Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/a635545d19280b00264187fee50a859a7de6d0d1.roa
File: a635545d19280b00264187fee50a859a7de6d0d1.roa (raw, json)
Hash identifier: YXH3I/ihC4T1GS4RSx0gGIr0sYslFLkmnss4AFk4qq8=
Subject key identifier: 48:53:40:AA:0D:B7:17:EF:DF:72:4D:7C:01:BA:BA:31:BB:FA:2B:9B
Certificate issuer: /CN=c42687bcebd27d6fd68fc0f95a18fd8af8b436bb
Certificate serial: 24E0E8
Authority key identifier: BE:3E:AB:7A:10:6B:40:B0:F6:42:8F:4B:70:13:51:7C:9C:66:64:E0
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c42687bcebd27d6fd68fc0f95a18fd8af8b436bb.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/a635545d19280b00264187fee50a859a7de6d0d1.roa
Signing time: Wed 11 Oct 2023 16:00:54 +0000
ROA not before: Tue 10 Oct 2023 16:00:54 +0000
ROA not after: Sat 11 Oct 2025 16:00:54 +0000
asID: 269918
IP address blocks: 131.72.168.0/22 maxlen: 24
131.72.168.0/24 maxlen: 24
131.72.169.0/24 maxlen: 24
131.72.170.0/24 maxlen: 24
131.72.171.0/24 maxlen: 24
2803:dd80::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2416872 (0x24e0e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42687bcebd27d6fd68fc0f95a18fd8af8b436bb
Validity
Not Before: Oct 10 16:00:54 2023 GMT
Not After : Oct 11 16:00:54 2025 GMT
Subject: CN=a635545d19280b00264187fee50a859a7de6d0d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:32:09:32:32:71:be:2b:59:f8:65:03:c3:08:
00:d8:8b:9a:11:08:9f:0d:83:40:0d:1a:05:48:d3:
8e:8f:54:57:5b:89:73:0e:31:78:8e:25:e2:27:3d:
03:4f:8e:1f:74:8c:54:28:0a:20:b0:da:df:69:d7:
e7:c8:21:13:df:7b:40:93:9e:cc:35:4f:41:9f:2e:
ab:69:f7:aa:1e:dd:6c:09:3e:59:66:4f:cd:f9:27:
ff:20:f0:39:cc:44:18:38:d2:46:a5:e9:9b:ca:3c:
12:3c:61:1c:89:57:aa:cd:0e:01:29:d1:7f:34:74:
0a:37:fb:6a:2d:ef:bb:74:fa:4a:e1:28:01:13:2d:
0b:13:cc:53:9d:d4:cc:57:d6:f7:08:96:b5:9e:6b:
40:49:36:cd:05:3b:6d:02:3c:50:35:85:de:e8:9b:
dc:71:ee:fc:8b:97:d6:34:81:a2:2e:00:88:be:39:
12:72:8a:d9:21:90:d5:35:54:af:20:bb:b0:3c:69:
46:41:3a:df:21:a6:56:7a:2c:31:9b:28:8b:98:c1:
70:9f:c1:3e:c8:ca:b6:88:12:19:4e:a2:a1:7c:5e:
b8:1d:56:4e:f4:0f:f3:3c:04:48:42:6e:01:47:20:
cc:04:28:dc:55:4d:b9:ff:cc:6e:01:6d:2f:66:56:
c2:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:53:40:AA:0D:B7:17:EF:DF:72:4D:7C:01:BA:BA:31:BB:FA:2B:9B
X509v3 Authority Key Identifier:
keyid:BE:3E:AB:7A:10:6B:40:B0:F6:42:8F:4B:70:13:51:7C:9C:66:64:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c42687bcebd27d6fd68fc0f95a18fd8af8b436bb.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/a635545d19280b00264187fee50a859a7de6d0d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/c42687bcebd27d6fd68fc0f95a18fd8af8b436bb.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.72.168.0/22
IPv6:
2803:dd80::/32
Signature Algorithm: sha256WithRSAEncryption
13:db:91:01:43:82:20:08:c4:d5:df:74:25:20:3c:87:22:ae:
ba:93:2e:da:94:a0:75:e6:38:2b:0a:d1:9b:51:8f:54:4d:88:
78:bf:a5:d0:b7:45:ed:c1:d0:cd:ae:75:4d:11:6f:3c:9c:04:
ff:aa:4d:24:08:f9:b1:86:52:98:ad:72:41:30:8a:6c:3a:16:
95:14:d5:18:fa:fb:44:1d:50:a8:e5:38:2e:08:c4:1c:d5:4b:
c9:73:9c:7c:c6:37:46:4a:68:c2:7e:1b:dd:2f:18:ca:5d:27:
5e:f4:72:6d:9b:76:45:34:ba:8f:b4:20:31:58:a9:2f:36:30:
3a:0a:24:dd:8b:4e:57:5c:53:67:c3:57:68:d9:18:13:ec:0c:
70:20:60:af:c0:de:de:a3:fe:ce:09:90:cd:a1:67:4f:b4:ab:
a6:64:88:b6:a7:71:0b:14:ae:20:ff:a5:9e:b2:0d:f8:28:a6:
46:7b:b3:3b:44:a1:64:56:99:91:0c:2b:82:bc:43:c3:d4:4c:
52:e2:6d:5e:fc:95:60:f1:7e:22:14:ef:42:dd:d9:a4:e4:0f:
af:1e:80:c5:dd:9c:ca:e8:0b:2a:07:5f:47:c4:08:6b:4c:cc:
de:64:05:ce:e9:5f:2b:62:d9:64:1c:03:9f:7b:13:c8:22:7a:
6d:9a:c0:dc
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDJODoMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM0
MjY4N2JjZWJkMjdkNmZkNjhmYzBmOTVhMThmZDhhZjhiNDM2YmIwHhcNMjMxMDEw
MTYwMDU0WhcNMjUxMDExMTYwMDU0WjAzMTEwLwYDVQQDEyhhNjM1NTQ1ZDE5Mjgw
YjAwMjY0MTg3ZmVlNTBhODU5YTdkZTZkMGQxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkjIJMjJxvitZ+GUDwwgA2IuaEQifDYNADRoFSNOOj1RXW4lz
DjF4jiXiJz0DT44fdIxUKAogsNrfadfnyCET33tAk57MNU9Bny6rafeqHt1sCT5Z
Zk/N+Sf/IPA5zEQYONJGpembyjwSPGEciVeqzQ4BKdF/NHQKN/tqLe+7dPpK4SgB
Ey0LE8xTndTMV9b3CJa1nmtASTbNBTttAjxQNYXe6Jvcce78i5fWNIGiLgCIvjkS
corZIZDVNVSvILuwPGlGQTrfIaZWeiwxmyiLmMFwn8E+yMq2iBIZTqKhfF64HVZO
9A/zPARIQm4BRyDMBCjcVU25/8xuAW0vZlbCuQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFEhTQKoNtxfv33JNfAG6ujG7+iubMB8GA1UdIwQYMBaAFL4+q3oQa0Cw9kKP
S3ATUXycZmTgMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzQyNjg3
YmNlYmQyN2Q2ZmQ2OGZjMGY5NWExOGZkOGFmOGI0MzZiYi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTAxMzQ1NjUtOWYzYy00OWIxLWFhZjYtZGZmMmVh
MzE0NmZlL2E2MzU1NDVkMTkyODBiMDAyNjQxODdmZWU1MGE4NTlhN2RlNmQwZDEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hMDEzNDU2NS05ZjNjLTQ5YjEtYWFmNi1kZmYy
ZWEzMTQ2ZmUvYzQyNjg3YmNlYmQyN2Q2ZmQ2OGZjMGY5NWExOGZkOGFmOGI0MzZi
Yi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAoNIqDANBAIAAjAHAwUAKAPdgDANBgkqhkiG9w0BAQsFAAOC
AQEAE9uRAUOCIAjE1d90JSA8hyKuupMu2pSgdeY4KwrRm1GPVE2IeL+l0LdF7cHQ
za51TRFvPJwE/6pNJAj5sYZSmK1yQTCKbDoWlRTVGPr7RB1QqOU4LgjEHNVLyXOc
fMY3Rkpown4b3S8Yyl0nXvRybZt2RTS6j7QgMVipLzYwOgok3YtOV1xTZ8NXaNkY
E+wMcCBgr8De3qP+zgmQzaFnT7SrpmSItqdxCxSuIP+lnrIN+CimRnuzO0ShZFaZ
kQwrgrxDw9RMUuJtXvyVYPF+IhTvQt3ZpOQPrx6Axd2cyugLKgdfR8QIa0zM3mQF
zulfK2LZZBwDn3sTyCJ6bZrA3A==
-----END CERTIFICATE-----
Generated at Wed Oct 11 17:07:37 2023 by rpki-client on console-ams.rpki-client.org