$ rpki-client -vvf rpki-repo.registro.br/repo/2dGAPJP65efeCTUa84hw5RGRbZGPW2qRyTvgahgjxEeB/0/AS28270.roa File: AS28270.roa (raw, json) Hash identifier: MAqOSlGmivWQVlGSnM6nnyTxUzlYfbmInpvqtd+c6ac= Subject key identifier: 1D:CB:B3:5A:66:5F:87:2A:8A:2C:C9:DD:CA:8E:B4:87:66:91:31:BF Certificate issuer: /CN=BAD7CBFD3F5DA945D21E66A84CDDE4E6D3AC2618 Certificate serial: 111B4FFAEA5CFE48223D468CD185AA82E960BB65 Authority key identifier: BA:D7:CB:FD:3F:5D:A9:45:D2:1E:66:A8:4C:DD:E4:E6:D3:AC:26:18 Authority info access: rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BAD7CBFD3F5DA945D21E66A84CDDE4E6D3AC2618.cer Subject info access: rsync://rpki-repo.registro.br/repo/2dGAPJP65efeCTUa84hw5RGRbZGPW2qRyTvgahgjxEeB/0/AS28270.roa Signing time: Thu 28 May 2026 21:32:52 +0000 ROA not before: Thu 28 May 2026 21:27:52 +0000 ROA not after: Thu 27 May 2027 21:32:52 +0000 asID: 28270 IP address blocks: 131.221.68.0/22 maxlen: 22 138.117.124.0/22 maxlen: 22 138.121.220.0/24 maxlen: 24 143.255.112.0/22 maxlen: 22 160.238.220.0/22 maxlen: 22 168.228.128.0/22 maxlen: 22 168.232.116.0/22 maxlen: 22 170.0.204.0/22 maxlen: 22 170.245.100.0/22 maxlen: 22 177.66.64.0/21 maxlen: 21 177.70.128.0/20 maxlen: 20 177.75.192.0/20 maxlen: 20 177.75.208.0/20 maxlen: 20 177.87.144.0/21 maxlen: 21 179.191.128.0/20 maxlen: 20 179.191.144.0/20 maxlen: 20 187.18.128.0/17 maxlen: 17 187.18.212.0/22 maxlen: 22 187.108.96.0/20 maxlen: 20 187.110.208.0/20 maxlen: 20 189.45.64.0/18 maxlen: 18 189.50.144.0/20 maxlen: 20 200.94.240.0/22 maxlen: 22 201.149.120.0/22 maxlen: 22 2804:880::/32 maxlen: 32 2804:880:fc00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-repo.registro.br/repo/2dGAPJP65efeCTUa84hw5RGRbZGPW2qRyTvgahgjxEeB/0/BAD7CBFD3F5DA945D21E66A84CDDE4E6D3AC2618.crl rsync://rpki-repo.registro.br/repo/2dGAPJP65efeCTUa84hw5RGRbZGPW2qRyTvgahgjxEeB/0/BAD7CBFD3F5DA945D21E66A84CDDE4E6D3AC2618.mft rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BAD7CBFD3F5DA945D21E66A84CDDE4E6D3AC2618.cer rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer Signature path expires: Sun 14 Jun 2026 11:20:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:1b:4f:fa:ea:5c:fe:48:22:3d:46:8c:d1:85:aa:82:e9:60:bb:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BAD7CBFD3F5DA945D21E66A84CDDE4E6D3AC2618 Validity Not Before: May 28 21:27:52 2026 GMT Not After : May 27 21:32:52 2027 GMT Subject: CN=1DCBB35A665F872A8A2CC9DDCA8EB487669131BF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:90:a0:57:57:1b:f8:02:4f:00:d2:4a:6b:d3: fd:d7:33:02:8e:ce:43:9a:14:12:e5:3c:eb:ca:5a: e2:ae:e7:71:28:60:10:84:db:09:f8:79:37:96:c9: 65:14:b0:31:05:e2:81:f5:87:2a:58:87:de:da:75: 9d:a0:5c:84:b2:02:08:9c:f3:b2:c9:98:cf:7d:c8: 06:9c:12:45:76:e3:50:cc:3c:72:9e:28:00:9d:b2: b7:2d:cf:0f:43:3e:16:3e:0a:df:ae:ad:29:ab:ec: d7:53:2d:37:31:68:af:3a:72:8d:66:b6:28:fb:56: 53:d9:53:e2:3b:dc:d9:07:83:0a:16:fb:63:92:45: 80:0b:fe:bc:84:db:14:42:1f:50:3f:79:ac:0b:a7: 6c:0f:99:b4:2b:ac:4b:dc:76:18:16:73:7f:c6:68: 26:de:52:21:88:3c:14:46:6e:88:60:0f:e8:52:43: b8:66:51:40:bd:f4:e9:5b:0f:ca:94:61:5e:3a:45: 28:5d:12:c5:c1:f2:b1:12:36:05:ed:b4:f0:ab:a2: 3a:68:c9:69:7d:da:bb:ee:a7:91:c0:d0:9f:12:76: 1e:5a:12:eb:f6:6a:3a:85:90:e5:e3:04:a0:84:7c: ee:7f:9f:02:31:cd:18:ea:7c:1b:f4:a0:40:59:c0: e1:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:CB:B3:5A:66:5F:87:2A:8A:2C:C9:DD:CA:8E:B4:87:66:91:31:BF X509v3 Authority Key Identifier: keyid:BA:D7:CB:FD:3F:5D:A9:45:D2:1E:66:A8:4C:DD:E4:E6:D3:AC:26:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repo.registro.br/repo/2dGAPJP65efeCTUa84hw5RGRbZGPW2qRyTvgahgjxEeB/0/BAD7CBFD3F5DA945D21E66A84CDDE4E6D3AC2618.crl Authority Information Access: CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BAD7CBFD3F5DA945D21E66A84CDDE4E6D3AC2618.cer Subject Information Access: Signed Object - URI:rsync://rpki-repo.registro.br/repo/2dGAPJP65efeCTUa84hw5RGRbZGPW2qRyTvgahgjxEeB/0/AS28270.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 131.221.68.0/22 138.117.124.0/22 138.121.220.0/24 143.255.112.0/22 160.238.220.0/22 168.228.128.0/22 168.232.116.0/22 170.0.204.0/22 170.245.100.0/22 177.66.64.0/21 177.70.128.0/20 177.75.192.0/19 177.87.144.0/21 179.191.128.0/19 187.18.128.0/17 187.108.96.0/20 187.110.208.0/20 189.45.64.0/18 189.50.144.0/20 200.94.240.0/22 201.149.120.0/22 IPv6: 2804:880::/32 Signature Algorithm: sha256WithRSAEncryption 0a:03:84:98:8f:52:a0:34:ba:eb:12:b6:c5:f7:7c:73:9a:44: 5f:bd:5e:6f:ab:08:81:72:f7:76:99:08:cd:4f:3e:45:5e:a2: ac:3a:6c:4a:fb:45:23:82:27:cb:25:9a:1f:50:39:7c:15:a4: 28:3d:81:6f:84:f0:77:59:31:08:c0:21:96:42:e3:b2:c4:42: 22:98:7f:c5:20:d4:4f:dd:e3:6e:d8:b4:2d:6d:a8:f1:ff:bd: 1d:14:3a:42:85:e1:ea:ac:70:7b:99:e5:17:48:e3:b8:8d:7a: fb:45:3b:89:5b:bd:37:57:17:52:8c:0d:08:4e:1b:a8:65:99: b7:47:2f:5c:5d:43:d5:06:6c:8a:1b:ce:b3:36:ba:72:a9:a5: 55:48:2a:15:ac:81:71:de:07:a1:c8:e7:98:c3:f1:cc:a1:92: 63:30:c4:47:ef:c0:4a:5f:85:32:76:9a:78:69:64:4c:01:45: 8d:7c:de:30:57:41:46:27:43:eb:38:78:e4:52:20:9e:fe:c4: 09:1a:66:c2:be:3d:00:f5:18:2c:a3:f9:b5:a4:74:84:27:39: 2c:32:fb:cd:01:1b:9f:99:5f:e1:be:80:71:47:71:c0:7e:c3: 33:a5:a4:21:bf:fc:b0:bc:9e:3e:4d:8d:07:3e:20:c3:2a:b8: c1:14:21:43 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUERtP+upc/kgiPUaM0YWqgulgu2UwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkFEN0NCRkQzRjVEQTk0NUQyMUU2NkE4NENEREU0RTZE M0FDMjYxODAeFw0yNjA1MjgyMTI3NTJaFw0yNzA1MjcyMTMyNTJaMDMxMTAvBgNV BAMTKDFEQ0JCMzVBNjY1Rjg3MkE4QTJDQzlERENBOEVCNDg3NjY5MTMxQkYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1kKBXVxv4Ak8A0kpr0/3XMwKO zkOaFBLlPOvKWuKu53EoYBCE2wn4eTeWyWUUsDEF4oH1hypYh97adZ2gXISyAgic 87LJmM99yAacEkV241DMPHKeKACdsrctzw9DPhY+Ct+urSmr7NdTLTcxaK86co1m tij7VlPZU+I73NkHgwoW+2OSRYAL/ryE2xRCH1A/eawLp2wPmbQrrEvcdhgWc3/G aCbeUiGIPBRGbohgD+hSQ7hmUUC99OlbD8qUYV46RShdEsXB8rESNgXttPCrojpo yWl92rvup5HA0J8Sdh5aEuv2ajqFkOXjBKCEfO5/nwIxzRjqfBv0oEBZwOHBAgMB AAGjggKmMIICojAdBgNVHQ4EFgQUHcuzWmZfhyqKLMndyo60h2aRMb8wHwYDVR0j BBgwFoAUutfL/T9dqUXSHmaoTN3k5tOsJhgwDgYDVR0PAQH/BAQDAgeAMIGUBgNV HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy L3JlcG8vMmRHQVBKUDY1ZWZlQ1RVYTg0aHc1UkdSYlpHUFcycVJ5VHZnYWhnanhF ZUIvMC9CQUQ3Q0JGRDNGNURBOTQ1RDIxRTY2QTg0Q0RERTRFNkQzQUMyNjE4LmNy bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0JBRDdDQkZEM0Y1REE5NDVE MjFFNjZBODRDRERFNEU2RDNBQzI2MTguY2VyMHkGCCsGAQUFBwELBG0wazBpBggr BgEFBQcwC4ZdcnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby8yZEdB UEpQNjVlZmVDVFVhODRodzVSR1JiWkdQVzJxUnlUdmdhaGdqeEVlQi8wL0FTMjgy NzAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwgakGCCsGAQUFBwEHAQH/ BIGZMIGWMIGEBAIAATB+AwQCg91EAwQCinV8AwQAinncAwQCj/9wAwQCoO7cAwQC qOSAAwQCqOh0AwQCqgDMAwQCqvVkAwQDsUJAAwQEsUaAAwQFsUvAAwQDsVeQAwQF s7+AAwQHuxKAAwQEu2xgAwQEu27QAwQGvS1AAwQEvTKQAwQCyF7wAwQCyZV4MA0E AgACMAcDBQAoBAiAMA0GCSqGSIb3DQEBCwUAA4IBAQAKA4SYj1KgNLrrErbF93xz mkRfvV5vqwiBcvd2mQjNTz5FXqKsOmxK+0UjgifLJZofUDl8FaQoPYFvhPB3WTEI wCGWQuOyxEIimH/FINRP3eNu2LQtbajx/70dFDpCheHqrHB7meUXSOO4jXr7RTuJ W703VxdSjA0IThuoZZm3Ry9cXUPVBmyKG86zNrpyqaVVSCoVrIFx3gehyOeYw/HM oZJjMMRH78BKX4Uydpp4aWRMAUWNfN4wV0FGJ0PrOHjkUiCe/sQJGmbCvj0A9Rgs o/m1pHSEJzksMvvNARufmV/hvoBxR3HAfsMzpaQhv/ywvJ4+TY0HPiDDKrjBFCFD -----END CERTIFICATE-----Generated at Sun Jun 14 01:32:41 2026 by rpki-client