Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/ec31dcfb-d9c1-423f-b658-fa96ff1562aa/f9ad0e1a7ed586d19065deb9a5195ea4b4ad4648.roa
File: f9ad0e1a7ed586d19065deb9a5195ea4b4ad4648.roa (raw, json)
Hash identifier: G8thpcNwXKZJHyq501jEbNLKATULu2z1vSS4cZOVuIg=
Subject key identifier: 60:25:9F:32:27:44:45:88:8B:83:69:69:AC:B6:B0:47:57:C6:B8:8F
Certificate issuer: /CN=891940c92e5962f377d7880042fabe9dcc03d089
Certificate serial: 0F9E
Authority key identifier: CD:A0:A7:03:75:E8:B0:4F:33:54:57:5D:FB:2C:52:89:02:F4:B9:6A
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/891940c92e5962f377d7880042fabe9dcc03d089.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/ec31dcfb-d9c1-423f-b658-fa96ff1562aa/f9ad0e1a7ed586d19065deb9a5195ea4b4ad4648.roa
Signing time: Sat 08 Oct 2022 01:53:24 +0000
ROA not before: Thu 06 Oct 2022 13:49:17 +0000
ROA not after: Sun 06 Oct 2024 13:49:17 +0000
asID: 264680
IP address blocks: 168.196.0.0/22 maxlen: 24
2803:80c0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3998 (0xf9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=891940c92e5962f377d7880042fabe9dcc03d089
Validity
Not Before: Oct 6 13:49:17 2022 GMT
Not After : Oct 6 13:49:17 2024 GMT
Subject: CN=f9ad0e1a7ed586d19065deb9a5195ea4b4ad4648
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:e5:44:36:ef:69:8d:a1:90:a0:ec:a5:e5:91:
d9:88:ad:cf:3c:5d:03:31:58:2e:0e:d2:95:50:09:
2f:36:cd:14:1a:f6:14:ac:e1:a5:a2:64:92:ba:29:
b9:4c:ab:04:0b:d2:5f:a7:a6:bc:d5:02:36:c4:1d:
82:c7:bc:f3:6a:b4:2b:ee:dc:f2:8d:95:fd:99:24:
1b:be:47:9e:9e:af:6a:84:7e:01:95:24:b4:ba:70:
f0:57:54:d6:7b:29:2e:7c:45:94:d7:f8:54:78:93:
38:a2:8e:aa:8a:c5:35:8d:a6:9d:82:3e:d9:90:b9:
b5:61:eb:1c:59:7b:ee:d3:ce:a6:f7:d8:9e:10:5c:
2a:68:2f:90:cb:4d:03:1c:3a:6c:9c:3d:ff:0c:dd:
3e:f5:f4:bf:d2:60:11:02:a3:de:7c:a2:59:5a:b6:
ae:0f:f0:a7:a2:9f:e1:8c:4f:8a:5e:36:e8:ee:f1:
95:c0:07:5c:64:43:12:7a:35:12:62:57:3a:77:21:
20:4c:8d:43:f5:df:a5:fe:b5:52:97:05:42:21:9f:
6e:2f:ae:17:fe:65:25:5d:e2:9e:da:33:7f:ec:10:
12:5d:25:a9:ec:47:0f:a0:67:93:c0:39:c8:a1:24:
75:af:05:cd:2b:74:71:a8:44:68:e6:c6:bc:1e:9c:
8a:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:25:9F:32:27:44:45:88:8B:83:69:69:AC:B6:B0:47:57:C6:B8:8F
X509v3 Authority Key Identifier:
keyid:CD:A0:A7:03:75:E8:B0:4F:33:54:57:5D:FB:2C:52:89:02:F4:B9:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/891940c92e5962f377d7880042fabe9dcc03d089.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/ec31dcfb-d9c1-423f-b658-fa96ff1562aa/f9ad0e1a7ed586d19065deb9a5195ea4b4ad4648.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/ec31dcfb-d9c1-423f-b658-fa96ff1562aa/891940c92e5962f377d7880042fabe9dcc03d089.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
168.196.0.0/22
IPv6:
2803:80c0::/32
Signature Algorithm: sha256WithRSAEncryption
5c:3f:84:c7:1b:1c:c3:ae:64:a4:cf:57:40:35:fb:f2:0b:2d:
73:33:fc:ef:1c:fa:be:15:b3:41:13:07:e4:f5:ae:b6:4e:9c:
ff:aa:00:b9:f9:c4:97:97:43:cd:6c:f1:d3:47:72:23:84:59:
b9:35:d4:89:f8:a8:f2:23:0f:a3:01:27:d3:7d:3e:05:a1:0a:
c1:08:00:0c:23:1b:dc:1e:74:d6:c7:87:ce:d6:6a:ab:5b:88:
c0:6b:bf:d3:aa:46:2f:76:34:90:06:2c:c0:ff:0f:c0:07:83:
a4:c8:93:ff:ae:d8:4a:92:f6:95:7a:92:ff:16:c2:ac:7e:62:
e0:47:a7:27:20:ff:0b:f1:53:e9:32:d4:c6:44:d3:b6:cf:70:
97:ed:5f:82:1a:5a:f8:1f:b5:74:59:db:43:c5:28:f9:2f:56:
32:8b:ca:9c:c9:6a:0f:b9:49:96:70:24:9a:78:a6:af:7d:b3:
04:2e:bf:ef:93:af:46:4d:00:7b:83:1a:ac:f4:f3:2c:13:2c:
a0:e7:bc:45:d3:fb:cc:15:76:19:33:7c:f1:6e:59:64:0c:67:
0d:ae:20:27:2c:3a:6d:48:05:c9:82:44:56:15:ea:1a:29:49:
32:88:f7:05:4f:66:31:4f:06:3b:a1:16:58:2e:85:ea:93:7a:
67:f6:35:05
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgICD54wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODkx
OTQwYzkyZTU5NjJmMzc3ZDc4ODAwNDJmYWJlOWRjYzAzZDA4OTAeFw0yMjEwMDYx
MzQ5MTdaFw0yNDEwMDYxMzQ5MTdaMDMxMTAvBgNVBAMTKGY5YWQwZTFhN2VkNTg2
ZDE5MDY1ZGViOWE1MTk1ZWE0YjRhZDQ2NDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCM5UQ272mNoZCg7KXlkdmIrc88XQMxWC4O0pVQCS82zRQa9hSs
4aWiZJK6KblMqwQL0l+nprzVAjbEHYLHvPNqtCvu3PKNlf2ZJBu+R56er2qEfgGV
JLS6cPBXVNZ7KS58RZTX+FR4kziijqqKxTWNpp2CPtmQubVh6xxZe+7Tzqb32J4Q
XCpoL5DLTQMcOmycPf8M3T719L/SYBECo958ollatq4P8Kein+GMT4peNuju8ZXA
B1xkQxJ6NRJiVzp3ISBMjUP136X+tVKXBUIhn24vrhf+ZSVd4p7aM3/sEBJdJans
Rw+gZ5PAOcihJHWvBc0rdHGoRGjmxrwenIojAgMBAAGjggJqMIICZjAdBgNVHQ4E
FgQUYCWfMidERYiLg2lprLawR1fGuI8wHwYDVR0jBBgwFoAUzaCnA3XosE8zVFdd
+yxSiQL0uWowDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS84OTE5NDBj
OTJlNTk2MmYzNzdkNzg4MDA0MmZhYmU5ZGNjMDNkMDg5LmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy9lYzMxZGNmYi1kOWMxLTQyM2YtYjY1OC1mYTk2ZmYx
NTYyYWEvZjlhZDBlMWE3ZWQ1ODZkMTkwNjVkZWI5YTUxOTVlYTRiNGFkNDY0OC5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljL2VjMzFkY2ZiLWQ5YzEtNDIzZi1iNjU4LWZhOTZm
ZjE1NjJhYS84OTE5NDBjOTJlNTk2MmYzNzdkNzg4MDA0MmZhYmU5ZGNjMDNkMDg5
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8w
HTAMBAIAATAGAwQCqMQAMA0EAgACMAcDBQAoA4DAMA0GCSqGSIb3DQEBCwUAA4IB
AQBcP4THGxzDrmSkz1dANfvyCy1zM/zvHPq+FbNBEwfk9a62Tpz/qgC5+cSXl0PN
bPHTR3IjhFm5NdSJ+KjyIw+jASfTfT4FoQrBCAAMIxvcHnTWx4fO1mqrW4jAa7/T
qkYvdjSQBizA/w/AB4OkyJP/rthKkvaVepL/FsKsfmLgR6cnIP8L8VPpMtTGRNO2
z3CX7V+CGlr4H7V0WdtDxSj5L1Yyi8qcyWoPuUmWcCSaeKavfbMELr/vk69GTQB7
gxqs9PMsEyyg57xF0/vMFXYZM3zxbllkDGcNriAnLDptSAXJgkRWFeoaKUkyiPcF
T2YxTwY7oRZYLoXqk3pn9jUF
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:57 2023 by rpki-client on console-ams.rpki-client.org