Route Origin Authorization
$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630303a3a2f34382d3438203d3e203530353535.roa
File: 326131323a646434373a383630303a3a2f34382d3438203d3e203530353535.roa (raw, json)
Hash identifier: bCptdjmvnQpm+VU0b5omGZ2gseXuWLCMxMKaXw2vivs=
Subject key identifier: 4C:3D:D2:D2:13:A3:65:EF:89:6E:A2:A0:3E:48:F5:21:9E:CD:C3:71
Certificate issuer: /CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
Certificate serial: 51A0CB0DFE79287FAD0D4DCEBD7F4EAAD0D6DA33
Authority key identifier: 02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3
Authority info access: rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer
Subject info access: rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630303a3a2f34382d3438203d3e203530353535.roa
Signing time: Wed 13 Mar 2024 23:12:52 +0000
ROA not before: Wed 13 Mar 2024 23:07:52 +0000
ROA not after: Wed 12 Mar 2025 23:12:52 +0000
asID: 50555
IP address blocks: 2a12:dd47:8600::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:a0:cb:0d:fe:79:28:7f:ad:0d:4d:ce:bd:7f:4e:aa:d0:d6:da:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
Validity
Not Before: Mar 13 23:07:52 2024 GMT
Not After : Mar 12 23:12:52 2025 GMT
Subject: CN=4C3DD2D213A365EF896EA2A03E48F5219ECDC371
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:aa:2a:4e:f4:e7:f2:af:d5:49:ab:61:d9:f9:
6b:35:fa:b0:09:40:c1:2f:3e:b8:a4:e1:97:8a:6c:
6b:d7:9e:58:a9:93:cc:06:82:be:bf:02:bf:0f:28:
fa:dc:7c:19:a4:6f:4c:c4:84:0d:54:e6:8a:db:54:
93:e9:27:d3:0d:f8:d9:6d:ba:24:2c:24:5e:8b:ae:
6b:21:bd:60:2a:68:70:b6:2e:c9:80:f2:b1:c9:57:
63:92:a5:b1:27:37:38:d5:2d:ec:6b:eb:5f:c1:7a:
df:90:81:e7:c2:10:6a:37:26:31:83:d5:fa:55:c9:
cf:e2:94:86:b3:e6:5c:b3:c5:0b:8d:75:b9:76:b9:
55:7d:9c:71:e4:4c:6e:c7:d1:c8:a1:74:a4:46:c4:
41:a1:d8:6a:4f:fa:cb:dc:2f:35:7e:7e:e7:c2:1b:
e7:d7:0e:38:3a:da:85:d6:53:5d:e1:0f:3f:ae:84:
04:fb:ba:8d:0f:3d:0f:6b:d1:1d:a5:86:01:b5:25:
fd:c1:9a:15:8b:c6:e1:1b:5e:67:1f:79:be:65:54:
77:70:0f:83:68:12:c8:9f:ef:7f:b2:60:8c:dd:ec:
9c:a1:54:65:3d:79:c0:0a:ce:ae:e3:2b:16:76:79:
c9:b6:4f:0e:63:5b:52:4a:fb:98:0e:47:14:1c:9a:
1e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:3D:D2:D2:13:A3:65:EF:89:6E:A2:A0:3E:48:F5:21:9E:CD:C3:71
X509v3 Authority Key Identifier:
keyid:02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer
Subject Information Access:
Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630303a3a2f34382d3438203d3e203530353535.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:dd47:8600::/48
Signature Algorithm: sha256WithRSAEncryption
81:e9:d2:f7:8e:fe:c9:e2:26:17:54:38:ee:71:42:18:64:87:
4f:3c:14:e7:0c:51:35:c1:b9:ae:83:7a:03:bb:45:c5:09:fa:
56:95:09:12:c0:ee:74:6b:b0:88:31:19:06:b8:47:3d:95:a0:
70:62:52:3e:8b:3c:6f:bc:94:0d:d7:97:87:26:be:22:b7:01:
67:44:d5:64:9b:24:16:94:14:19:59:aa:8b:05:cd:da:e5:86:
1b:03:75:06:89:24:b0:8d:2b:74:30:83:c3:3c:70:97:e2:34:
b0:7b:9d:99:1a:0a:74:88:dd:0b:a2:7d:33:82:6a:98:3c:b5:
73:d5:b1:9e:67:b4:fc:a2:08:7f:88:62:65:cd:5a:9d:1a:61:
4b:6f:4e:db:80:62:13:53:16:47:45:12:80:78:13:a1:7e:1a:
78:80:aa:23:2f:6e:76:76:c3:38:cc:d0:53:5c:92:1f:70:2d:
33:af:79:84:86:d8:ed:12:df:79:5b:4a:34:00:91:87:44:53:
09:32:60:9e:f4:89:db:be:68:cb:9a:bb:e5:55:3a:af:ca:da:
6a:27:95:37:32:f9:d0:e5:ee:8e:a4:10:29:4a:9a:54:4a:9f:
0c:17:c5:3c:f9:5c:2e:3d:af:76:29:5b:23:97:f9:19:1e:dd:
c7:8b:67:e2
-----BEGIN CERTIFICATE-----
MIIE7DCCA9SgAwIBAgIUUaDLDf55KH+tDU3OvX9OqtDW2jMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZDRkFD
RENDNThBMzAeFw0yNDAzMTMyMzA3NTJaFw0yNTAzMTIyMzEyNTJaMDMxMTAvBgNV
BAMTKDRDM0REMkQyMTNBMzY1RUY4OTZFQTJBMDNFNDhGNTIxOUVDREMzNzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpqipO9Ofyr9VJq2HZ+Ws1+rAJ
QMEvPrik4ZeKbGvXnlipk8wGgr6/Ar8PKPrcfBmkb0zEhA1U5orbVJPpJ9MN+Nlt
uiQsJF6LrmshvWAqaHC2LsmA8rHJV2OSpbEnNzjVLexr61/Bet+QgefCEGo3JjGD
1fpVyc/ilIaz5lyzxQuNdbl2uVV9nHHkTG7H0cihdKRGxEGh2GpP+svcLzV+fufC
G+fXDjg62oXWU13hDz+uhAT7uo0PPQ9r0R2lhgG1Jf3BmhWLxuEbXmcfeb5lVHdw
D4NoEsif73+yYIzd7JyhVGU9ecAKzq7jKxZ2ecm2Tw5jW1JK+5gORxQcmh7JAgMB
AAGjggH2MIIB8jAdBgNVHQ4EFgQUTD3S0hOjZe+JbqKgPkj1IZ7Nw3EwHwYDVR0j
BBgwFoAUAodsEZJMvaAb4a05oyBs+s3MWKMwDgYDVR0PAQH/BAQDAgeAMGsGA1Ud
HwRkMGIwYKBeoFyGWnJzeW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdM
YWlyLVRFU1QvMS8wMjg3NkMxMTkyNENCREEwMUJFMUFEMzlBMzIwNkNGQUNEQ0M1
OEEzLmNybDBlBggrBgEFBQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBr
aS5jby9yZXBvL0FTOTQ1LzEvMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZD
RkFDRENDNThBMy5jZXIwgY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJz
eW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdMYWlyLVRFU1QvMS8zMjYx
MzEzMjNhNjQ2NDM0MzczYTM4MzYzMDMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIw
MzUzMDM1MzUzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEF
BQcBBwEB/wQTMBEwDwQCAAIwCQMHACoS3UeGADANBgkqhkiG9w0BAQsFAAOCAQEA
genS947+yeImF1Q47nFCGGSHTzwU5wxRNcG5roN6A7tFxQn6VpUJEsDudGuwiDEZ
BrhHPZWgcGJSPos8b7yUDdeXhya+IrcBZ0TVZJskFpQUGVmqiwXN2uWGGwN1Bokk
sI0rdDCDwzxwl+I0sHudmRoKdIjdC6J9M4JqmDy1c9Wxnme0/KIIf4hiZc1anRph
S29O24BiE1MWR0USgHgToX4aeICqIy9udnbDOMzQU1ySH3AtM695hIbY7RLfeVtK
NACRh0RTCTJgnvSJ275oy5q75VU6r8raaieVNzL50OXujqQQKUqaVEqfDBfFPPlc
Lj2vdilbI5f5GR7dx4tn4g==
-----END CERTIFICATE-----
Generated at Thu Oct 3 23:36:09 2024 by rpki-client on console-fra.rpki-client.org