$ rpki-client -vvf rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/4/AS28287.roa File: AS28287.roa (raw, json) Hash identifier: gXMRHSJCz3pOxx0k0xwFBQCcchPrWQ/gqTgMif0WIWU= Subject key identifier: 4E:A8:61:6C:32:80:ED:DB:E4:81:0F:98:E0:D3:96:7F:C9:65:14:F7 Certificate issuer: /CN=15A0CACB6F5D6B45006136392255670B81DB66F8 Certificate serial: 7BE5EAF08A34DBEB9A25EAB58FEA696CE8E11253 Authority key identifier: 15:A0:CA:CB:6F:5D:6B:45:00:61:36:39:22:55:67:0B:81:DB:66:F8 Authority info access: rsync://rpki-repo.registro.br/repo/nicbr_repo/1/15A0CACB6F5D6B45006136392255670B81DB66F8.cer Subject info access: rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/4/AS28287.roa Signing time: Mon 29 Sep 2025 11:46:47 +0000 ROA not before: Mon 29 Sep 2025 11:41:47 +0000 ROA not after: Mon 28 Sep 2026 11:46:47 +0000 asID: 28287 IP address blocks: 138.118.120.0/22 maxlen: 24 167.249.176.0/22 maxlen: 24 168.194.60.0/22 maxlen: 24 177.130.96.0/20 maxlen: 24 179.127.64.0/21 maxlen: 24 189.124.80.0/20 maxlen: 24 201.49.192.0/20 maxlen: 24 2804:1080::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/4/15A0CACB6F5D6B45006136392255670B81DB66F8.crl rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/4/15A0CACB6F5D6B45006136392255670B81DB66F8.mft rsync://rpki-repo.registro.br/repo/nicbr_repo/1/15A0CACB6F5D6B45006136392255670B81DB66F8.cer rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer Signature path expires: Tue 21 Oct 2025 04:29:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:e5:ea:f0:8a:34:db:eb:9a:25:ea:b5:8f:ea:69:6c:e8:e1:12:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=15A0CACB6F5D6B45006136392255670B81DB66F8 Validity Not Before: Sep 29 11:41:47 2025 GMT Not After : Sep 28 11:46:47 2026 GMT Subject: CN=4EA8616C3280EDDBE4810F98E0D3967FC96514F7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:d5:4b:70:33:78:94:80:71:23:b5:27:66:f2: 7a:4a:85:21:98:a1:90:ce:ce:d3:f0:59:79:b5:86: 63:22:8a:f6:33:c3:12:5c:9f:63:ae:57:d3:45:57: 8e:c7:fe:f9:42:31:7e:37:6e:b0:28:d3:a1:34:f9: 66:99:11:93:da:71:58:16:0c:54:1b:ba:e9:cf:01: f2:99:c3:c7:11:36:c6:79:c6:fe:50:32:67:d4:ce: be:25:91:90:02:75:7d:bc:5c:08:9e:20:37:18:f0: d0:1d:b8:96:ff:bc:b4:e7:14:0b:eb:91:f4:5f:eb: 30:28:c8:03:b6:1d:f4:7b:b7:70:fe:a8:3f:ed:a3: 05:32:9e:2f:8a:52:82:2f:95:70:8e:db:0d:d8:a3: 16:1f:02:36:d1:96:45:76:51:38:38:7d:4b:b0:d7: 94:1f:ea:bc:2b:93:72:1f:97:75:29:87:7c:c3:e0: b9:22:bb:e6:39:d9:92:1b:a0:97:a5:44:39:ec:f1: d4:55:62:32:39:42:c5:66:1d:c4:4d:fe:d5:9a:64: 32:41:64:83:75:1e:69:24:73:3e:a5:84:5d:1b:bb: d7:fd:3c:9f:d6:76:da:88:31:73:eb:73:78:e6:ec: 21:f7:dd:e0:5f:06:b2:14:b8:d4:d6:2d:0d:f2:14: 6b:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:A8:61:6C:32:80:ED:DB:E4:81:0F:98:E0:D3:96:7F:C9:65:14:F7 X509v3 Authority Key Identifier: keyid:15:A0:CA:CB:6F:5D:6B:45:00:61:36:39:22:55:67:0B:81:DB:66:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/4/15A0CACB6F5D6B45006136392255670B81DB66F8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/15A0CACB6F5D6B45006136392255670B81DB66F8.cer Subject Information Access: Signed Object - URI:rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/4/AS28287.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.118.120.0/22 167.249.176.0/22 168.194.60.0/22 177.130.96.0/20 179.127.64.0/21 189.124.80.0/20 201.49.192.0/20 IPv6: 2804:1080::/32 Signature Algorithm: sha256WithRSAEncryption 4b:f5:04:c6:19:04:5b:c8:17:44:ca:34:18:dc:65:80:ad:df: f3:2a:4a:64:a5:dc:b4:d4:6f:74:e3:72:55:89:b7:cc:d4:3d: e5:bc:76:dd:99:45:f7:fd:88:50:e1:70:d2:86:27:9f:e9:78: 1c:27:fe:5e:24:06:4f:61:2b:a7:ab:e5:16:e2:ef:cd:90:04: ea:ea:0f:48:34:44:3e:f3:8f:88:0e:3a:2d:96:04:41:33:eb: c6:5d:49:ae:dc:5d:68:70:2b:c6:c8:a2:30:49:ed:5a:1b:76: c9:ef:94:2e:a2:d2:55:8a:84:c8:9b:5f:73:77:2a:3f:db:00: 3c:e0:eb:12:44:f4:66:c0:ee:05:5e:b2:60:67:8e:ca:a0:72: e3:60:d3:ae:7e:82:71:79:9d:3e:44:46:9e:37:11:b9:71:7f: 11:25:94:f9:73:5c:25:39:f4:72:1c:72:39:5e:dc:3d:6c:6a: dc:26:c6:78:c9:08:16:90:ca:05:23:14:00:e9:f1:42:a0:16: f8:c8:f0:01:dd:6e:65:90:81:b1:50:ce:c5:f1:a4:e5:40:01: c2:52:fb:b9:76:8f:72:b7:8d:02:85:68:17:3e:f3:47:88:ae: 89:f9:83:ea:05:70:3c:84:1d:60:8e:14:b3:4e:4a:23:f7:2b: a0:47:b0:51 -----BEGIN CERTIFICATE----- MIIFRDCCBCygAwIBAgIUe+Xq8Io02+uaJeq1j+ppbOjhElMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMTVBMENBQ0I2RjVENkI0NTAwNjEzNjM5MjI1NTY3MEI4 MURCNjZGODAeFw0yNTA5MjkxMTQxNDdaFw0yNjA5MjgxMTQ2NDdaMDMxMTAvBgNV BAMTKDRFQTg2MTZDMzI4MEVEREJFNDgxMEY5OEUwRDM5NjdGQzk2NTE0RjcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCI1UtwM3iUgHEjtSdm8npKhSGY oZDOztPwWXm1hmMiivYzwxJcn2OuV9NFV47H/vlCMX43brAo06E0+WaZEZPacVgW DFQbuunPAfKZw8cRNsZ5xv5QMmfUzr4lkZACdX28XAieIDcY8NAduJb/vLTnFAvr kfRf6zAoyAO2HfR7t3D+qD/towUyni+KUoIvlXCO2w3YoxYfAjbRlkV2UTg4fUuw 15Qf6rwrk3Ifl3Uph3zD4Lkiu+Y52ZIboJelRDns8dRVYjI5QsVmHcRN/tWaZDJB ZIN1Hmkkcz6lhF0bu9f9PJ/WdtqIMXPrc3jm7CH33eBfBrIUuNTWLQ3yFGvJAgMB AAGjggJOMIICSjAdBgNVHQ4EFgQUTqhhbDKA7dvkgQ+Y4NOWf8llFPcwHwYDVR0j BBgwFoAUFaDKy29da0UAYTY5IlVnC4HbZvgwDgYDVR0PAQH/BAQDAgeAMIGUBgNV HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy L3JlcG8vM0twSjV1UDZxTGsyaUhXOWdXZXBURHhheDZqVnZ0dVFZaEZ1ZHc5cjhU Y3kvNC8xNUEwQ0FDQjZGNUQ2QjQ1MDA2MTM2MzkyMjU1NjcwQjgxREI2NkY4LmNy bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzE1QTBDQUNCNkY1RDZCNDUw MDYxMzYzOTIyNTU2NzBCODFEQjY2RjguY2VyMHkGCCsGAQUFBwELBG0wazBpBggr BgEFBQcwC4ZdcnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby8zS3BK NXVQNnFMazJpSFc5Z1dlcFREeGF4NmpWdnR1UVloRnVkdzlyOFRjeS80L0FTMjgy ODcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwUgYIKwYBBQUHAQcBAf8E QzBBMDAEAgABMCoDBAKKdngDBAKn+bADBAKowjwDBASxgmADBAOzf0ADBAS9fFAD BATJMcAwDQQCAAIwBwMFACgEEIAwDQYJKoZIhvcNAQELBQADggEBAEv1BMYZBFvI F0TKNBjcZYCt3/MqSmSl3LTUb3TjclWJt8zUPeW8dt2ZRff9iFDhcNKGJ5/peBwn /l4kBk9hK6er5Rbi782QBOrqD0g0RD7zj4gOOi2WBEEz68ZdSa7cXWhwK8bIojBJ 7VobdsnvlC6i0lWKhMibX3N3Kj/bADzg6xJE9GbA7gVesmBnjsqgcuNg065+gnF5 nT5ERp43EblxfxEllPlzXCU59HIccjle3D1satwmxnjJCBaQygUjFADp8UKgFvjI 8AHdbmWQgbFQzsXxpOVAAcJS+7l2j3K3jQKFaBc+80eIron5g+oFcDyEHWCOFLNO SiP3K6BHsFE= -----END CERTIFICATE-----Generated at Mon Oct 20 11:23:39 2025 by rpki-client