$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630363a3a2f34382d3438203d3e203530353535.roa File: 326131323a646434373a383630363a3a2f34382d3438203d3e203530353535.roa (raw, json) Hash identifier: WhLiHVWIRrDdTM2/q/GOyUAgwW6kR1FOY914Re+OVhA= Subject key identifier: 17:4C:A7:C3:C8:74:92:47:A3:E7:7A:A0:BA:95:34:75:26:89:EE:AB Certificate issuer: /CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3 Certificate serial: 3A3B2FACABF226BB43E54C5B9DF7C8AA5CC97228 Authority key identifier: 02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3 Authority info access: rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer Subject info access: rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630363a3a2f34382d3438203d3e203530353535.roa Signing time: Mon 11 Mar 2024 07:12:25 +0000 ROA not before: Mon 11 Mar 2024 07:07:25 +0000 ROA not after: Mon 10 Mar 2025 07:12:25 +0000 asID: 50555 IP address blocks: 2a12:dd47:8606::/48 maxlen: 48 Validation: OK Signature path: rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.mft rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Apr 2024 23:00:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:3b:2f:ac:ab:f2:26:bb:43:e5:4c:5b:9d:f7:c8:aa:5c:c9:72:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3 Validity Not Before: Mar 11 07:07:25 2024 GMT Not After : Mar 10 07:12:25 2025 GMT Subject: CN=174CA7C3C8749247A3E77AA0BA9534752689EEAB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:75:00:31:e1:97:a3:a2:87:a0:a6:39:96:fb: 03:4d:1d:3f:af:1b:d4:09:c1:4a:8a:20:48:51:b0: 33:3b:9e:3b:66:b1:29:3c:19:31:a2:23:9c:a6:94: ac:42:0b:44:a5:e8:0b:f2:93:65:23:88:12:06:b9: df:b0:bd:f1:f6:cf:e9:df:07:15:46:f2:d6:29:34: 64:d9:80:39:af:9f:5e:ae:23:08:4c:66:26:a8:5e: f5:7c:8f:1b:26:9a:d0:7b:a8:78:74:cb:13:84:ac: 19:cd:35:63:67:6b:38:a2:4c:94:df:ad:52:41:5e: b8:b2:cf:f9:4a:f1:b0:dc:73:09:cf:df:78:f6:ab: eb:71:a0:dd:ba:39:9c:bc:cf:53:20:50:31:aa:fe: ee:6b:89:1d:6d:89:92:68:ce:e2:b5:d6:f3:c0:9c: a9:ef:57:b2:8f:ce:8e:0f:40:a9:6e:e9:9b:d1:0f: a8:de:a1:f3:81:2a:39:29:af:50:8e:ff:7b:3e:fc: de:d6:a1:b1:de:5e:d8:76:36:2e:a8:5e:dd:7e:47: 53:96:0e:83:bb:94:41:d3:79:f8:d4:b8:9a:ae:fb: 55:8b:a9:84:d8:ee:81:13:75:a8:fa:b1:bd:9a:99: 00:f9:f1:3a:1e:ec:53:62:8d:b6:94:29:71:65:f0: dc:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:4C:A7:C3:C8:74:92:47:A3:E7:7A:A0:BA:95:34:75:26:89:EE:AB X509v3 Authority Key Identifier: keyid:02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl Authority Information Access: CA Issuers - URI:rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer Subject Information Access: Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630363a3a2f34382d3438203d3e203530353535.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a12:dd47:8606::/48 Signature Algorithm: sha256WithRSAEncryption 3e:27:4c:93:fb:54:9a:1c:91:7e:c8:68:24:8b:5a:55:84:a2: 3e:bf:bc:3e:1e:27:d8:9d:c5:09:3b:60:75:73:da:7a:2f:dd: 79:4d:b7:8a:15:cf:b0:b8:6d:88:b4:1c:57:50:f3:f7:6a:b7: 96:38:94:dd:2b:80:bc:af:3e:5f:89:d2:49:d2:48:5d:d1:65: ae:89:5c:f3:c0:d1:92:a8:81:06:40:87:29:14:cb:69:e8:a3: ce:10:00:d8:50:a6:7b:6d:87:0e:df:58:d7:ad:61:01:f7:40: 23:86:63:8a:f0:a0:a3:56:6b:f6:39:0f:e1:3e:ac:f4:eb:e5: 99:91:5c:81:ed:c6:86:45:a9:f3:c9:6b:5c:8b:20:b5:db:06: c1:1f:fc:a5:7c:41:0f:34:1b:6e:8a:2f:5c:8d:bd:e5:64:ba: 37:98:b5:11:51:4b:5f:59:e8:be:b4:a3:d6:5d:53:71:89:50: 55:6f:51:55:86:cc:6b:34:e6:30:38:96:e6:e8:83:3b:3b:7b: 3c:a4:38:40:6b:c1:b2:d0:b3:bd:af:6a:66:3c:dc:e1:f6:ff: 04:0e:ea:83:61:fe:fb:09:4f:af:67:d7:57:fd:47:c6:05:19: c5:9b:b0:b4:d4:85:1f:ae:70:70:68:18:24:d0:af:de:3e:25: 84:aa:49:d2 -----BEGIN CERTIFICATE----- MIIE7DCCA9SgAwIBAgIUOjsvrKvyJrtD5UxbnffIqlzJcigwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZDRkFD RENDNThBMzAeFw0yNDAzMTEwNzA3MjVaFw0yNTAzMTAwNzEyMjVaMDMxMTAvBgNV BAMTKDE3NENBN0MzQzg3NDkyNDdBM0U3N0FBMEJBOTUzNDc1MjY4OUVFQUIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsdQAx4ZejooegpjmW+wNNHT+v G9QJwUqKIEhRsDM7njtmsSk8GTGiI5ymlKxCC0Sl6Avyk2UjiBIGud+wvfH2z+nf BxVG8tYpNGTZgDmvn16uIwhMZiaoXvV8jxsmmtB7qHh0yxOErBnNNWNnaziiTJTf rVJBXriyz/lK8bDccwnP33j2q+txoN26OZy8z1MgUDGq/u5riR1tiZJozuK11vPA nKnvV7KPzo4PQKlu6ZvRD6jeofOBKjkpr1CO/3s+/N7WobHeXth2Ni6oXt1+R1OW DoO7lEHTefjUuJqu+1WLqYTY7oETdaj6sb2amQD58Toe7FNijbaUKXFl8NxFAgMB AAGjggH2MIIB8jAdBgNVHQ4EFgQUF0ynw8h0kkej53qgupU0dSaJ7qswHwYDVR0j BBgwFoAUAodsEZJMvaAb4a05oyBs+s3MWKMwDgYDVR0PAQH/BAQDAgeAMGsGA1Ud HwRkMGIwYKBeoFyGWnJzeW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdM YWlyLVRFU1QvMS8wMjg3NkMxMTkyNENCREEwMUJFMUFEMzlBMzIwNkNGQUNEQ0M1 OEEzLmNybDBlBggrBgEFBQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBr aS5jby9yZXBvL0FTOTQ1LzEvMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZD RkFDRENDNThBMy5jZXIwgY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJz eW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdMYWlyLVRFU1QvMS8zMjYx MzEzMjNhNjQ2NDM0MzczYTM4MzYzMDM2M2EzYTJmMzQzODJkMzQzODIwM2QzZTIw MzUzMDM1MzUzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEF BQcBBwEB/wQTMBEwDwQCAAIwCQMHACoS3UeGBjANBgkqhkiG9w0BAQsFAAOCAQEA PidMk/tUmhyRfshoJItaVYSiPr+8Ph4n2J3FCTtgdXPaei/deU23ihXPsLhtiLQc V1Dz92q3ljiU3SuAvK8+X4nSSdJIXdFlrolc88DRkqiBBkCHKRTLaeijzhAA2FCm e22HDt9Y161hAfdAI4ZjivCgo1Zr9jkP4T6s9OvlmZFcge3GhkWp88lrXIsgtdsG wR/8pXxBDzQbboovXI295WS6N5i1EVFLX1novrSj1l1TcYlQVW9RVYbMazTmMDiW 5uiDOzt7PKQ4QGvBstCzva9qZjzc4fb/BA7qg2H++wlPr2fXV/1HxgUZxZuwtNSF H65wcGgYJNCv3j4lhKpJ0g== -----END CERTIFICATE-----Generated at Thu Apr 25 06:37:45 2024 by rpki-client on console-fra.rpki-client.org