Route Origin Authorization
$ rpki-client -vvf rpki-repo.registro.br/repo/673qYPSK2DWWjCBamWhNC7rgrqhCQPAjdGHSdCZn9V6o/1/AS52900.roa
File: AS52900.roa (raw, json)
Hash identifier: B3nMfrm6eNNX0nDaLhmu8vNcFtUNlHp28fJapu7Q/O0=
Subject key identifier: 64:98:14:74:4D:3A:E3:DA:50:01:39:25:FA:83:81:6A:CB:1B:B4:A8
Certificate issuer: /CN=5BE91475EB6C86AA40F3A13AA0C3C38DB9627BCD
Certificate serial: 2C84C4636148B294BA4DF268A9C21BA44A3BBDDE
Authority key identifier: 5B:E9:14:75:EB:6C:86:AA:40:F3:A1:3A:A0:C3:C3:8D:B9:62:7B:CD
Authority info access: rsync://rpki-repo.registro.br/repo/nicbr_repo/1/5BE91475EB6C86AA40F3A13AA0C3C38DB9627BCD.cer
Subject info access: rsync://rpki-repo.registro.br/repo/673qYPSK2DWWjCBamWhNC7rgrqhCQPAjdGHSdCZn9V6o/1/AS52900.roa
Signing time: Wed 12 Mar 2025 23:23:54 +0000
ROA not before: Wed 12 Mar 2025 23:18:54 +0000
ROA not after: Wed 11 Mar 2026 23:23:54 +0000
asID: 52900
IP address blocks: 131.221.252.0/22 maxlen: 24
138.186.52.0/22 maxlen: 24
186.251.156.0/22 maxlen: 24
2804:26c8::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:84:c4:63:61:48:b2:94:ba:4d:f2:68:a9:c2:1b:a4:4a:3b:bd:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5BE91475EB6C86AA40F3A13AA0C3C38DB9627BCD
Validity
Not Before: Mar 12 23:18:54 2025 GMT
Not After : Mar 11 23:23:54 2026 GMT
Subject: CN=649814744D3AE3DA50013925FA83816ACB1BB4A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:59:4f:25:57:a4:db:db:5d:86:84:4b:99:24:
7d:c8:15:d2:0c:b3:b0:5a:71:13:3d:6a:25:5c:35:
fe:54:49:a7:c4:36:cc:79:af:de:7e:6e:e7:e3:78:
09:fa:93:75:6e:06:81:5b:b2:30:71:48:ca:f0:c5:
03:64:2f:d4:15:8b:2c:e4:17:67:a8:0e:89:55:ad:
9a:e5:79:47:1a:7e:05:93:da:e9:83:64:ae:d8:03:
c8:2b:00:d0:71:2f:58:76:ef:05:f1:73:ca:a4:c2:
98:26:66:32:22:02:90:55:d7:25:25:4d:ae:0a:be:
d2:ca:b3:ce:95:fe:e2:87:0c:7a:9e:b2:f2:51:20:
b0:a3:c1:3a:73:7e:3b:d4:91:e0:18:b0:4a:9f:a5:
de:3a:c5:6c:d7:b2:a4:16:df:08:da:cd:9f:7c:eb:
89:fb:05:20:14:c8:e6:2c:89:e0:15:05:b1:c9:fb:
e8:03:18:f2:42:e9:75:08:97:77:f4:f0:d4:6d:85:
67:23:ee:4f:6a:18:a6:45:9f:ee:70:89:71:18:d5:
35:0c:84:63:54:d5:b6:b1:43:0f:3c:ab:11:58:80:
83:80:74:22:89:08:cc:ba:6d:57:e0:4d:45:79:4b:
90:b4:e5:74:b0:da:d6:d1:ae:7e:42:c6:78:57:eb:
a0:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:98:14:74:4D:3A:E3:DA:50:01:39:25:FA:83:81:6A:CB:1B:B4:A8
X509v3 Authority Key Identifier:
keyid:5B:E9:14:75:EB:6C:86:AA:40:F3:A1:3A:A0:C3:C3:8D:B9:62:7B:CD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-repo.registro.br/repo/673qYPSK2DWWjCBamWhNC7rgrqhCQPAjdGHSdCZn9V6o/1/5BE91475EB6C86AA40F3A13AA0C3C38DB9627BCD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/5BE91475EB6C86AA40F3A13AA0C3C38DB9627BCD.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-repo.registro.br/repo/673qYPSK2DWWjCBamWhNC7rgrqhCQPAjdGHSdCZn9V6o/1/AS52900.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.221.252.0/22
138.186.52.0/22
186.251.156.0/22
IPv6:
2804:26c8::/32
Signature Algorithm: sha256WithRSAEncryption
03:37:6d:9a:9d:f1:95:9d:f3:55:81:07:57:13:9d:5c:24:25:
34:59:54:43:1b:ae:c3:9b:96:46:2c:ec:f8:ca:b7:eb:34:1d:
e4:1f:0e:d7:c4:69:ed:84:54:24:6b:7e:51:e9:78:18:0a:00:
36:09:1d:48:a2:ab:15:00:85:f4:5c:aa:7c:bf:da:c5:de:38:
50:95:24:55:01:94:71:93:33:44:41:5c:de:f2:06:80:5d:b9:
fc:07:a2:e6:31:fc:bb:3e:14:75:8c:70:4d:a5:04:3a:b5:0e:
c1:b5:76:c7:55:7e:ce:ac:0d:5d:87:48:d3:2d:b6:27:83:9b:
66:64:72:1f:3d:80:db:22:ea:0e:0d:43:51:50:78:fd:f4:57:
99:38:ec:53:de:a5:07:1e:b0:f2:21:45:d6:7e:d8:07:6c:cc:
93:bd:44:f9:e9:29:db:f2:83:1d:91:98:12:f0:7a:e4:52:9a:
4d:73:4c:eb:12:60:d3:6a:71:4a:e4:a2:be:7c:5e:d9:22:76:
c2:05:8e:71:9d:03:45:55:a8:fa:52:e1:6d:07:4f:71:d0:b9:
34:39:30:28:9e:20:83:93:36:46:78:3d:97:64:f3:7c:78:b5:
50:93:6c:3d:d8:f2:aa:15:e7:03:a4:b7:cc:65:2d:9b:d7:14:
31:14:e5:18
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIULITEY2FIspS6TfJoqcIbpEo7vd4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNUJFOTE0NzVFQjZDODZBQTQwRjNBMTNBQTBDM0MzOERC
OTYyN0JDRDAeFw0yNTAzMTIyMzE4NTRaFw0yNjAzMTEyMzIzNTRaMDMxMTAvBgNV
BAMTKDY0OTgxNDc0NEQzQUUzREE1MDAxMzkyNUZBODM4MTZBQ0IxQkI0QTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJWU8lV6Tb212GhEuZJH3IFdIM
s7BacRM9aiVcNf5USafENsx5r95+bufjeAn6k3VuBoFbsjBxSMrwxQNkL9QViyzk
F2eoDolVrZrleUcafgWT2umDZK7YA8grANBxL1h27wXxc8qkwpgmZjIiApBV1yUl
Ta4KvtLKs86V/uKHDHqesvJRILCjwTpzfjvUkeAYsEqfpd46xWzXsqQW3wjazZ98
64n7BSAUyOYsieAVBbHJ++gDGPJC6XUIl3f08NRthWcj7k9qGKZFn+5wiXEY1TUM
hGNU1baxQw88qxFYgIOAdCKJCMy6bVfgTUV5S5C05XSw2tbRrn5CxnhX66CXAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUZJgUdE0649pQATkl+oOBassbtKgwHwYDVR0j
BBgwFoAUW+kUdetshqpA86E6oMPDjblie80wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNjczcVlQU0syRFdXakNCYW1XaE5DN3JncnFoQ1FQQWpkR0hTZENabjlW
Nm8vMS81QkU5MTQ3NUVCNkM4NkFBNDBGM0ExM0FBMEMzQzM4REI5NjI3QkNELmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzVCRTkxNDc1RUI2Qzg2QUE0
MEYzQTEzQUEwQzNDMzhEQjk2MjdCQ0QuY2VyMHkGCCsGAQUFBwELBG0wazBpBggr
BgEFBQcwC4ZdcnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby82NzNx
WVBTSzJEV1dqQ0JhbVdoTkM3cmdycWhDUVBBamRHSFNkQ1puOVY2by8xL0FTNTI5
MDAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAKD3fwDBAKKujQDBAK6+5wwDQQCAAIwBwMFACgEJsgwDQYJ
KoZIhvcNAQELBQADggEBAAM3bZqd8ZWd81WBB1cTnVwkJTRZVEMbrsOblkYs7PjK
t+s0HeQfDtfEae2EVCRrflHpeBgKADYJHUiiqxUAhfRcqny/2sXeOFCVJFUBlHGT
M0RBXN7yBoBdufwHouYx/Ls+FHWMcE2lBDq1DsG1dsdVfs6sDV2HSNMttieDm2Zk
ch89gNsi6g4NQ1FQeP30V5k47FPepQcesPIhRdZ+2AdszJO9RPnpKdvygx2RmBLw
euRSmk1zTOsSYNNqcUrkor58XtkidsIFjnGdA0VVqPpS4W0HT3HQuTQ5MCieIIOT
NkZ4PZdk83x4tVCTbD3Y8qoV5wOkt8xlLZvXFDEU5Rg=
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:30:57 2025 by rpki-client