Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/DCNvej1a8r2RQ3kZ5pWWCsob2Rn4MqYuBHKd7AP98bD6/0/3138372e36302e3132382e302f32302d3234203d3e203238313837.roa
File:                     3138372e36302e3132382e302f32302d3234203d3e203238313837.roa (raw, json)
Hash identifier:          NHEF6vHyFDwR8cH0PKy4X4CGGnTYas4MNFfgHpTh5Uw=
Subject key identifier:   78:5F:54:50:78:16:C8:F2:9A:FA:91:27:A8:45:17:D3:FF:A2:0B:0D
Certificate issuer:       /CN=640539F45452C2299C340AFF511D40CB7EEAA212
Certificate serial:       49922FEA85101687F66B7C191754F84088419C52
Authority key identifier: 64:05:39:F4:54:52:C2:29:9C:34:0A:FF:51:1D:40:CB:7E:EA:A2:12
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/640539F45452C2299C340AFF511D40CB7EEAA212.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/DCNvej1a8r2RQ3kZ5pWWCsob2Rn4MqYuBHKd7AP98bD6/0/3138372e36302e3132382e302f32302d3234203d3e203238313837.roa
Signing time:             Fri 19 Jun 2026 19:31:10 +0000
ROA not before:           Fri 19 Jun 2026 19:26:10 +0000
ROA not after:            Fri 18 Jun 2027 19:31:10 +0000
asID:                     28187
IP address blocks:        187.60.128.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/DCNvej1a8r2RQ3kZ5pWWCsob2Rn4MqYuBHKd7AP98bD6/0/640539F45452C2299C340AFF511D40CB7EEAA212.crl
                          rsync://rpki-repo.registro.br/repo/DCNvej1a8r2RQ3kZ5pWWCsob2Rn4MqYuBHKd7AP98bD6/0/640539F45452C2299C340AFF511D40CB7EEAA212.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/640539F45452C2299C340AFF511D40CB7EEAA212.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 09 Jul 2026 00:35:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:92:2f:ea:85:10:16:87:f6:6b:7c:19:17:54:f8:40:88:41:9c:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=640539F45452C2299C340AFF511D40CB7EEAA212
        Validity
            Not Before: Jun 19 19:26:10 2026 GMT
            Not After : Jun 18 19:31:10 2027 GMT
        Subject: CN=785F54507816C8F29AFA9127A84517D3FFA20B0D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:02:58:4e:4a:1f:d6:b8:40:7b:53:f1:3f:0d:
                    a8:c8:eb:dd:04:72:f7:41:dd:b3:88:f2:4d:8f:6d:
                    c2:3f:ec:b8:14:9b:5e:da:47:1e:ed:4f:77:0d:37:
                    24:99:96:15:f9:48:ac:b7:3b:64:31:3e:26:39:21:
                    0f:8b:8a:bb:3f:4e:65:f7:d3:54:63:a5:34:25:01:
                    6d:be:88:7f:a0:e2:bd:99:38:eb:9d:19:06:b9:c0:
                    61:8c:e6:40:6f:f2:cc:fa:e2:49:1f:ec:bb:9b:c7:
                    b8:f2:93:04:9b:a8:2e:de:21:c5:d0:e1:92:9a:c8:
                    2e:7e:58:61:58:ca:e6:43:56:52:07:4a:f1:35:a6:
                    81:ec:b7:df:b9:2b:87:9d:c0:ab:cf:9e:c5:70:ba:
                    26:f8:8a:90:11:c9:eb:4c:1e:d4:c0:f1:d2:e6:17:
                    43:be:05:8d:4d:77:32:e8:23:04:3e:5e:1d:7c:b1:
                    6e:a5:36:a4:1e:b3:1c:ff:cd:84:64:59:6e:ff:48:
                    55:1a:3c:bb:b6:29:25:7e:fa:3d:9f:02:6c:e3:ea:
                    ac:fd:90:28:da:83:b5:a7:22:3f:66:df:a7:a4:70:
                    20:98:03:97:36:04:90:0b:08:cf:63:dd:f7:2f:13:
                    5d:e1:dc:64:fa:e2:c8:e0:7c:d9:3b:1a:32:24:ae:
                    03:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:5F:54:50:78:16:C8:F2:9A:FA:91:27:A8:45:17:D3:FF:A2:0B:0D
            X509v3 Authority Key Identifier:
                keyid:64:05:39:F4:54:52:C2:29:9C:34:0A:FF:51:1D:40:CB:7E:EA:A2:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/DCNvej1a8r2RQ3kZ5pWWCsob2Rn4MqYuBHKd7AP98bD6/0/640539F45452C2299C340AFF511D40CB7EEAA212.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/640539F45452C2299C340AFF511D40CB7EEAA212.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/DCNvej1a8r2RQ3kZ5pWWCsob2Rn4MqYuBHKd7AP98bD6/0/3138372e36302e3132382e302f32302d3234203d3e203238313837.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  187.60.128.0/20

    Signature Algorithm: sha256WithRSAEncryption
         2c:09:00:58:82:18:e0:23:b6:c4:da:c2:1d:e6:23:f1:36:9a:
         96:e1:01:d0:03:48:aa:75:20:61:52:5e:57:10:6a:8c:cb:8e:
         58:65:72:4d:64:f9:9e:2c:7e:ce:1a:98:0b:d2:ab:36:c5:5a:
         02:c8:fd:cd:8a:4e:be:b8:36:cb:de:b3:93:4d:8a:59:b0:3e:
         5d:49:2e:30:c7:0f:07:f0:af:40:76:41:28:75:3b:43:4f:99:
         9c:05:97:f4:ec:2e:ce:77:f8:30:00:5f:67:cb:26:13:03:dd:
         f8:dc:35:5e:41:47:f4:39:5f:86:30:49:5a:17:14:dd:12:40:
         48:5f:9f:51:b6:36:6a:b5:9b:37:83:5e:a0:39:4e:7e:d3:0b:
         13:ac:a3:f6:52:5d:56:9d:85:93:7a:ee:76:3e:6a:74:72:fd:
         8b:02:c9:46:b3:96:3f:c0:79:aa:a3:72:68:ce:14:ff:ed:2e:
         a9:b8:a8:f5:89:5f:6a:f9:65:61:06:32:73:20:c4:ef:4b:b9:
         0f:fa:c6:2d:e9:b0:72:f2:ac:8b:05:4f:d4:d5:cf:c4:e0:fd:
         1a:a5:b0:2a:d4:15:50:2d:65:b0:68:43:13:a7:38:09:00:c6:
         df:62:77:03:72:d2:81:cf:6a:37:ab:52:7f:21:08:bb:6b:7f:
         6e:3c:22:a1
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUSZIv6oUQFof2a3wZF1T4QIhBnFIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjQwNTM5RjQ1NDUyQzIyOTlDMzQwQUZGNTExRDQwQ0I3
RUVBQTIxMjAeFw0yNjA2MTkxOTI2MTBaFw0yNzA2MTgxOTMxMTBaMDMxMTAvBgNV
BAMTKDc4NUY1NDUwNzgxNkM4RjI5QUZBOTEyN0E4NDUxN0QzRkZBMjBCMEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtAlhOSh/WuEB7U/E/DajI690E
cvdB3bOI8k2PbcI/7LgUm17aRx7tT3cNNySZlhX5SKy3O2QxPiY5IQ+Lirs/TmX3
01RjpTQlAW2+iH+g4r2ZOOudGQa5wGGM5kBv8sz64kkf7Lubx7jykwSbqC7eIcXQ
4ZKayC5+WGFYyuZDVlIHSvE1poHst9+5K4edwKvPnsVwuib4ipARyetMHtTA8dLm
F0O+BY1NdzLoIwQ+Xh18sW6lNqQesxz/zYRkWW7/SFUaPLu2KSV++j2fAmzj6qz9
kCjag7WnIj9m36ekcCCYA5c2BJALCM9j3fcvE13h3GT64sjgfNk7GjIkrgOhAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUeF9UUHgWyPKa+pEnqEUX0/+iCw0wHwYDVR0j
BBgwFoAUZAU59FRSwimcNAr/UR1Ay37qohIwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vRENOdmVqMWE4cjJSUTNrWjVwV1dDc29iMlJuNE1xWXVCSEtkN0FQOThi
RDYvMC82NDA1MzlGNDU0NTJDMjI5OUMzNDBBRkY1MTFENDBDQjdFRUFBMjEyLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzY0MDUzOUY0NTQ1MkMyMjk5
QzM0MEFGRjUxMUQ0MENCN0VFQUEyMTIuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0RDTnZlajFhOHIyUlEza1o1cFdXQ3NvYjJSbjRNcVl1QkhLZDdBUDk4YkQ2LzAv
MzEzODM3MmUzNjMwMmUzMTMyMzgyZTMwMmYzMjMwMmQzMjM0MjAzZDNlMjAzMjM4
MzEzODM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQEuzyAMA0GCSqGSIb3DQEBCwUAA4IBAQAsCQBYghjg
I7bE2sId5iPxNpqW4QHQA0iqdSBhUl5XEGqMy45YZXJNZPmeLH7OGpgL0qs2xVoC
yP3Nik6+uDbL3rOTTYpZsD5dSS4wxw8H8K9AdkEodTtDT5mcBZf07C7Od/gwAF9n
yyYTA9343DVeQUf0OV+GMElaFxTdEkBIX59RtjZqtZs3g16gOU5+0wsTrKP2Ul1W
nYWTeu52Pmp0cv2LAslGs5Y/wHmqo3JozhT/7S6puKj1iV9q+WVhBjJzIMTvS7kP
+sYt6bBy8qyLBU/U1c/E4P0apbAq1BVQLWWwaEMTpzgJAMbfYncDctKBz2o3q1J/
IQi7a39uPCKh
-----END CERTIFICATE-----
Generated at Wed Jul 8 16:10:53 2026 by rpki-client