$ rpki-client -vvf rpki-repo.registro.br/repo/CRWxwqj9KkCUjUrQa61c8Zo1DHmHmpTkT9nUfjafQfuq/1/AS28598.roa File: AS28598.roa (raw, json) Hash identifier: aeBM4tfnKcWK772WwabLmqs0j9ZDfnwSXCisKzcE2iY= Subject key identifier: 07:A9:D9:FE:54:0E:0B:DB:D3:1B:88:58:63:CE:C9:78:5F:D4:66:72 Certificate issuer: /CN=988E922E2EBFFBA80468C170F0B053C90FD160E4 Certificate serial: 02F1AC4A9756EB870F626BFEF7C9CF6C1FF3CD21 Authority key identifier: 98:8E:92:2E:2E:BF:FB:A8:04:68:C1:70:F0:B0:53:C9:0F:D1:60:E4 Authority info access: rsync://rpki-repo.registro.br/repo/nicbr_repo/1/988E922E2EBFFBA80468C170F0B053C90FD160E4.cer Subject info access: rsync://rpki-repo.registro.br/repo/CRWxwqj9KkCUjUrQa61c8Zo1DHmHmpTkT9nUfjafQfuq/1/AS28598.roa Signing time: Mon 23 Jun 2025 13:00:36 +0000 ROA not before: Mon 23 Jun 2025 12:55:36 +0000 ROA not after: Mon 22 Jun 2026 13:00:36 +0000 asID: 28598 IP address blocks: 45.7.104.0/22 maxlen: 22 45.7.104.0/23 maxlen: 23 45.165.228.0/22 maxlen: 24 45.172.124.0/22 maxlen: 22 45.172.124.0/23 maxlen: 23 45.172.124.0/24 maxlen: 24 45.172.125.0/24 maxlen: 24 45.172.126.0/23 maxlen: 23 45.172.126.0/24 maxlen: 24 45.179.224.0/22 maxlen: 22 45.179.224.0/23 maxlen: 24 45.179.226.0/23 maxlen: 24 45.229.212.0/22 maxlen: 22 45.229.212.0/23 maxlen: 23 45.229.214.0/23 maxlen: 23 138.59.228.0/22 maxlen: 22 138.59.228.0/23 maxlen: 23 138.59.230.0/23 maxlen: 23 138.122.80.0/22 maxlen: 22 138.122.80.0/23 maxlen: 23 138.122.82.0/23 maxlen: 23 167.250.136.0/22 maxlen: 22 167.250.136.0/23 maxlen: 23 167.250.138.0/23 maxlen: 23 167.250.139.0/24 maxlen: 24 170.78.4.0/22 maxlen: 22 170.78.4.0/23 maxlen: 23 170.78.6.0/23 maxlen: 23 170.81.4.0/22 maxlen: 22 170.81.4.0/23 maxlen: 23 170.81.6.0/23 maxlen: 23 177.104.112.0/20 maxlen: 20 177.104.112.0/21 maxlen: 21 177.104.120.0/21 maxlen: 21 177.104.124.0/24 maxlen: 24 177.190.208.0/22 maxlen: 22 177.190.208.0/23 maxlen: 23 177.190.210.0/23 maxlen: 23 187.94.8.0/22 maxlen: 22 187.94.8.0/23 maxlen: 23 187.94.10.0/23 maxlen: 23 187.110.224.0/20 maxlen: 20 187.110.224.0/21 maxlen: 21 187.110.224.0/23 maxlen: 23 187.110.226.0/23 maxlen: 23 187.110.228.0/23 maxlen: 23 187.110.230.0/23 maxlen: 23 187.110.232.0/21 maxlen: 21 187.110.232.0/22 maxlen: 22 187.110.232.0/23 maxlen: 23 187.110.236.0/22 maxlen: 22 187.110.238.0/23 maxlen: 23 187.120.48.0/20 maxlen: 20 187.120.48.0/21 maxlen: 21 191.52.224.0/20 maxlen: 20 201.20.64.0/18 maxlen: 18 201.20.64.0/19 maxlen: 19 201.20.64.0/20 maxlen: 20 201.20.64.0/21 maxlen: 21 201.20.64.0/23 maxlen: 23 201.20.71.0/24 maxlen: 24 201.20.72.0/21 maxlen: 21 201.20.80.0/20 maxlen: 20 201.20.80.0/21 maxlen: 21 201.20.87.0/24 maxlen: 24 201.20.94.0/24 maxlen: 24 201.20.96.0/19 maxlen: 19 201.20.96.0/20 maxlen: 20 201.20.96.0/21 maxlen: 21 201.20.96.0/23 maxlen: 23 201.20.104.0/23 maxlen: 23 201.20.112.0/20 maxlen: 20 201.20.116.0/23 maxlen: 23 201.20.117.0/24 maxlen: 24 201.20.119.0/24 maxlen: 24 201.20.120.0/21 maxlen: 21 201.20.126.0/24 maxlen: 24 201.148.120.0/22 maxlen: 22 201.148.120.0/23 maxlen: 23 201.148.122.0/23 maxlen: 23 2804:248::/32 maxlen: 32 2804:248::/34 maxlen: 34 2804:248::/48 maxlen: 48 2804:248:2::/48 maxlen: 48 2804:248:4::/48 maxlen: 48 2804:248:8::/48 maxlen: 48 2804:248:100::/40 maxlen: 40 2804:248:800::/39 maxlen: 39 2804:248:3000::/40 maxlen: 40 2804:248:4000::/34 maxlen: 34 2804:248:4002::/48 maxlen: 48 2804:248:4004::/48 maxlen: 48 2804:248:4007::/48 maxlen: 48 2804:248:8000::/34 maxlen: 34 2804:248:c000::/34 maxlen: 34 Validation: OK Signature path: rsync://rpki-repo.registro.br/repo/CRWxwqj9KkCUjUrQa61c8Zo1DHmHmpTkT9nUfjafQfuq/1/988E922E2EBFFBA80468C170F0B053C90FD160E4.crl rsync://rpki-repo.registro.br/repo/CRWxwqj9KkCUjUrQa61c8Zo1DHmHmpTkT9nUfjafQfuq/1/988E922E2EBFFBA80468C170F0B053C90FD160E4.mft rsync://rpki-repo.registro.br/repo/nicbr_repo/1/988E922E2EBFFBA80468C170F0B053C90FD160E4.cer rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer Signature path expires: Tue 01 Jul 2025 07:28:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:f1:ac:4a:97:56:eb:87:0f:62:6b:fe:f7:c9:cf:6c:1f:f3:cd:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=988E922E2EBFFBA80468C170F0B053C90FD160E4 Validity Not Before: Jun 23 12:55:36 2025 GMT Not After : Jun 22 13:00:36 2026 GMT Subject: CN=07A9D9FE540E0BDBD31B885863CEC9785FD46672 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:46:97:c0:f2:6c:ca:e7:1b:d3:9e:86:95:ca: 3d:d6:63:11:95:a4:2e:c9:0b:ee:6c:2f:34:ee:90: 69:4b:73:47:00:78:d3:09:33:b3:be:a4:37:19:e2: ab:9a:42:7f:41:01:bb:d2:5c:8d:03:3d:c7:6c:88: 34:a8:33:3a:fb:ad:30:65:27:32:2c:02:f3:4b:18: 66:80:b2:8d:1a:a1:36:ce:fd:9f:b8:40:df:64:0e: ac:d0:75:78:6e:5d:a6:1c:ec:b2:58:f1:47:72:08: b2:28:8a:0c:9d:ab:13:61:55:e4:25:f2:71:7c:ff: c9:01:94:88:20:85:cc:c8:d8:62:0f:2c:0d:b4:62: 8c:2c:d7:e8:b2:ee:ed:82:ba:ec:ad:d7:1d:33:f3: 86:a0:c1:29:cb:04:f1:b6:f8:53:b1:57:01:62:f6: 53:f3:94:14:51:6f:f5:1a:ca:33:6c:30:77:fc:84: cb:f0:34:aa:c5:05:9b:0d:91:23:cb:e4:ed:6c:89: b2:fe:e7:6e:88:e9:ae:68:21:30:5f:8a:bb:79:84: eb:cf:1b:9a:51:91:d1:61:be:78:4d:ba:f7:d8:15: 3d:cb:77:2a:48:41:8c:ff:75:36:f2:d4:09:6f:a3: 4b:e6:ba:b0:bd:14:dd:b0:c9:66:ad:32:86:80:dd: 22:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:A9:D9:FE:54:0E:0B:DB:D3:1B:88:58:63:CE:C9:78:5F:D4:66:72 X509v3 Authority Key Identifier: keyid:98:8E:92:2E:2E:BF:FB:A8:04:68:C1:70:F0:B0:53:C9:0F:D1:60:E4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repo.registro.br/repo/CRWxwqj9KkCUjUrQa61c8Zo1DHmHmpTkT9nUfjafQfuq/1/988E922E2EBFFBA80468C170F0B053C90FD160E4.crl Authority Information Access: CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/988E922E2EBFFBA80468C170F0B053C90FD160E4.cer Subject Information Access: Signed Object - URI:rsync://rpki-repo.registro.br/repo/CRWxwqj9KkCUjUrQa61c8Zo1DHmHmpTkT9nUfjafQfuq/1/AS28598.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.7.104.0/22 45.165.228.0/22 45.172.124.0/22 45.179.224.0/22 45.229.212.0/22 138.59.228.0/22 138.122.80.0/22 167.250.136.0/22 170.78.4.0/22 170.81.4.0/22 177.104.112.0/20 177.190.208.0/22 187.94.8.0/22 187.110.224.0/20 187.120.48.0/20 191.52.224.0/20 201.20.64.0/18 201.148.120.0/22 IPv6: 2804:248::/32 Signature Algorithm: sha256WithRSAEncryption 48:a0:b5:74:1c:a0:1a:0e:52:ca:2a:14:12:67:5a:30:4e:a4: 2c:22:f2:a7:c0:14:04:1a:60:8b:1e:a3:b8:cb:b9:e2:0f:e5: c5:5a:7d:b4:83:2c:62:bc:9e:27:ef:47:c1:e0:6d:ab:97:30: df:fd:4e:d4:ff:e6:44:56:c3:ca:7c:31:1c:b6:20:75:3c:ac: 3c:ab:aa:f9:cc:fc:a4:89:8b:14:07:10:35:a8:0e:3c:04:d4: 9e:8b:05:7c:6b:c6:b8:64:3e:28:fa:c1:c2:68:80:cc:b7:75: 33:e5:af:1a:88:f6:7f:f7:cd:27:4b:43:f9:6b:f5:b7:cc:9d: 3b:57:0b:f8:28:72:8c:e5:bc:3d:e5:e5:27:1c:75:8e:5f:88: a5:3f:b8:cf:2f:63:3e:e8:fb:ed:18:88:d0:76:85:ff:e5:69: 47:67:bc:de:cd:d4:f1:3b:0d:97:74:b9:98:d9:b4:6f:de:56: 4a:dd:e3:a3:f4:ff:9a:a3:d7:5d:da:7e:15:eb:5e:d8:f1:9a: c7:6b:d5:ff:d5:bd:9f:88:32:0d:34:72:86:d5:59:9e:6c:82: 33:91:f9:a0:c2:3d:69:6e:f6:d7:95:5c:ab:20:e3:a3:3e:07: 84:4e:d8:04:f1:93:57:8e:93:d5:7f:8c:70:cc:9a:ed:ad:05: e7:e1:af:46 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgIUAvGsSpdW64cPYmv+98nPbB/zzSEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOTg4RTkyMkUyRUJGRkJBODA0NjhDMTcwRjBCMDUzQzkw RkQxNjBFNDAeFw0yNTA2MjMxMjU1MzZaFw0yNjA2MjIxMzAwMzZaMDMxMTAvBgNV BAMTKDA3QTlEOUZFNTQwRTBCREJEMzFCODg1ODYzQ0VDOTc4NUZENDY2NzIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiRpfA8mzK5xvTnoaVyj3WYxGV pC7JC+5sLzTukGlLc0cAeNMJM7O+pDcZ4quaQn9BAbvSXI0DPcdsiDSoMzr7rTBl JzIsAvNLGGaAso0aoTbO/Z+4QN9kDqzQdXhuXaYc7LJY8UdyCLIoigydqxNhVeQl 8nF8/8kBlIgghczI2GIPLA20Yows1+iy7u2Cuuyt1x0z84agwSnLBPG2+FOxVwFi 9lPzlBRRb/UayjNsMHf8hMvwNKrFBZsNkSPL5O1sibL+526I6a5oITBfirt5hOvP G5pRkdFhvnhNuvfYFT3LdypIQYz/dTby1Alvo0vmurC9FN2wyWatMoaA3SIVAgMB AAGjggKTMIICjzAdBgNVHQ4EFgQUB6nZ/lQOC9vTG4hYY87JeF/UZnIwHwYDVR0j BBgwFoAUmI6SLi6/+6gEaMFw8LBTyQ/RYOQwDgYDVR0PAQH/BAQDAgeAMIGUBgNV HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy L3JlcG8vQ1JXeHdxajlLa0NValVyUWE2MWM4Wm8xREhtSG1wVGtUOW5VZmphZlFm dXEvMS85ODhFOTIyRTJFQkZGQkE4MDQ2OEMxNzBGMEIwNTNDOTBGRDE2MEU0LmNy bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzk4OEU5MjJFMkVCRkZCQTgw NDY4QzE3MEYwQjA1M0M5MEZEMTYwRTQuY2VyMHkGCCsGAQUFBwELBG0wazBpBggr BgEFBQcwC4ZdcnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby9DUld4 d3FqOUtrQ1VqVXJRYTYxYzhabzFESG1IbXBUa1Q5blVmamFmUWZ1cS8xL0FTMjg1 OTgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwgZYGCCsGAQUFBwEHAQH/ BIGGMIGDMHIEAgABMGwDBAItB2gDBAItpeQDBAItrHwDBAIts+ADBAIt5dQDBAKK O+QDBAKKelADBAKn+ogDBAKqTgQDBAKqUQQDBASxaHADBAKxvtADBAK7XggDBAS7 buADBAS7eDADBAS/NOADBAbJFEADBALJlHgwDQQCAAIwBwMFACgEAkgwDQYJKoZI hvcNAQELBQADggEBAEigtXQcoBoOUsoqFBJnWjBOpCwi8qfAFAQaYIseo7jLueIP 5cVafbSDLGK8nifvR8HgbauXMN/9TtT/5kRWw8p8MRy2IHU8rDyrqvnM/KSJixQH EDWoDjwE1J6LBXxrxrhkPij6wcJogMy3dTPlrxqI9n/3zSdLQ/lr9bfMnTtXC/go cozlvD3l5SccdY5fiKU/uM8vYz7o++0YiNB2hf/laUdnvN7N1PE7DZd0uZjZtG/e Vkrd46P0/5qj113afhXrXtjxmsdr1f/VvZ+IMg00cobVWZ5sgjOR+aDCPWlu9teV XKsg46M+B4RO2ATxk1eOk9V/jHDMmu2tBefhr0Y= -----END CERTIFICATE-----Generated at Mon Jun 30 19:36:55 2025 by rpki-client