$ rpki-client -vvf rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/4/AS28667.roa File: AS28667.roa (raw, json) Hash identifier: MgAbV1+eIoi08W/6fa2dJx8ay1f7VMTza311YuB39E8= Subject key identifier: FC:55:87:53:3A:98:E6:10:2F:CD:78:01:A3:3D:26:50:FE:3C:64:C7 Certificate issuer: /CN=15A0CACB6F5D6B45006136392255670B81DB66F8 Certificate serial: 6C94A3BBE586FF26D5918D49BBEF27B4F5B2E821 Authority key identifier: 15:A0:CA:CB:6F:5D:6B:45:00:61:36:39:22:55:67:0B:81:DB:66:F8 Authority info access: rsync://rpki-repo.registro.br/repo/nicbr_repo/1/15A0CACB6F5D6B45006136392255670B81DB66F8.cer Subject info access: rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/4/AS28667.roa Signing time: Mon 29 Sep 2025 11:46:44 +0000 ROA not before: Mon 29 Sep 2025 11:41:44 +0000 ROA not after: Mon 28 Sep 2026 11:46:44 +0000 asID: 28667 IP address blocks: 132.255.64.0/22 maxlen: 24 143.202.68.0/22 maxlen: 24 168.196.108.0/22 maxlen: 24 170.82.56.0/22 maxlen: 24 177.8.208.0/21 maxlen: 24 177.21.192.0/20 maxlen: 24 177.71.0.0/20 maxlen: 24 177.107.0.0/20 maxlen: 24 177.184.240.0/21 maxlen: 24 186.193.192.0/20 maxlen: 24 186.236.96.0/19 maxlen: 24 186.250.208.0/21 maxlen: 24 187.19.80.0/20 maxlen: 24 187.110.240.0/20 maxlen: 24 187.121.192.0/19 maxlen: 24 189.1.176.0/20 maxlen: 24 189.76.128.0/20 maxlen: 24 191.242.128.0/19 maxlen: 24 2804:4::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/4/15A0CACB6F5D6B45006136392255670B81DB66F8.crl rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/4/15A0CACB6F5D6B45006136392255670B81DB66F8.mft rsync://rpki-repo.registro.br/repo/nicbr_repo/1/15A0CACB6F5D6B45006136392255670B81DB66F8.cer rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer Signature path expires: Tue 21 Oct 2025 04:29:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:94:a3:bb:e5:86:ff:26:d5:91:8d:49:bb:ef:27:b4:f5:b2:e8:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=15A0CACB6F5D6B45006136392255670B81DB66F8 Validity Not Before: Sep 29 11:41:44 2025 GMT Not After : Sep 28 11:46:44 2026 GMT Subject: CN=FC5587533A98E6102FCD7801A33D2650FE3C64C7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:6c:82:4c:7b:64:d2:52:57:e9:b9:c8:55:77: 5d:36:9f:0d:17:88:ca:18:d2:c5:a2:3a:69:30:09: 20:3d:4e:02:91:44:43:19:a7:54:ce:68:7e:67:0a: 71:ca:43:ed:87:5c:33:fa:9e:57:2f:2d:0b:3c:d5: 7e:a7:45:0a:9b:f4:a1:75:23:5a:1f:05:4f:cb:3e: a4:2f:b1:19:f4:0f:90:fd:ad:d8:04:b7:98:c2:47: 16:ae:fe:38:9d:b3:60:65:44:91:31:e8:e8:8b:5b: 2a:82:f8:fd:90:12:7f:a5:85:6a:15:0f:4c:69:b2: 3a:40:d5:97:bf:1a:55:80:8d:74:95:a9:a6:4b:db: 60:11:24:4e:1b:f0:eb:5b:d4:50:8d:ca:77:bd:30: 79:c2:91:1f:8b:f0:0c:bf:d1:35:b6:2e:b4:14:81: fe:45:0e:dd:9b:06:b8:4c:0d:f8:b9:12:75:d0:2f: 08:4d:c4:1a:6b:f0:88:65:4f:36:a9:1f:08:00:17: e0:da:4b:84:78:81:00:e2:bf:cb:c3:59:74:f7:e0: 05:d8:dd:33:8b:2b:ac:6a:b2:de:9d:64:56:67:8b: 62:c6:a7:c8:e4:8a:61:43:09:d8:26:d7:8c:00:39: af:aa:0e:d9:cd:47:13:7a:3c:89:87:6c:6c:62:b8: 14:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:55:87:53:3A:98:E6:10:2F:CD:78:01:A3:3D:26:50:FE:3C:64:C7 X509v3 Authority Key Identifier: keyid:15:A0:CA:CB:6F:5D:6B:45:00:61:36:39:22:55:67:0B:81:DB:66:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/4/15A0CACB6F5D6B45006136392255670B81DB66F8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/15A0CACB6F5D6B45006136392255670B81DB66F8.cer Subject Information Access: Signed Object - URI:rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/4/AS28667.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 132.255.64.0/22 143.202.68.0/22 168.196.108.0/22 170.82.56.0/22 177.8.208.0/21 177.21.192.0/20 177.71.0.0/20 177.107.0.0/20 177.184.240.0/21 186.193.192.0/20 186.236.96.0/19 186.250.208.0/21 187.19.80.0/20 187.110.240.0/20 187.121.192.0/19 189.1.176.0/20 189.76.128.0/20 191.242.128.0/19 IPv6: 2804:4::/32 Signature Algorithm: sha256WithRSAEncryption 13:b4:a3:c8:d4:51:ab:1f:7d:c2:09:4a:97:f7:e3:c9:10:1f: 83:e6:6f:a1:72:ef:84:08:ca:20:66:2c:dc:47:bb:20:d9:0a: 0e:44:a0:7c:bc:71:d3:d4:c6:af:24:8a:8d:d3:15:95:de:dc: 6b:59:63:1d:8b:84:fb:c5:e9:ae:ab:78:f7:bd:bd:c8:ba:3f: ed:90:6c:f5:94:8a:94:91:c0:93:b4:7f:2f:3c:55:30:dc:e2: 43:f3:4e:00:bd:3e:bd:9d:fa:f0:ff:59:26:2a:b4:9f:3e:c4: d4:dd:9c:d9:eb:06:9c:08:26:3f:59:c3:77:45:bc:58:d1:d5: 8a:9b:bd:00:f5:43:03:4b:e0:2d:f8:92:a6:df:46:f5:90:db: 3a:a7:4a:b2:f6:b5:cc:91:e4:cd:ef:db:a0:5b:12:ec:e5:62: 74:59:d0:ed:06:65:20:79:41:68:5b:d6:0c:d7:1d:6f:ee:ab: 5c:18:fb:06:77:6e:64:d5:06:c1:05:87:ba:d1:2e:db:77:73: 64:c5:c5:f7:33:19:a1:11:8f:94:34:10:08:6f:3a:20:e9:93: a9:a1:26:dc:c5:97:6a:6e:e3:2a:af:9a:91:90:fc:3a:e3:4a: 2b:1a:4e:71:ba:20:d4:aa:39:b4:3c:1a:7b:2d:67:37:73:1b: 71:7b:92:91 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgIUbJSju+WG/ybVkY1Ju+8ntPWy6CEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMTVBMENBQ0I2RjVENkI0NTAwNjEzNjM5MjI1NTY3MEI4 MURCNjZGODAeFw0yNTA5MjkxMTQxNDRaFw0yNjA5MjgxMTQ2NDRaMDMxMTAvBgNV BAMTKEZDNTU4NzUzM0E5OEU2MTAyRkNENzgwMUEzM0QyNjUwRkUzQzY0QzcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQbIJMe2TSUlfpuchVd102nw0X iMoY0sWiOmkwCSA9TgKRREMZp1TOaH5nCnHKQ+2HXDP6nlcvLQs81X6nRQqb9KF1 I1ofBU/LPqQvsRn0D5D9rdgEt5jCRxau/jids2BlRJEx6OiLWyqC+P2QEn+lhWoV D0xpsjpA1Ze/GlWAjXSVqaZL22ARJE4b8Otb1FCNyne9MHnCkR+L8Ay/0TW2LrQU gf5FDt2bBrhMDfi5EnXQLwhNxBpr8IhlTzapHwgAF+DaS4R4gQDiv8vDWXT34AXY 3TOLK6xqst6dZFZni2LGp8jkimFDCdgm14wAOa+qDtnNRxN6PImHbGxiuBT3AgMB AAGjggKTMIICjzAdBgNVHQ4EFgQU/FWHUzqY5hAvzXgBoz0mUP48ZMcwHwYDVR0j BBgwFoAUFaDKy29da0UAYTY5IlVnC4HbZvgwDgYDVR0PAQH/BAQDAgeAMIGUBgNV HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy L3JlcG8vM0twSjV1UDZxTGsyaUhXOWdXZXBURHhheDZqVnZ0dVFZaEZ1ZHc5cjhU Y3kvNC8xNUEwQ0FDQjZGNUQ2QjQ1MDA2MTM2MzkyMjU1NjcwQjgxREI2NkY4LmNy bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzE1QTBDQUNCNkY1RDZCNDUw MDYxMzYzOTIyNTU2NzBCODFEQjY2RjguY2VyMHkGCCsGAQUFBwELBG0wazBpBggr BgEFBQcwC4ZdcnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby8zS3BK NXVQNnFMazJpSFc5Z1dlcFREeGF4NmpWdnR1UVloRnVkdzlyOFRjeS80L0FTMjg2 Njcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwgZYGCCsGAQUFBwEHAQH/ BIGGMIGDMHIEAgABMGwDBAKE/0ADBAKPykQDBAKoxGwDBAKqUjgDBAOxCNADBASx FcADBASxRwADBASxawADBAOxuPADBAS6wcADBAW67GADBAO6+tADBAS7E1ADBAS7 bvADBAW7ecADBAS9AbADBAS9TIADBAW/8oAwDQQCAAIwBwMFACgEAAQwDQYJKoZI hvcNAQELBQADggEBABO0o8jUUasffcIJSpf348kQH4Pmb6Fy74QIyiBmLNxHuyDZ Cg5EoHy8cdPUxq8kio3TFZXe3GtZYx2LhPvF6a6rePe9vci6P+2QbPWUipSRwJO0 fy88VTDc4kPzTgC9Pr2d+vD/WSYqtJ8+xNTdnNnrBpwIJj9Zw3dFvFjR1YqbvQD1 QwNL4C34kqbfRvWQ2zqnSrL2tcyR5M3v26BbEuzlYnRZ0O0GZSB5QWhb1gzXHW/u q1wY+wZ3bmTVBsEFh7rRLtt3c2TFxfczGaERj5Q0EAhvOiDpk6mhJtzFl2pu4yqv mpGQ/DrjSisaTnG6INSqObQ8GnstZzdzG3F7kpE= -----END CERTIFICATE-----Generated at Mon Oct 20 11:23:28 2025 by rpki-client