$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630623a3a2f34382d3438203d3e203530353535.roa File: 326131323a646434373a383630623a3a2f34382d3438203d3e203530353535.roa (raw, json) Hash identifier: P8JskXQq8rhMqJmwd4lSnoyKOklqs5FaDVyanSYeqcg= Subject key identifier: 66:F0:12:80:65:E5:BC:11:8B:70:57:EC:16:DE:94:BE:40:74:89:05 Certificate issuer: /CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3 Certificate serial: 730B3E2DEACA4FC50AAA35FBD9A87D7C138582D4 Authority key identifier: 02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3 Authority info access: rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer Subject info access: rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630623a3a2f34382d3438203d3e203530353535.roa Signing time: Mon 11 Mar 2024 07:12:22 +0000 ROA not before: Mon 11 Mar 2024 07:07:22 +0000 ROA not after: Mon 10 Mar 2025 07:12:22 +0000 asID: 50555 IP address blocks: 2a12:dd47:860b::/48 maxlen: 48 Validation: OK Signature path: rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.mft rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Apr 2024 05:00:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:0b:3e:2d:ea:ca:4f:c5:0a:aa:35:fb:d9:a8:7d:7c:13:85:82:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3 Validity Not Before: Mar 11 07:07:22 2024 GMT Not After : Mar 10 07:12:22 2025 GMT Subject: CN=66F0128065E5BC118B7057EC16DE94BE40748905 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:01:5a:60:c3:89:04:d9:d8:01:2d:73:7f:50: 09:11:ff:64:49:f6:12:62:de:fc:86:99:15:46:36: 4e:56:f8:ad:6c:b0:6e:43:72:0f:56:d3:fa:e7:11: 09:ba:7b:3e:d4:b8:62:eb:44:50:e6:c2:02:0a:cb: 95:6c:54:35:5e:de:a4:5e:ab:90:86:75:1a:96:4a: d7:b2:b2:13:b2:5d:4e:4c:4b:23:41:68:ba:07:4c: 16:93:aa:59:9c:40:36:7f:83:68:de:de:7c:f6:bb: 3e:38:79:ad:38:2b:b7:27:c2:71:cc:4f:e8:f3:a6: c8:ca:de:d0:e9:be:2b:4a:cf:9f:7f:cf:3a:7d:52: 62:fa:d2:61:94:3a:08:2b:2f:96:b6:13:17:5a:bb: 8c:46:28:39:66:5a:a0:68:41:16:31:7c:63:22:6d: 15:52:ec:2b:d4:54:73:8f:b7:0f:fa:a2:ba:03:5d: 78:47:b6:fd:16:8c:13:73:ff:cc:21:14:76:5a:95: 99:30:6a:3f:d7:a0:eb:4e:36:2c:87:22:5f:6c:85: a7:cb:56:af:f3:d8:e7:5f:ea:a2:90:34:a1:33:70: 3a:07:1d:ff:af:fe:68:33:9b:13:df:66:7c:d4:8c: 99:93:18:f4:35:47:ce:1c:10:14:ce:c9:34:b6:12: 28:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:F0:12:80:65:E5:BC:11:8B:70:57:EC:16:DE:94:BE:40:74:89:05 X509v3 Authority Key Identifier: keyid:02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl Authority Information Access: CA Issuers - URI:rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer Subject Information Access: Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630623a3a2f34382d3438203d3e203530353535.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a12:dd47:860b::/48 Signature Algorithm: sha256WithRSAEncryption 4f:ac:0f:79:78:72:55:11:a7:93:50:3e:ce:ca:b1:e7:a1:99: 35:ba:35:df:f6:3e:03:54:b7:f9:ef:6b:d6:e1:10:f6:9e:84: ca:1c:d3:81:d2:2b:86:a7:a2:0b:94:d2:fd:12:a7:06:f3:fd: 05:1c:76:66:fd:ba:f9:7b:52:d9:c5:ea:35:76:97:1f:f9:2e: 56:14:d8:2c:90:91:14:37:b7:ab:a0:66:b5:04:80:8d:b2:89: e1:6f:87:4d:a3:97:be:04:fb:64:01:d5:95:1a:31:60:b7:15: ba:23:99:1f:98:88:78:b8:11:da:f5:6c:12:14:5b:b6:50:7f: 24:d7:78:ea:d7:a3:d2:ba:e2:21:da:dc:26:cc:29:c9:6a:6f: ee:c7:53:eb:b6:f2:10:bf:f6:f0:59:54:7d:e2:ff:26:30:6f: 87:0e:7d:c4:2a:46:76:87:1c:d3:ae:84:00:58:96:5a:de:05: fa:c7:59:00:4b:53:c7:e7:14:9c:50:cb:5f:4f:18:22:14:78: 80:f4:e1:80:c2:b6:73:b7:31:cd:07:26:a8:a3:da:77:da:de: 73:7d:1d:9c:08:62:19:11:1f:77:0b:10:cc:0c:68:a8:c7:01: 6c:8f:78:b1:0d:1f:bc:77:50:ba:05:3f:89:bc:fa:55:ce:ff: 51:83:f5:f0 -----BEGIN CERTIFICATE----- MIIE7DCCA9SgAwIBAgIUcws+LerKT8UKqjX72ah9fBOFgtQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZDRkFD RENDNThBMzAeFw0yNDAzMTEwNzA3MjJaFw0yNTAzMTAwNzEyMjJaMDMxMTAvBgNV BAMTKDY2RjAxMjgwNjVFNUJDMTE4QjcwNTdFQzE2REU5NEJFNDA3NDg5MDUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOAVpgw4kE2dgBLXN/UAkR/2RJ 9hJi3vyGmRVGNk5W+K1ssG5Dcg9W0/rnEQm6ez7UuGLrRFDmwgIKy5VsVDVe3qRe q5CGdRqWSteyshOyXU5MSyNBaLoHTBaTqlmcQDZ/g2je3nz2uz44ea04K7cnwnHM T+jzpsjK3tDpvitKz59/zzp9UmL60mGUOggrL5a2Exdau4xGKDlmWqBoQRYxfGMi bRVS7CvUVHOPtw/6oroDXXhHtv0WjBNz/8whFHZalZkwaj/XoOtONiyHIl9shafL Vq/z2Odf6qKQNKEzcDoHHf+v/mgzmxPfZnzUjJmTGPQ1R84cEBTOyTS2EihvAgMB AAGjggH2MIIB8jAdBgNVHQ4EFgQUZvASgGXlvBGLcFfsFt6UvkB0iQUwHwYDVR0j BBgwFoAUAodsEZJMvaAb4a05oyBs+s3MWKMwDgYDVR0PAQH/BAQDAgeAMGsGA1Ud HwRkMGIwYKBeoFyGWnJzeW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdM YWlyLVRFU1QvMS8wMjg3NkMxMTkyNENCREEwMUJFMUFEMzlBMzIwNkNGQUNEQ0M1 OEEzLmNybDBlBggrBgEFBQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBr aS5jby9yZXBvL0FTOTQ1LzEvMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZD RkFDRENDNThBMy5jZXIwgY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJz eW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdMYWlyLVRFU1QvMS8zMjYx MzEzMjNhNjQ2NDM0MzczYTM4MzYzMDYyM2EzYTJmMzQzODJkMzQzODIwM2QzZTIw MzUzMDM1MzUzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEF BQcBBwEB/wQTMBEwDwQCAAIwCQMHACoS3UeGCzANBgkqhkiG9w0BAQsFAAOCAQEA T6wPeXhyVRGnk1A+zsqx56GZNbo13/Y+A1S3+e9r1uEQ9p6EyhzTgdIrhqeiC5TS /RKnBvP9BRx2Zv26+XtS2cXqNXaXH/kuVhTYLJCRFDe3q6BmtQSAjbKJ4W+HTaOX vgT7ZAHVlRoxYLcVuiOZH5iIeLgR2vVsEhRbtlB/JNd46tej0rriIdrcJswpyWpv 7sdT67byEL/28FlUfeL/JjBvhw59xCpGdocc066EAFiWWt4F+sdZAEtTx+cUnFDL X08YIhR4gPThgMK2c7cxzQcmqKPad9rec30dnAhiGREfdwsQzAxoqMcBbI94sQ0f vHdQugU/ibz6Vc7/UYP18A== -----END CERTIFICATE-----Generated at Thu Apr 18 12:01:12 2024 by rpki-client on console-fra.rpki-client.org