$ rpki-client -vvf rpki-repo.registro.br/repo/3Z9nEQVcGsVG7sRCTkY2ZvvmDHhoE5ZgbjDKFqMFt7DF/0/AS28270.roa File: AS28270.roa (raw, json) Hash identifier: uGHkRPishqbsJJ54+ugErw9R72HvNLzUbFhVrAbllrQ= Subject key identifier: 3A:EE:35:D4:68:C7:87:44:51:F1:ED:B6:21:DF:7F:EB:6B:AE:40:2E Certificate issuer: /CN=DE1F6F9FB84060C07A09BDD8E52EBA522E89AC72 Certificate serial: 407863DF461CE3E96DCDF97FC0A0627D88AE6009 Authority key identifier: DE:1F:6F:9F:B8:40:60:C0:7A:09:BD:D8:E5:2E:BA:52:2E:89:AC:72 Authority info access: rsync://rpki-repo.registro.br/repo/nicbr_repo/1/DE1F6F9FB84060C07A09BDD8E52EBA522E89AC72.cer Subject info access: rsync://rpki-repo.registro.br/repo/3Z9nEQVcGsVG7sRCTkY2ZvvmDHhoE5ZgbjDKFqMFt7DF/0/AS28270.roa Signing time: Thu 07 Nov 2024 21:01:08 +0000 ROA not before: Thu 07 Nov 2024 20:56:08 +0000 ROA not after: Thu 06 Nov 2025 21:01:08 +0000 asID: 28270 IP address blocks: 131.196.76.0/22 maxlen: 22 131.196.76.0/23 maxlen: 23 131.196.78.0/23 maxlen: 23 131.221.68.0/22 maxlen: 22 138.117.124.0/22 maxlen: 22 138.121.220.0/22 maxlen: 22 138.121.220.0/24 maxlen: 24 138.122.236.0/22 maxlen: 22 138.122.236.0/24 maxlen: 24 138.122.237.0/24 maxlen: 24 143.255.112.0/22 maxlen: 22 160.238.220.0/22 maxlen: 22 168.121.52.0/22 maxlen: 22 168.121.52.0/24 maxlen: 24 168.121.53.0/24 maxlen: 24 168.121.54.0/24 maxlen: 24 168.121.55.0/24 maxlen: 24 168.227.44.0/22 maxlen: 22 168.228.128.0/22 maxlen: 22 168.232.116.0/22 maxlen: 22 170.0.204.0/22 maxlen: 22 170.245.100.0/22 maxlen: 22 170.247.52.0/22 maxlen: 22 170.247.52.0/24 maxlen: 24 177.66.64.0/21 maxlen: 21 177.67.0.0/21 maxlen: 21 177.67.1.0/24 maxlen: 24 177.67.2.0/24 maxlen: 24 177.67.3.0/24 maxlen: 24 177.67.4.0/22 maxlen: 22 177.67.4.0/24 maxlen: 24 177.67.5.0/24 maxlen: 24 177.67.6.0/24 maxlen: 24 177.67.7.0/24 maxlen: 24 177.70.128.0/20 maxlen: 20 177.75.192.0/19 maxlen: 19 177.75.192.0/20 maxlen: 20 177.75.208.0/20 maxlen: 20 177.87.144.0/21 maxlen: 21 177.130.192.0/19 maxlen: 19 179.191.128.0/19 maxlen: 19 179.191.128.0/20 maxlen: 20 179.191.144.0/20 maxlen: 20 186.219.144.0/20 maxlen: 20 186.219.148.0/24 maxlen: 24 186.219.149.0/24 maxlen: 24 186.219.150.0/24 maxlen: 24 186.219.151.0/24 maxlen: 24 186.219.152.0/21 maxlen: 21 186.233.72.0/21 maxlen: 21 187.18.128.0/17 maxlen: 17 187.108.96.0/20 maxlen: 20 187.108.111.0/24 maxlen: 24 187.110.208.0/20 maxlen: 20 189.45.64.0/18 maxlen: 18 189.50.144.0/20 maxlen: 20 191.6.80.0/21 maxlen: 21 200.94.240.0/22 maxlen: 22 201.149.120.0/22 maxlen: 22 2804:880::/32 maxlen: 32 2804:880:fc00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-repo.registro.br/repo/3Z9nEQVcGsVG7sRCTkY2ZvvmDHhoE5ZgbjDKFqMFt7DF/0/DE1F6F9FB84060C07A09BDD8E52EBA522E89AC72.crl rsync://rpki-repo.registro.br/repo/3Z9nEQVcGsVG7sRCTkY2ZvvmDHhoE5ZgbjDKFqMFt7DF/0/DE1F6F9FB84060C07A09BDD8E52EBA522E89AC72.mft rsync://rpki-repo.registro.br/repo/nicbr_repo/1/DE1F6F9FB84060C07A09BDD8E52EBA522E89AC72.cer rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer Signature path expires: Tue 26 Nov 2024 09:17:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:78:63:df:46:1c:e3:e9:6d:cd:f9:7f:c0:a0:62:7d:88:ae:60:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DE1F6F9FB84060C07A09BDD8E52EBA522E89AC72 Validity Not Before: Nov 7 20:56:08 2024 GMT Not After : Nov 6 21:01:08 2025 GMT Subject: CN=3AEE35D468C7874451F1EDB621DF7FEB6BAE402E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:56:94:5d:c5:55:07:b7:74:66:1e:3a:03:8b: aa:c5:c1:95:e5:7b:80:38:65:98:30:a0:25:3c:94: e2:70:8d:18:4c:6c:4e:37:4e:dc:17:d3:81:3e:fd: 5b:53:9e:a4:b0:bd:0a:d7:11:d3:ed:96:98:22:b4: da:aa:e6:52:b7:21:cf:b2:af:98:49:68:0a:94:8c: 66:f1:12:0f:9a:02:3b:6f:3a:da:05:78:34:24:12: cd:27:05:7a:86:dd:b6:9d:39:26:50:99:a9:2c:58: 61:d3:08:d7:d3:57:94:80:17:b5:b6:84:0f:1e:5f: 39:ee:b4:27:04:1a:3b:44:63:17:08:b2:51:92:9b: c2:86:9e:c3:b4:78:bd:8a:e1:ee:c7:2b:5b:8f:e2: 1c:80:51:33:22:44:3b:67:ef:a6:fb:c4:01:61:a2: 61:c9:97:3b:68:2c:0a:a7:44:a1:30:70:87:4c:e1: de:f8:38:a2:71:bf:0f:ea:01:de:3d:60:c8:30:4b: 41:bc:d0:1d:18:a7:c7:18:e1:ec:33:c9:f0:8c:fa: 62:51:5a:d7:b0:a1:9c:aa:39:de:c1:98:e8:2f:5b: 48:54:72:d1:50:36:0d:6d:b2:ed:06:7f:0c:b6:c2: 55:2a:bd:0b:ea:d5:77:70:3d:77:6e:46:d4:34:1f: 40:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:EE:35:D4:68:C7:87:44:51:F1:ED:B6:21:DF:7F:EB:6B:AE:40:2E X509v3 Authority Key Identifier: keyid:DE:1F:6F:9F:B8:40:60:C0:7A:09:BD:D8:E5:2E:BA:52:2E:89:AC:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repo.registro.br/repo/3Z9nEQVcGsVG7sRCTkY2ZvvmDHhoE5ZgbjDKFqMFt7DF/0/DE1F6F9FB84060C07A09BDD8E52EBA522E89AC72.crl Authority Information Access: CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/DE1F6F9FB84060C07A09BDD8E52EBA522E89AC72.cer Subject Information Access: Signed Object - URI:rsync://rpki-repo.registro.br/repo/3Z9nEQVcGsVG7sRCTkY2ZvvmDHhoE5ZgbjDKFqMFt7DF/0/AS28270.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 131.196.76.0/22 131.221.68.0/22 138.117.124.0/22 138.121.220.0/22 138.122.236.0/22 143.255.112.0/22 160.238.220.0/22 168.121.52.0/22 168.227.44.0/22 168.228.128.0/22 168.232.116.0/22 170.0.204.0/22 170.245.100.0/22 170.247.52.0/22 177.66.64.0/21 177.67.0.0/21 177.70.128.0/20 177.75.192.0/19 177.87.144.0/21 177.130.192.0/19 179.191.128.0/19 186.219.144.0/20 186.233.72.0/21 187.18.128.0/17 187.108.96.0/20 187.110.208.0/20 189.45.64.0/18 189.50.144.0/20 191.6.80.0/21 200.94.240.0/22 201.149.120.0/22 IPv6: 2804:880::/32 Signature Algorithm: sha256WithRSAEncryption 31:bb:85:f3:b0:3a:ed:49:7d:3f:ca:1c:4d:43:4e:ee:e3:33: 26:b9:dd:47:23:5d:0e:ec:43:f5:05:6a:6b:82:9e:6a:f3:23: 45:2b:02:44:34:3a:e2:22:7b:86:3e:d0:4b:0c:5f:5b:96:4c: cc:73:94:02:fa:4c:48:4a:ae:fc:66:81:d8:a8:3d:c5:36:bb: 5b:ca:c1:3b:d1:41:44:08:e4:da:84:90:78:6d:ea:60:42:28: a2:d5:f6:63:8b:5e:09:a4:60:b2:79:20:93:93:ae:4b:f7:a9: e0:2a:b3:97:ee:b6:a7:22:0c:05:56:05:27:35:31:cc:31:0e: 6d:fb:21:42:37:72:46:b4:b8:41:9c:14:8b:7f:96:cb:e1:ac: cf:49:c9:52:71:b2:ee:b5:53:a7:56:4b:6c:3f:32:fe:25:a8: bf:93:8e:f3:f2:2a:0d:0d:61:d7:f2:28:ed:3f:38:36:5e:6e: f1:b0:97:f1:3e:22:df:fe:39:5a:b3:5e:75:3c:87:dc:2e:bd: 8f:8a:30:62:04:a2:19:02:97:8b:bf:1b:0a:52:69:ae:62:39: f9:7e:11:61:2c:1f:de:ed:00:43:a6:29:f0:44:23:2d:fb:5d: 95:0b:c8:2b:b2:1e:33:75:d9:89:3a:41:d4:13:a2:79:97:a2: e1:de:d7:22 -----BEGIN CERTIFICATE----- MIIF2TCCBMGgAwIBAgIUQHhj30Yc4+ltzfl/wKBifYiuYAkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoREUxRjZGOUZCODQwNjBDMDdBMDlCREQ4RTUyRUJBNTIy RTg5QUM3MjAeFw0yNDExMDcyMDU2MDhaFw0yNTExMDYyMTAxMDhaMDMxMTAvBgNV BAMTKDNBRUUzNUQ0NjhDNzg3NDQ1MUYxRURCNjIxREY3RkVCNkJBRTQwMkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyVpRdxVUHt3RmHjoDi6rFwZXl e4A4ZZgwoCU8lOJwjRhMbE43TtwX04E+/VtTnqSwvQrXEdPtlpgitNqq5lK3Ic+y r5hJaAqUjGbxEg+aAjtvOtoFeDQkEs0nBXqG3badOSZQmaksWGHTCNfTV5SAF7W2 hA8eXznutCcEGjtEYxcIslGSm8KGnsO0eL2K4e7HK1uP4hyAUTMiRDtn76b7xAFh omHJlztoLAqnRKEwcIdM4d74OKJxvw/qAd49YMgwS0G80B0Yp8cY4ewzyfCM+mJR WtewoZyqOd7BmOgvW0hUctFQNg1tsu0Gfwy2wlUqvQvq1XdwPXduRtQ0H0A3AgMB AAGjggLjMIIC3zAdBgNVHQ4EFgQUOu411GjHh0RR8e22Id9/62uuQC4wHwYDVR0j BBgwFoAU3h9vn7hAYMB6Cb3Y5S66Ui6JrHIwDgYDVR0PAQH/BAQDAgeAMIGUBgNV HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy L3JlcG8vM1o5bkVRVmNHc1ZHN3NSQ1RrWTJadnZtREhob0U1WmdiakRLRnFNRnQ3 REYvMC9ERTFGNkY5RkI4NDA2MEMwN0EwOUJERDhFNTJFQkE1MjJFODlBQzcyLmNy bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0RFMUY2RjlGQjg0MDYwQzA3 QTA5QkREOEU1MkVCQTUyMkU4OUFDNzIuY2VyMHkGCCsGAQUFBwELBG0wazBpBggr BgEFBQcwC4ZdcnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby8zWjlu RVFWY0dzVkc3c1JDVGtZMlp2dm1ESGhvRTVaZ2JqREtGcU1GdDdERi8wL0FTMjgy NzAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwgeYGCCsGAQUFBwEHAQH/ BIHWMIHTMIHBBAIAATCBugMEAoPETAMEAoPdRAMEAop1fAMEAop53AMEAop67AME Ao//cAMEAqDu3AMEAqh5NAMEAqjjLAMEAqjkgAMEAqjodAMEAqoAzAMEAqr1ZAME Aqr3NAMEA7FCQAMEA7FDAAMEBLFGgAMEBbFLwAMEA7FXkAMEBbGCwAMEBbO/gAME BLrbkAMEA7rpSAMEB7sSgAMEBLtsYAMEBLtu0AMEBr0tQAMEBL0ykAMEA78GUAME Ashe8AMEAsmVeDANBAIAAjAHAwUAKAQIgDANBgkqhkiG9w0BAQsFAAOCAQEAMbuF 87A67Ul9P8ocTUNO7uMzJrndRyNdDuxD9QVqa4KeavMjRSsCRDQ64iJ7hj7QSwxf W5ZMzHOUAvpMSEqu/GaB2Kg9xTa7W8rBO9FBRAjk2oSQeG3qYEIootX2Y4teCaRg snkgk5OuS/ep4Cqzl+62pyIMBVYFJzUxzDEObfshQjdyRrS4QZwUi3+Wy+Gsz0nJ UnGy7rVTp1ZLbD8y/iWov5OO8/IqDQ1h1/Io7T84Nl5u8bCX8T4i3/45WrNedTyH 3C69j4owYgSiGQKXi78bClJprmI5+X4RYSwf3u0AQ6Yp8EQjLftdlQvIK7IeM3XZ iTpB1BOieZei4d7XIg== -----END CERTIFICATE-----Generated at Mon Nov 25 10:55:45 2024 by rpki-client on console-ams.rpki-client.org