$ rpki-client -vvf rpki-repo.registro.br/repo/9QfxRrthEWwm1w7YSfYE9Wd641V1naXdkuKkAtC8qgaV/1/AS28294.roa File: AS28294.roa (raw, json) Hash identifier: iigjprHjYe3hSAskm6Eldo69snNF1NgYQiVLqG/V0v8= Subject key identifier: 65:9C:AD:6F:B9:48:BF:1E:C9:19:06:8A:B3:26:E4:83:93:5C:0F:E5 Certificate issuer: /CN=A61CAB65BADAD75FF49CF8CE54AE757371D1C4AA Certificate serial: 22C5F3BEB2FACB6A1BB4D4E63B08B89EBCF59B0A Authority key identifier: A6:1C:AB:65:BA:DA:D7:5F:F4:9C:F8:CE:54:AE:75:73:71:D1:C4:AA Authority info access: rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A61CAB65BADAD75FF49CF8CE54AE757371D1C4AA.cer Subject info access: rsync://rpki-repo.registro.br/repo/9QfxRrthEWwm1w7YSfYE9Wd641V1naXdkuKkAtC8qgaV/1/AS28294.roa Signing time: Fri 12 Sep 2025 12:42:27 +0000 ROA not before: Fri 12 Sep 2025 12:37:27 +0000 ROA not after: Fri 11 Sep 2026 12:42:27 +0000 asID: 28294 IP address blocks: 131.72.84.0/22 maxlen: 24 138.36.88.0/22 maxlen: 24 138.204.208.0/22 maxlen: 24 168.181.0.0/22 maxlen: 24 168.194.92.0/22 maxlen: 24 170.246.140.0/22 maxlen: 24 177.221.0.0/19 maxlen: 24 179.107.192.0/19 maxlen: 24 186.226.128.0/23 maxlen: 24 186.226.128.0/24 maxlen: 24 186.226.136.0/23 maxlen: 23 186.226.138.0/23 maxlen: 24 186.226.140.0/24 maxlen: 24 186.226.141.0/24 maxlen: 24 186.226.142.0/23 maxlen: 23 189.36.144.0/20 maxlen: 24 2804:b4::/32 maxlen: 48 2804:b4:2000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-repo.registro.br/repo/9QfxRrthEWwm1w7YSfYE9Wd641V1naXdkuKkAtC8qgaV/1/A61CAB65BADAD75FF49CF8CE54AE757371D1C4AA.crl rsync://rpki-repo.registro.br/repo/9QfxRrthEWwm1w7YSfYE9Wd641V1naXdkuKkAtC8qgaV/1/A61CAB65BADAD75FF49CF8CE54AE757371D1C4AA.mft rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A61CAB65BADAD75FF49CF8CE54AE757371D1C4AA.cer rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer Signature path expires: Fri 19 Sep 2025 13:36:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:c5:f3:be:b2:fa:cb:6a:1b:b4:d4:e6:3b:08:b8:9e:bc:f5:9b:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A61CAB65BADAD75FF49CF8CE54AE757371D1C4AA Validity Not Before: Sep 12 12:37:27 2025 GMT Not After : Sep 11 12:42:27 2026 GMT Subject: CN=659CAD6FB948BF1EC919068AB326E483935C0FE5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:22:a0:14:0c:26:96:73:ee:e5:ff:49:78:5e: be:4e:1a:a5:e5:35:ac:0b:a3:dd:e3:da:4a:1a:e4: 86:fa:bc:d0:11:28:f6:e7:b4:7c:7e:88:3e:81:5c: 0f:e1:4d:e8:ef:48:28:ed:5a:27:c7:b6:0f:51:e7: f7:bf:8e:45:b5:de:7a:ff:06:a4:98:fb:83:ec:a1: 51:fc:70:d5:b3:7e:80:7b:31:a0:c8:69:87:91:31: 0f:b1:51:5a:ed:e2:35:64:1a:d5:5f:d6:ec:4a:90: 54:d9:b1:87:1b:1e:fe:68:65:2b:5d:c2:e6:3e:5e: fe:0d:06:66:ee:dd:32:c3:4c:3f:59:26:4b:67:8a: 5d:e7:4c:d4:04:33:1a:d5:33:78:ee:75:bc:90:8a: d4:dd:1d:30:9c:07:2e:fe:c8:d3:cc:ae:87:39:17: b1:ea:80:f2:83:41:36:17:77:f5:26:46:8f:87:31: 87:c5:b4:9b:85:15:d5:bc:91:50:80:cf:a2:fb:46: b4:82:b1:e1:ec:82:89:5d:28:78:61:a9:c4:ac:dc: db:89:6b:11:a9:b5:7f:74:df:6e:29:7b:0b:91:3a: 22:ea:c9:09:97:69:06:2c:1e:a0:67:bd:5e:71:0c: 01:40:1b:a0:29:74:97:76:0d:28:fa:3f:61:97:19: af:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:9C:AD:6F:B9:48:BF:1E:C9:19:06:8A:B3:26:E4:83:93:5C:0F:E5 X509v3 Authority Key Identifier: keyid:A6:1C:AB:65:BA:DA:D7:5F:F4:9C:F8:CE:54:AE:75:73:71:D1:C4:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repo.registro.br/repo/9QfxRrthEWwm1w7YSfYE9Wd641V1naXdkuKkAtC8qgaV/1/A61CAB65BADAD75FF49CF8CE54AE757371D1C4AA.crl Authority Information Access: CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A61CAB65BADAD75FF49CF8CE54AE757371D1C4AA.cer Subject Information Access: Signed Object - URI:rsync://rpki-repo.registro.br/repo/9QfxRrthEWwm1w7YSfYE9Wd641V1naXdkuKkAtC8qgaV/1/AS28294.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 131.72.84.0/22 138.36.88.0/22 138.204.208.0/22 168.181.0.0/22 168.194.92.0/22 170.246.140.0/22 177.221.0.0/19 179.107.192.0/19 186.226.128.0/23 186.226.136.0/21 189.36.144.0/20 IPv6: 2804:b4::/32 Signature Algorithm: sha256WithRSAEncryption d3:e2:57:1e:a1:da:0b:f1:13:8e:73:cc:2a:ed:92:ae:55:5d: 26:3b:c9:86:08:b9:7b:a7:48:1a:9f:05:75:eb:bd:58:86:8e: 09:25:29:d9:93:e9:1b:fc:d5:c9:c4:78:89:97:60:cd:71:5d: a3:20:3b:0b:32:a1:1b:8d:87:ca:00:66:10:e1:79:73:8f:a0: 2f:d0:ce:63:ec:cf:34:91:cd:13:73:42:3b:cf:bf:dd:9a:b3: a0:fe:a1:57:0a:bf:dd:95:30:7e:d0:96:1a:d6:53:ae:29:c3: 39:ae:bc:d7:90:2f:29:57:a0:36:70:4b:9d:7d:a7:45:f5:e6: 61:5c:b0:72:7f:ac:9c:ae:1d:b7:a5:ce:ea:72:ce:10:ee:a8: cf:47:6d:88:44:78:63:8f:77:e9:fd:ae:39:8b:01:f1:72:5f: 1d:c4:29:9a:95:af:cc:24:89:1d:47:49:a1:ae:1b:83:41:6d: d4:6d:7d:53:99:10:28:8b:13:89:28:26:87:23:10:09:ee:96: 5d:5f:e3:93:a8:dc:43:25:6d:57:44:2b:63:b6:a1:8e:e4:f9: 18:d1:27:94:d5:f6:f6:32:0e:e5:e4:9c:fe:17:b2:9d:43:71: e5:42:87:54:4e:08:e8:e6:be:a0:2d:f2:b8:81:1a:34:5a:2b: 17:ff:17:73 -----BEGIN CERTIFICATE----- MIIFXDCCBESgAwIBAgIUIsXzvrL6y2obtNTmOwi4nrz1mwowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQTYxQ0FCNjVCQURBRDc1RkY0OUNGOENFNTRBRTc1NzM3 MUQxQzRBQTAeFw0yNTA5MTIxMjM3MjdaFw0yNjA5MTExMjQyMjdaMDMxMTAvBgNV BAMTKDY1OUNBRDZGQjk0OEJGMUVDOTE5MDY4QUIzMjZFNDgzOTM1QzBGRTUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlIqAUDCaWc+7l/0l4Xr5OGqXl NawLo93j2koa5Ib6vNARKPbntHx+iD6BXA/hTejvSCjtWifHtg9R5/e/jkW13nr/ BqSY+4PsoVH8cNWzfoB7MaDIaYeRMQ+xUVrt4jVkGtVf1uxKkFTZsYcbHv5oZStd wuY+Xv4NBmbu3TLDTD9ZJktnil3nTNQEMxrVM3judbyQitTdHTCcBy7+yNPMroc5 F7HqgPKDQTYXd/UmRo+HMYfFtJuFFdW8kVCAz6L7RrSCseHsgoldKHhhqcSs3NuJ axGptX90324pewuROiLqyQmXaQYsHqBnvV5xDAFAG6ApdJd2DSj6P2GXGa+fAgMB AAGjggJmMIICYjAdBgNVHQ4EFgQUZZytb7lIvx7JGQaKsybkg5NcD+UwHwYDVR0j BBgwFoAUphyrZbra11/0nPjOVK51c3HRxKowDgYDVR0PAQH/BAQDAgeAMIGUBgNV HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy L3JlcG8vOVFmeFJydGhFV3dtMXc3WVNmWUU5V2Q2NDFWMW5hWGRrdUtrQXRDOHFn YVYvMS9BNjFDQUI2NUJBREFENzVGRjQ5Q0Y4Q0U1NEFFNzU3MzcxRDFDNEFBLmNy bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0E2MUNBQjY1QkFEQUQ3NUZG NDlDRjhDRTU0QUU3NTczNzFEMUM0QUEuY2VyMHkGCCsGAQUFBwELBG0wazBpBggr BgEFBQcwC4ZdcnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby85UWZ4 UnJ0aEVXd20xdzdZU2ZZRTlXZDY0MVYxbmFYZGt1S2tBdEM4cWdhVi8xL0FTMjgy OTQucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwagYIKwYBBQUHAQcBAf8E WzBZMEgEAgABMEIDBAKDSFQDBAKKJFgDBAKKzNADBAKotQADBAKowlwDBAKq9owD BAWx3QADBAWza8ADBAG64oADBAO64ogDBAS9JJAwDQQCAAIwBwMFACgEALQwDQYJ KoZIhvcNAQELBQADggEBANPiVx6h2gvxE45zzCrtkq5VXSY7yYYIuXunSBqfBXXr vViGjgklKdmT6Rv81cnEeImXYM1xXaMgOwsyoRuNh8oAZhDheXOPoC/QzmPszzSR zRNzQjvPv92as6D+oVcKv92VMH7QlhrWU64pwzmuvNeQLylXoDZwS519p0X15mFc sHJ/rJyuHbelzupyzhDuqM9HbYhEeGOPd+n9rjmLAfFyXx3EKZqVr8wkiR1HSaGu G4NBbdRtfVOZECiLE4koJocjEAnull1f45Oo3EMlbVdEK2O2oY7k+RjRJ5TV9vYy DuXknP4Xsp1DceVCh1ROCOjmvqAt8riBGjRaKxf/F3M= -----END CERTIFICATE-----Generated at Fri Sep 19 06:30:16 2025 by rpki-client