$ rpki-client -vvf rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/3/AS28287.roa File: AS28287.roa (raw, json) Hash identifier: /yGHGA6+3KLnp9Lwguhm8x0yEjquV9a2Va7vtyJkpHM= Subject key identifier: D6:01:65:7E:D4:37:A0:A2:06:BC:D3:5B:A9:4B:AD:78:FA:66:3A:4B Certificate issuer: /CN=D4206C10F587084E3266C97EDA0F65643299E1B8 Certificate serial: 748B0E3B4C442643C36B72D438ADD0C3AEDA2820 Authority key identifier: D4:20:6C:10:F5:87:08:4E:32:66:C9:7E:DA:0F:65:64:32:99:E1:B8 Authority info access: rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D4206C10F587084E3266C97EDA0F65643299E1B8.cer Subject info access: rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/3/AS28287.roa Signing time: Wed 02 Jul 2025 11:40:23 +0000 ROA not before: Wed 02 Jul 2025 11:35:23 +0000 ROA not after: Wed 01 Jul 2026 11:40:23 +0000 asID: 28287 IP address blocks: 138.118.120.0/22 maxlen: 24 167.249.176.0/22 maxlen: 24 168.194.60.0/22 maxlen: 24 177.130.96.0/20 maxlen: 24 179.127.64.0/21 maxlen: 24 189.124.80.0/20 maxlen: 24 201.49.192.0/20 maxlen: 24 2804:1080::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/3/D4206C10F587084E3266C97EDA0F65643299E1B8.crl rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/3/D4206C10F587084E3266C97EDA0F65643299E1B8.mft rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D4206C10F587084E3266C97EDA0F65643299E1B8.cer rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer Signature path expires: Fri 04 Jul 2025 00:48:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:8b:0e:3b:4c:44:26:43:c3:6b:72:d4:38:ad:d0:c3:ae:da:28:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D4206C10F587084E3266C97EDA0F65643299E1B8 Validity Not Before: Jul 2 11:35:23 2025 GMT Not After : Jul 1 11:40:23 2026 GMT Subject: CN=D601657ED437A0A206BCD35BA94BAD78FA663A4B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:75:35:12:77:35:c8:60:e8:c6:67:3e:64:ce: 15:60:b7:75:5d:8c:65:8a:32:4c:60:7f:37:c6:cf: 59:d3:98:ef:68:bb:35:8c:f1:12:84:85:96:e7:c9: 03:32:fe:05:6f:55:a9:cc:a5:aa:f4:81:91:89:35: c6:61:ce:78:0f:6d:77:00:99:ba:cf:29:fc:8a:e0: fe:1c:c5:6a:7a:95:3f:07:02:7d:1d:02:b9:38:f5: 1b:0d:21:04:45:8b:d1:d2:38:a0:c3:73:6b:77:26: d1:4a:ee:11:3c:4d:b4:85:65:11:13:aa:c5:31:ea: c3:04:04:f1:6a:70:79:7f:c2:f5:94:41:27:bf:0c: 66:a6:e6:d6:86:07:90:92:2c:d7:d8:6b:d8:84:ca: be:51:b8:0f:83:61:82:1b:98:4f:62:76:f0:42:59: dd:b2:44:a1:f1:a0:18:05:10:cc:30:a1:c8:16:0e: 7c:e2:b4:d2:f7:68:c2:0e:b8:36:cc:2d:d9:07:c9: bb:e9:98:d4:98:42:99:3f:4d:1a:4e:b2:23:af:c4: 6f:86:45:b9:3c:19:7a:65:29:ca:bf:5e:8a:11:26: 87:18:75:b5:70:06:08:19:79:28:9d:fa:af:12:e4: 2a:6d:eb:9e:b4:0f:17:e9:ca:89:4a:90:df:f0:9d: 6a:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:01:65:7E:D4:37:A0:A2:06:BC:D3:5B:A9:4B:AD:78:FA:66:3A:4B X509v3 Authority Key Identifier: keyid:D4:20:6C:10:F5:87:08:4E:32:66:C9:7E:DA:0F:65:64:32:99:E1:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/3/D4206C10F587084E3266C97EDA0F65643299E1B8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D4206C10F587084E3266C97EDA0F65643299E1B8.cer Subject Information Access: Signed Object - URI:rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/3/AS28287.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.118.120.0/22 167.249.176.0/22 168.194.60.0/22 177.130.96.0/20 179.127.64.0/21 189.124.80.0/20 201.49.192.0/20 IPv6: 2804:1080::/32 Signature Algorithm: sha256WithRSAEncryption c9:ff:1a:3c:c8:cd:76:76:3e:e5:af:a4:63:f7:65:ea:f7:a7: cd:7d:7a:ee:e3:a5:ac:01:ce:99:f0:a1:b9:2b:aa:38:cb:d2: c7:e6:7e:06:23:c8:66:75:6c:e2:a0:73:3c:68:1d:d4:67:11: 99:34:89:f4:4e:44:46:8a:e6:fa:95:9e:02:a2:97:58:c5:b9: 25:d5:02:ab:f6:44:42:4f:f1:b7:92:c4:56:45:3b:83:ab:23: 4b:af:b6:80:d6:93:df:ac:bf:31:be:2e:99:28:1f:73:b3:ec: aa:4a:9d:09:41:97:b4:f1:d3:68:0b:77:c7:0c:08:e0:50:2b: 79:f4:62:b0:4a:33:6c:25:d7:23:c9:37:a9:8f:15:4b:0f:6d: c4:62:10:77:02:ac:b8:84:1e:22:4a:3b:bc:3c:ed:dd:a3:02: 8d:9b:47:0e:67:db:ab:c5:be:62:5c:83:12:5b:77:9e:04:bb: 39:13:61:03:f9:b7:cf:e4:5d:c6:69:c8:94:e1:76:31:70:27: ef:59:2d:46:40:d9:9f:47:ef:3d:6a:2e:5e:f9:8d:53:a2:c3: 19:90:7c:e3:04:d9:1e:c0:dc:d1:bd:77:23:7c:c0:57:6d:3b: 03:02:a9:e5:b7:9d:a2:dc:c6:92:d7:67:1a:f2:c8:6d:81:16: d9:b4:09:0a -----BEGIN CERTIFICATE----- MIIFRDCCBCygAwIBAgIUdIsOO0xEJkPDa3LUOK3Qw67aKCAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDQyMDZDMTBGNTg3MDg0RTMyNjZDOTdFREEwRjY1NjQz Mjk5RTFCODAeFw0yNTA3MDIxMTM1MjNaFw0yNjA3MDExMTQwMjNaMDMxMTAvBgNV BAMTKEQ2MDE2NTdFRDQzN0EwQTIwNkJDRDM1QkE5NEJBRDc4RkE2NjNBNEIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgdTUSdzXIYOjGZz5kzhVgt3Vd jGWKMkxgfzfGz1nTmO9ouzWM8RKEhZbnyQMy/gVvVanMpar0gZGJNcZhzngPbXcA mbrPKfyK4P4cxWp6lT8HAn0dArk49RsNIQRFi9HSOKDDc2t3JtFK7hE8TbSFZRET qsUx6sMEBPFqcHl/wvWUQSe/DGam5taGB5CSLNfYa9iEyr5RuA+DYYIbmE9idvBC Wd2yRKHxoBgFEMwwocgWDnzitNL3aMIOuDbMLdkHybvpmNSYQpk/TRpOsiOvxG+G Rbk8GXplKcq/XooRJocYdbVwBggZeSid+q8S5Cpt6560DxfpyolKkN/wnWrHAgMB AAGjggJOMIICSjAdBgNVHQ4EFgQU1gFlftQ3oKIGvNNbqUutePpmOkswHwYDVR0j BBgwFoAU1CBsEPWHCE4yZsl+2g9lZDKZ4bgwDgYDVR0PAQH/BAQDAgeAMIGUBgNV HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy L3JlcG8vM0twSjV1UDZxTGsyaUhXOWdXZXBURHhheDZqVnZ0dVFZaEZ1ZHc5cjhU Y3kvMy9ENDIwNkMxMEY1ODcwODRFMzI2NkM5N0VEQTBGNjU2NDMyOTlFMUI4LmNy bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0Q0MjA2QzEwRjU4NzA4NEUz MjY2Qzk3RURBMEY2NTY0MzI5OUUxQjguY2VyMHkGCCsGAQUFBwELBG0wazBpBggr BgEFBQcwC4ZdcnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby8zS3BK NXVQNnFMazJpSFc5Z1dlcFREeGF4NmpWdnR1UVloRnVkdzlyOFRjeS8zL0FTMjgy ODcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwUgYIKwYBBQUHAQcBAf8E QzBBMDAEAgABMCoDBAKKdngDBAKn+bADBAKowjwDBASxgmADBAOzf0ADBAS9fFAD BATJMcAwDQQCAAIwBwMFACgEEIAwDQYJKoZIhvcNAQELBQADggEBAMn/GjzIzXZ2 PuWvpGP3Zer3p819eu7jpawBzpnwobkrqjjL0sfmfgYjyGZ1bOKgczxoHdRnEZk0 ifROREaK5vqVngKil1jFuSXVAqv2REJP8beSxFZFO4OrI0uvtoDWk9+svzG+Lpko H3Oz7KpKnQlBl7Tx02gLd8cMCOBQK3n0YrBKM2wl1yPJN6mPFUsPbcRiEHcCrLiE HiJKO7w87d2jAo2bRw5n26vFvmJcgxJbd54EuzkTYQP5t8/kXcZpyJThdjFwJ+9Z LUZA2Z9H7z1qLl75jVOiwxmQfOME2R7A3NG9dyN8wFdtOwMCqeW3naLcxpLXZxry yG2BFtm0CQo= -----END CERTIFICATE-----Generated at Thu Jul 3 08:05:22 2025 by rpki-client