$ rpki-client -vvf rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/3/AS28667.roa File: AS28667.roa (raw, json) Hash identifier: Oa/+Pvbw6sj4lJpFSef2aHI1TARONjVVLUdwJRWZNXk= Subject key identifier: B9:AB:61:68:81:EB:07:0C:87:0E:4C:11:CB:FC:E0:7B:BA:C4:E6:33 Certificate issuer: /CN=D4206C10F587084E3266C97EDA0F65643299E1B8 Certificate serial: 2791D5F2F86737E33238A57E52970D73586319CF Authority key identifier: D4:20:6C:10:F5:87:08:4E:32:66:C9:7E:DA:0F:65:64:32:99:E1:B8 Authority info access: rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D4206C10F587084E3266C97EDA0F65643299E1B8.cer Subject info access: rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/3/AS28667.roa Signing time: Wed 02 Jul 2025 11:42:55 +0000 ROA not before: Wed 02 Jul 2025 11:37:55 +0000 ROA not after: Wed 01 Jul 2026 11:42:55 +0000 asID: 28667 IP address blocks: 132.255.64.0/22 maxlen: 24 143.202.68.0/22 maxlen: 24 168.196.108.0/22 maxlen: 24 170.82.56.0/22 maxlen: 24 177.8.208.0/21 maxlen: 24 177.21.192.0/20 maxlen: 24 177.71.0.0/20 maxlen: 24 177.107.0.0/20 maxlen: 24 177.184.240.0/21 maxlen: 24 186.193.192.0/20 maxlen: 24 186.236.96.0/19 maxlen: 24 186.250.208.0/21 maxlen: 24 187.19.80.0/20 maxlen: 24 187.110.240.0/20 maxlen: 24 187.121.192.0/19 maxlen: 24 189.1.176.0/20 maxlen: 24 189.76.128.0/20 maxlen: 24 191.242.128.0/19 maxlen: 24 2804:4::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/3/D4206C10F587084E3266C97EDA0F65643299E1B8.crl rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/3/D4206C10F587084E3266C97EDA0F65643299E1B8.mft rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D4206C10F587084E3266C97EDA0F65643299E1B8.cer rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer Signature path expires: Fri 04 Jul 2025 06:52:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:91:d5:f2:f8:67:37:e3:32:38:a5:7e:52:97:0d:73:58:63:19:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D4206C10F587084E3266C97EDA0F65643299E1B8 Validity Not Before: Jul 2 11:37:55 2025 GMT Not After : Jul 1 11:42:55 2026 GMT Subject: CN=B9AB616881EB070C870E4C11CBFCE07BBAC4E633 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:36:d4:b9:16:d2:53:b5:d1:35:8b:3c:ef:92: 11:bf:14:17:7a:d5:4d:8c:b8:a1:ed:30:1a:0c:37: db:8c:1c:76:0f:9e:8b:28:a0:e2:42:86:42:71:a2: b9:8d:0a:99:c6:32:7e:db:0f:5f:39:ad:d6:1c:c8: f5:41:e2:73:0e:e5:1a:b8:d6:a7:e6:01:f4:23:ea: d1:4c:b9:57:5e:b6:e0:9e:67:fb:23:e0:a3:0a:a8: ad:e1:e2:1a:1c:16:23:24:b2:68:a6:00:22:80:82: f2:84:14:bf:4c:e8:76:5c:7c:14:30:3f:45:c2:ac: f8:0b:5b:dc:c1:b7:a3:02:b7:06:e3:3b:33:77:8a: 49:05:27:01:c2:bd:93:61:67:41:d9:55:4f:f5:f8: 7d:21:0f:19:21:bc:b0:e3:52:a0:98:ae:a0:20:3d: 78:e2:bd:6d:67:95:fd:b6:0d:cd:26:5a:3b:77:25: be:88:c9:34:1f:3a:e3:de:8a:71:dc:33:5c:25:81: 74:23:22:65:72:9a:ef:86:da:6d:d0:7e:79:02:88: 47:8c:d8:ca:9e:1f:53:a7:4c:e6:21:6e:fb:e8:88: f2:8a:91:a7:73:b2:d6:e5:e5:a2:2f:03:5f:1e:c0: ed:be:d7:6a:36:00:28:a4:10:a6:90:72:24:a3:eb: 2a:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:AB:61:68:81:EB:07:0C:87:0E:4C:11:CB:FC:E0:7B:BA:C4:E6:33 X509v3 Authority Key Identifier: keyid:D4:20:6C:10:F5:87:08:4E:32:66:C9:7E:DA:0F:65:64:32:99:E1:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/3/D4206C10F587084E3266C97EDA0F65643299E1B8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D4206C10F587084E3266C97EDA0F65643299E1B8.cer Subject Information Access: Signed Object - URI:rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/3/AS28667.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 132.255.64.0/22 143.202.68.0/22 168.196.108.0/22 170.82.56.0/22 177.8.208.0/21 177.21.192.0/20 177.71.0.0/20 177.107.0.0/20 177.184.240.0/21 186.193.192.0/20 186.236.96.0/19 186.250.208.0/21 187.19.80.0/20 187.110.240.0/20 187.121.192.0/19 189.1.176.0/20 189.76.128.0/20 191.242.128.0/19 IPv6: 2804:4::/32 Signature Algorithm: sha256WithRSAEncryption 13:76:57:09:c0:a0:bf:c6:6e:81:ab:83:e6:ca:ce:16:4e:d1: b2:62:9b:c2:fd:f1:17:8c:a6:85:cf:07:ce:94:1d:e9:8a:f9: 9f:26:2b:1c:15:1b:7d:4e:ab:50:9b:b6:38:4b:85:73:4a:77: 14:c7:0a:61:37:c6:8c:3c:78:0a:88:06:cd:2c:e6:d5:5b:87: 8f:44:3d:64:57:79:26:2c:df:bf:75:57:b7:fb:e4:60:b8:a6: f6:d4:c0:98:b9:a2:5c:0c:f5:05:1c:ab:7f:8e:cd:f2:f6:b9: 6e:04:78:4e:67:cb:65:e0:67:cf:92:68:e0:bf:7b:c1:1f:2b: 70:8e:04:16:72:50:1c:66:2e:0b:02:1f:c1:02:82:42:f3:1d: d0:12:c9:73:b3:3b:19:3a:aa:2e:cd:11:13:d6:cc:85:ea:9b: f7:0d:32:14:0e:c5:b6:88:70:c1:f2:89:7c:0c:45:41:2e:b1: 30:d3:bc:b8:8b:9a:e1:76:81:24:2c:d4:31:6d:b8:01:6e:bf: 5c:f9:37:31:2c:f2:96:b2:92:02:c5:7a:21:0d:a3:35:c0:e8: 87:6a:6a:cb:9e:29:d2:15:de:bf:d7:57:27:30:03:57:70:e8: a0:72:b3:ae:de:63:f2:7c:4b:43:55:30:dc:bc:17:c5:9c:86: 5d:55:fe:71 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgIUJ5HV8vhnN+MyOKV+UpcNc1hjGc8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDQyMDZDMTBGNTg3MDg0RTMyNjZDOTdFREEwRjY1NjQz Mjk5RTFCODAeFw0yNTA3MDIxMTM3NTVaFw0yNjA3MDExMTQyNTVaMDMxMTAvBgNV BAMTKEI5QUI2MTY4ODFFQjA3MEM4NzBFNEMxMUNCRkNFMDdCQkFDNEU2MzMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDNtS5FtJTtdE1izzvkhG/FBd6 1U2MuKHtMBoMN9uMHHYPnosooOJChkJxormNCpnGMn7bD185rdYcyPVB4nMO5Rq4 1qfmAfQj6tFMuVdetuCeZ/sj4KMKqK3h4hocFiMksmimACKAgvKEFL9M6HZcfBQw P0XCrPgLW9zBt6MCtwbjOzN3ikkFJwHCvZNhZ0HZVU/1+H0hDxkhvLDjUqCYrqAg PXjivW1nlf22Dc0mWjt3Jb6IyTQfOuPeinHcM1wlgXQjImVymu+G2m3QfnkCiEeM 2MqeH1OnTOYhbvvoiPKKkadzstbl5aIvA18ewO2+12o2ACikEKaQciSj6yoDAgMB AAGjggKTMIICjzAdBgNVHQ4EFgQUuathaIHrBwyHDkwRy/zge7rE5jMwHwYDVR0j BBgwFoAU1CBsEPWHCE4yZsl+2g9lZDKZ4bgwDgYDVR0PAQH/BAQDAgeAMIGUBgNV HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy L3JlcG8vM0twSjV1UDZxTGsyaUhXOWdXZXBURHhheDZqVnZ0dVFZaEZ1ZHc5cjhU Y3kvMy9ENDIwNkMxMEY1ODcwODRFMzI2NkM5N0VEQTBGNjU2NDMyOTlFMUI4LmNy bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0Q0MjA2QzEwRjU4NzA4NEUz MjY2Qzk3RURBMEY2NTY0MzI5OUUxQjguY2VyMHkGCCsGAQUFBwELBG0wazBpBggr BgEFBQcwC4ZdcnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby8zS3BK NXVQNnFMazJpSFc5Z1dlcFREeGF4NmpWdnR1UVloRnVkdzlyOFRjeS8zL0FTMjg2 Njcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwgZYGCCsGAQUFBwEHAQH/ BIGGMIGDMHIEAgABMGwDBAKE/0ADBAKPykQDBAKoxGwDBAKqUjgDBAOxCNADBASx FcADBASxRwADBASxawADBAOxuPADBAS6wcADBAW67GADBAO6+tADBAS7E1ADBAS7 bvADBAW7ecADBAS9AbADBAS9TIADBAW/8oAwDQQCAAIwBwMFACgEAAQwDQYJKoZI hvcNAQELBQADggEBABN2VwnAoL/GboGrg+bKzhZO0bJim8L98ReMpoXPB86UHemK +Z8mKxwVG31Oq1CbtjhLhXNKdxTHCmE3xow8eAqIBs0s5tVbh49EPWRXeSYs3791 V7f75GC4pvbUwJi5olwM9QUcq3+OzfL2uW4EeE5ny2XgZ8+SaOC/e8EfK3COBBZy UBxmLgsCH8ECgkLzHdASyXOzOxk6qi7NERPWzIXqm/cNMhQOxbaIcMHyiXwMRUEu sTDTvLiLmuF2gSQs1DFtuAFuv1z5NzEs8paykgLFeiENozXA6IdqasueKdIV3r/X VycwA1dw6KBys67eY/J8S0NVMNy8F8Wchl1V/nE= -----END CERTIFICATE-----Generated at Thu Jul 3 08:14:22 2025 by rpki-client