$ rpki-client -vvf rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/4/AS28258.roa File: AS28258.roa (raw, json) Hash identifier: qujMO6gon9Yz94XwfLUVMSNh9Gua/hMTW6SoIp8iUs0= Subject key identifier: 41:CE:EA:68:13:07:7D:68:1F:DD:61:86:B8:6E:9E:46:70:8A:F2:62 Certificate issuer: /CN=15A0CACB6F5D6B45006136392255670B81DB66F8 Certificate serial: 1CF189C381E60A66A258FD11CAF9F1880CE9624A Authority key identifier: 15:A0:CA:CB:6F:5D:6B:45:00:61:36:39:22:55:67:0B:81:DB:66:F8 Authority info access: rsync://rpki-repo.registro.br/repo/nicbr_repo/1/15A0CACB6F5D6B45006136392255670B81DB66F8.cer Subject info access: rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/4/AS28258.roa Signing time: Mon 29 Sep 2025 11:46:52 +0000 ROA not before: Mon 29 Sep 2025 11:41:52 +0000 ROA not after: Mon 28 Sep 2026 11:46:52 +0000 asID: 28258 IP address blocks: 138.117.72.0/22 maxlen: 24 143.255.252.0/23 maxlen: 23 168.227.196.0/22 maxlen: 24 170.246.208.0/22 maxlen: 24 177.104.64.0/19 maxlen: 24 177.126.224.0/20 maxlen: 24 186.235.96.0/20 maxlen: 24 187.16.176.0/20 maxlen: 24 187.73.72.0/23 maxlen: 23 187.85.80.0/20 maxlen: 24 190.108.96.0/19 maxlen: 24 2804:2484::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/4/15A0CACB6F5D6B45006136392255670B81DB66F8.crl rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/4/15A0CACB6F5D6B45006136392255670B81DB66F8.mft rsync://rpki-repo.registro.br/repo/nicbr_repo/1/15A0CACB6F5D6B45006136392255670B81DB66F8.cer rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer Signature path expires: Tue 21 Oct 2025 04:29:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:f1:89:c3:81:e6:0a:66:a2:58:fd:11:ca:f9:f1:88:0c:e9:62:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=15A0CACB6F5D6B45006136392255670B81DB66F8 Validity Not Before: Sep 29 11:41:52 2025 GMT Not After : Sep 28 11:46:52 2026 GMT Subject: CN=41CEEA6813077D681FDD6186B86E9E46708AF262 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:cb:50:ac:37:c7:07:9e:66:83:40:95:00:83: 8e:1e:6c:01:77:bb:70:1d:23:7d:4d:d9:ec:53:a7: fa:9d:0e:8b:8a:68:4d:55:70:39:0d:c8:bd:55:36: b0:6d:88:9f:77:0e:b3:bb:9d:7c:99:60:fd:20:a2: 7e:c7:d5:1e:1e:2d:6b:88:f6:c8:3d:bd:71:77:10: d1:6f:3f:f5:42:db:18:c6:b9:f9:f6:4c:ff:0b:59: e3:23:38:52:f1:3c:eb:53:55:c6:d3:7d:81:7d:79: 3c:c8:f6:40:10:db:72:4f:a2:ec:a9:24:ea:d0:08: ec:9d:60:9e:81:32:a0:ec:f1:27:bb:87:cd:7f:f0: 75:99:d6:fe:7a:a0:1f:69:5c:b6:1c:cb:3a:a9:e4: 45:1a:f0:4e:8c:83:8b:d2:ad:38:3d:b3:36:aa:d4: 52:97:80:94:56:01:07:35:b2:a9:0d:36:b5:27:6e: f6:44:16:f1:1f:3e:1e:e6:08:26:36:ce:e4:0a:c0: 4f:30:26:ba:f3:53:92:9c:47:c7:03:d0:29:e1:69: 51:45:90:e2:e5:c9:dc:ed:3c:bd:69:c0:60:5e:c1: 3a:fa:37:12:16:a0:c0:2c:9b:2d:51:51:59:5b:17: f8:f6:e1:9e:ed:0f:65:2f:4d:33:32:60:00:ec:7b: 48:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:CE:EA:68:13:07:7D:68:1F:DD:61:86:B8:6E:9E:46:70:8A:F2:62 X509v3 Authority Key Identifier: keyid:15:A0:CA:CB:6F:5D:6B:45:00:61:36:39:22:55:67:0B:81:DB:66:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/4/15A0CACB6F5D6B45006136392255670B81DB66F8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/15A0CACB6F5D6B45006136392255670B81DB66F8.cer Subject Information Access: Signed Object - URI:rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/4/AS28258.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.117.72.0/22 143.255.252.0/23 168.227.196.0/22 170.246.208.0/22 177.104.64.0/19 177.126.224.0/20 186.235.96.0/20 187.16.176.0/20 187.73.72.0/23 187.85.80.0/20 190.108.96.0/19 IPv6: 2804:2484::/32 Signature Algorithm: sha256WithRSAEncryption 5c:8b:4c:39:6c:6b:19:47:fe:91:fd:93:22:b9:b0:cb:09:6e: c6:3c:55:f2:3c:6b:17:a0:6a:d8:48:af:76:79:f7:5e:c7:10: 7a:e6:a9:0d:db:56:b3:89:13:82:b3:89:f1:aa:81:0c:e9:66: b6:ac:6b:6a:3b:66:c7:4c:3e:c7:61:99:44:8f:a0:99:2e:5b: 7e:92:f6:8f:bd:49:1c:5d:16:f3:d8:fa:1a:bc:7c:29:9d:36: 86:35:1a:ab:e1:81:cb:7e:4c:0a:ed:d6:cf:4d:06:7a:e0:cb: f6:95:43:57:d8:6e:e9:c3:71:58:9d:fc:83:67:c2:af:30:52: e7:45:0a:27:b6:68:1b:0b:9c:b7:8b:5a:48:5a:9a:66:e6:90: 39:79:a3:40:65:84:bb:18:54:9f:d7:06:7d:7f:1f:cb:bd:ff: 58:f1:e8:66:e9:46:b4:08:95:c5:a9:28:a0:5a:ff:5f:74:17: fb:a5:5c:db:39:cf:d0:49:53:f9:36:62:68:7b:2c:bb:3a:24: 56:be:86:36:df:f7:21:7f:5b:aa:79:60:92:5b:0c:a3:91:58: 5f:99:a0:96:dc:5a:e7:75:81:7d:84:71:51:1a:56:88:d1:b9: a6:27:10:48:b1:00:a0:24:6f:d9:26:02:0b:f8:51:a9:08:83: 4a:92:00:ba -----BEGIN CERTIFICATE----- MIIFXDCCBESgAwIBAgIUHPGJw4HmCmaiWP0RyvnxiAzpYkowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMTVBMENBQ0I2RjVENkI0NTAwNjEzNjM5MjI1NTY3MEI4 MURCNjZGODAeFw0yNTA5MjkxMTQxNTJaFw0yNjA5MjgxMTQ2NTJaMDMxMTAvBgNV BAMTKDQxQ0VFQTY4MTMwNzdENjgxRkRENjE4NkI4NkU5RTQ2NzA4QUYyNjIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqy1CsN8cHnmaDQJUAg44ebAF3 u3AdI31N2exTp/qdDouKaE1VcDkNyL1VNrBtiJ93DrO7nXyZYP0gon7H1R4eLWuI 9sg9vXF3ENFvP/VC2xjGufn2TP8LWeMjOFLxPOtTVcbTfYF9eTzI9kAQ23JPouyp JOrQCOydYJ6BMqDs8Se7h81/8HWZ1v56oB9pXLYcyzqp5EUa8E6Mg4vSrTg9szaq 1FKXgJRWAQc1sqkNNrUnbvZEFvEfPh7mCCY2zuQKwE8wJrrzU5KcR8cD0CnhaVFF kOLlydztPL1pwGBewTr6NxIWoMAsmy1RUVlbF/j24Z7tD2UvTTMyYADse0jVAgMB AAGjggJmMIICYjAdBgNVHQ4EFgQUQc7qaBMHfWgf3WGGuG6eRnCK8mIwHwYDVR0j BBgwFoAUFaDKy29da0UAYTY5IlVnC4HbZvgwDgYDVR0PAQH/BAQDAgeAMIGUBgNV HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy L3JlcG8vM0twSjV1UDZxTGsyaUhXOWdXZXBURHhheDZqVnZ0dVFZaEZ1ZHc5cjhU Y3kvNC8xNUEwQ0FDQjZGNUQ2QjQ1MDA2MTM2MzkyMjU1NjcwQjgxREI2NkY4LmNy bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzE1QTBDQUNCNkY1RDZCNDUw MDYxMzYzOTIyNTU2NzBCODFEQjY2RjguY2VyMHkGCCsGAQUFBwELBG0wazBpBggr BgEFBQcwC4ZdcnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby8zS3BK NXVQNnFMazJpSFc5Z1dlcFREeGF4NmpWdnR1UVloRnVkdzlyOFRjeS80L0FTMjgy NTgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwagYIKwYBBQUHAQcBAf8E WzBZMEgEAgABMEIDBAKKdUgDBAGP//wDBAKo48QDBAKq9tADBAWxaEADBASxfuAD BAS662ADBAS7ELADBAG7SUgDBAS7VVADBAW+bGAwDQQCAAIwBwMFACgEJIQwDQYJ KoZIhvcNAQELBQADggEBAFyLTDlsaxlH/pH9kyK5sMsJbsY8VfI8axegathIr3Z5 917HEHrmqQ3bVrOJE4KzifGqgQzpZrasa2o7ZsdMPsdhmUSPoJkuW36S9o+9SRxd FvPY+hq8fCmdNoY1Gqvhgct+TArt1s9NBnrgy/aVQ1fYbunDcVid/INnwq8wUudF Cie2aBsLnLeLWkhammbmkDl5o0BlhLsYVJ/XBn1/H8u9/1jx6GbpRrQIlcWpKKBa /190F/ulXNs5z9BJU/k2Ymh7LLs6JFa+hjbf9yF/W6p5YJJbDKORWF+ZoJbcWud1 gX2EcVEaVojRuaYnEEixAKAkb9kmAgv4UakIg0qSALo= -----END CERTIFICATE-----Generated at Mon Oct 20 11:23:35 2025 by rpki-client