$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630383a3a2f34382d3438203d3e203530353535.roa File: 326131323a646434373a383630383a3a2f34382d3438203d3e203530353535.roa (raw, json) Hash identifier: yvJARCYuZKCcQdrZehBg3pmqGSxsDFgahe/Ya4VuMCA= Subject key identifier: 28:5A:D8:DC:FC:69:81:85:AF:87:94:04:48:35:7E:13:3E:D6:43:5A Certificate issuer: /CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3 Certificate serial: 481FCE5BBFC2C132AF832CBA695C6A155FD87CB8 Authority key identifier: 02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3 Authority info access: rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer Subject info access: rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630383a3a2f34382d3438203d3e203530353535.roa Signing time: Mon 11 Mar 2024 07:12:18 +0000 ROA not before: Mon 11 Mar 2024 07:07:18 +0000 ROA not after: Mon 10 Mar 2025 07:12:18 +0000 asID: 50555 IP address blocks: 2a12:dd47:8608::/48 maxlen: 48 Validation: OK Signature path: rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.mft rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Apr 2024 22:41:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:1f:ce:5b:bf:c2:c1:32:af:83:2c:ba:69:5c:6a:15:5f:d8:7c:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3 Validity Not Before: Mar 11 07:07:18 2024 GMT Not After : Mar 10 07:12:18 2025 GMT Subject: CN=285AD8DCFC698185AF87940448357E133ED6435A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:33:23:d4:a2:68:b2:d3:37:bb:67:79:ce:ac: 4e:01:d1:d0:83:05:ed:cb:f4:b3:99:43:76:a9:72: 8c:9b:3d:73:7c:4e:be:58:12:d9:1e:13:e8:a3:14: 1b:12:59:dd:59:f4:fc:1e:4f:d2:a3:2a:35:2a:3c: 54:a4:19:79:49:d1:ac:ba:4c:5c:e6:4c:cb:1f:73: 89:ea:e3:49:2a:b2:73:8f:a2:51:82:54:47:71:11: f1:c0:6d:2a:98:4c:cf:fd:b3:f2:82:bb:13:a4:64: 16:7d:c3:ee:ba:91:de:ef:b3:e8:29:70:59:d1:01: 81:d5:b0:16:3e:78:7e:a0:aa:38:b5:5e:c7:43:5b: ff:82:44:fb:45:f4:65:12:c8:e4:00:66:82:62:a7: 0d:63:c1:ba:2b:62:59:e3:40:86:d2:3a:5b:c9:d4: dc:1a:f7:19:ba:57:86:31:7a:94:6b:27:76:7c:9b: 72:2c:d4:03:d7:7a:18:29:a4:1f:bb:8e:7f:0c:96: c4:83:0b:e0:db:e5:35:db:65:78:9e:3f:51:ca:14: 65:0c:4f:1f:c9:65:13:4b:0d:0e:fa:5c:27:4b:d8: 64:c3:39:7e:f3:63:86:8b:e1:ab:20:18:1f:cf:78: 31:3c:51:a5:38:2d:9e:11:3c:88:56:6e:41:be:44: 8d:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:5A:D8:DC:FC:69:81:85:AF:87:94:04:48:35:7E:13:3E:D6:43:5A X509v3 Authority Key Identifier: keyid:02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl Authority Information Access: CA Issuers - URI:rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer Subject Information Access: Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630383a3a2f34382d3438203d3e203530353535.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a12:dd47:8608::/48 Signature Algorithm: sha256WithRSAEncryption 0f:3c:bb:22:2e:c7:af:61:99:f8:a5:22:ba:23:20:54:2d:fc: 5e:9c:32:ae:9d:14:ef:e9:55:c0:42:bc:a4:ec:98:10:3d:37: 5e:0b:8d:18:1c:00:e2:1e:ac:64:4b:6f:a1:04:8c:e0:6f:5b: fd:f5:45:9d:96:20:71:69:1e:99:23:a9:23:eb:c4:b8:f2:9f: 1a:b9:64:e3:e1:01:14:79:55:d4:12:dc:81:de:b4:e1:00:b3: 4c:de:37:01:79:1b:d9:4a:ff:eb:4d:5b:8d:f4:5a:93:57:2d: 63:5c:41:fb:21:52:1c:4f:0f:4a:93:e7:82:9f:d7:01:2e:da: f1:ba:66:3b:f8:78:47:85:77:cc:b4:5f:8a:0b:dd:cd:d1:c8: eb:e5:c3:10:49:54:fc:15:f7:5b:32:3c:6c:0f:cd:9d:0c:eb: 70:6f:e8:9f:3d:7c:bf:3a:b2:04:de:0d:4a:80:d5:69:a7:f2: f1:0e:b4:78:0d:73:f7:85:81:77:f9:d7:ba:f0:99:01:8f:4a: 11:e2:b7:c6:28:4d:8f:78:1c:88:da:e0:88:fe:7b:08:09:e1: 44:87:b4:f8:2b:04:2b:49:9e:70:89:7e:e0:07:dc:fc:f2:f5: f2:79:dc:3e:7b:89:26:ec:5d:57:8a:59:6f:98:56:6a:5c:3c: fc:58:ae:e4 -----BEGIN CERTIFICATE----- MIIE7DCCA9SgAwIBAgIUSB/OW7/CwTKvgyy6aVxqFV/YfLgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZDRkFD RENDNThBMzAeFw0yNDAzMTEwNzA3MThaFw0yNTAzMTAwNzEyMThaMDMxMTAvBgNV BAMTKDI4NUFEOERDRkM2OTgxODVBRjg3OTQwNDQ4MzU3RTEzM0VENjQzNUEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPMyPUomiy0ze7Z3nOrE4B0dCD Be3L9LOZQ3apcoybPXN8Tr5YEtkeE+ijFBsSWd1Z9PweT9KjKjUqPFSkGXlJ0ay6 TFzmTMsfc4nq40kqsnOPolGCVEdxEfHAbSqYTM/9s/KCuxOkZBZ9w+66kd7vs+gp cFnRAYHVsBY+eH6gqji1XsdDW/+CRPtF9GUSyOQAZoJipw1jwborYlnjQIbSOlvJ 1Nwa9xm6V4YxepRrJ3Z8m3Is1APXehgppB+7jn8MlsSDC+Db5TXbZXieP1HKFGUM Tx/JZRNLDQ76XCdL2GTDOX7zY4aL4asgGB/PeDE8UaU4LZ4RPIhWbkG+RI3xAgMB AAGjggH2MIIB8jAdBgNVHQ4EFgQUKFrY3PxpgYWvh5QESDV+Ez7WQ1owHwYDVR0j BBgwFoAUAodsEZJMvaAb4a05oyBs+s3MWKMwDgYDVR0PAQH/BAQDAgeAMGsGA1Ud HwRkMGIwYKBeoFyGWnJzeW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdM YWlyLVRFU1QvMS8wMjg3NkMxMTkyNENCREEwMUJFMUFEMzlBMzIwNkNGQUNEQ0M1 OEEzLmNybDBlBggrBgEFBQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBr aS5jby9yZXBvL0FTOTQ1LzEvMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZD RkFDRENDNThBMy5jZXIwgY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJz eW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdMYWlyLVRFU1QvMS8zMjYx MzEzMjNhNjQ2NDM0MzczYTM4MzYzMDM4M2EzYTJmMzQzODJkMzQzODIwM2QzZTIw MzUzMDM1MzUzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEF BQcBBwEB/wQTMBEwDwQCAAIwCQMHACoS3UeGCDANBgkqhkiG9w0BAQsFAAOCAQEA Dzy7Ii7Hr2GZ+KUiuiMgVC38Xpwyrp0U7+lVwEK8pOyYED03XguNGBwA4h6sZEtv oQSM4G9b/fVFnZYgcWkemSOpI+vEuPKfGrlk4+EBFHlV1BLcgd604QCzTN43AXkb 2Ur/601bjfRak1ctY1xB+yFSHE8PSpPngp/XAS7a8bpmO/h4R4V3zLRfigvdzdHI 6+XDEElU/BX3WzI8bA/NnQzrcG/onz18vzqyBN4NSoDVaafy8Q60eA1z94WBd/nX uvCZAY9KEeK3xihNj3gciNrgiP57CAnhRIe0+CsEK0mecIl+4Afc/PL18nncPnuJ JuxdV4pZb5hWalw8/Fiu5A== -----END CERTIFICATE-----Generated at Fri Apr 26 10:58:08 2024 by rpki-client on console-ams.rpki-client.org