Route Origin Authorization
$ rpki-client -vvf rpki-repo.registro.br/repo/9tgHFrYqotknrzGNHA22qPXArbT22UspTGcZriDN6fgU/0/3133382e3132312e36342e302f32322d3234203d3e203238323031.roa
File: 3133382e3132312e36342e302f32322d3234203d3e203238323031.roa (raw, json)
Hash identifier: qRmOp+LyjemC+Vbw19kv/29VlhC9D3CbkZJIZWgzLFg=
Subject key identifier: C4:72:88:7F:CC:06:43:22:60:F1:94:CB:5D:AC:F7:EA:1E:FB:C9:DF
Certificate issuer: /CN=AC1FE9387640A777B73D94211D4C8FFA5C669304
Certificate serial: 62083D031F856F0BC01EBCE714DC44E87432CD04
Authority key identifier: AC:1F:E9:38:76:40:A7:77:B7:3D:94:21:1D:4C:8F:FA:5C:66:93:04
Authority info access: rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC1FE9387640A777B73D94211D4C8FFA5C669304.cer
Subject info access: rsync://rpki-repo.registro.br/repo/9tgHFrYqotknrzGNHA22qPXArbT22UspTGcZriDN6fgU/0/3133382e3132312e36342e302f32322d3234203d3e203238323031.roa
Signing time: Wed 12 Mar 2025 13:33:18 +0000
ROA not before: Wed 12 Mar 2025 13:28:18 +0000
ROA not after: Wed 11 Mar 2026 13:33:18 +0000
asID: 28201
IP address blocks: 138.121.64.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-repo.registro.br/repo/9tgHFrYqotknrzGNHA22qPXArbT22UspTGcZriDN6fgU/0/AC1FE9387640A777B73D94211D4C8FFA5C669304.crl
rsync://rpki-repo.registro.br/repo/9tgHFrYqotknrzGNHA22qPXArbT22UspTGcZriDN6fgU/0/AC1FE9387640A777B73D94211D4C8FFA5C669304.mft
rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC1FE9387640A777B73D94211D4C8FFA5C669304.cer
rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires: Fri 11 Apr 2025 21:37:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:08:3d:03:1f:85:6f:0b:c0:1e:bc:e7:14:dc:44:e8:74:32:cd:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=AC1FE9387640A777B73D94211D4C8FFA5C669304
Validity
Not Before: Mar 12 13:28:18 2025 GMT
Not After : Mar 11 13:33:18 2026 GMT
Subject: CN=C472887FCC06432260F194CB5DACF7EA1EFBC9DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ed:c2:af:e1:34:c8:73:6c:4b:d3:58:f0:65:
e2:bb:56:30:4d:77:d5:57:d6:6a:37:8c:30:e6:19:
24:29:4a:71:35:a2:95:01:73:cb:cf:80:53:f9:0e:
bb:5d:36:bb:b0:00:82:be:41:ca:4e:ac:4a:de:9c:
a9:7f:d1:5c:60:3a:35:f8:58:e4:f9:62:8b:60:8e:
42:10:89:cd:98:2a:0a:7c:1e:6a:80:09:08:57:8d:
62:1c:24:e2:ae:f4:cd:af:c4:ce:e6:d0:d8:57:55:
02:c3:75:37:6d:a9:b3:30:81:e3:32:aa:18:7a:a1:
f3:81:db:93:78:d3:9c:49:3b:72:bd:0d:92:7b:24:
56:e0:55:f3:34:e9:5b:34:4d:ee:c2:74:eb:66:a3:
3b:60:40:b3:30:7c:26:47:46:f0:65:4d:cb:f5:57:
56:ab:76:04:41:af:d3:b9:80:1b:d2:0a:0b:ec:81:
98:e3:bf:03:e5:39:7b:71:3d:73:25:34:8e:53:3f:
1f:42:f0:e6:c2:a7:a3:d6:05:36:13:fd:46:af:94:
d4:e8:26:f6:71:aa:24:19:29:f0:41:5c:39:4c:61:
97:fa:6b:71:1d:62:8a:7b:e2:d7:d2:05:57:1e:46:
10:8d:2a:19:48:74:d9:6e:8f:ff:24:51:56:74:b9:
51:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:72:88:7F:CC:06:43:22:60:F1:94:CB:5D:AC:F7:EA:1E:FB:C9:DF
X509v3 Authority Key Identifier:
keyid:AC:1F:E9:38:76:40:A7:77:B7:3D:94:21:1D:4C:8F:FA:5C:66:93:04
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-repo.registro.br/repo/9tgHFrYqotknrzGNHA22qPXArbT22UspTGcZriDN6fgU/0/AC1FE9387640A777B73D94211D4C8FFA5C669304.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC1FE9387640A777B73D94211D4C8FFA5C669304.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-repo.registro.br/repo/9tgHFrYqotknrzGNHA22qPXArbT22UspTGcZriDN6fgU/0/3133382e3132312e36342e302f32322d3234203d3e203238323031.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.121.64.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:b4:5a:a3:8e:bb:ee:9a:bd:d4:5b:fe:f8:a5:02:dc:8d:73:
b5:66:4c:c6:31:b9:fe:d1:9e:36:13:d9:f7:54:2e:bd:d2:1a:
40:70:b9:8a:ef:8a:08:54:4c:c0:1c:26:fd:96:2f:d6:66:90:
ae:77:45:31:d5:e3:47:51:2e:05:1d:8c:47:98:55:52:29:b1:
a6:a9:87:9a:b7:2f:b2:30:69:56:d0:2f:6f:a2:4d:7b:e1:22:
75:a3:57:aa:12:ae:82:3a:f8:84:bd:01:71:82:3d:2c:36:18:
de:61:e5:96:fb:98:06:60:7a:49:90:43:de:ad:71:34:38:9c:
e1:d3:c5:9c:21:26:d3:63:fd:c3:90:ba:2e:3e:05:e1:29:36:
00:cb:bb:77:67:e4:01:8e:b7:80:94:db:d2:f4:6b:d3:03:fc:
94:65:af:8e:91:71:8f:3a:15:23:de:5f:a8:2c:b3:d6:fb:81:
3c:c1:8c:84:63:fa:a0:25:73:e7:bd:7e:4a:4f:c6:34:76:b0:
e7:0a:ad:7f:5c:3e:65:d2:01:74:54:84:4c:ae:01:eb:ab:55:
09:2c:d0:b5:1c:c4:16:b4:7b:bb:82:55:5e:b9:d8:b0:23:7f:
d4:7a:36:f9:6b:04:be:ba:4c:82:34:ea:81:bc:f0:fa:26:04:
c7:4f:ae:e1
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUYgg9Ax+FbwvAHrznFNxE6HQyzQQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUMxRkU5Mzg3NjQwQTc3N0I3M0Q5NDIxMUQ0QzhGRkE1
QzY2OTMwNDAeFw0yNTAzMTIxMzI4MThaFw0yNjAzMTExMzMzMThaMDMxMTAvBgNV
BAMTKEM0NzI4ODdGQ0MwNjQzMjI2MEYxOTRDQjVEQUNGN0VBMUVGQkM5REYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDN7cKv4TTIc2xL01jwZeK7VjBN
d9VX1mo3jDDmGSQpSnE1opUBc8vPgFP5DrtdNruwAIK+QcpOrErenKl/0VxgOjX4
WOT5YotgjkIQic2YKgp8HmqACQhXjWIcJOKu9M2vxM7m0NhXVQLDdTdtqbMwgeMy
qhh6ofOB25N405xJO3K9DZJ7JFbgVfM06Vs0Te7CdOtmoztgQLMwfCZHRvBlTcv1
V1ardgRBr9O5gBvSCgvsgZjjvwPlOXtxPXMlNI5TPx9C8ObCp6PWBTYT/UavlNTo
JvZxqiQZKfBBXDlMYZf6a3EdYop74tfSBVceRhCNKhlIdNluj/8kUVZ0uVGfAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUxHKIf8wGQyJg8ZTLXaz36h77yd8wHwYDVR0j
BBgwFoAUrB/pOHZAp3e3PZQhHUyP+lxmkwQwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOXRnSEZyWXFvdGtucnpHTkhBMjJxUFhBcmJUMjJVc3BUR2NacmlETjZm
Z1UvMC9BQzFGRTkzODc2NDBBNzc3QjczRDk0MjExRDRDOEZGQTVDNjY5MzA0LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0FDMUZFOTM4NzY0MEE3NzdC
NzNEOTQyMTFENEM4RkZBNUM2NjkzMDQuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
Lzl0Z0hGcllxb3RrbnJ6R05IQTIycVBYQXJiVDIyVXNwVEdjWnJpRE42ZmdVLzAv
MzEzMzM4MmUzMTMyMzEyZTM2MzQyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM4
MzIzMDMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQCinlAMA0GCSqGSIb3DQEBCwUAA4IBAQCwtFqjjrvu
mr3UW/74pQLcjXO1ZkzGMbn+0Z42E9n3VC690hpAcLmK74oIVEzAHCb9li/WZpCu
d0Ux1eNHUS4FHYxHmFVSKbGmqYeaty+yMGlW0C9vok174SJ1o1eqEq6COviEvQFx
gj0sNhjeYeWW+5gGYHpJkEPerXE0OJzh08WcISbTY/3DkLouPgXhKTYAy7t3Z+QB
jreAlNvS9GvTA/yUZa+OkXGPOhUj3l+oLLPW+4E8wYyEY/qgJXPnvX5KT8Y0drDn
Cq1/XD5l0gF0VIRMrgHrq1UJLNC1HMQWtHu7glVeudiwI3/Uejb5awS+ukyCNOqB
vPD6JgTHT67h
-----END CERTIFICATE-----
Generated at Fri Apr 11 11:05:24 2025 by rpki-client