Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/10112327e8fe7abe6fb1ddfce618af07a6d5923f.roa
File: 10112327e8fe7abe6fb1ddfce618af07a6d5923f.roa (raw, json)
Hash identifier: iNi8cNiNTcsODTfxbgjTS6NaWOlsZwBT8ardunKcTm0=
Subject key identifier: 94:8D:8A:AC:CE:B1:AA:AA:2C:1D:D2:5A:6E:5B:B6:F2:F5:14:12:50
Certificate issuer: /CN=40bb0835e54e95f61d1b3f21a5df4b4b8f23450a
Certificate serial: 259529
Authority key identifier: DC:DA:82:3A:0B:BC:C7:66:50:2B:14:89:E0:A3:8C:CD:4F:BE:51:C4
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/40bb0835e54e95f61d1b3f21a5df4b4b8f23450a.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/10112327e8fe7abe6fb1ddfce618af07a6d5923f.roa
Signing time: Mon 06 Nov 2023 00:22:59 +0000
ROA not before: Mon 06 Nov 2023 00:22:59 +0000
ROA not after: Thu 06 Nov 2025 00:22:59 +0000
asID: 269918
IP address blocks: 131.72.168.0/22 maxlen: 24
131.72.168.0/24 maxlen: 24
131.72.169.0/24 maxlen: 24
131.72.170.0/23 maxlen: 23
131.72.170.0/24 maxlen: 24
131.72.171.0/24 maxlen: 24
2803:dd80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2463017 (0x259529)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40bb0835e54e95f61d1b3f21a5df4b4b8f23450a
Validity
Not Before: Nov 6 00:22:59 2023 GMT
Not After : Nov 6 00:22:59 2025 GMT
Subject: CN=10112327e8fe7abe6fb1ddfce618af07a6d5923f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6d:f3:eb:4b:fe:0e:1e:81:6d:16:ab:6f:a6:
c4:6e:fd:2e:2b:a4:cf:46:be:f1:f4:03:8b:e7:b9:
78:c0:72:d3:86:89:75:2e:a8:f1:c8:34:e9:89:c6:
ff:0c:d1:04:85:7e:85:fa:3a:99:5f:31:d0:99:c4:
90:ec:c8:bc:df:4b:8f:4a:65:7a:0a:49:2e:9c:8d:
21:a5:14:d4:b9:34:69:fc:0a:a6:68:93:20:31:f9:
b7:9b:79:52:56:ba:e8:00:1f:8f:64:62:d6:1d:11:
ec:12:9b:71:ab:63:53:97:f5:97:a2:2f:4e:2f:3d:
e3:8d:03:cc:11:51:7d:08:5e:4b:91:de:81:3e:ec:
6e:a1:52:78:d4:6b:d0:dd:b7:a4:58:bf:51:6e:53:
51:28:50:38:6f:a7:a1:9c:bd:73:35:ba:ee:e7:56:
51:70:98:1f:1b:ec:89:a6:52:24:b0:8f:7f:5b:a7:
b2:a4:e9:09:82:c3:ad:99:02:e1:68:8b:32:2a:69:
54:d4:88:13:d9:c9:35:9c:5e:a3:9d:22:15:04:96:
29:b6:30:10:20:37:a6:f3:90:a2:82:c5:c9:bd:9b:
03:38:ca:fd:64:c5:3f:fc:ee:36:37:95:9d:62:d1:
b2:e4:77:ce:97:de:4e:74:b6:04:cf:b4:8f:47:56:
f0:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:8D:8A:AC:CE:B1:AA:AA:2C:1D:D2:5A:6E:5B:B6:F2:F5:14:12:50
X509v3 Authority Key Identifier:
keyid:DC:DA:82:3A:0B:BC:C7:66:50:2B:14:89:E0:A3:8C:CD:4F:BE:51:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/40bb0835e54e95f61d1b3f21a5df4b4b8f23450a.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/10112327e8fe7abe6fb1ddfce618af07a6d5923f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/40bb0835e54e95f61d1b3f21a5df4b4b8f23450a.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.72.168.0/22
IPv6:
2803:dd80::/32
Signature Algorithm: sha256WithRSAEncryption
54:1d:79:c7:b9:35:ac:aa:39:a7:6a:35:2f:e2:e4:b6:6d:8c:
11:b3:3f:fc:77:52:21:9e:48:e4:dd:c6:8f:3d:5b:14:6f:6c:
4e:75:21:d6:78:7a:ef:d1:69:0b:47:76:1e:44:d8:5f:cf:0c:
fb:32:3f:a3:09:32:b4:08:c5:1d:03:89:8b:ee:59:be:e0:99:
af:d0:fd:f2:70:6c:ae:cf:e2:8b:1b:45:f1:97:cb:87:6c:6f:
db:3d:35:d2:14:54:58:f8:90:69:17:8f:1e:c2:a8:91:90:91:
47:9b:c6:03:ff:5d:ba:ad:71:22:de:49:b8:a1:37:b7:ee:ec:
b4:69:8d:5f:64:2a:a8:ae:b5:23:c7:ee:65:33:0a:14:d6:93:
1e:41:d5:7a:63:57:37:56:7e:5a:c8:ca:e9:3f:03:4f:08:c8:
38:a9:82:d5:43:dd:4a:91:23:3c:ae:0c:f4:87:ac:8a:89:f3:
37:c6:af:6d:93:a1:b1:0b:ec:75:f1:7e:6e:74:48:52:e8:36:
71:de:e1:22:83:fc:28:aa:86:94:74:4a:14:5a:45:d1:b0:ac:
b6:15:6f:7c:ac:61:88:82:fd:37:b9:3a:a3:d3:1c:d8:b8:d9:
8b:2a:be:87:7e:b5:e8:90:9d:c3:d7:18:13:8d:0d:c7:cc:5c:
51:f5:1c:61
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDJZUpMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQw
YmIwODM1ZTU0ZTk1ZjYxZDFiM2YyMWE1ZGY0YjRiOGYyMzQ1MGEwHhcNMjMxMTA2
MDAyMjU5WhcNMjUxMTA2MDAyMjU5WjAzMTEwLwYDVQQDEygxMDExMjMyN2U4ZmU3
YWJlNmZiMWRkZmNlNjE4YWYwN2E2ZDU5MjNmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAp23z60v+Dh6BbRarb6bEbv0uK6TPRr7x9AOL57l4wHLThol1
LqjxyDTpicb/DNEEhX6F+jqZXzHQmcSQ7Mi830uPSmV6CkkunI0hpRTUuTRp/Aqm
aJMgMfm3m3lSVrroAB+PZGLWHRHsEptxq2NTl/WXoi9OLz3jjQPMEVF9CF5Lkd6B
PuxuoVJ41GvQ3bekWL9RblNRKFA4b6ehnL1zNbru51ZRcJgfG+yJplIksI9/W6ey
pOkJgsOtmQLhaIsyKmlU1IgT2ck1nF6jnSIVBJYptjAQIDem85CigsXJvZsDOMr9
ZMU//O42N5WdYtGy5HfOl95OdLYEz7SPR1bw9QIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFJSNiqzOsaqqLB3SWm5btvL1FBJQMB8GA1UdIwQYMBaAFNzagjoLvMdmUCsU
ieCjjM1PvlHEMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNDBiYjA4
MzVlNTRlOTVmNjFkMWIzZjIxYTVkZjRiNGI4ZjIzNDUwYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTAxMzQ1NjUtOWYzYy00OWIxLWFhZjYtZGZmMmVh
MzE0NmZlLzEwMTEyMzI3ZThmZTdhYmU2ZmIxZGRmY2U2MThhZjA3YTZkNTkyM2Yu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hMDEzNDU2NS05ZjNjLTQ5YjEtYWFmNi1kZmYy
ZWEzMTQ2ZmUvNDBiYjA4MzVlNTRlOTVmNjFkMWIzZjIxYTVkZjRiNGI4ZjIzNDUw
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAoNIqDANBAIAAjAHAwUAKAPdgDANBgkqhkiG9w0BAQsFAAOC
AQEAVB15x7k1rKo5p2o1L+Lktm2MEbM//HdSIZ5I5N3Gjz1bFG9sTnUh1nh679Fp
C0d2HkTYX88M+zI/owkytAjFHQOJi+5ZvuCZr9D98nBsrs/iixtF8ZfLh2xv2z01
0hRUWPiQaRePHsKokZCRR5vGA/9duq1xIt5JuKE3t+7stGmNX2QqqK61I8fuZTMK
FNaTHkHVemNXN1Z+WsjK6T8DTwjIOKmC1UPdSpEjPK4M9IesionzN8avbZOhsQvs
dfF+bnRIUug2cd7hIoP8KKqGlHRKFFpF0bCsthVvfKxhiIL9N7k6o9Mc2LjZiyq+
h3616JCdw9cYE40Nx8xcUfUcYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-ams.rpki-client.org