Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/b343a245-7eaf-4955-90fa-8e6d6fd43ab8/caaf2da0a8252f187d5327981867f3df3851b0b5.roa
File: caaf2da0a8252f187d5327981867f3df3851b0b5.roa (raw, json)
Hash identifier: hHIF6PNcr60iV1BTbR3Y4xWdaHNbLbMOsdAvWPx1xpQ=
Subject key identifier: 08:A8:83:14:33:5B:DA:1C:45:89:E6:B1:11:FD:06:E1:75:49:5E:D8
Certificate issuer: /CN=a5db578ddaaedcf4375740e85f5f51db4e193706
Certificate serial: 1F72AA
Authority key identifier: 77:12:68:55:B2:AC:ED:4F:18:E8:4D:88:E8:D2:AF:63:B0:18:27:82
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a5db578ddaaedcf4375740e85f5f51db4e193706.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/b343a245-7eaf-4955-90fa-8e6d6fd43ab8/caaf2da0a8252f187d5327981867f3df3851b0b5.roa
Signing time: Fri 24 Mar 2023 16:20:19 +0000
ROA not before: Sun 05 Mar 2023 22:01:59 +0000
ROA not after: Sun 09 Mar 2025 23:01:59 +0000
asID: 263761
IP address blocks: 190.99.119.0/24 maxlen: 24
138.117.143.0/24 maxlen: 24
190.99.116.0/24 maxlen: 24
138.117.142.0/24 maxlen: 24
2803:5100::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2060970 (0x1f72aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5db578ddaaedcf4375740e85f5f51db4e193706
Validity
Not Before: Mar 5 22:01:59 2023 GMT
Not After : Mar 9 23:01:59 2025 GMT
Subject: CN=caaf2da0a8252f187d5327981867f3df3851b0b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:dc:48:41:1c:15:8c:57:8b:fc:19:21:e3:d6:
54:2c:40:d5:6a:fb:fb:ad:cb:2b:90:af:e1:8b:d3:
3b:b6:b0:6b:45:e9:ee:21:97:1b:d5:f4:d8:44:f0:
82:87:00:df:35:af:4e:e1:27:34:eb:cc:c9:3f:35:
49:88:45:8d:d1:74:ca:4a:6b:3b:87:1a:11:6c:01:
9e:81:fa:4c:f9:da:70:1e:63:9d:d4:ad:5b:7d:ee:
11:f4:e8:2f:06:8e:09:47:de:3e:0f:80:c3:1c:e8:
1e:c5:05:a2:3c:ae:08:fb:ef:dd:39:19:19:7b:a7:
d2:32:c8:17:d0:e1:dd:0d:57:9c:97:17:61:c5:d7:
e6:a0:48:11:7e:d1:82:7b:ae:1b:f0:71:b1:07:0e:
ca:8e:9b:86:a2:64:c4:59:50:09:07:e2:be:65:b2:
eb:45:2d:c7:18:ee:d3:91:c2:d2:71:b8:16:22:34:
38:9f:e4:4b:d1:58:93:fa:35:b3:7b:a7:52:25:aa:
1a:c7:75:82:58:bb:31:b4:6a:b9:b7:a9:12:3b:70:
4d:67:77:d2:b4:f0:6a:81:6c:90:53:56:e3:e2:a0:
bf:db:c5:4a:4c:cb:30:35:84:b2:c3:e9:61:b0:40:
2b:3e:32:d8:e1:76:37:74:ca:4b:73:00:78:45:c1:
39:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:A8:83:14:33:5B:DA:1C:45:89:E6:B1:11:FD:06:E1:75:49:5E:D8
X509v3 Authority Key Identifier:
keyid:77:12:68:55:B2:AC:ED:4F:18:E8:4D:88:E8:D2:AF:63:B0:18:27:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a5db578ddaaedcf4375740e85f5f51db4e193706.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/b343a245-7eaf-4955-90fa-8e6d6fd43ab8/caaf2da0a8252f187d5327981867f3df3851b0b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/b343a245-7eaf-4955-90fa-8e6d6fd43ab8/a5db578ddaaedcf4375740e85f5f51db4e193706.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.117.142.0/23
190.99.116.0/24
190.99.119.0/24
IPv6:
2803:5100::/32
Signature Algorithm: sha256WithRSAEncryption
29:7c:2b:ab:f7:2e:55:d7:12:a8:bf:6f:23:c6:c6:2d:2e:2d:
67:bc:58:41:74:eb:34:15:20:32:02:bd:59:5a:f1:c6:7a:c0:
2f:c9:bf:67:16:ff:70:e3:5e:3e:75:a7:54:94:af:5a:71:ad:
90:74:e0:5c:74:99:d9:29:fd:92:0f:d0:02:3e:c4:50:04:bc:
88:5a:c9:e2:e1:6e:cd:5b:51:da:64:94:ba:ee:5c:34:87:f8:
81:22:19:f9:b9:13:c7:04:ec:60:2a:f9:29:a6:fe:bc:dd:67:
46:99:ff:70:5f:8a:0e:b3:e3:3c:42:3a:5e:b5:0f:11:75:58:
5d:21:fe:a6:c3:b5:b8:0a:da:fa:45:19:01:c6:92:65:14:3c:
89:9b:1a:c5:67:71:b8:41:90:9e:bb:66:03:29:d4:89:b5:35:
25:20:59:7a:ea:5b:25:5c:09:5e:c1:2d:8b:d1:a9:a1:89:ff:
00:45:f3:14:66:9f:57:6f:5d:b6:7e:33:d3:61:1c:a7:d6:6c:
36:0f:0a:8f:bd:d1:b9:7a:89:c7:96:9f:d7:f0:da:d6:cd:f2:
62:88:15:e3:71:9f:90:27:fb:25:b6:6e:38:d4:68:00:b6:7a:
f7:ef:38:6b:2e:53:3a:10:23:fb:3b:9e:ee:d1:43:f0:89:bd:
93:a1:f5:59
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgIDH3KqMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE1
ZGI1NzhkZGFhZWRjZjQzNzU3NDBlODVmNWY1MWRiNGUxOTM3MDYwHhcNMjMwMzA1
MjIwMTU5WhcNMjUwMzA5MjMwMTU5WjAzMTEwLwYDVQQDEyhjYWFmMmRhMGE4MjUy
ZjE4N2Q1MzI3OTgxODY3ZjNkZjM4NTFiMGI1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArdxIQRwVjFeL/Bkh49ZULEDVavv7rcsrkK/hi9M7trBrRenu
IZcb1fTYRPCChwDfNa9O4Sc068zJPzVJiEWN0XTKSms7hxoRbAGegfpM+dpwHmOd
1K1bfe4R9OgvBo4JR94+D4DDHOgexQWiPK4I++/dORkZe6fSMsgX0OHdDVeclxdh
xdfmoEgRftGCe64b8HGxBw7KjpuGomTEWVAJB+K+ZbLrRS3HGO7TkcLScbgWIjQ4
n+RL0ViT+jWze6dSJaoax3WCWLsxtGq5t6kSO3BNZ3fStPBqgWyQU1bj4qC/28VK
TMswNYSyw+lhsEArPjLY4XY3dMpLcwB4RcE5OQIDAQABo4ICdjCCAnIwHQYDVR0O
BBYEFAiogxQzW9ocRYnmsRH9BuF1SV7YMB8GA1UdIwQYMBaAFHcSaFWyrO1PGOhN
iOjSr2OwGCeCMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTVkYjU3
OGRkYWFlZGNmNDM3NTc0MGU4NWY1ZjUxZGI0ZTE5MzcwNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYjM0M2EyNDUtN2VhZi00OTU1LTkwZmEtOGU2ZDZm
ZDQzYWI4L2NhYWYyZGEwYTgyNTJmMTg3ZDUzMjc5ODE4NjdmM2RmMzg1MWIwYjUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iMzQzYTI0NS03ZWFmLTQ5NTUtOTBmYS04ZTZk
NmZkNDNhYjgvYTVkYjU3OGRkYWFlZGNmNDM3NTc0MGU4NWY1ZjUxZGI0ZTE5Mzcw
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6BggrBgEFBQcBBwEB/wQr
MCkwGAQCAAEwEgMEAYp1jgMEAL5jdAMEAL5jdzANBAIAAjAHAwUAKANRADANBgkq
hkiG9w0BAQsFAAOCAQEAKXwrq/cuVdcSqL9vI8bGLS4tZ7xYQXTrNBUgMgK9WVrx
xnrAL8m/Zxb/cONePnWnVJSvWnGtkHTgXHSZ2Sn9kg/QAj7EUAS8iFrJ4uFuzVtR
2mSUuu5cNIf4gSIZ+bkTxwTsYCr5Kab+vN1nRpn/cF+KDrPjPEI6XrUPEXVYXSH+
psO1uAra+kUZAcaSZRQ8iZsaxWdxuEGQnrtmAynUibU1JSBZeupbJVwJXsEti9Gp
oYn/AEXzFGafV29dtn4z02Ecp9ZsNg8Kj73RuXqJx5af1/Da1s3yYogV43GfkCf7
JbZuONRoALZ69+84ay5TOhAj+zue7tFD8Im9k6H1WQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:38:02 2024 by rpki-client on console-fra.rpki-client.org