$ rpki-client -vvf rpki-repo.registro.br/repo/2dGAPJP65efeCTUa84hw5RGRbZGPW2qRyTvgahgjxEeB/0/AS28270.roa File: AS28270.roa (raw, json) Hash identifier: IkJKP7ijx2Qq43OnILYCrtHbMh0RFlilljDW7QfKxoI= Subject key identifier: 2D:58:48:82:DF:0C:62:14:3D:02:4B:98:17:C2:E8:DF:06:EC:C1:AF Certificate issuer: /CN=BAD7CBFD3F5DA945D21E66A84CDDE4E6D3AC2618 Certificate serial: 5514AE4A24D32C547786B9EEE2E5DE4C283E68F7 Authority key identifier: BA:D7:CB:FD:3F:5D:A9:45:D2:1E:66:A8:4C:DD:E4:E6:D3:AC:26:18 Authority info access: rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BAD7CBFD3F5DA945D21E66A84CDDE4E6D3AC2618.cer Subject info access: rsync://rpki-repo.registro.br/repo/2dGAPJP65efeCTUa84hw5RGRbZGPW2qRyTvgahgjxEeB/0/AS28270.roa Signing time: Mon 02 Mar 2026 19:14:20 +0000 ROA not before: Mon 02 Mar 2026 19:09:20 +0000 ROA not after: Mon 01 Mar 2027 19:14:20 +0000 asID: 28270 IP address blocks: 131.221.68.0/22 maxlen: 22 138.117.124.0/22 maxlen: 22 138.121.220.0/24 maxlen: 24 138.122.236.0/22 maxlen: 22 138.122.236.0/24 maxlen: 24 138.122.237.0/24 maxlen: 24 143.255.112.0/22 maxlen: 22 160.238.220.0/22 maxlen: 22 168.228.128.0/22 maxlen: 22 168.232.116.0/22 maxlen: 22 170.0.204.0/22 maxlen: 22 170.245.100.0/22 maxlen: 22 177.66.64.0/21 maxlen: 21 177.70.128.0/20 maxlen: 20 177.75.192.0/20 maxlen: 20 177.75.208.0/20 maxlen: 20 177.87.144.0/21 maxlen: 21 179.191.128.0/20 maxlen: 20 179.191.144.0/20 maxlen: 20 187.18.128.0/17 maxlen: 17 187.18.212.0/22 maxlen: 22 187.108.96.0/20 maxlen: 20 187.110.208.0/20 maxlen: 20 189.45.64.0/18 maxlen: 18 189.50.144.0/20 maxlen: 20 200.94.240.0/22 maxlen: 22 201.149.120.0/22 maxlen: 22 2804:880::/32 maxlen: 32 2804:880:fc00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-repo.registro.br/repo/2dGAPJP65efeCTUa84hw5RGRbZGPW2qRyTvgahgjxEeB/0/BAD7CBFD3F5DA945D21E66A84CDDE4E6D3AC2618.crl rsync://rpki-repo.registro.br/repo/2dGAPJP65efeCTUa84hw5RGRbZGPW2qRyTvgahgjxEeB/0/BAD7CBFD3F5DA945D21E66A84CDDE4E6D3AC2618.mft rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BAD7CBFD3F5DA945D21E66A84CDDE4E6D3AC2618.cer rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer Signature path expires: Tue 03 Mar 2026 22:00:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:14:ae:4a:24:d3:2c:54:77:86:b9:ee:e2:e5:de:4c:28:3e:68:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BAD7CBFD3F5DA945D21E66A84CDDE4E6D3AC2618 Validity Not Before: Mar 2 19:09:20 2026 GMT Not After : Mar 1 19:14:20 2027 GMT Subject: CN=2D584882DF0C62143D024B9817C2E8DF06ECC1AF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:3e:45:5b:cf:96:4a:ab:1d:57:d5:00:f6:1c: 2b:5d:04:39:c0:a0:d9:d0:4d:18:ba:b5:bd:f7:58: 7d:49:22:dc:dd:56:02:e7:aa:6d:73:60:f6:62:c7: e6:72:ab:d2:56:e6:1a:5f:30:e1:2b:2d:2a:f2:c4: 8c:4d:0f:61:be:c6:2b:9e:4a:f7:05:6b:11:3d:5a: 52:9b:65:0e:2e:5f:4b:c4:59:07:73:91:d2:57:48: 87:65:5e:88:7f:f2:27:c8:af:e2:14:f4:22:5f:f9: 99:6c:f3:8f:d7:42:00:e6:a5:cc:48:ad:30:bd:c1: e1:bd:64:16:74:2e:ae:62:13:7e:be:c3:38:f0:22: 94:33:78:ad:ba:2f:96:55:c2:06:28:d1:70:b4:f9: f7:23:7a:5d:4b:12:60:ec:a1:21:e9:51:8b:9d:5a: ea:ce:dd:c4:5c:f4:9c:b8:f7:76:0a:c6:1d:5a:1c: a9:c7:b4:df:e4:8d:a4:b4:a6:9d:b9:89:bc:fa:9b: ec:08:3a:2e:78:66:89:a4:01:5b:51:c1:b5:02:8a: 3e:99:0b:7d:83:a5:a8:a3:48:14:4f:e2:fc:32:0d: a3:bc:ec:c5:c2:b1:7e:1e:db:82:a5:6f:8e:9f:d5: 13:46:7e:09:91:aa:ed:72:fb:59:5f:dc:db:d0:f1: 22:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:58:48:82:DF:0C:62:14:3D:02:4B:98:17:C2:E8:DF:06:EC:C1:AF X509v3 Authority Key Identifier: keyid:BA:D7:CB:FD:3F:5D:A9:45:D2:1E:66:A8:4C:DD:E4:E6:D3:AC:26:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repo.registro.br/repo/2dGAPJP65efeCTUa84hw5RGRbZGPW2qRyTvgahgjxEeB/0/BAD7CBFD3F5DA945D21E66A84CDDE4E6D3AC2618.crl Authority Information Access: CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BAD7CBFD3F5DA945D21E66A84CDDE4E6D3AC2618.cer Subject Information Access: Signed Object - URI:rsync://rpki-repo.registro.br/repo/2dGAPJP65efeCTUa84hw5RGRbZGPW2qRyTvgahgjxEeB/0/AS28270.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 131.221.68.0/22 138.117.124.0/22 138.121.220.0/24 138.122.236.0/22 143.255.112.0/22 160.238.220.0/22 168.228.128.0/22 168.232.116.0/22 170.0.204.0/22 170.245.100.0/22 177.66.64.0/21 177.70.128.0/20 177.75.192.0/19 177.87.144.0/21 179.191.128.0/19 187.18.128.0/17 187.108.96.0/20 187.110.208.0/20 189.45.64.0/18 189.50.144.0/20 200.94.240.0/22 201.149.120.0/22 IPv6: 2804:880::/32 Signature Algorithm: sha256WithRSAEncryption 04:f3:8c:0f:b3:10:5c:35:35:d6:90:76:06:0f:3c:cc:4d:0f: 07:5f:2a:f0:d8:6a:e8:b9:c0:21:38:e2:88:c4:cb:c9:fe:56: be:54:3d:67:f5:88:d4:2e:0a:ad:e8:35:14:c1:fe:20:56:81: 75:42:31:27:16:89:66:ac:ac:41:18:e6:dc:0b:da:3f:e3:3f: 03:ba:f4:1b:78:65:4e:bb:42:73:51:87:cb:7e:5e:1f:80:4a: db:7c:24:fe:89:08:44:87:20:32:3b:30:6f:8a:9b:be:b0:48: 39:7d:db:60:c3:75:24:83:82:69:d4:fc:2e:3d:a0:11:cb:7b: e3:dc:ee:37:e0:27:a9:0e:1b:66:87:a6:55:92:fa:fb:21:18: 96:7c:93:66:bf:58:0a:f0:58:75:d7:df:5b:be:ad:ca:c4:64: ab:fb:ec:03:b5:20:ec:bf:98:f8:88:9e:d5:ae:86:d1:ef:ba: 9c:cd:36:ab:a3:c1:1a:ca:e9:b5:81:0f:ee:d0:76:49:50:39: 08:10:63:c4:20:d9:c1:88:4e:af:45:2b:e1:5e:18:0c:71:16: e3:e2:92:20:f4:af:70:c1:9d:fb:a6:fb:0e:54:0a:89:28:eb: 0b:00:df:e2:25:a5:5b:65:f2:c9:88:78:bd:e2:1c:24:dc:58: 24:6d:33:ac -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgIUVRSuSiTTLFR3hrnu4uXeTCg+aPcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkFEN0NCRkQzRjVEQTk0NUQyMUU2NkE4NENEREU0RTZE M0FDMjYxODAeFw0yNjAzMDIxOTA5MjBaFw0yNzAzMDExOTE0MjBaMDMxMTAvBgNV BAMTKDJENTg0ODgyREYwQzYyMTQzRDAyNEI5ODE3QzJFOERGMDZFQ0MxQUYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMPkVbz5ZKqx1X1QD2HCtdBDnA oNnQTRi6tb33WH1JItzdVgLnqm1zYPZix+Zyq9JW5hpfMOErLSryxIxND2G+xiue SvcFaxE9WlKbZQ4uX0vEWQdzkdJXSIdlXoh/8ifIr+IU9CJf+Zls84/XQgDmpcxI rTC9weG9ZBZ0Lq5iE36+wzjwIpQzeK26L5ZVwgYo0XC0+fcjel1LEmDsoSHpUYud WurO3cRc9Jy493YKxh1aHKnHtN/kjaS0pp25ibz6m+wIOi54ZomkAVtRwbUCij6Z C32DpaijSBRP4vwyDaO87MXCsX4e24Klb46f1RNGfgmRqu1y+1lf3NvQ8SJfAgMB AAGjggKtMIICqTAdBgNVHQ4EFgQULVhIgt8MYhQ9AkuYF8Lo3wbswa8wHwYDVR0j BBgwFoAUutfL/T9dqUXSHmaoTN3k5tOsJhgwDgYDVR0PAQH/BAQDAgeAMIGUBgNV HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy L3JlcG8vMmRHQVBKUDY1ZWZlQ1RVYTg0aHc1UkdSYlpHUFcycVJ5VHZnYWhnanhF ZUIvMC9CQUQ3Q0JGRDNGNURBOTQ1RDIxRTY2QTg0Q0RERTRFNkQzQUMyNjE4LmNy bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0JBRDdDQkZEM0Y1REE5NDVE MjFFNjZBODRDRERFNEU2RDNBQzI2MTguY2VyMHkGCCsGAQUFBwELBG0wazBpBggr BgEFBQcwC4ZdcnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby8yZEdB UEpQNjVlZmVDVFVhODRodzVSR1JiWkdQVzJxUnlUdmdhaGdqeEVlQi8wL0FTMjgy NzAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwgbAGCCsGAQUFBwEHAQH/ BIGgMIGdMIGLBAIAATCBhAMEAoPdRAMEAop1fAMEAIp53AMEAop67AMEAo//cAME AqDu3AMEAqjkgAMEAqjodAMEAqoAzAMEAqr1ZAMEA7FCQAMEBLFGgAMEBbFLwAME A7FXkAMEBbO/gAMEB7sSgAMEBLtsYAMEBLtu0AMEBr0tQAMEBL0ykAMEAshe8AME AsmVeDANBAIAAjAHAwUAKAQIgDANBgkqhkiG9w0BAQsFAAOCAQEABPOMD7MQXDU1 1pB2Bg88zE0PB18q8Nhq6LnAITjiiMTLyf5WvlQ9Z/WI1C4Kreg1FMH+IFaBdUIx JxaJZqysQRjm3AvaP+M/A7r0G3hlTrtCc1GHy35eH4BK23wk/okIRIcgMjswb4qb vrBIOX3bYMN1JIOCadT8Lj2gEct749zuN+AnqQ4bZoemVZL6+yEYlnyTZr9YCvBY ddffW76tysRkq/vsA7Ug7L+Y+Iie1a6G0e+6nM02q6PBGsrptYEP7tB2SVA5CBBj xCDZwYhOr0Ur4V4YDHEW4+KSIPSvcMGd+6b7DlQKiSjrCwDf4iWlW2XyyYh4veIc JNxYJG0zrA== -----END CERTIFICATE-----Generated at Tue Mar 3 00:26:12 2026 by rpki-client