Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/683dd2d6cabbb4d04cfe0237249a9999bf972146.roa
File: 683dd2d6cabbb4d04cfe0237249a9999bf972146.roa (raw, json)
Hash identifier: r9oCSpqAhWtH3+If+ikCPWtPhe0eqdIG8FHXk9bI5jM=
Subject key identifier: 5A:7A:38:B4:86:70:F8:3A:48:B5:82:E4:78:2E:45:F9:37:AD:44:B7
Certificate issuer: /CN=c42687bcebd27d6fd68fc0f95a18fd8af8b436bb
Certificate serial: 1A2949
Authority key identifier: BE:3E:AB:7A:10:6B:40:B0:F6:42:8F:4B:70:13:51:7C:9C:66:64:E0
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c42687bcebd27d6fd68fc0f95a18fd8af8b436bb.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/683dd2d6cabbb4d04cfe0237249a9999bf972146.roa
Signing time: Mon 12 Sep 2022 16:54:44 +0000
ROA not before: Mon 12 Sep 2022 15:47:43 +0000
ROA not after: Thu 12 Sep 2024 15:47:43 +0000
asID: 269918
IP address blocks: 131.72.168.0/24 maxlen: 24
131.72.169.0/24 maxlen: 24
131.72.170.0/24 maxlen: 24
131.72.171.0/24 maxlen: 24
131.72.168.0/22 maxlen: 24
2803:dd80::/32 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1714505 (0x1a2949)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42687bcebd27d6fd68fc0f95a18fd8af8b436bb
Validity
Not Before: Sep 12 15:47:43 2022 GMT
Not After : Sep 12 15:47:43 2024 GMT
Subject: CN=683dd2d6cabbb4d04cfe0237249a9999bf972146
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:de:43:9e:35:81:dd:f6:9d:f4:e5:75:8a:54:
c0:c6:37:98:2d:ba:bf:ab:53:9a:80:fc:ad:54:25:
c6:eb:c7:3c:db:52:40:d6:d6:8b:a3:a1:db:be:f2:
bb:79:29:d3:72:78:94:cc:c4:62:5c:ef:50:5c:08:
1f:ec:04:73:c1:c3:4e:d9:1a:aa:d5:89:7c:df:58:
43:88:31:b4:6a:af:b5:ef:58:a9:f3:53:63:e3:ff:
91:8f:5a:ec:1c:97:08:e4:5b:4e:13:88:f2:1c:ad:
01:c6:f7:e2:62:ff:e3:85:b2:6c:e4:1d:09:20:2b:
ea:cd:ac:49:2f:71:1f:87:cf:4d:1b:2f:3c:dc:6a:
9e:1e:43:e1:ee:eb:08:50:cc:7d:10:fc:59:f2:b9:
ad:f5:cb:1b:77:a9:0b:81:c5:2f:9e:91:9c:85:1b:
61:06:e9:09:58:fa:24:c9:4c:1a:54:52:3c:eb:d2:
a2:64:69:28:a3:36:7a:e1:03:67:1c:e3:35:14:35:
13:e7:75:ee:b7:d4:f3:e3:f2:40:52:c9:d9:95:be:
96:da:73:d2:9f:0f:a8:88:c7:e8:5c:42:59:c5:0a:
67:5d:df:a9:64:b9:23:77:af:f1:5b:ee:ff:7d:34:
4e:5f:2d:bb:c8:6c:db:f5:a8:e3:69:da:56:71:fe:
25:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:7A:38:B4:86:70:F8:3A:48:B5:82:E4:78:2E:45:F9:37:AD:44:B7
X509v3 Authority Key Identifier:
keyid:BE:3E:AB:7A:10:6B:40:B0:F6:42:8F:4B:70:13:51:7C:9C:66:64:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c42687bcebd27d6fd68fc0f95a18fd8af8b436bb.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/683dd2d6cabbb4d04cfe0237249a9999bf972146.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/c42687bcebd27d6fd68fc0f95a18fd8af8b436bb.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.72.168.0/22
IPv6:
2803:dd80::/32
Signature Algorithm: sha256WithRSAEncryption
42:9a:e7:0c:df:bf:ba:64:c5:29:57:79:5e:b7:7c:6e:b8:52:
56:bc:90:22:3a:c2:87:ca:70:db:42:8e:84:98:7e:8b:31:50:
b9:cb:b7:d1:21:69:7e:17:1f:30:c0:b2:03:24:b5:bb:24:f2:
4f:81:c9:46:39:85:aa:70:1f:26:e4:bb:ab:a5:b4:e0:d0:2d:
49:62:75:2e:50:1a:fe:ae:0f:33:8e:4d:01:9d:ec:97:9c:53:
2d:83:7d:b4:d5:93:a5:d3:1b:16:f4:51:c5:9c:e7:ef:81:d7:
2b:5b:1c:be:58:b6:28:2f:c5:70:39:70:44:c1:ab:1c:d6:6e:
61:5c:57:63:c5:9a:b1:2b:8b:c8:06:25:22:cb:50:3f:0d:8d:
b1:fc:49:53:90:fa:b6:55:56:d0:73:2e:44:bf:db:62:b4:99:
c9:7e:e4:f6:ba:6b:c6:36:ac:a6:84:b4:bc:d9:21:3c:aa:f5:
1f:63:3f:9c:c8:3b:64:13:a5:67:67:ce:8b:6c:e6:55:d4:e0:
7e:f0:93:c8:fe:11:72:ea:16:57:ea:58:89:c5:a7:87:20:5b:
27:56:5a:b3:91:f5:e4:64:2c:29:bc:da:e8:17:8a:2b:02:7c:
c4:1c:55:a5:57:98:29:70:d5:4c:8a:6b:21:75:2c:ee:16:2d:
b2:11:89:7b
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDGilJMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM0
MjY4N2JjZWJkMjdkNmZkNjhmYzBmOTVhMThmZDhhZjhiNDM2YmIwHhcNMjIwOTEy
MTU0NzQzWhcNMjQwOTEyMTU0NzQzWjAzMTEwLwYDVQQDEyg2ODNkZDJkNmNhYmJi
NGQwNGNmZTAyMzcyNDlhOTk5OWJmOTcyMTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkN5DnjWB3fad9OV1ilTAxjeYLbq/q1OagPytVCXG68c821JA
1taLo6HbvvK7eSnTcniUzMRiXO9QXAgf7ARzwcNO2Rqq1Yl831hDiDG0aq+171ip
81Nj4/+Rj1rsHJcI5FtOE4jyHK0BxvfiYv/jhbJs5B0JICvqzaxJL3Efh89NGy88
3GqeHkPh7usIUMx9EPxZ8rmt9csbd6kLgcUvnpGchRthBukJWPokyUwaVFI869Ki
ZGkoozZ64QNnHOM1FDUT53Xut9Tz4/JAUsnZlb6W2nPSnw+oiMfoXEJZxQpnXd+p
ZLkjd6/xW+7/fTROXy27yGzb9ajjadpWcf4lwwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFFp6OLSGcPg6SLWC5HguRfk3rUS3MB8GA1UdIwQYMBaAFL4+q3oQa0Cw9kKP
S3ATUXycZmTgMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzQyNjg3
YmNlYmQyN2Q2ZmQ2OGZjMGY5NWExOGZkOGFmOGI0MzZiYi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTAxMzQ1NjUtOWYzYy00OWIxLWFhZjYtZGZmMmVh
MzE0NmZlLzY4M2RkMmQ2Y2FiYmI0ZDA0Y2ZlMDIzNzI0OWE5OTk5YmY5NzIxNDYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hMDEzNDU2NS05ZjNjLTQ5YjEtYWFmNi1kZmYy
ZWEzMTQ2ZmUvYzQyNjg3YmNlYmQyN2Q2ZmQ2OGZjMGY5NWExOGZkOGFmOGI0MzZi
Yi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAoNIqDANBAIAAjAHAwUAKAPdgDANBgkqhkiG9w0BAQsFAAOC
AQEAQprnDN+/umTFKVd5Xrd8brhSVryQIjrCh8pw20KOhJh+izFQucu30SFpfhcf
MMCyAyS1uyTyT4HJRjmFqnAfJuS7q6W04NAtSWJ1LlAa/q4PM45NAZ3sl5xTLYN9
tNWTpdMbFvRRxZzn74HXK1scvli2KC/FcDlwRMGrHNZuYVxXY8WasSuLyAYlIstQ
Pw2NsfxJU5D6tlVW0HMuRL/bYrSZyX7k9rprxjaspoS0vNkhPKr1H2M/nMg7ZBOl
Z2fOi2zmVdTgfvCTyP4RcuoWV+pYicWnhyBbJ1Zas5H15GQsKbza6BeKKwJ8xBxV
pVeYKXDVTIprIXUs7hYtshGJew==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-ams.rpki-client.org