$ rpki-client -vvf rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/3/AS28669.roa File: AS28669.roa (raw, json) Hash identifier: yjQbVis3mUgAYaW/nh0TMR9HgQnfOA9wUuY5yGLnak0= Subject key identifier: 1D:78:55:3C:D5:00:66:EA:B0:AE:B3:FB:2C:EB:B8:EE:0C:F7:5B:FF Certificate issuer: /CN=D4206C10F587084E3266C97EDA0F65643299E1B8 Certificate serial: 3B33BB5018DC65A7F836021121E50C1E4268703B Authority key identifier: D4:20:6C:10:F5:87:08:4E:32:66:C9:7E:DA:0F:65:64:32:99:E1:B8 Authority info access: rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D4206C10F587084E3266C97EDA0F65643299E1B8.cer Subject info access: rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/3/AS28669.roa Signing time: Wed 02 Jul 2025 11:42:46 +0000 ROA not before: Wed 02 Jul 2025 11:37:46 +0000 ROA not after: Wed 01 Jul 2026 11:42:46 +0000 asID: 28669 IP address blocks: 45.234.40.0/22 maxlen: 24 168.227.12.0/22 maxlen: 24 170.238.116.0/22 maxlen: 24 177.36.160.0/20 maxlen: 24 177.107.80.0/20 maxlen: 24 177.137.64.0/20 maxlen: 24 179.189.224.0/20 maxlen: 24 186.195.144.0/20 maxlen: 24 186.225.96.0/20 maxlen: 24 186.225.112.0/20 maxlen: 24 187.108.32.0/20 maxlen: 24 187.111.160.0/20 maxlen: 24 189.8.80.0/20 maxlen: 24 189.28.144.0/20 maxlen: 24 191.241.224.0/19 maxlen: 24 201.46.16.0/20 maxlen: 24 2804:290::/32 maxlen: 48 2804:7cc::/32 maxlen: 48 2804:4bec::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/3/D4206C10F587084E3266C97EDA0F65643299E1B8.crl rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/3/D4206C10F587084E3266C97EDA0F65643299E1B8.mft rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D4206C10F587084E3266C97EDA0F65643299E1B8.cer rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer Signature path expires: Fri 04 Jul 2025 00:48:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:33:bb:50:18:dc:65:a7:f8:36:02:11:21:e5:0c:1e:42:68:70:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D4206C10F587084E3266C97EDA0F65643299E1B8 Validity Not Before: Jul 2 11:37:46 2025 GMT Not After : Jul 1 11:42:46 2026 GMT Subject: CN=1D78553CD50066EAB0AEB3FB2CEBB8EE0CF75BFF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:78:2f:84:67:39:03:b4:cb:ae:81:1a:9c:6e: e0:12:3e:4a:4c:f4:aa:97:1a:9a:f4:e4:5a:e1:55: 0c:e3:f0:d3:1f:13:6e:b3:61:1b:84:cc:5f:fa:67: d5:dd:d5:23:57:ef:d0:1c:46:b6:7b:2f:10:6c:29: 5f:2b:22:2a:34:f8:6c:44:11:91:d1:e9:c9:d4:1c: 33:5c:09:21:50:25:b5:34:d2:85:6c:d7:39:7d:4b: 6e:9a:d4:56:7f:f1:31:36:ab:a3:de:f4:a6:f9:fe: 69:7f:61:e4:50:3d:e6:e6:7d:67:bc:62:04:f7:81: c9:c6:13:2b:54:b7:be:63:ba:af:d4:34:90:61:16: 25:84:58:1c:4f:9e:85:30:53:78:ed:f4:ab:81:2e: 18:ee:a4:86:15:8a:51:60:00:89:00:c0:9b:44:15: ae:53:a4:3e:19:d5:69:3c:20:e0:65:eb:73:36:6b: c1:e1:4a:a0:62:c5:9e:e6:f1:e7:48:54:8f:97:f8: 95:dc:d0:a9:fb:b0:92:88:81:72:7b:06:6b:e0:c9: 2b:37:c3:f1:47:bc:03:8a:bb:32:b7:c7:d3:e7:90: 06:52:23:0e:c0:ca:ac:9e:8f:d2:49:e1:dc:9d:92: 7f:58:84:b4:46:29:a7:28:39:75:e1:5e:ac:19:74: c0:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:78:55:3C:D5:00:66:EA:B0:AE:B3:FB:2C:EB:B8:EE:0C:F7:5B:FF X509v3 Authority Key Identifier: keyid:D4:20:6C:10:F5:87:08:4E:32:66:C9:7E:DA:0F:65:64:32:99:E1:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/3/D4206C10F587084E3266C97EDA0F65643299E1B8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D4206C10F587084E3266C97EDA0F65643299E1B8.cer Subject Information Access: Signed Object - URI:rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/3/AS28669.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.234.40.0/22 168.227.12.0/22 170.238.116.0/22 177.36.160.0/20 177.107.80.0/20 177.137.64.0/20 179.189.224.0/20 186.195.144.0/20 186.225.96.0/19 187.108.32.0/20 187.111.160.0/20 189.8.80.0/20 189.28.144.0/20 191.241.224.0/19 201.46.16.0/20 IPv6: 2804:290::/32 2804:7cc::/32 2804:4bec::/32 Signature Algorithm: sha256WithRSAEncryption 60:81:65:b6:ea:04:c8:df:1e:ad:ad:94:83:5a:0f:e7:d8:fd: 44:c2:ef:66:da:ed:82:f2:5c:fe:f0:f6:fa:1c:e2:56:10:85: af:59:d8:a6:43:ac:80:19:d0:a0:48:56:72:db:e9:44:57:93: 77:69:89:43:f6:15:ba:fb:08:2d:15:f0:ac:52:9a:bd:58:44: 5b:3f:ed:a7:a9:a0:89:ca:58:e4:fe:bf:93:dc:7c:df:d2:34: 0e:6a:2f:36:fd:13:38:b9:8c:0d:db:1e:01:31:c9:7c:46:42: d7:90:1f:c2:e0:34:21:fd:44:b7:cf:ee:d7:14:8d:76:d4:3a: 56:e6:21:55:6b:54:e6:b7:ce:33:8f:45:50:6c:7c:e9:e3:6b: d1:fd:b7:01:6d:bb:03:38:dc:ee:24:86:ff:53:a9:f2:95:ac: 4f:c7:f4:d1:c3:f9:1f:11:c1:ba:dd:be:2b:e3:25:f8:7d:3e: 8f:99:e6:36:7e:38:99:b5:02:68:cf:bc:05:92:ad:fd:a6:b2: b3:9e:0f:69:91:fc:b2:94:5a:b5:d9:1b:07:e6:0a:c4:be:0b: 08:bb:cf:84:45:34:ec:bd:ff:71:6b:fd:33:88:56:17:c9:85: 0d:46:de:2a:f7:e5:75:0a:ac:ca:6e:3c:1e:57:38:09:55:1c: e4:87:08:9b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgIUOzO7UBjcZaf4NgIRIeUMHkJocDswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDQyMDZDMTBGNTg3MDg0RTMyNjZDOTdFREEwRjY1NjQz Mjk5RTFCODAeFw0yNTA3MDIxMTM3NDZaFw0yNjA3MDExMTQyNDZaMDMxMTAvBgNV BAMTKDFENzg1NTNDRDUwMDY2RUFCMEFFQjNGQjJDRUJCOEVFMENGNzVCRkYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqeC+EZzkDtMuugRqcbuASPkpM 9KqXGpr05FrhVQzj8NMfE26zYRuEzF/6Z9Xd1SNX79AcRrZ7LxBsKV8rIio0+GxE EZHR6cnUHDNcCSFQJbU00oVs1zl9S26a1FZ/8TE2q6Pe9Kb5/ml/YeRQPebmfWe8 YgT3gcnGEytUt75juq/UNJBhFiWEWBxPnoUwU3jt9KuBLhjupIYVilFgAIkAwJtE Fa5TpD4Z1Wk8IOBl63M2a8HhSqBixZ7m8edIVI+X+JXc0Kn7sJKIgXJ7BmvgySs3 w/FHvAOKuzK3x9PnkAZSIw7Ayqyej9JJ4dydkn9YhLRGKacoOXXhXqwZdMBVAgMB AAGjggKOMIICijAdBgNVHQ4EFgQUHXhVPNUAZuqwrrP7LOu47gz3W/8wHwYDVR0j BBgwFoAU1CBsEPWHCE4yZsl+2g9lZDKZ4bgwDgYDVR0PAQH/BAQDAgeAMIGUBgNV HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy L3JlcG8vM0twSjV1UDZxTGsyaUhXOWdXZXBURHhheDZqVnZ0dVFZaEZ1ZHc5cjhU Y3kvMy9ENDIwNkMxMEY1ODcwODRFMzI2NkM5N0VEQTBGNjU2NDMyOTlFMUI4LmNy bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0Q0MjA2QzEwRjU4NzA4NEUz MjY2Qzk3RURBMEY2NTY0MzI5OUUxQjguY2VyMHkGCCsGAQUFBwELBG0wazBpBggr BgEFBQcwC4ZdcnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby8zS3BK NXVQNnFMazJpSFc5Z1dlcFREeGF4NmpWdnR1UVloRnVkdzlyOFRjeS8zL0FTMjg2 Njkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwgZEGCCsGAQUFBwEHAQH/ BIGBMH8wYAQCAAEwWgMEAi3qKAMEAqjjDAMEAqrudAMEBLEkoAMEBLFrUAMEBLGJ QAMEBLO94AMEBLrDkAMEBbrhYAMEBLtsIAMEBLtvoAMEBL0IUAMEBL0ckAMEBb/x 4AMEBMkuEDAbBAIAAjAVAwUAKAQCkAMFACgEB8wDBQAoBEvsMA0GCSqGSIb3DQEB CwUAA4IBAQBggWW26gTI3x6trZSDWg/n2P1Ewu9m2u2C8lz+8Pb6HOJWEIWvWdim Q6yAGdCgSFZy2+lEV5N3aYlD9hW6+wgtFfCsUpq9WERbP+2nqaCJyljk/r+T3Hzf 0jQOai82/RM4uYwN2x4BMcl8RkLXkB/C4DQh/US3z+7XFI121DpW5iFVa1Tmt84z j0VQbHzp42vR/bcBbbsDONzuJIb/U6nylaxPx/TRw/kfEcG63b4r4yX4fT6PmeY2 fjiZtQJoz7wFkq39prKzng9pkfyylFq12RsH5grEvgsIu8+ERTTsvf9xa/0ziFYX yYUNRt4q9+V1CqzKbjweVzgJVRzkhwib -----END CERTIFICATE-----Generated at Thu Jul 3 08:06:58 2025 by rpki-client