Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/e4e43743-cebb-4f29-956e-360d8d220f54/9fcf9aef13931b338630829ab77e1dafef1fd3e1.roa
File: 9fcf9aef13931b338630829ab77e1dafef1fd3e1.roa (raw, json)
Hash identifier: Y6msPnivk9FGPrUtbZUOboiMSLJtlz84eX37r0LL098=
Subject key identifier: 8F:4F:2A:84:25:4E:BD:02:5B:E9:35:B0:52:3C:93:2A:FD:0C:82:47
Certificate issuer: /CN=7aa34ce93acbfe70c4de64538dca0894b670f0d2
Certificate serial: 223BD1
Authority key identifier: 5F:85:D3:6E:A2:27:14:35:40:49:19:8D:ED:3B:94:16:27:FD:D5:35
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7aa34ce93acbfe70c4de64538dca0894b670f0d2.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/e4e43743-cebb-4f29-956e-360d8d220f54/9fcf9aef13931b338630829ab77e1dafef1fd3e1.roa
Signing time: Tue 04 Jul 2023 08:30:12 +0000
ROA not before: Mon 03 Jul 2023 08:30:12 +0000
ROA not after: Wed 02 Jul 2025 08:30:12 +0000
asID: 6535
IP address blocks: 200.14.204.0/24 maxlen: 24
200.14.211.0/24 maxlen: 24
200.14.228.0/23 maxlen: 24
200.14.230.0/24 maxlen: 24
200.27.128.0/24 maxlen: 24
200.29.200.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2243537 (0x223bd1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7aa34ce93acbfe70c4de64538dca0894b670f0d2
Validity
Not Before: Jul 3 08:30:12 2023 GMT
Not After : Jul 2 08:30:12 2025 GMT
Subject: CN=9fcf9aef13931b338630829ab77e1dafef1fd3e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:06:e8:b7:eb:80:f2:7e:2c:c1:5c:03:21:50:
27:f9:9c:61:d9:7c:69:70:23:f6:e1:82:3d:80:64:
0b:33:a9:a4:f3:a3:3d:2c:15:9b:ec:f6:2d:a1:b2:
18:26:72:4e:86:7a:6d:2e:c9:66:27:b0:d2:8d:af:
2d:a4:9b:c3:f2:e2:92:01:ec:0a:e0:77:9f:30:39:
37:74:1b:6d:8f:ff:0e:01:ca:d3:79:26:81:98:bd:
75:bf:ac:6f:21:e8:0e:c9:78:c8:a3:a0:57:2e:4c:
ea:7f:25:9a:8d:a5:4c:68:34:a5:29:16:9c:03:c8:
de:40:47:98:8f:c4:56:20:66:a3:1a:af:52:27:5f:
11:b6:18:b6:eb:c1:a0:3f:18:6a:77:64:b7:7d:9b:
0d:74:a7:a0:93:b2:0b:d8:f7:93:8f:6b:a9:ac:07:
ba:28:f7:22:2f:aa:31:20:c0:70:f1:36:7e:39:f8:
ed:29:d9:93:13:45:75:f7:f9:dd:21:ed:7d:fa:a6:
99:91:ad:35:ce:4b:7b:a8:fd:55:73:05:9d:7a:2e:
21:99:74:46:c1:9b:1b:4e:84:4e:59:9d:c9:18:cb:
79:55:c2:d3:0c:b1:82:32:d9:60:b3:e3:52:eb:11:
79:ca:89:cf:36:88:cf:09:c9:66:92:76:41:66:5e:
78:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:4F:2A:84:25:4E:BD:02:5B:E9:35:B0:52:3C:93:2A:FD:0C:82:47
X509v3 Authority Key Identifier:
keyid:5F:85:D3:6E:A2:27:14:35:40:49:19:8D:ED:3B:94:16:27:FD:D5:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7aa34ce93acbfe70c4de64538dca0894b670f0d2.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/e4e43743-cebb-4f29-956e-360d8d220f54/9fcf9aef13931b338630829ab77e1dafef1fd3e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/e4e43743-cebb-4f29-956e-360d8d220f54/7aa34ce93acbfe70c4de64538dca0894b670f0d2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.14.204.0/24
200.14.211.0/24
200.14.228.0-200.14.230.255
200.27.128.0/24
200.29.200.0/21
Signature Algorithm: sha256WithRSAEncryption
3b:b6:d2:64:33:47:4e:de:ce:89:88:cb:97:56:1c:ed:a8:89:
5e:87:c9:6a:0c:2c:a6:fd:26:d7:d9:7a:9b:ff:4c:f2:a0:a4:
e1:7e:a0:d9:3a:48:98:04:36:dd:d7:1d:07:c4:5b:f9:55:8e:
fd:e7:0e:eb:21:8b:99:75:00:7a:56:8f:67:34:7f:c4:30:1e:
f1:df:b9:b7:19:e7:d4:fa:df:37:62:85:8d:96:15:6e:e8:e7:
f0:cf:7d:07:76:fa:cd:3e:3e:c6:0b:64:19:16:29:64:1c:f0:
ed:23:5e:5c:b3:cd:72:7d:3a:23:3b:1a:59:dd:87:17:00:b1:
f0:6b:5d:4c:5f:01:4c:ef:c0:df:57:20:c6:12:ac:56:f9:cc:
89:8a:2e:e8:35:55:2f:05:5d:27:91:81:11:b9:4f:84:27:2d:
fd:6e:33:9b:34:cf:9b:43:ff:c1:5e:f0:0b:84:a1:75:ef:05:
33:26:1b:04:a5:8b:06:f6:1e:57:97:0c:ea:71:3b:98:86:66:
bb:28:56:e3:36:f3:92:e4:96:cc:84:4c:0f:32:a1:0a:51:b4:
c7:dc:1e:05:2b:16:ce:83:13:b1:24:33:d6:4c:8a:83:a6:49:
ec:7a:18:e9:40:27:4e:d6:05:b0:40:1e:97:de:66:d7:5d:a6:
d9:a9:63:91
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIDIjvRMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDdh
YTM0Y2U5M2FjYmZlNzBjNGRlNjQ1MzhkY2EwODk0YjY3MGYwZDIwHhcNMjMwNzAz
MDgzMDEyWhcNMjUwNzAyMDgzMDEyWjAzMTEwLwYDVQQDEyg5ZmNmOWFlZjEzOTMx
YjMzODYzMDgyOWFiNzdlMWRhZmVmMWZkM2UxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAywbot+uA8n4swVwDIVAn+Zxh2XxpcCP24YI9gGQLM6mk86M9
LBWb7PYtobIYJnJOhnptLslmJ7DSja8tpJvD8uKSAewK4HefMDk3dBttj/8OAcrT
eSaBmL11v6xvIegOyXjIo6BXLkzqfyWajaVMaDSlKRacA8jeQEeYj8RWIGajGq9S
J18Rthi268GgPxhqd2S3fZsNdKegk7IL2PeTj2uprAe6KPciL6oxIMBw8TZ+Ofjt
KdmTE0V19/ndIe19+qaZka01zkt7qP1VcwWdei4hmXRGwZsbToROWZ3JGMt5VcLT
DLGCMtlgs+NS6xF5yonPNojPCclmknZBZl54NwIDAQABo4ICezCCAncwHQYDVR0O
BBYEFI9PKoQlTr0CW+k1sFI8kyr9DIJHMB8GA1UdIwQYMBaAFF+F026iJxQ1QEkZ
je07lBYn/dU1MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvN2FhMzRj
ZTkzYWNiZmU3MGM0ZGU2NDUzOGRjYTA4OTRiNjcwZjBkMi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZTRlNDM3NDMtY2ViYi00ZjI5LTk1NmUtMzYwZDhk
MjIwZjU0LzlmY2Y5YWVmMTM5MzFiMzM4NjMwODI5YWI3N2UxZGFmZWYxZmQzZTEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lNGU0Mzc0My1jZWJiLTRmMjktOTU2ZS0zNjBk
OGQyMjBmNTQvN2FhMzRjZTkzYWNiZmU3MGM0ZGU2NDUzOGRjYTA4OTRiNjcwZjBk
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/BggrBgEFBQcBBwEB/wQw
MC4wLAQCAAEwJgMEAMgOzAMEAMgO0zAMAwQCyA7kAwQAyA7mAwQAyBuAAwQDyB3I
MA0GCSqGSIb3DQEBCwUAA4IBAQA7ttJkM0dO3s6JiMuXVhztqIleh8lqDCym/SbX
2Xqb/0zyoKThfqDZOkiYBDbd1x0HxFv5VY795w7rIYuZdQB6Vo9nNH/EMB7x37m3
GefU+t83YoWNlhVu6Ofwz30HdvrNPj7GC2QZFilkHPDtI15cs81yfTojOxpZ3YcX
ALHwa11MXwFM78DfVyDGEqxW+cyJii7oNVUvBV0nkYERuU+EJy39bjObNM+bQ//B
XvALhKF17wUzJhsEpYsG9h5XlwzqcTuYhma7KFbjNvOS5JbMhEwPMqEKUbTH3B4F
KxbOgxOxJDPWTIqDpknsehjpQCdO1gWwQB6X3mbXXabZqWOR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:38 2024 by rpki-client on console-ams.rpki-client.org