$ rpki-client -vvf rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/4/AS28669.roa File: AS28669.roa (raw, json) Hash identifier: MJ87y+ztwCqOOFcLRNJ1CJLfWkLwAnuMRPFuuaEF5FI= Subject key identifier: A6:59:9C:B5:1F:2A:78:A5:AE:DE:34:2F:DA:53:93:05:8F:65:77:1B Certificate issuer: /CN=15A0CACB6F5D6B45006136392255670B81DB66F8 Certificate serial: 72F134CA76C501B7E7B6EF8BA77EEDB3FBDC1417 Authority key identifier: 15:A0:CA:CB:6F:5D:6B:45:00:61:36:39:22:55:67:0B:81:DB:66:F8 Authority info access: rsync://rpki-repo.registro.br/repo/nicbr_repo/1/15A0CACB6F5D6B45006136392255670B81DB66F8.cer Subject info access: rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/4/AS28669.roa Signing time: Mon 29 Sep 2025 11:46:41 +0000 ROA not before: Mon 29 Sep 2025 11:41:41 +0000 ROA not after: Mon 28 Sep 2026 11:46:41 +0000 asID: 28669 IP address blocks: 45.234.40.0/22 maxlen: 24 168.227.12.0/22 maxlen: 24 170.238.116.0/22 maxlen: 24 177.36.160.0/20 maxlen: 24 177.107.80.0/20 maxlen: 24 177.137.64.0/20 maxlen: 24 179.189.224.0/20 maxlen: 24 186.195.144.0/20 maxlen: 24 186.225.96.0/20 maxlen: 24 186.225.112.0/20 maxlen: 24 187.108.32.0/20 maxlen: 24 187.111.160.0/20 maxlen: 24 189.8.80.0/20 maxlen: 24 189.28.144.0/20 maxlen: 24 191.241.224.0/19 maxlen: 24 201.46.16.0/20 maxlen: 24 2804:290::/32 maxlen: 48 2804:7cc::/32 maxlen: 48 2804:4bec::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/4/15A0CACB6F5D6B45006136392255670B81DB66F8.crl rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/4/15A0CACB6F5D6B45006136392255670B81DB66F8.mft rsync://rpki-repo.registro.br/repo/nicbr_repo/1/15A0CACB6F5D6B45006136392255670B81DB66F8.cer rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer Signature path expires: Tue 21 Oct 2025 04:29:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:f1:34:ca:76:c5:01:b7:e7:b6:ef:8b:a7:7e:ed:b3:fb:dc:14:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=15A0CACB6F5D6B45006136392255670B81DB66F8 Validity Not Before: Sep 29 11:41:41 2025 GMT Not After : Sep 28 11:46:41 2026 GMT Subject: CN=A6599CB51F2A78A5AEDE342FDA5393058F65771B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:56:dd:73:c6:5f:3c:00:1f:62:4d:31:51:5c: 24:de:38:fb:6f:7e:7b:d3:9e:80:f0:a1:ba:07:e1: c9:a3:2a:58:ce:66:2d:d7:10:23:a9:cd:61:ba:8a: af:95:9e:30:ed:56:6f:c1:c3:72:c7:d0:c5:28:b3: f1:21:66:93:83:53:d7:b2:48:86:ea:f4:5e:74:73: 0d:e3:55:3e:9e:0b:f2:ab:20:36:e9:87:eb:3e:b4: 96:ee:d8:ae:63:36:c8:46:23:24:3d:52:92:b2:19: 4b:5e:99:60:3f:8a:a0:5d:cb:33:32:f3:1c:89:e3: 5f:31:04:99:97:e2:d6:b5:0f:fb:28:b1:36:64:74: b5:18:a3:4d:06:45:5f:07:27:86:34:20:b5:c5:4f: d7:5b:ba:02:f3:c8:de:57:23:19:a9:84:dd:d4:49: 2d:7f:d8:6c:4b:6c:85:93:03:a1:48:51:f2:0c:e5: 34:ee:3f:02:96:5e:d2:64:64:ae:1e:6e:22:f1:64: f2:4c:4a:95:7d:d9:a5:da:68:5f:ae:37:da:9d:b3: 9b:df:3a:d2:ee:30:97:45:a7:6a:c9:70:f1:3b:53: 45:01:1c:21:bc:a5:18:9e:e5:a4:5b:b3:f0:61:66: cd:73:53:ac:b8:f8:df:68:0d:57:8c:a3:e3:19:e2: 8e:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:59:9C:B5:1F:2A:78:A5:AE:DE:34:2F:DA:53:93:05:8F:65:77:1B X509v3 Authority Key Identifier: keyid:15:A0:CA:CB:6F:5D:6B:45:00:61:36:39:22:55:67:0B:81:DB:66:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/4/15A0CACB6F5D6B45006136392255670B81DB66F8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/15A0CACB6F5D6B45006136392255670B81DB66F8.cer Subject Information Access: Signed Object - URI:rsync://rpki-repo.registro.br/repo/3KpJ5uP6qLk2iHW9gWepTDxax6jVvtuQYhFudw9r8Tcy/4/AS28669.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.234.40.0/22 168.227.12.0/22 170.238.116.0/22 177.36.160.0/20 177.107.80.0/20 177.137.64.0/20 179.189.224.0/20 186.195.144.0/20 186.225.96.0/19 187.108.32.0/20 187.111.160.0/20 189.8.80.0/20 189.28.144.0/20 191.241.224.0/19 201.46.16.0/20 IPv6: 2804:290::/32 2804:7cc::/32 2804:4bec::/32 Signature Algorithm: sha256WithRSAEncryption a6:dc:e0:91:fe:6a:44:f8:a8:46:6c:4b:24:c3:2e:d3:5d:f9: f0:ee:51:19:73:82:93:95:ca:a5:92:5e:4d:0f:92:b7:4e:7e: 1c:85:b7:e0:4f:30:be:96:c0:df:6e:e9:2e:a1:4c:58:fe:62: 17:4b:f8:65:48:07:e5:6f:c9:b8:73:fd:ff:25:06:6a:ea:9a: 5f:3d:02:2d:10:ce:e9:81:ba:bc:43:2d:71:d4:4d:82:60:6e: b8:c8:c6:21:d5:be:d4:98:03:16:73:25:2b:5d:e7:87:0f:5b: e8:5b:f3:7c:aa:c2:28:a7:03:b0:58:f0:3a:03:d1:fa:b0:08: d7:97:c9:13:0e:a9:bf:90:45:8b:47:ea:7e:76:39:44:f7:97: 7a:0f:65:d5:26:0d:dc:93:17:df:de:06:ad:f3:83:62:19:97: 05:14:9d:12:7b:3d:ee:40:68:dc:a6:f3:4f:33:24:7c:a8:60: 05:a1:c5:fd:5e:38:9e:1f:30:62:72:89:bc:05:60:1b:1c:d8: 85:2e:88:65:52:c2:50:a1:91:fd:1a:01:8d:65:df:c4:12:38: 70:4c:76:aa:e5:18:9d:d9:e7:cf:9b:02:b4:8b:95:f6:70:86: 8a:4d:02:58:5e:fb:4d:43:f6:ec:78:3c:c1:7f:a8:a1:0c:40: 40:40:b6:c1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgIUcvE0ynbFAbfntu+Lp37ts/vcFBcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMTVBMENBQ0I2RjVENkI0NTAwNjEzNjM5MjI1NTY3MEI4 MURCNjZGODAeFw0yNTA5MjkxMTQxNDFaFw0yNjA5MjgxMTQ2NDFaMDMxMTAvBgNV BAMTKEE2NTk5Q0I1MUYyQTc4QTVBRURFMzQyRkRBNTM5MzA1OEY2NTc3MUIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdVt1zxl88AB9iTTFRXCTeOPtv fnvTnoDwoboH4cmjKljOZi3XECOpzWG6iq+VnjDtVm/Bw3LH0MUos/EhZpODU9ey SIbq9F50cw3jVT6eC/KrIDbph+s+tJbu2K5jNshGIyQ9UpKyGUtemWA/iqBdyzMy 8xyJ418xBJmX4ta1D/sosTZkdLUYo00GRV8HJ4Y0ILXFT9dbugLzyN5XIxmphN3U SS1/2GxLbIWTA6FIUfIM5TTuPwKWXtJkZK4ebiLxZPJMSpV92aXaaF+uN9qds5vf OtLuMJdFp2rJcPE7U0UBHCG8pRie5aRbs/BhZs1zU6y4+N9oDVeMo+MZ4o5jAgMB AAGjggKOMIICijAdBgNVHQ4EFgQUplmctR8qeKWu3jQv2lOTBY9ldxswHwYDVR0j BBgwFoAUFaDKy29da0UAYTY5IlVnC4HbZvgwDgYDVR0PAQH/BAQDAgeAMIGUBgNV HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy L3JlcG8vM0twSjV1UDZxTGsyaUhXOWdXZXBURHhheDZqVnZ0dVFZaEZ1ZHc5cjhU Y3kvNC8xNUEwQ0FDQjZGNUQ2QjQ1MDA2MTM2MzkyMjU1NjcwQjgxREI2NkY4LmNy bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzE1QTBDQUNCNkY1RDZCNDUw MDYxMzYzOTIyNTU2NzBCODFEQjY2RjguY2VyMHkGCCsGAQUFBwELBG0wazBpBggr BgEFBQcwC4ZdcnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby8zS3BK NXVQNnFMazJpSFc5Z1dlcFREeGF4NmpWdnR1UVloRnVkdzlyOFRjeS80L0FTMjg2 Njkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwgZEGCCsGAQUFBwEHAQH/ BIGBMH8wYAQCAAEwWgMEAi3qKAMEAqjjDAMEAqrudAMEBLEkoAMEBLFrUAMEBLGJ QAMEBLO94AMEBLrDkAMEBbrhYAMEBLtsIAMEBLtvoAMEBL0IUAMEBL0ckAMEBb/x 4AMEBMkuEDAbBAIAAjAVAwUAKAQCkAMFACgEB8wDBQAoBEvsMA0GCSqGSIb3DQEB CwUAA4IBAQCm3OCR/mpE+KhGbEskwy7TXfnw7lEZc4KTlcqlkl5ND5K3Tn4chbfg TzC+lsDfbukuoUxY/mIXS/hlSAflb8m4c/3/JQZq6ppfPQItEM7pgbq8Qy1x1E2C YG64yMYh1b7UmAMWcyUrXeeHD1voW/N8qsIopwOwWPA6A9H6sAjXl8kTDqm/kEWL R+p+djlE95d6D2XVJg3ckxff3gat84NiGZcFFJ0Sez3uQGjcpvNPMyR8qGAFocX9 XjieHzBicom8BWAbHNiFLohlUsJQoZH9GgGNZd/EEjhwTHaq5Rid2efPmwK0i5X2 cIaKTQJYXvtNQ/bseDzBf6ihDEBAQLbB -----END CERTIFICATE-----Generated at Mon Oct 20 11:23:37 2025 by rpki-client