$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630643a3a2f34382d3438203d3e203530353535.roa File: 326131323a646434373a383630643a3a2f34382d3438203d3e203530353535.roa (raw, json) Hash identifier: pSS9lyg/r63hrLK6N28zfZCmJTpAFyPUHcuhnyC7Nds= Subject key identifier: 72:FA:64:A4:6B:FA:BC:FC:89:0F:02:74:3D:B0:24:C7:BB:A3:E8:AD Certificate issuer: /CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3 Certificate serial: 089A48B0252FAE4677F4F34D99E130FD0AA15C31 Authority key identifier: 02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3 Authority info access: rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer Subject info access: rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630643a3a2f34382d3438203d3e203530353535.roa Signing time: Mon 11 Mar 2024 07:12:35 +0000 ROA not before: Mon 11 Mar 2024 07:07:35 +0000 ROA not after: Mon 10 Mar 2025 07:12:35 +0000 asID: 50555 IP address blocks: 2a12:dd47:860d::/48 maxlen: 48 Validation: OK Signature path: rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.mft rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 29 Mar 2024 13:55:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:9a:48:b0:25:2f:ae:46:77:f4:f3:4d:99:e1:30:fd:0a:a1:5c:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3 Validity Not Before: Mar 11 07:07:35 2024 GMT Not After : Mar 10 07:12:35 2025 GMT Subject: CN=72FA64A46BFABCFC890F02743DB024C7BBA3E8AD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:88:9e:e8:06:b9:24:df:c5:e4:22:36:0c:8a: e8:34:78:fd:e8:7d:6f:48:3b:9d:c0:3f:bd:bb:3b: df:35:9b:b6:2f:dc:4c:9e:66:e1:c2:79:4f:93:91: aa:0b:7b:f9:e3:d5:fb:4f:23:9b:3f:a9:cc:9a:c9: 2f:d3:fb:d8:5e:8f:45:39:8c:03:28:40:4d:08:f5: 5a:20:de:b9:5f:96:fe:19:5a:98:3f:28:49:29:87: 5d:80:18:cc:9e:21:96:e5:ec:44:d4:8a:e2:d7:a2: 97:0c:7a:b0:1b:fa:d3:b1:53:3b:31:d8:d5:fb:76: 43:c4:45:d7:ce:ba:c3:18:d9:f5:58:54:fe:e3:ad: 64:07:e0:93:63:c1:76:ab:15:a6:3d:f1:fd:29:6c: 5f:00:4a:81:43:ee:ed:2e:17:25:5c:a2:74:eb:b4: c0:9e:2d:c1:f1:bb:51:bc:08:f4:2b:be:c1:5f:37: eb:fe:53:db:7f:c0:10:11:8e:55:41:ef:a9:fd:96: ad:ee:06:22:59:9e:02:1d:6c:f2:1d:a0:e0:0d:4d: c8:df:70:08:b5:68:89:57:43:a4:31:ba:f6:23:96: 42:79:ad:76:f9:60:8a:e4:71:1a:60:69:62:14:c5: 0c:a6:f4:09:bd:02:18:94:ce:e9:17:98:e5:72:3b: 58:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:FA:64:A4:6B:FA:BC:FC:89:0F:02:74:3D:B0:24:C7:BB:A3:E8:AD X509v3 Authority Key Identifier: keyid:02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl Authority Information Access: CA Issuers - URI:rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer Subject Information Access: Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630643a3a2f34382d3438203d3e203530353535.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a12:dd47:860d::/48 Signature Algorithm: sha256WithRSAEncryption 35:87:ed:70:67:6c:a5:69:54:23:52:e9:b1:e1:4f:2d:31:1e: ea:82:ed:79:1f:8d:2c:12:8a:21:6a:df:43:fa:85:a7:8c:d7: 84:00:f0:a1:f8:5e:be:99:64:0f:4c:0c:fd:48:4e:60:62:3e: 6d:5f:b1:f8:b4:89:dd:c0:a2:e2:8c:b7:2a:0e:4d:94:28:5b: a1:68:33:a4:e6:20:24:80:ef:22:9f:45:16:c5:3a:95:ef:f3: 69:3d:aa:c5:47:5d:f5:a0:79:d3:51:b4:a3:17:95:74:79:ad: a3:38:df:7f:7c:b6:e9:52:b5:72:ab:96:ac:83:c4:ca:ac:75: 48:bb:8c:6b:e3:a7:41:37:73:4c:a5:66:4f:90:c7:55:5b:65: ee:81:b1:f8:02:25:48:f8:c8:44:eb:5c:bf:9d:56:52:68:69: 42:89:13:2f:2e:b2:ab:ec:fc:45:ac:d2:e8:b4:89:21:d4:b4: 7e:70:ac:07:5e:fb:0b:04:cb:22:48:85:ee:bc:48:e9:5b:7a: 51:8e:95:a8:7f:11:ac:00:69:7d:76:05:01:94:fe:17:72:dd: ed:00:21:2f:7d:09:a7:c9:36:29:f9:52:95:73:90:87:e4:59: 07:c8:3b:c7:fb:a9:60:60:b3:cb:0a:fa:20:ae:e6:55:07:40: 33:59:45:51 -----BEGIN CERTIFICATE----- MIIE7DCCA9SgAwIBAgIUCJpIsCUvrkZ39PNNmeEw/QqhXDEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZDRkFD RENDNThBMzAeFw0yNDAzMTEwNzA3MzVaFw0yNTAzMTAwNzEyMzVaMDMxMTAvBgNV BAMTKDcyRkE2NEE0NkJGQUJDRkM4OTBGMDI3NDNEQjAyNEM3QkJBM0U4QUQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3iJ7oBrkk38XkIjYMiug0eP3o fW9IO53AP727O981m7Yv3EyeZuHCeU+TkaoLe/nj1ftPI5s/qcyayS/T+9hej0U5 jAMoQE0I9Vog3rlflv4ZWpg/KEkph12AGMyeIZbl7ETUiuLXopcMerAb+tOxUzsx 2NX7dkPERdfOusMY2fVYVP7jrWQH4JNjwXarFaY98f0pbF8ASoFD7u0uFyVconTr tMCeLcHxu1G8CPQrvsFfN+v+U9t/wBARjlVB76n9lq3uBiJZngIdbPIdoOANTcjf cAi1aIlXQ6QxuvYjlkJ5rXb5YIrkcRpgaWIUxQym9Am9AhiUzukXmOVyO1j5AgMB AAGjggH2MIIB8jAdBgNVHQ4EFgQUcvpkpGv6vPyJDwJ0PbAkx7uj6K0wHwYDVR0j BBgwFoAUAodsEZJMvaAb4a05oyBs+s3MWKMwDgYDVR0PAQH/BAQDAgeAMGsGA1Ud HwRkMGIwYKBeoFyGWnJzeW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdM YWlyLVRFU1QvMS8wMjg3NkMxMTkyNENCREEwMUJFMUFEMzlBMzIwNkNGQUNEQ0M1 OEEzLmNybDBlBggrBgEFBQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBr aS5jby9yZXBvL0FTOTQ1LzEvMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZD RkFDRENDNThBMy5jZXIwgY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJz eW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdMYWlyLVRFU1QvMS8zMjYx MzEzMjNhNjQ2NDM0MzczYTM4MzYzMDY0M2EzYTJmMzQzODJkMzQzODIwM2QzZTIw MzUzMDM1MzUzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEF BQcBBwEB/wQTMBEwDwQCAAIwCQMHACoS3UeGDTANBgkqhkiG9w0BAQsFAAOCAQEA NYftcGdspWlUI1LpseFPLTEe6oLteR+NLBKKIWrfQ/qFp4zXhADwofhevplkD0wM /UhOYGI+bV+x+LSJ3cCi4oy3Kg5NlChboWgzpOYgJIDvIp9FFsU6le/zaT2qxUdd 9aB501G0oxeVdHmtozjff3y26VK1cquWrIPEyqx1SLuMa+OnQTdzTKVmT5DHVVtl 7oGx+AIlSPjIROtcv51WUmhpQokTLy6yq+z8RazS6LSJIdS0fnCsB177CwTLIkiF 7rxI6Vt6UY6VqH8RrABpfXYFAZT+F3Ld7QAhL30Jp8k2KflSlXOQh+RZB8g7x/up YGCzywr6IK7mVQdAM1lFUQ== -----END CERTIFICATE-----Generated at Thu Mar 28 23:12:04 2024 by rpki-client on console-fra.rpki-client.org