Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DAC2BC754BFDD4535D49F99D0671743C3C0825A6B6D57B48E7350451BA87E9EF/0/3133382e33362e3134362e302f32342d3234203d3e203332303334.roa
File: 3133382e33362e3134362e302f32342d3234203d3e203332303334.roa (raw, json)
Hash identifier: QQ47FgXHlttjQuiY8+3ad7uRma8AdMh1TLOqU8ATH3w=
Subject key identifier: A9:E8:60:8D:74:D9:03:37:61:DC:0B:5D:21:45:64:C1:8A:D6:14:FF
Certificate issuer: /CN=DC553BD05B33548C342568566291E719B4FA73B9
Certificate serial: 7271252ACF9D45A30CA2BDCB7344C18178E0C971
Authority key identifier: DC:55:3B:D0:5B:33:54:8C:34:25:68:56:62:91:E7:19:B4:FA:73:B9
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DC553BD05B33548C342568566291E719B4FA73B9.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/DAC2BC754BFDD4535D49F99D0671743C3C0825A6B6D57B48E7350451BA87E9EF/0/3133382e33362e3134362e302f32342d3234203d3e203332303334.roa
Signing time: Tue 05 Mar 2024 18:06:27 +0000
ROA not before: Tue 05 Mar 2024 18:01:27 +0000
ROA not after: Tue 04 Mar 2025 18:06:27 +0000
asID: 32034
IP address blocks: 138.36.146.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:71:25:2a:cf:9d:45:a3:0c:a2:bd:cb:73:44:c1:81:78:e0:c9:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DC553BD05B33548C342568566291E719B4FA73B9
Validity
Not Before: Mar 5 18:01:27 2024 GMT
Not After : Mar 4 18:06:27 2025 GMT
Subject: CN=A9E8608D74D9033761DC0B5D214564C18AD614FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c3:cf:75:86:fa:71:c3:f8:b7:98:e4:1f:2a:
06:81:d7:00:c5:0d:3b:39:f7:05:4d:c7:6c:44:ac:
19:3a:97:14:5e:b3:0f:17:80:a8:d0:20:76:57:1f:
52:30:da:9a:ce:f8:32:87:cb:47:23:55:12:a8:d5:
7e:d6:08:da:28:be:73:e3:82:09:cf:9b:3b:f5:d3:
ac:29:87:4e:74:de:d9:83:79:b9:c7:6f:dd:7a:c6:
4c:f8:0f:cb:b7:c3:86:59:8f:49:83:e2:b2:c7:14:
9e:b9:28:66:3f:f9:72:f9:d3:39:42:f0:75:e3:a5:
a2:6b:bc:79:d7:69:99:b6:65:ba:19:20:ef:91:f2:
dd:43:b9:cc:cc:d3:16:14:b5:94:15:2c:77:60:1d:
0d:11:bd:26:d0:ee:a9:25:72:81:b0:6c:cd:ff:d4:
d6:bf:0d:f5:3d:6e:e7:42:e7:e3:a1:29:1d:0b:32:
d3:3a:ff:f9:af:20:c5:00:af:b1:d9:fa:df:1d:d4:
b8:24:de:6a:be:97:78:f6:cb:e1:96:c7:dc:27:38:
1e:44:d3:eb:2c:d9:96:df:85:55:7c:5f:c6:c9:e0:
6c:f8:07:e5:2f:4e:c4:8b:54:ab:39:89:13:8f:94:
5b:14:c8:d2:73:a4:22:2a:b0:cb:64:0d:87:11:0c:
ee:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:E8:60:8D:74:D9:03:37:61:DC:0B:5D:21:45:64:C1:8A:D6:14:FF
X509v3 Authority Key Identifier:
keyid:DC:55:3B:D0:5B:33:54:8C:34:25:68:56:62:91:E7:19:B4:FA:73:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/DAC2BC754BFDD4535D49F99D0671743C3C0825A6B6D57B48E7350451BA87E9EF/0/DC553BD05B33548C342568566291E719B4FA73B9.crl
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DC553BD05B33548C342568566291E719B4FA73B9.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DAC2BC754BFDD4535D49F99D0671743C3C0825A6B6D57B48E7350451BA87E9EF/0/3133382e33362e3134362e302f32342d3234203d3e203332303334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.36.146.0/24
Signature Algorithm: sha256WithRSAEncryption
46:a2:6d:3e:64:57:6c:e8:dd:0a:aa:bf:e8:68:fb:38:bc:d2:
ea:7e:0b:57:0d:44:15:15:8b:69:68:e2:fe:99:01:53:ea:44:
0a:1c:12:76:7f:c4:e3:96:57:08:85:7e:8f:e0:f0:72:f9:7d:
63:c1:ef:8f:4a:99:20:a3:ab:8c:87:1b:41:2a:f5:13:8c:ed:
e3:d5:09:c4:b5:70:89:b5:98:ba:a1:08:fc:8d:38:2a:7d:e9:
3e:95:e0:37:fe:54:44:88:3e:01:72:a9:d6:69:7f:b0:65:a1:
ec:54:00:76:bf:4c:84:9f:eb:7d:a1:25:67:50:e9:85:a2:ce:
d7:21:94:7b:c3:ac:ec:b5:bd:27:b2:d3:64:6c:1f:27:46:db:
19:3b:32:ab:73:88:ba:e2:9a:7d:d4:e5:fb:55:4f:06:09:71:
0e:c3:6e:6f:0a:c8:56:d7:0f:43:94:16:fa:82:0b:8d:7e:34:
c1:62:86:0e:f7:c0:75:26:10:d7:53:ce:ea:22:82:28:4c:e9:
4e:8b:2a:8a:ac:6e:57:cb:97:af:94:8e:c9:c8:0e:b0:c5:5c:
a0:1e:90:a1:37:06:b0:36:d9:01:6b:13:33:39:12:c4:05:ea:
60:d7:be:dd:22:58:c4:34:72:ec:d8:f4:dc:89:b7:d8:09:b4:
37:61:05:42
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUcnElKs+dRaMMor3Lc0TBgXjgyXEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREM1NTNCRDA1QjMzNTQ4QzM0MjU2ODU2NjI5MUU3MTlC
NEZBNzNCOTAeFw0yNDAzMDUxODAxMjdaFw0yNTAzMDQxODA2MjdaMDMxMTAvBgNV
BAMTKEE5RTg2MDhENzREOTAzMzc2MURDMEI1RDIxNDU2NEMxOEFENjE0RkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFw891hvpxw/i3mOQfKgaB1wDF
DTs59wVNx2xErBk6lxResw8XgKjQIHZXH1Iw2prO+DKHy0cjVRKo1X7WCNoovnPj
ggnPmzv106wph0503tmDebnHb916xkz4D8u3w4ZZj0mD4rLHFJ65KGY/+XL50zlC
8HXjpaJrvHnXaZm2ZboZIO+R8t1DuczM0xYUtZQVLHdgHQ0RvSbQ7qklcoGwbM3/
1Na/DfU9budC5+OhKR0LMtM6//mvIMUAr7HZ+t8d1Lgk3mq+l3j2y+GWx9wnOB5E
0+ss2ZbfhVV8X8bJ4Gz4B+UvTsSLVKs5iROPlFsUyNJzpCIqsMtkDYcRDO4DAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUqehgjXTZAzdh3AtdIUVkwYrWFP8wHwYDVR0j
BBgwFoAU3FU70FszVIw0JWhWYpHnGbT6c7kwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EQUMyQkM3NTRCRkRENDUzNUQ0OUY5OUQwNjcxNzQzQzND
MDgyNUE2QjZENTdCNDhFNzM1MDQ1MUJBODdFOUVGLzAvREM1NTNCRDA1QjMzNTQ4
QzM0MjU2ODU2NjI5MUU3MTlCNEZBNzNCOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EQzU1M0JEMDVCMzM1NDhDMzQy
NTY4NTY2MjkxRTcxOUI0RkE3M0I5LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREFDMkJDNzU0QkZERDQ1MzVENDlGOTlEMDY3MTc0M0MzQzA4MjVBNkI2
RDU3QjQ4RTczNTA0NTFCQTg3RTlFRi8wLzMxMzMzODJlMzMzNjJlMzEzNDM2MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzMjMwMzMzNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIokkjAN
BgkqhkiG9w0BAQsFAAOCAQEARqJtPmRXbOjdCqq/6Gj7OLzS6n4LVw1EFRWLaWji
/pkBU+pEChwSdn/E45ZXCIV+j+Dwcvl9Y8Hvj0qZIKOrjIcbQSr1E4zt49UJxLVw
ibWYuqEI/I04Kn3pPpXgN/5URIg+AXKp1ml/sGWh7FQAdr9MhJ/rfaElZ1DphaLO
1yGUe8Os7LW9J7LTZGwfJ0bbGTsyq3OIuuKafdTl+1VPBglxDsNubwrIVtcPQ5QW
+oILjX40wWKGDvfAdSYQ11PO6iKCKEzpTosqiqxuV8uXr5SOycgOsMVcoB6QoTcG
sDbZAWsTMzkSxAXqYNe+3SJYxDRy7Nj03Im32Am0N2EFQg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:25:37 2025 by rpki-client