$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/61E636F90E723CA159F8DF51B283A2A05C5A403D8E4A4661B9D86D892DB62D02/0/AS23520.roa File: AS23520.roa (raw, json) Hash identifier: XVXe7EsVta1Ek45fM3QJSlrVYM0Gl2GVWqZQzfdQ6fk= Subject key identifier: 74:4A:ED:B3:9B:72:70:84:AC:25:60:03:72:EA:35:E4:DF:64:6C:D1 Certificate issuer: /CN=76ADD31F06A0B745CFDA6B93835E198DDB0DB784 Certificate serial: 342DF507A2ADD45E87C0CEFF4AA88F5DE9FCDD42 Authority key identifier: 76:AD:D3:1F:06:A0:B7:45:CF:DA:6B:93:83:5E:19:8D:DB:0D:B7:84 Authority info access: rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/76ADD31F06A0B745CFDA6B93835E198DDB0DB784.cer Subject info access: rsync://repository.lacnic.net/rpki/lacnic/61E636F90E723CA159F8DF51B283A2A05C5A403D8E4A4661B9D86D892DB62D02/0/AS23520.roa Signing time: Thu 02 Oct 2025 20:49:21 +0000 ROA not before: Thu 02 Oct 2025 20:44:21 +0000 ROA not after: Thu 01 Oct 2026 20:49:21 +0000 asID: 23520 IP address blocks: 190.242.10.0/24 maxlen: 24 190.242.12.0/24 maxlen: 24 190.242.14.0/24 maxlen: 24 190.242.20.0/24 maxlen: 24 190.242.31.0/24 maxlen: 24 190.242.36.0/22 maxlen: 24 190.242.40.0/23 maxlen: 24 190.242.46.0/23 maxlen: 24 190.242.48.0/24 maxlen: 24 190.242.49.0/24 maxlen: 24 190.242.56.0/23 maxlen: 24 190.242.57.0/24 maxlen: 24 190.242.102.0/24 maxlen: 24 190.242.105.0/24 maxlen: 24 190.242.118.0/24 maxlen: 24 190.242.119.0/24 maxlen: 24 190.242.126.0/24 maxlen: 24 190.242.132.0/24 maxlen: 24 190.242.133.0/24 maxlen: 24 190.242.134.0/24 maxlen: 24 190.242.135.0/24 maxlen: 24 190.242.136.0/23 maxlen: 24 190.242.140.0/24 maxlen: 24 190.242.141.0/24 maxlen: 24 190.242.142.0/24 maxlen: 24 190.242.145.0/24 maxlen: 24 190.242.147.0/24 maxlen: 24 190.242.155.0/24 maxlen: 24 190.242.156.0/24 maxlen: 24 190.242.157.0/24 maxlen: 24 190.242.163.0/24 maxlen: 24 190.242.166.0/24 maxlen: 24 190.242.167.0/24 maxlen: 24 190.242.169.0/24 maxlen: 24 190.242.170.0/24 maxlen: 24 190.242.171.0/24 maxlen: 24 190.242.172.0/24 maxlen: 24 190.242.173.0/24 maxlen: 24 190.242.174.0/24 maxlen: 24 190.242.175.0/24 maxlen: 24 190.242.176.0/24 maxlen: 24 190.242.177.0/24 maxlen: 24 190.242.178.0/24 maxlen: 24 190.242.179.0/24 maxlen: 24 190.242.180.0/24 maxlen: 24 190.242.181.0/24 maxlen: 24 190.242.182.0/24 maxlen: 24 190.242.183.0/24 maxlen: 24 190.242.192.0/24 maxlen: 24 190.242.255.0/24 maxlen: 24 2803:f950::/32 maxlen: 64 Validation: OK Signature path: rsync://repository.lacnic.net/rpki/lacnic/61E636F90E723CA159F8DF51B283A2A05C5A403D8E4A4661B9D86D892DB62D02/0/76ADD31F06A0B745CFDA6B93835E198DDB0DB784.crl rsync://repository.lacnic.net/rpki/lacnic/61E636F90E723CA159F8DF51B283A2A05C5A403D8E4A4661B9D86D892DB62D02/0/76ADD31F06A0B745CFDA6B93835E198DDB0DB784.mft rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/76ADD31F06A0B745CFDA6B93835E198DDB0DB784.cer rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer Signature path expires: Fri 24 Oct 2025 00:51:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:2d:f5:07:a2:ad:d4:5e:87:c0:ce:ff:4a:a8:8f:5d:e9:fc:dd:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=76ADD31F06A0B745CFDA6B93835E198DDB0DB784 Validity Not Before: Oct 2 20:44:21 2025 GMT Not After : Oct 1 20:49:21 2026 GMT Subject: CN=744AEDB39B727084AC25600372EA35E4DF646CD1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:fc:3b:c8:e2:30:46:6b:67:5b:ca:30:66:04: 66:0c:90:63:15:0c:1c:da:58:53:1c:9c:a3:57:ee: 5c:6b:24:f9:e6:9f:2d:f4:08:d6:a8:bf:cb:cf:7f: f3:f8:c6:2c:e1:8c:fb:27:de:ee:d0:68:53:8c:2a: 85:ef:0f:3f:0c:b6:8f:49:bd:da:46:0a:05:78:c7: 1e:d9:4c:9f:45:3b:16:16:d8:e9:7c:63:5b:e1:a8: c4:21:59:b4:ea:b9:f8:07:98:29:09:c3:ed:a2:59: f7:58:ca:ad:09:c3:78:16:c6:15:91:e9:cc:bc:2f: ce:7e:03:04:e9:4a:79:3c:05:31:ac:a3:d6:e0:e0: 87:ff:19:28:5b:97:73:f5:99:59:68:30:d8:5d:75: fb:83:9e:0b:51:3a:6f:89:59:d8:fb:05:1a:88:dc: f2:6d:4d:a9:6a:df:74:68:41:ad:0f:a3:49:9f:ee: da:75:f6:ca:34:58:0c:ab:b2:8a:93:31:ba:8d:88: 02:f3:e0:be:1c:f0:3c:21:ff:36:e6:9e:60:cb:09: 04:75:f9:56:1b:6f:0a:38:d7:32:69:45:05:b0:dc: a0:44:54:a3:eb:4f:d3:5a:d7:9d:36:18:9f:fa:64: 5b:6d:64:6b:e0:0a:5b:7e:db:49:73:53:14:54:50: af:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:4A:ED:B3:9B:72:70:84:AC:25:60:03:72:EA:35:E4:DF:64:6C:D1 X509v3 Authority Key Identifier: keyid:76:AD:D3:1F:06:A0:B7:45:CF:DA:6B:93:83:5E:19:8D:DB:0D:B7:84 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repository.lacnic.net/rpki/lacnic/61E636F90E723CA159F8DF51B283A2A05C5A403D8E4A4661B9D86D892DB62D02/0/76ADD31F06A0B745CFDA6B93835E198DDB0DB784.crl Authority Information Access: CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/76ADD31F06A0B745CFDA6B93835E198DDB0DB784.cer Subject Information Access: Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/61E636F90E723CA159F8DF51B283A2A05C5A403D8E4A4661B9D86D892DB62D02/0/AS23520.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 190.242.10.0/24 190.242.12.0/24 190.242.14.0/24 190.242.20.0/24 190.242.31.0/24 190.242.36.0-190.242.41.255 190.242.46.0-190.242.49.255 190.242.56.0/23 190.242.102.0/24 190.242.105.0/24 190.242.118.0/23 190.242.126.0/24 190.242.132.0-190.242.137.255 190.242.140.0-190.242.142.255 190.242.145.0/24 190.242.147.0/24 190.242.155.0-190.242.157.255 190.242.163.0/24 190.242.166.0/23 190.242.169.0-190.242.183.255 190.242.192.0/24 190.242.255.0/24 IPv6: 2803:f950::/32 Signature Algorithm: sha256WithRSAEncryption a8:68:75:39:30:8c:d1:56:db:47:87:39:42:1e:62:ab:28:10: be:0b:76:c8:d2:d7:d1:8e:c4:0a:74:02:0a:dc:1b:b8:88:5e: f1:10:d0:b7:af:ef:32:8e:12:57:70:f8:24:5c:ee:ef:2b:0d: d2:29:46:c8:be:9f:4e:e5:d3:3e:be:8b:d0:ca:2b:14:2a:c6: d5:0b:eb:6f:3e:00:8d:23:c8:54:9b:1e:e9:99:14:aa:a9:97: f5:68:53:1c:9a:19:f0:28:5e:0e:ea:04:ca:42:63:59:14:b9: 5b:b4:b2:b5:67:e7:32:32:62:3d:ed:9d:a1:2a:63:53:fb:bc: a0:35:78:49:16:c9:47:42:00:99:04:be:c7:b4:80:18:0b:0a: de:cc:cb:12:75:70:ff:90:5d:2a:44:ce:55:89:c3:78:49:96: b4:d5:bb:a1:e2:b5:6c:b8:dd:12:66:fd:eb:e9:6e:30:a8:56: 4f:93:ff:80:2c:0f:5c:1b:e4:7e:4d:95:8f:b7:7d:a0:d1:76: 32:36:5a:45:6a:fb:c8:05:52:38:e4:0b:72:c7:6b:1a:ab:e7: 95:ac:14:bb:0a:bd:ff:1a:70:87:dd:0e:3b:31:24:e2:50:fc: 1a:a5:51:c1:30:82:9a:2c:5a:5f:00:68:ea:88:30:19:9f:6c: 14:d1:69:b6 -----BEGIN CERTIFICATE----- MIIGUDCCBTigAwIBAgIUNC31B6Kt1F6HwM7/SqiPXen83UIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzZBREQzMUYwNkEwQjc0NUNGREE2QjkzODM1RTE5OERE QjBEQjc4NDAeFw0yNTEwMDIyMDQ0MjFaFw0yNjEwMDEyMDQ5MjFaMDMxMTAvBgNV BAMTKDc0NEFFREIzOUI3MjcwODRBQzI1NjAwMzcyRUEzNUU0REY2NDZDRDEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDX/DvI4jBGa2dbyjBmBGYMkGMV DBzaWFMcnKNX7lxrJPnmny30CNaov8vPf/P4xizhjPsn3u7QaFOMKoXvDz8Mto9J vdpGCgV4xx7ZTJ9FOxYW2Ol8Y1vhqMQhWbTqufgHmCkJw+2iWfdYyq0Jw3gWxhWR 6cy8L85+AwTpSnk8BTGso9bg4If/GShbl3P1mVloMNhddfuDngtROm+JWdj7BRqI 3PJtTalq33RoQa0Po0mf7tp19so0WAyrsoqTMbqNiALz4L4c8Dwh/zbmnmDLCQR1 +VYbbwo41zJpRQWw3KBEVKPrT9Na1502GJ/6ZFttZGvgClt+20lzUxRUUK+XAgMB AAGjggNaMIIDVjAdBgNVHQ4EFgQUdErts5tycISsJWADcuo15N9kbNEwHwYDVR0j BBgwFoAUdq3THwagt0XP2muTg14ZjdsNt4QwDgYDVR0PAQH/BAQDAgeAMIGwBgNV HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l dC9ycGtpL2xhY25pYy82MUU2MzZGOTBFNzIzQ0ExNTlGOERGNTFCMjgzQTJBMDVD NUE0MDNEOEU0QTQ2NjFCOUQ4NkQ4OTJEQjYyRDAyLzAvNzZBREQzMUYwNkEwQjc0 NUNGREE2QjkzODM1RTE5OEREQjBEQjc4NC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2 RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC83NkFERDMxRjA2QTBCNzQ1Q0ZE QTZCOTM4MzVFMTk4RERCMERCNzg0LmNlcjCBlwYIKwYBBQUHAQsEgYowgYcwgYQG CCsGAQUFBzALhnhyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh Y25pYy82MUU2MzZGOTBFNzIzQ0ExNTlGOERGNTFCMjgzQTJBMDVDNUE0MDNEOEU0 QTQ2NjFCOUQ4NkQ4OTJEQjYyRDAyLzAvQVMyMzUyMC5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjCB4AYIKwYBBQUHAQcBAf8EgdAwgc0wgbsEAgABMIG0AwQA vvIKAwQAvvIMAwQAvvIOAwQAvvIUAwQAvvIfMAwDBAK+8iQDBAG+8igwDAMEAb7y LgMEAb7yMAMEAb7yOAMEAL7yZgMEAL7yaQMEAb7ydgMEAL7yfjAMAwQCvvKEAwQB vvKIMAwDBAK+8owDBAC+8o4DBAC+8pEDBAC+8pMwDAMEAL7ymwMEAb7ynAMEAL7y owMEAb7ypjAMAwQAvvKpAwQDvvKwAwQAvvLAAwQAvvL/MA0EAgACMAcDBQAoA/lQ MA0GCSqGSIb3DQEBCwUAA4IBAQCoaHU5MIzRVttHhzlCHmKrKBC+C3bI0tfRjsQK dAIK3Bu4iF7xENC3r+8yjhJXcPgkXO7vKw3SKUbIvp9O5dM+vovQyisUKsbVC+tv PgCNI8hUmx7pmRSqqZf1aFMcmhnwKF4O6gTKQmNZFLlbtLK1Z+cyMmI97Z2hKmNT +7ygNXhJFslHQgCZBL7HtIAYCwrezMsSdXD/kF0qRM5VicN4SZa01buh4rVsuN0S Zv3r6W4wqFZPk/+ALA9cG+R+TZWPt32g0XYyNlpFavvIBVI45Atyx2saq+eVrBS7 Cr3/GnCH3Q47MSTiUPwapVHBMIKaLFpfAGjqiDAZn2wU0Wm2 -----END CERTIFICATE-----Generated at Mon Oct 20 14:05:44 2025 by rpki-client