Route Origin Authorization
$ rpki-client -vvf rpki-repo.registro.br/repo/8BSpKFdDs59rRBXdeJxaWDsC73yZpPfcseczZSeiRAbN/1/3137302e3135302e3133362e302f32322d3232203d3e20323635303431.roa
File: 3137302e3135302e3133362e302f32322d3232203d3e20323635303431.roa (raw, json)
Hash identifier: d5GtxArHR4ZxZXq5j44i8V+WO7oiiG1JHaQ7B6JP0Gk=
Subject key identifier: 7E:E6:D1:41:0E:54:6C:67:9A:8B:01:1F:45:F3:71:2A:2D:2F:41:95
Certificate issuer: /CN=A7BC3BDBC28771E23B6A3AF8FBD3664AC4C0ECBF
Certificate serial: 7A9B67353BD4C985E5BB029BD69ADDC66B737E6C
Authority key identifier: A7:BC:3B:DB:C2:87:71:E2:3B:6A:3A:F8:FB:D3:66:4A:C4:C0:EC:BF
Authority info access: rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A7BC3BDBC28771E23B6A3AF8FBD3664AC4C0ECBF.cer
Subject info access: rsync://rpki-repo.registro.br/repo/8BSpKFdDs59rRBXdeJxaWDsC73yZpPfcseczZSeiRAbN/1/3137302e3135302e3133362e302f32322d3232203d3e20323635303431.roa
Signing time: Thu 06 Mar 2025 16:52:49 +0000
ROA not before: Thu 06 Mar 2025 16:47:49 +0000
ROA not after: Thu 05 Mar 2026 16:52:49 +0000
asID: 265041
IP address blocks: 170.150.136.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-repo.registro.br/repo/8BSpKFdDs59rRBXdeJxaWDsC73yZpPfcseczZSeiRAbN/1/A7BC3BDBC28771E23B6A3AF8FBD3664AC4C0ECBF.crl
rsync://rpki-repo.registro.br/repo/8BSpKFdDs59rRBXdeJxaWDsC73yZpPfcseczZSeiRAbN/1/A7BC3BDBC28771E23B6A3AF8FBD3664AC4C0ECBF.mft
rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A7BC3BDBC28771E23B6A3AF8FBD3664AC4C0ECBF.cer
rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires: Fri 11 Apr 2025 07:59:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:9b:67:35:3b:d4:c9:85:e5:bb:02:9b:d6:9a:dd:c6:6b:73:7e:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A7BC3BDBC28771E23B6A3AF8FBD3664AC4C0ECBF
Validity
Not Before: Mar 6 16:47:49 2025 GMT
Not After : Mar 5 16:52:49 2026 GMT
Subject: CN=7EE6D1410E546C679A8B011F45F3712A2D2F4195
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:21:3b:5d:6a:cf:b5:cf:c9:1f:b0:c1:c1:f3:
7c:96:63:e2:2a:a0:33:2f:39:f6:5e:4e:cf:5e:45:
f7:c8:8a:2b:80:85:f0:6e:bc:50:0d:13:d4:47:8d:
84:c5:d5:79:4e:0f:d0:06:f1:ae:2e:93:6f:b5:c3:
cb:33:5b:1b:b8:91:a3:18:54:9c:6c:62:2c:f5:ac:
23:81:30:ad:da:e6:1f:e1:80:66:b9:7d:44:12:66:
ae:40:a5:1c:31:b2:b6:bd:f2:fb:01:db:c7:e2:45:
88:01:c2:13:0c:8a:fd:77:d5:43:09:a0:f4:a2:35:
5c:4d:b5:82:a0:d1:a0:a1:90:3d:ab:84:fa:89:a9:
ea:0c:1a:cb:6d:c6:0d:92:0e:de:b1:ef:68:d2:76:
05:03:38:38:d1:42:66:94:61:67:e6:91:65:42:e3:
c4:29:fc:3f:c4:b5:a6:1a:34:e3:a5:b4:45:f4:ac:
79:fe:14:b7:7c:6c:e5:e7:6b:75:26:9b:cc:a3:94:
c1:b6:cf:ec:9e:e4:a3:89:23:29:2b:3a:e0:73:a0:
e7:71:65:4d:2d:02:14:44:c6:8c:45:18:18:14:b9:
01:4b:a0:4e:d0:90:f0:ba:ad:20:27:a7:5a:7b:bb:
e0:15:b6:f5:11:ca:cb:be:38:4c:65:28:f0:b6:18:
72:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:E6:D1:41:0E:54:6C:67:9A:8B:01:1F:45:F3:71:2A:2D:2F:41:95
X509v3 Authority Key Identifier:
keyid:A7:BC:3B:DB:C2:87:71:E2:3B:6A:3A:F8:FB:D3:66:4A:C4:C0:EC:BF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-repo.registro.br/repo/8BSpKFdDs59rRBXdeJxaWDsC73yZpPfcseczZSeiRAbN/1/A7BC3BDBC28771E23B6A3AF8FBD3664AC4C0ECBF.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A7BC3BDBC28771E23B6A3AF8FBD3664AC4C0ECBF.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-repo.registro.br/repo/8BSpKFdDs59rRBXdeJxaWDsC73yZpPfcseczZSeiRAbN/1/3137302e3135302e3133362e302f32322d3232203d3e20323635303431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.150.136.0/22
Signature Algorithm: sha256WithRSAEncryption
59:18:be:d2:a4:ec:67:99:29:6a:26:64:09:7d:08:dd:50:f1:
20:b5:8a:d2:6e:f9:c3:88:5f:ee:4b:14:7a:b2:dc:d7:00:a4:
0e:aa:30:c8:fa:64:50:60:45:d4:04:9b:e1:9e:84:e2:52:62:
9d:9a:61:46:4d:d7:93:5e:25:f7:81:b3:6c:f1:bf:92:39:e1:
63:a5:bc:c7:40:6f:6e:90:3a:75:38:58:cd:d3:f6:80:e2:d9:
9c:20:dc:21:31:63:03:ad:ed:64:29:01:4b:c2:21:53:78:7a:
14:1b:81:59:84:6b:f7:9a:cd:3b:a1:9a:ca:89:b5:0c:cf:d3:
c6:1f:9f:a8:90:3a:2d:e8:0d:c6:0c:9a:3c:ba:8a:61:cd:2b:
cf:bf:34:5c:ab:7e:37:43:75:20:6a:b2:d8:6a:fd:bd:2a:75:
cc:85:65:1d:17:a1:43:8c:6f:89:3d:ac:0a:97:bc:17:91:52:
58:5d:c3:69:b4:4e:b8:e0:1b:71:34:90:cc:39:5b:ef:b6:29:
6f:c1:77:d3:a4:32:1b:04:54:ee:54:fe:94:95:fc:42:5b:b5:
9a:de:0a:03:e9:a6:a3:f4:62:05:ef:43:2f:fe:09:42:bc:75:
88:a8:dd:f2:be:a9:f2:f4:f4:5d:2f:fe:94:0e:70:46:52:12:
bf:60:b5:5c
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUeptnNTvUyYXluwKb1prdxmtzfmwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTdCQzNCREJDMjg3NzFFMjNCNkEzQUY4RkJEMzY2NEFD
NEMwRUNCRjAeFw0yNTAzMDYxNjQ3NDlaFw0yNjAzMDUxNjUyNDlaMDMxMTAvBgNV
BAMTKDdFRTZEMTQxMEU1NDZDNjc5QThCMDExRjQ1RjM3MTJBMkQyRjQxOTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhITtdas+1z8kfsMHB83yWY+Iq
oDMvOfZeTs9eRffIiiuAhfBuvFANE9RHjYTF1XlOD9AG8a4uk2+1w8szWxu4kaMY
VJxsYiz1rCOBMK3a5h/hgGa5fUQSZq5ApRwxsra98vsB28fiRYgBwhMMiv131UMJ
oPSiNVxNtYKg0aChkD2rhPqJqeoMGsttxg2SDt6x72jSdgUDODjRQmaUYWfmkWVC
48Qp/D/EtaYaNOOltEX0rHn+FLd8bOXna3Umm8yjlMG2z+ye5KOJIykrOuBzoOdx
ZU0tAhRExoxFGBgUuQFLoE7QkPC6rSAnp1p7u+AVtvURysu+OExlKPC2GHIrAgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUfubRQQ5UbGeaiwEfRfNxKi0vQZUwHwYDVR0j
BBgwFoAUp7w728KHceI7ajr4+9NmSsTA7L8wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOEJTcEtGZERzNTlyUkJYZGVKeGFXRHNDNzN5WnBQZmNzZWN6WlNlaVJB
Yk4vMS9BN0JDM0JEQkMyODc3MUUyM0I2QTNBRjhGQkQzNjY0QUM0QzBFQ0JGLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0E3QkMzQkRCQzI4NzcxRTIz
QjZBM0FGOEZCRDM2NjRBQzRDMEVDQkYuY2VyMIGwBggrBgEFBQcBCwSBozCBoDCB
nQYIKwYBBQUHMAuGgZByc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzhCU3BLRmREczU5clJCWGRlSnhhV0RzQzczeVpwUGZjc2VjelpTZWlSQWJOLzEv
MzEzNzMwMmUzMTM1MzAyZTMxMzMzNjJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMy
MzYzNTMwMzQzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAqqWiDANBgkqhkiG9w0BAQsFAAOCAQEAWRi+
0qTsZ5kpaiZkCX0I3VDxILWK0m75w4hf7ksUerLc1wCkDqowyPpkUGBF1ASb4Z6E
4lJinZphRk3Xk14l94GzbPG/kjnhY6W8x0BvbpA6dThYzdP2gOLZnCDcITFjA63t
ZCkBS8IhU3h6FBuBWYRr95rNO6Gayom1DM/Txh+fqJA6LegNxgyaPLqKYc0rz780
XKt+N0N1IGqy2Gr9vSp1zIVlHRehQ4xviT2sCpe8F5FSWF3DabROuOAbcTSQzDlb
77Ypb8F306QyGwRU7lT+lJX8Qlu1mt4KA+mmo/RiBe9DL/4JQrx1iKjd8r6p8vT0
XS/+lA5wRlISv2C1XA==
-----END CERTIFICATE-----
Generated at Thu Apr 10 12:34:39 2025 by rpki-client