Route Origin Authorization
$ rpki-client -vvf rpki-repo.registro.br/repo/9tgHFrYqotknrzGNHA22qPXArbT22UspTGcZriDN6fgU/0/3136382e3139352e36342e302f32322d3234203d3e203238323031.roa
File: 3136382e3139352e36342e302f32322d3234203d3e203238323031.roa (raw, json)
Hash identifier: FDNCXJz5FDf2Wnlksc01/G4V8e/G9TqTgo0anXowWoI=
Subject key identifier: E4:53:0C:E4:24:A6:91:74:05:FC:59:75:B6:EE:FA:40:F8:CE:54:31
Certificate issuer: /CN=AC1FE9387640A777B73D94211D4C8FFA5C669304
Certificate serial: 67D3FC75B297BA1E31AAE1AD9DBD58D98B528D0D
Authority key identifier: AC:1F:E9:38:76:40:A7:77:B7:3D:94:21:1D:4C:8F:FA:5C:66:93:04
Authority info access: rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC1FE9387640A777B73D94211D4C8FFA5C669304.cer
Subject info access: rsync://rpki-repo.registro.br/repo/9tgHFrYqotknrzGNHA22qPXArbT22UspTGcZriDN6fgU/0/3136382e3139352e36342e302f32322d3234203d3e203238323031.roa
Signing time: Wed 12 Mar 2025 13:33:22 +0000
ROA not before: Wed 12 Mar 2025 13:28:22 +0000
ROA not after: Wed 11 Mar 2026 13:33:22 +0000
asID: 28201
IP address blocks: 168.195.64.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-repo.registro.br/repo/9tgHFrYqotknrzGNHA22qPXArbT22UspTGcZriDN6fgU/0/AC1FE9387640A777B73D94211D4C8FFA5C669304.crl
rsync://rpki-repo.registro.br/repo/9tgHFrYqotknrzGNHA22qPXArbT22UspTGcZriDN6fgU/0/AC1FE9387640A777B73D94211D4C8FFA5C669304.mft
rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC1FE9387640A777B73D94211D4C8FFA5C669304.cer
rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires: Fri 11 Apr 2025 21:37:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:d3:fc:75:b2:97:ba:1e:31:aa:e1:ad:9d:bd:58:d9:8b:52:8d:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=AC1FE9387640A777B73D94211D4C8FFA5C669304
Validity
Not Before: Mar 12 13:28:22 2025 GMT
Not After : Mar 11 13:33:22 2026 GMT
Subject: CN=E4530CE424A6917405FC5975B6EEFA40F8CE5431
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:64:ff:c5:61:14:a9:62:18:78:ea:c6:b2:53:
1e:5b:07:ea:f3:53:56:e6:bd:8f:b4:aa:b2:63:23:
d8:14:47:c2:f7:d1:9d:5a:cb:7e:c6:6d:cb:0a:3e:
94:0d:3b:8f:fa:ef:50:09:b7:a6:7c:ad:6f:31:6b:
a3:1e:aa:31:c9:8d:42:9f:6f:97:a6:f1:3f:03:40:
88:ea:13:02:b2:5d:98:c4:39:c6:1d:5d:71:de:fe:
6c:10:32:be:2a:49:60:f4:5d:97:f7:b6:ec:9f:de:
77:35:28:ee:5e:cf:e1:62:87:66:a6:ae:56:63:ca:
24:54:e8:35:8f:dc:2c:03:5d:30:31:9d:94:56:8d:
7b:84:36:9c:19:9a:10:8a:08:68:47:05:dc:7c:94:
73:82:80:d4:2e:d6:83:05:0a:de:e2:37:07:1f:80:
fe:00:44:fb:01:75:ca:0a:c9:8c:7a:45:74:e5:91:
07:77:91:dd:42:b7:89:d7:a7:d0:34:35:d2:5e:de:
ec:73:55:d0:86:70:5c:fb:07:bd:81:14:2c:9f:15:
3c:99:da:6a:44:f2:26:82:8c:33:03:15:84:00:75:
78:cf:68:4c:6e:12:67:a9:22:a7:1f:04:8c:10:fd:
bc:26:81:c9:15:bf:c4:76:83:a7:22:eb:0a:c0:29:
09:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:53:0C:E4:24:A6:91:74:05:FC:59:75:B6:EE:FA:40:F8:CE:54:31
X509v3 Authority Key Identifier:
keyid:AC:1F:E9:38:76:40:A7:77:B7:3D:94:21:1D:4C:8F:FA:5C:66:93:04
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-repo.registro.br/repo/9tgHFrYqotknrzGNHA22qPXArbT22UspTGcZriDN6fgU/0/AC1FE9387640A777B73D94211D4C8FFA5C669304.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC1FE9387640A777B73D94211D4C8FFA5C669304.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-repo.registro.br/repo/9tgHFrYqotknrzGNHA22qPXArbT22UspTGcZriDN6fgU/0/3136382e3139352e36342e302f32322d3234203d3e203238323031.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
168.195.64.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:d0:b1:6a:b9:8b:31:ee:fa:78:12:03:2c:83:87:79:ff:15:
dc:af:32:c5:87:d3:22:e0:c0:d9:ac:14:c7:9f:e9:f1:91:9a:
4b:c1:ad:9c:6b:c9:9c:4f:0e:0a:93:3d:e7:2e:91:b6:c2:7d:
82:18:a5:b1:f6:09:19:f5:35:c1:57:ef:15:b0:3b:78:ae:56:
68:64:d4:34:b2:f1:91:f9:7e:c9:e7:57:6b:36:c0:b8:99:38:
77:b2:83:a8:f7:a0:92:01:3f:fc:ab:dd:ec:5a:17:af:18:38:
72:7b:0c:a6:91:c3:78:52:60:a7:e9:44:e3:32:f9:4a:68:de:
99:91:98:10:23:48:ee:cd:d3:a6:0e:ae:f3:cf:58:55:ea:b1:
06:45:38:16:7a:58:46:62:54:70:15:b7:06:b6:2a:2a:0f:83:
e6:66:a3:b9:eb:35:84:d4:07:8b:a6:3b:41:3f:ad:ea:52:cb:
8e:e9:7b:2d:67:8d:ae:f0:69:84:7c:bf:53:50:44:ea:ba:96:
9f:fe:18:79:56:e8:2b:d0:a5:05:ec:66:e0:55:12:28:8c:4e:
66:69:a2:dc:cf:57:be:08:79:b3:02:e6:d6:39:9f:5b:4d:81:
b1:66:c9:78:37:f3:3a:13:97:d4:b8:6d:80:62:9d:00:67:1d:
5f:14:dd:1b
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUZ9P8dbKXuh4xquGtnb1Y2YtSjQ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUMxRkU5Mzg3NjQwQTc3N0I3M0Q5NDIxMUQ0QzhGRkE1
QzY2OTMwNDAeFw0yNTAzMTIxMzI4MjJaFw0yNjAzMTExMzMzMjJaMDMxMTAvBgNV
BAMTKEU0NTMwQ0U0MjRBNjkxNzQwNUZDNTk3NUI2RUVGQTQwRjhDRTU0MzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCEZP/FYRSpYhh46sayUx5bB+rz
U1bmvY+0qrJjI9gUR8L30Z1ay37GbcsKPpQNO4/671AJt6Z8rW8xa6MeqjHJjUKf
b5em8T8DQIjqEwKyXZjEOcYdXXHe/mwQMr4qSWD0XZf3tuyf3nc1KO5ez+Fih2am
rlZjyiRU6DWP3CwDXTAxnZRWjXuENpwZmhCKCGhHBdx8lHOCgNQu1oMFCt7iNwcf
gP4ARPsBdcoKyYx6RXTlkQd3kd1Ct4nXp9A0NdJe3uxzVdCGcFz7B72BFCyfFTyZ
2mpE8iaCjDMDFYQAdXjPaExuEmepIqcfBIwQ/bwmgckVv8R2g6ci6wrAKQk1AgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQU5FMM5CSmkXQF/Fl1tu76QPjOVDEwHwYDVR0j
BBgwFoAUrB/pOHZAp3e3PZQhHUyP+lxmkwQwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOXRnSEZyWXFvdGtucnpHTkhBMjJxUFhBcmJUMjJVc3BUR2NacmlETjZm
Z1UvMC9BQzFGRTkzODc2NDBBNzc3QjczRDk0MjExRDRDOEZGQTVDNjY5MzA0LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0FDMUZFOTM4NzY0MEE3NzdC
NzNEOTQyMTFENEM4RkZBNUM2NjkzMDQuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
Lzl0Z0hGcllxb3RrbnJ6R05IQTIycVBYQXJiVDIyVXNwVEdjWnJpRE42ZmdVLzAv
MzEzNjM4MmUzMTM5MzUyZTM2MzQyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM4
MzIzMDMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQCqMNAMA0GCSqGSIb3DQEBCwUAA4IBAQBb0LFquYsx
7vp4EgMsg4d5/xXcrzLFh9Mi4MDZrBTHn+nxkZpLwa2ca8mcTw4Kkz3nLpG2wn2C
GKWx9gkZ9TXBV+8VsDt4rlZoZNQ0svGR+X7J51drNsC4mTh3soOo96CSAT/8q93s
WhevGDhyewymkcN4UmCn6UTjMvlKaN6ZkZgQI0juzdOmDq7zz1hV6rEGRTgWelhG
YlRwFbcGtioqD4PmZqO56zWE1AeLpjtBP63qUsuO6XstZ42u8GmEfL9TUETqupaf
/hh5Vugr0KUF7GbgVRIojE5maaLcz1e+CHmzAubWOZ9bTYGxZsl4N/M6E5fUuG2A
Yp0AZx1fFN0b
-----END CERTIFICATE-----
Generated at Fri Apr 11 04:38:57 2025 by rpki-client