Route Origin Authorization
$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630643a3a2f34382d3438203d3e203530353535.roa
File: 326131323a646434373a383630643a3a2f34382d3438203d3e203530353535.roa (raw, json)
Hash identifier: pSS9lyg/r63hrLK6N28zfZCmJTpAFyPUHcuhnyC7Nds=
Subject key identifier: 72:FA:64:A4:6B:FA:BC:FC:89:0F:02:74:3D:B0:24:C7:BB:A3:E8:AD
Certificate issuer: /CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
Certificate serial: 089A48B0252FAE4677F4F34D99E130FD0AA15C31
Authority key identifier: 02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3
Authority info access: rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer
Subject info access: rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630643a3a2f34382d3438203d3e203530353535.roa
Signing time: Mon 11 Mar 2024 07:12:35 +0000
ROA not before: Mon 11 Mar 2024 07:07:35 +0000
ROA not after: Mon 10 Mar 2025 07:12:35 +0000
asID: 50555
IP address blocks: 2a12:dd47:860d::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:9a:48:b0:25:2f:ae:46:77:f4:f3:4d:99:e1:30:fd:0a:a1:5c:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
Validity
Not Before: Mar 11 07:07:35 2024 GMT
Not After : Mar 10 07:12:35 2025 GMT
Subject: CN=72FA64A46BFABCFC890F02743DB024C7BBA3E8AD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:88:9e:e8:06:b9:24:df:c5:e4:22:36:0c:8a:
e8:34:78:fd:e8:7d:6f:48:3b:9d:c0:3f:bd:bb:3b:
df:35:9b:b6:2f:dc:4c:9e:66:e1:c2:79:4f:93:91:
aa:0b:7b:f9:e3:d5:fb:4f:23:9b:3f:a9:cc:9a:c9:
2f:d3:fb:d8:5e:8f:45:39:8c:03:28:40:4d:08:f5:
5a:20:de:b9:5f:96:fe:19:5a:98:3f:28:49:29:87:
5d:80:18:cc:9e:21:96:e5:ec:44:d4:8a:e2:d7:a2:
97:0c:7a:b0:1b:fa:d3:b1:53:3b:31:d8:d5:fb:76:
43:c4:45:d7:ce:ba:c3:18:d9:f5:58:54:fe:e3:ad:
64:07:e0:93:63:c1:76:ab:15:a6:3d:f1:fd:29:6c:
5f:00:4a:81:43:ee:ed:2e:17:25:5c:a2:74:eb:b4:
c0:9e:2d:c1:f1:bb:51:bc:08:f4:2b:be:c1:5f:37:
eb:fe:53:db:7f:c0:10:11:8e:55:41:ef:a9:fd:96:
ad:ee:06:22:59:9e:02:1d:6c:f2:1d:a0:e0:0d:4d:
c8:df:70:08:b5:68:89:57:43:a4:31:ba:f6:23:96:
42:79:ad:76:f9:60:8a:e4:71:1a:60:69:62:14:c5:
0c:a6:f4:09:bd:02:18:94:ce:e9:17:98:e5:72:3b:
58:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:FA:64:A4:6B:FA:BC:FC:89:0F:02:74:3D:B0:24:C7:BB:A3:E8:AD
X509v3 Authority Key Identifier:
keyid:02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer
Subject Information Access:
Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630643a3a2f34382d3438203d3e203530353535.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:dd47:860d::/48
Signature Algorithm: sha256WithRSAEncryption
35:87:ed:70:67:6c:a5:69:54:23:52:e9:b1:e1:4f:2d:31:1e:
ea:82:ed:79:1f:8d:2c:12:8a:21:6a:df:43:fa:85:a7:8c:d7:
84:00:f0:a1:f8:5e:be:99:64:0f:4c:0c:fd:48:4e:60:62:3e:
6d:5f:b1:f8:b4:89:dd:c0:a2:e2:8c:b7:2a:0e:4d:94:28:5b:
a1:68:33:a4:e6:20:24:80:ef:22:9f:45:16:c5:3a:95:ef:f3:
69:3d:aa:c5:47:5d:f5:a0:79:d3:51:b4:a3:17:95:74:79:ad:
a3:38:df:7f:7c:b6:e9:52:b5:72:ab:96:ac:83:c4:ca:ac:75:
48:bb:8c:6b:e3:a7:41:37:73:4c:a5:66:4f:90:c7:55:5b:65:
ee:81:b1:f8:02:25:48:f8:c8:44:eb:5c:bf:9d:56:52:68:69:
42:89:13:2f:2e:b2:ab:ec:fc:45:ac:d2:e8:b4:89:21:d4:b4:
7e:70:ac:07:5e:fb:0b:04:cb:22:48:85:ee:bc:48:e9:5b:7a:
51:8e:95:a8:7f:11:ac:00:69:7d:76:05:01:94:fe:17:72:dd:
ed:00:21:2f:7d:09:a7:c9:36:29:f9:52:95:73:90:87:e4:59:
07:c8:3b:c7:fb:a9:60:60:b3:cb:0a:fa:20:ae:e6:55:07:40:
33:59:45:51
-----BEGIN CERTIFICATE-----
MIIE7DCCA9SgAwIBAgIUCJpIsCUvrkZ39PNNmeEw/QqhXDEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZDRkFD
RENDNThBMzAeFw0yNDAzMTEwNzA3MzVaFw0yNTAzMTAwNzEyMzVaMDMxMTAvBgNV
BAMTKDcyRkE2NEE0NkJGQUJDRkM4OTBGMDI3NDNEQjAyNEM3QkJBM0U4QUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3iJ7oBrkk38XkIjYMiug0eP3o
fW9IO53AP727O981m7Yv3EyeZuHCeU+TkaoLe/nj1ftPI5s/qcyayS/T+9hej0U5
jAMoQE0I9Vog3rlflv4ZWpg/KEkph12AGMyeIZbl7ETUiuLXopcMerAb+tOxUzsx
2NX7dkPERdfOusMY2fVYVP7jrWQH4JNjwXarFaY98f0pbF8ASoFD7u0uFyVconTr
tMCeLcHxu1G8CPQrvsFfN+v+U9t/wBARjlVB76n9lq3uBiJZngIdbPIdoOANTcjf
cAi1aIlXQ6QxuvYjlkJ5rXb5YIrkcRpgaWIUxQym9Am9AhiUzukXmOVyO1j5AgMB
AAGjggH2MIIB8jAdBgNVHQ4EFgQUcvpkpGv6vPyJDwJ0PbAkx7uj6K0wHwYDVR0j
BBgwFoAUAodsEZJMvaAb4a05oyBs+s3MWKMwDgYDVR0PAQH/BAQDAgeAMGsGA1Ud
HwRkMGIwYKBeoFyGWnJzeW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdM
YWlyLVRFU1QvMS8wMjg3NkMxMTkyNENCREEwMUJFMUFEMzlBMzIwNkNGQUNEQ0M1
OEEzLmNybDBlBggrBgEFBQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBr
aS5jby9yZXBvL0FTOTQ1LzEvMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZD
RkFDRENDNThBMy5jZXIwgY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJz
eW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdMYWlyLVRFU1QvMS8zMjYx
MzEzMjNhNjQ2NDM0MzczYTM4MzYzMDY0M2EzYTJmMzQzODJkMzQzODIwM2QzZTIw
MzUzMDM1MzUzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEF
BQcBBwEB/wQTMBEwDwQCAAIwCQMHACoS3UeGDTANBgkqhkiG9w0BAQsFAAOCAQEA
NYftcGdspWlUI1LpseFPLTEe6oLteR+NLBKKIWrfQ/qFp4zXhADwofhevplkD0wM
/UhOYGI+bV+x+LSJ3cCi4oy3Kg5NlChboWgzpOYgJIDvIp9FFsU6le/zaT2qxUdd
9aB501G0oxeVdHmtozjff3y26VK1cquWrIPEyqx1SLuMa+OnQTdzTKVmT5DHVVtl
7oGx+AIlSPjIROtcv51WUmhpQokTLy6yq+z8RazS6LSJIdS0fnCsB177CwTLIkiF
7rxI6Vt6UY6VqH8RrABpfXYFAZT+F3Ld7QAhL30Jp8k2KflSlXOQh+RZB8g7x/up
YGCzywr6IK7mVQdAM1lFUQ==
-----END CERTIFICATE-----
Generated at Thu Oct 3 23:28:32 2024 by rpki-client on console-ams.rpki-client.org