7:82:32:95:
af:e4:f1:a9:23:41:8e:b8:b5:de:72:bb:52:4b:65:33:72:be:
be:f2:39:09:3d:be:9e:cb:c5:37:94:41:19:d3:f3:77:0c:59:
eb:dd:be:4e:00:2a:4c:8d:6a:33:85:41:b3:39:e8:7e:0a:91:
2f:ed:af:b2
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUFmcsZu6E4jmaGSwX0jZZa1Xwrq8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkZCMDZFQkQyOEZFODNBNTY0RkEzREZDODNGNEY5OEFD
NjIwQzk4QTAeFw0yNTAyMDQxODI0MzRaFw0yNjAyMDMxODI5MzRaMDMxMTAvBgNV
BAMTKDk2NzUxQTNBM0ZFMDlGMkU3MUM4QUM3OTBBNjc0QjAwNkJCMEYzOUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYtk1aHqrjmALisDOE5Hdhfh+F
lVstGdhKC/M6QulWG4yKMtyUkT7dn8k27QWP6bTgzWUyjI5JcJcuxFPua0vjENw/
RjTShb+VOrc1JNrfFfh4i8Ytu8Qdbm9B3dTnKHIsQ1cBzEA1dlz+BdUMKpEhU8ri
HY/FULmWabVBApHI97O1JfGYb1Y2t19+6fbvl3SLsPxXXMkr127gS1pJ23xEbPk8
sHdxujiNVDCoCs/P+1YdRJXQMGGZCaoL4UWH3ZGXsSW3oljG7VUluI2a4UtjNdlX
8cWE2yxyMHcjCVV49RWQps2Dt4rVvyeJKcTVV7hG/zARdyaW4AAr+RbBlPWbAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUlnUaOj/gny5xyKx5CmdLAGuw854wHwYDVR0j
BBgwFoAUL7BuvSj+g6Vk+j38g/T5isYgyYowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DOTU0QTg0NjQyMzZGMUJBOEU2MUM3QjZENjcyODZBMDA5
M0ZGRDQwOTM0NDY1M0ZGMEQ5QTc4NjkxRjQ3NDBGLzAvMkZCMDZFQkQyOEZFODNB
NTY0RkEzREZDODNGNEY5OEFDNjIwQzk4QS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yRkIwNkVCRDI4RkU4M0E1NjRG
QTNERkM4M0Y0Rjk4QUM2MjBDOThBLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzk1NEE4NDY0MjM2RjFCQThFNjFDN0I2RDY3Mjg2QTAwOTNGRkQ0MDkz
NDQ2NTNGRjBEOUE3ODY5MUY0NzQwRi8wLzMyMzAzMDJlMzczNjJlMzEzMTMyMmUz
MDJmMzIzMDJkMzIzNDIwM2QzZTIwMzEzNjM1MzMzMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMhMcDAN
BgkqhkiG9w0BAQsFAAOCAQEALZ49XUNU5dIrO3WSfrIeX+hCfiBjAWvQ6gyyFgty
lclpxq+jKkSNPx5K8tMxDRb9HnE9HLsxb++pniiV1QxGKEK1KR6uOnq6Ij31GgqT
5Puy1HR2lGU1HNR8ADO9QhA7eiA8aBoxwgIH+YyzgYOnTMUvTSXqXEGqZG8PgUPb
gD/1xnK1m3fmhDn6/YlL4Klscw4hj2WmHWMegbqMkux8SGSSmQiWamKsi92bZvrB
30CFe32NhTpSbkWdbL5Tc8L855q3gjKVr+TxqSNBjri13nK7UktlM3K+vvI5CT2+
nsvFN5RBGdPzdwxZ692+TgAqTI1qM4VBsznofgqRL+2vsg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 04:19:12 2025 by rpki-client