$ rpki-client -vvf rpki-repo.registro.br/repo/3Z9nEQVcGsVG7sRCTkY2ZvvmDHhoE5ZgbjDKFqMFt7DF/0/AS28220.roa File: AS28220.roa (raw, json) Hash identifier: edhJ1DWyRCAQ9/mK73jGgwC86EEkXdgXpUu9xYwd7fg= Subject key identifier: 77:54:4B:AE:4E:46:52:15:48:78:67:0C:62:47:3B:40:3F:5C:39:73 Certificate issuer: /CN=DE1F6F9FB84060C07A09BDD8E52EBA522E89AC72 Certificate serial: 1EA533BA7352CF290DD45F05F1BE103E4CA1F88D Authority key identifier: DE:1F:6F:9F:B8:40:60:C0:7A:09:BD:D8:E5:2E:BA:52:2E:89:AC:72 Authority info access: rsync://rpki-repo.registro.br/repo/nicbr_repo/1/DE1F6F9FB84060C07A09BDD8E52EBA522E89AC72.cer Subject info access: rsync://rpki-repo.registro.br/repo/3Z9nEQVcGsVG7sRCTkY2ZvvmDHhoE5ZgbjDKFqMFt7DF/0/AS28220.roa Signing time: Tue 16 Sep 2025 13:20:00 +0000 ROA not before: Tue 16 Sep 2025 13:15:00 +0000 ROA not after: Tue 15 Sep 2026 13:20:00 +0000 asID: 28220 IP address blocks: 138.122.236.0/22 maxlen: 24 186.219.152.0/21 maxlen: 21 187.18.212.0/22 maxlen: 22 187.110.208.0/20 maxlen: 20 187.110.208.0/24 maxlen: 24 187.110.209.0/24 maxlen: 24 191.6.80.0/21 maxlen: 21 191.6.80.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-repo.registro.br/repo/3Z9nEQVcGsVG7sRCTkY2ZvvmDHhoE5ZgbjDKFqMFt7DF/0/DE1F6F9FB84060C07A09BDD8E52EBA522E89AC72.crl rsync://rpki-repo.registro.br/repo/3Z9nEQVcGsVG7sRCTkY2ZvvmDHhoE5ZgbjDKFqMFt7DF/0/DE1F6F9FB84060C07A09BDD8E52EBA522E89AC72.mft rsync://rpki-repo.registro.br/repo/nicbr_repo/1/DE1F6F9FB84060C07A09BDD8E52EBA522E89AC72.cer rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer Signature path expires: Fri 19 Sep 2025 21:29:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:a5:33:ba:73:52:cf:29:0d:d4:5f:05:f1:be:10:3e:4c:a1:f8:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DE1F6F9FB84060C07A09BDD8E52EBA522E89AC72 Validity Not Before: Sep 16 13:15:00 2025 GMT Not After : Sep 15 13:20:00 2026 GMT Subject: CN=77544BAE4E4652154878670C62473B403F5C3973 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:e1:0e:cf:7d:98:71:a0:ce:f0:f7:43:dc:64: 0d:75:f9:48:e0:11:0a:06:5a:7d:fe:05:29:c4:7d: bc:28:03:01:9b:6e:2c:22:45:69:1a:23:d5:4a:e1: 03:09:b6:c1:31:d6:67:bf:e7:c9:77:3f:21:4d:4a: c4:b8:25:04:3a:42:83:43:b2:2a:48:79:73:cf:74: a3:dc:01:3b:4c:41:3a:c1:d9:c1:45:0d:e8:aa:92: 42:64:75:4b:8e:8e:6a:e9:c6:68:a9:fa:25:a3:ae: a5:1a:7d:e0:93:68:ac:fe:68:59:0e:b2:e7:33:96: 75:f3:09:2b:95:28:b3:65:79:29:6e:40:72:31:53: b1:70:bc:42:8a:98:7e:a5:22:a1:5b:2c:90:56:a7: 57:3f:0e:39:d7:7b:61:89:86:81:dd:fa:86:cd:cf: 40:02:88:9a:e6:54:40:1c:7c:0d:dd:be:3b:dd:b7: ae:3f:a4:36:47:d5:55:24:e9:5e:df:47:03:f1:05: 56:74:6f:cf:58:7c:27:b2:c4:3d:fc:80:fd:b2:b0: 90:bc:a6:82:a6:86:68:3e:af:ce:aa:ef:9b:ca:03: ef:07:d4:4e:de:10:49:7d:1e:25:85:03:b9:44:32: c9:97:2a:65:8d:c5:24:17:d1:6c:eb:09:a6:db:fc: fc:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:54:4B:AE:4E:46:52:15:48:78:67:0C:62:47:3B:40:3F:5C:39:73 X509v3 Authority Key Identifier: keyid:DE:1F:6F:9F:B8:40:60:C0:7A:09:BD:D8:E5:2E:BA:52:2E:89:AC:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repo.registro.br/repo/3Z9nEQVcGsVG7sRCTkY2ZvvmDHhoE5ZgbjDKFqMFt7DF/0/DE1F6F9FB84060C07A09BDD8E52EBA522E89AC72.crl Authority Information Access: CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/DE1F6F9FB84060C07A09BDD8E52EBA522E89AC72.cer Subject Information Access: Signed Object - URI:rsync://rpki-repo.registro.br/repo/3Z9nEQVcGsVG7sRCTkY2ZvvmDHhoE5ZgbjDKFqMFt7DF/0/AS28220.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.122.236.0/22 186.219.152.0/21 187.18.212.0/22 187.110.208.0/20 191.6.80.0/21 Signature Algorithm: sha256WithRSAEncryption 5e:85:3e:bf:d9:a9:27:ef:dd:31:ee:35:95:26:d6:15:93:ad: 3a:90:1f:89:04:60:37:15:cb:21:16:8d:6d:13:62:76:ae:96: 48:9b:a4:bf:78:b8:e2:e5:bc:70:dc:a6:8a:9d:49:a7:7b:43: 77:ec:79:82:f9:27:72:a5:ba:ff:2a:8e:c4:31:95:81:df:f9: 58:b3:e5:91:2b:7f:27:cb:7e:c0:e8:18:1f:06:10:37:04:e4: 83:56:1a:bd:22:72:07:b3:28:30:99:ce:fc:7e:ef:87:76:7f: 8b:29:f9:45:30:c8:cc:b1:86:fb:40:33:71:a2:6f:8c:f9:cd: 5d:51:0e:4b:a4:1b:a0:ca:99:1c:18:89:d8:a8:20:54:79:eb: 08:9b:e1:77:cb:3a:07:44:6c:d0:ed:51:bb:ec:14:58:38:12: 74:b5:12:56:3e:35:9f:77:e2:08:5f:70:74:d0:97:44:81:b1: 52:a5:1f:67:03:14:0e:20:43:c7:a1:38:82:f1:30:4c:9a:2c: 0a:16:bf:df:f9:4c:6b:6d:b7:ad:5e:d5:89:8a:f1:91:f8:bd: 94:6e:fb:5b:49:38:a8:3f:b3:ea:bc:62:c8:8b:35:a5:da:66: 77:8f:6c:9b:f7:81:e0:98:5d:7e:a9:9f:62:e6:64:b7:c4:74: 2f:08:cd:c0 -----BEGIN CERTIFICATE----- MIIFKTCCBBGgAwIBAgIUHqUzunNSzykN1F8F8b4QPkyh+I0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoREUxRjZGOUZCODQwNjBDMDdBMDlCREQ4RTUyRUJBNTIy RTg5QUM3MjAeFw0yNTA5MTYxMzE1MDBaFw0yNjA5MTUxMzIwMDBaMDMxMTAvBgNV BAMTKDc3NTQ0QkFFNEU0NjUyMTU0ODc4NjcwQzYyNDczQjQwM0Y1QzM5NzMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCn4Q7PfZhxoM7w90PcZA11+Ujg EQoGWn3+BSnEfbwoAwGbbiwiRWkaI9VK4QMJtsEx1me/58l3PyFNSsS4JQQ6QoND sipIeXPPdKPcATtMQTrB2cFFDeiqkkJkdUuOjmrpxmip+iWjrqUafeCTaKz+aFkO suczlnXzCSuVKLNleSluQHIxU7FwvEKKmH6lIqFbLJBWp1c/DjnXe2GJhoHd+obN z0ACiJrmVEAcfA3dvjvdt64/pDZH1VUk6V7fRwPxBVZ0b89YfCeyxD38gP2ysJC8 poKmhmg+r86q75vKA+8H1E7eEEl9HiWFA7lEMsmXKmWNxSQX0WzrCabb/PwRAgMB AAGjggIzMIICLzAdBgNVHQ4EFgQUd1RLrk5GUhVIeGcMYkc7QD9cOXMwHwYDVR0j BBgwFoAU3h9vn7hAYMB6Cb3Y5S66Ui6JrHIwDgYDVR0PAQH/BAQDAgeAMIGUBgNV HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy L3JlcG8vM1o5bkVRVmNHc1ZHN3NSQ1RrWTJadnZtREhob0U1WmdiakRLRnFNRnQ3 REYvMC9ERTFGNkY5RkI4NDA2MEMwN0EwOUJERDhFNTJFQkE1MjJFODlBQzcyLmNy bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0RFMUY2RjlGQjg0MDYwQzA3 QTA5QkREOEU1MkVCQTUyMkU4OUFDNzIuY2VyMHkGCCsGAQUFBwELBG0wazBpBggr BgEFBQcwC4ZdcnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby8zWjlu RVFWY0dzVkc3c1JDVGtZMlp2dm1ESGhvRTVaZ2JqREtGcU1GdDdERi8wL0FTMjgy MjAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBAKKeuwDBAO625gDBAK7EtQDBAS7btADBAO/BlAwDQYJKoZI hvcNAQELBQADggEBAF6FPr/ZqSfv3THuNZUm1hWTrTqQH4kEYDcVyyEWjW0TYnau lkibpL94uOLlvHDcpoqdSad7Q3fseYL5J3Kluv8qjsQxlYHf+Viz5ZErfyfLfsDo GB8GEDcE5INWGr0icgezKDCZzvx+74d2f4sp+UUwyMyxhvtAM3Gib4z5zV1RDkuk G6DKmRwYidioIFR56wib4XfLOgdEbNDtUbvsFFg4EnS1ElY+NZ934ghfcHTQl0SB sVKlH2cDFA4gQ8ehOILxMEyaLAoWv9/5TGttt61e1YmK8ZH4vZRu+1tJOKg/s+q8 YsiLNaXaZnePbJv3geCYXX6pn2LmZLfEdC8IzcA= -----END CERTIFICATE-----Generated at Fri Sep 19 02:55:21 2025 by rpki-client