$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630303a3a2f34302d3430203d3e2030.roa File: 326131323a646434373a383630303a3a2f34302d3430203d3e2030.roa (raw, json) Hash identifier: bVgB6CY0EAnJitkx1Xv6J5wT2KqsqRck5c0cRpR6E6U= Subject key identifier: 95:32:A7:CB:2C:85:2A:48:E2:4E:94:A3:5D:F7:0C:EA:28:C1:49:8E Certificate issuer: /CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3 Certificate serial: 4728A42406490ADD05D73312F7D06AF0533B10ED Authority key identifier: 02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3 Authority info access: rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer Subject info access: rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630303a3a2f34302d3430203d3e2030.roa Signing time: Wed 13 Mar 2024 22:12:50 +0000 ROA not before: Wed 13 Mar 2024 22:07:50 +0000 ROA not after: Wed 12 Mar 2025 22:12:50 +0000 asID: 0 IP address blocks: 2a12:dd47:8600::/40 maxlen: 40 Validation: OK Signature path: rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.mft rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Apr 2024 22:41:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:28:a4:24:06:49:0a:dd:05:d7:33:12:f7:d0:6a:f0:53:3b:10:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3 Validity Not Before: Mar 13 22:07:50 2024 GMT Not After : Mar 12 22:12:50 2025 GMT Subject: CN=9532A7CB2C852A48E24E94A35DF70CEA28C1498E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:6c:29:7a:9a:af:11:21:c4:b3:11:38:df:00: 5a:db:53:31:c2:4a:89:bb:bf:77:f8:b1:31:00:6e: 56:0c:6d:99:15:15:df:3a:97:3c:71:62:d6:5b:26: 99:f3:ef:88:48:65:7a:eb:74:70:21:47:b8:f9:60: 22:a4:af:11:a2:38:5d:44:d5:f0:79:97:98:8f:ea: c4:7e:fe:ec:e5:be:ca:bd:bc:48:6d:c9:6d:e1:d5: 4e:4f:d9:c7:f6:3b:52:68:55:df:47:35:60:11:84: 59:21:e7:24:53:88:89:71:2c:91:ff:0e:01:51:69: 31:ab:8e:0f:64:8a:1f:c6:f1:28:a5:ad:5a:4c:95: ba:62:45:8d:b5:94:a6:d5:5f:ee:8d:a6:3b:63:44: af:98:48:77:27:b3:81:16:5c:d5:44:32:94:42:a1: 1b:84:ad:fe:d9:8d:a6:38:20:b0:1d:3a:38:d7:84: 28:ec:a2:e6:10:d4:5f:ee:a7:93:5b:21:4b:65:d4: 61:3a:5a:e4:10:99:8b:25:f9:4d:43:c6:3b:d0:34: 10:23:99:cf:0f:12:80:2a:3d:e3:08:30:ab:81:c5: ec:00:86:d9:0e:c7:e2:42:3e:30:4c:3b:ea:bf:3c: 17:41:9f:ed:ea:df:f9:ec:cc:39:00:cc:d3:f7:1e: 64:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:32:A7:CB:2C:85:2A:48:E2:4E:94:A3:5D:F7:0C:EA:28:C1:49:8E X509v3 Authority Key Identifier: keyid:02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl Authority Information Access: CA Issuers - URI:rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer Subject Information Access: Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630303a3a2f34302d3430203d3e2030.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a12:dd47:8600::/40 Signature Algorithm: sha256WithRSAEncryption 15:ca:9b:9c:8a:fe:44:87:29:72:67:c0:88:fb:2b:cd:42:79: 4b:cf:34:16:7d:ee:d7:b0:e1:c8:13:6d:cb:5c:24:f1:73:2a: 97:07:cc:0a:05:89:20:11:ce:f0:1f:7c:1b:43:de:ff:dd:65: 9b:bc:a0:f1:fe:9f:bb:b5:88:2e:b8:30:40:56:6c:24:20:98: 83:eb:40:a1:03:e5:b2:99:02:7e:95:95:32:e6:7f:2a:a5:b4: a0:92:e0:d3:8c:5e:69:4a:48:13:9e:5f:93:0b:a5:ec:44:ff: 5b:bd:b0:c5:41:68:a2:48:3a:d1:95:63:9c:0a:50:3a:45:50: a0:5e:97:64:69:bc:22:ca:8a:e0:69:06:50:e0:e4:d3:92:9b: 54:f9:89:d8:9c:29:13:31:2b:35:db:98:c8:b2:75:d2:6a:3c: 4b:6b:9e:0f:1f:6c:cb:61:db:92:bb:2d:b9:7f:f7:40:2e:a3: 85:39:ac:8c:96:50:fb:3b:48:68:b2:01:31:51:70:11:d7:a2: e9:51:74:f3:91:91:06:1d:96:c0:64:89:f5:e0:0c:5e:b9:df: 9e:f5:97:3f:20:fd:ce:b7:96:dc:1f:e2:44:5b:b7:c1:51:f7: 23:26:a2:2e:95:2a:0f:a9:f5:f0:d8:b0:79:7a:d1:f9:3e:d8: d7:69:37:9e -----BEGIN CERTIFICATE----- MIIE4jCCA8qgAwIBAgIURyikJAZJCt0F1zMS99Bq8FM7EO0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZDRkFD RENDNThBMzAeFw0yNDAzMTMyMjA3NTBaFw0yNTAzMTIyMjEyNTBaMDMxMTAvBgNV BAMTKDk1MzJBN0NCMkM4NTJBNDhFMjRFOTRBMzVERjcwQ0VBMjhDMTQ5OEUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtbCl6mq8RIcSzETjfAFrbUzHC Som7v3f4sTEAblYMbZkVFd86lzxxYtZbJpnz74hIZXrrdHAhR7j5YCKkrxGiOF1E 1fB5l5iP6sR+/uzlvsq9vEhtyW3h1U5P2cf2O1JoVd9HNWARhFkh5yRTiIlxLJH/ DgFRaTGrjg9kih/G8SilrVpMlbpiRY21lKbVX+6NpjtjRK+YSHcns4EWXNVEMpRC oRuErf7ZjaY4ILAdOjjXhCjsouYQ1F/up5NbIUtl1GE6WuQQmYsl+U1DxjvQNBAj mc8PEoAqPeMIMKuBxewAhtkOx+JCPjBMO+q/PBdBn+3q3/nszDkAzNP3HmQRAgMB AAGjggHsMIIB6DAdBgNVHQ4EFgQUlTKnyyyFKkjiTpSjXfcM6ijBSY4wHwYDVR0j BBgwFoAUAodsEZJMvaAb4a05oyBs+s3MWKMwDgYDVR0PAQH/BAQDAgeAMGsGA1Ud HwRkMGIwYKBeoFyGWnJzeW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdM YWlyLVRFU1QvMS8wMjg3NkMxMTkyNENCREEwMUJFMUFEMzlBMzIwNkNGQUNEQ0M1 OEEzLmNybDBlBggrBgEFBQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBr aS5jby9yZXBvL0FTOTQ1LzEvMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZD RkFDRENDNThBMy5jZXIwgYQGCCsGAQUFBwELBHgwdjB0BggrBgEFBQcwC4ZocnN5 bmM6Ly9yZXBvLmthZ2wubWUvcnBraS9LZWF0b25BR0xhaXItVEVTVC8xLzMyNjEz MTMyM2E2NDY0MzQzNzNhMzgzNjMwMzAzYTNhMmYzNDMwMmQzNDMwMjAzZDNlMjAz MC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQS MBAwDgQCAAIwCAMGACoS3UeGMA0GCSqGSIb3DQEBCwUAA4IBAQAVypuciv5Ehyly Z8CI+yvNQnlLzzQWfe7XsOHIE23LXCTxcyqXB8wKBYkgEc7wH3wbQ97/3WWbvKDx /p+7tYguuDBAVmwkIJiD60ChA+WymQJ+lZUy5n8qpbSgkuDTjF5pSkgTnl+TC6Xs RP9bvbDFQWiiSDrRlWOcClA6RVCgXpdkabwiyorgaQZQ4OTTkptU+YnYnCkTMSs1 25jIsnXSajxLa54PH2zLYduSuy25f/dALqOFOayMllD7O0hosgExUXAR16LpUXTz kZEGHZbAZIn14Axeud+e9Zc/IP3Ot5bcH+JEW7fBUfcjJqIulSoPqfXw2LB5etH5 PtjXaTee -----END CERTIFICATE-----Generated at Fri Apr 26 10:58:07 2024 by rpki-client on console-ams.rpki-client.org