$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair/0/3130342e33372e34302e302f32322d3232203d3e2030.roa File: 3130342e33372e34302e302f32322d3232203d3e2030.roa (raw, json) Hash identifier: vHzV9yuwB4p+FXvV7pq6ibofX3Oxg5SwuBjEw2YE3Pg= Subject key identifier: 62:BF:7F:69:C8:F9:9D:63:83:7A:1E:AE:9A:CD:72:16:CF:18:8C:F7 Certificate issuer: /CN=02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351 Certificate serial: 3AC725DBCECCF09531F319E15CC97F9FA401BA86 Authority key identifier: 7E:C9:B5:D2:25:08:C0:23:1C:15:DA:BD:AF:51:35:99:0B:66:BF:ED Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04/02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351.cer Subject info access: rsync://repo.kagl.me/rpki/KeatonAGLair/0/3130342e33372e34302e302f32322d3232203d3e2030.roa Signing time: Mon 10 Feb 2025 07:22:35 +0000 ROA not before: Mon 10 Feb 2025 07:17:35 +0000 ROA not after: Mon 09 Feb 2026 07:22:35 +0000 asID: 0 IP address blocks: 104.37.40.0/22 maxlen: 22 Validation: OK Signature path: rsync://repo.kagl.me/rpki/KeatonAGLair/0/7EC9B5D22508C0231C15DABDAF5135990B66BFED.crl rsync://repo.kagl.me/rpki/KeatonAGLair/0/7EC9B5D22508C0231C15DABDAF5135990B66BFED.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04/02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04/39065acc-beed-4115-bc6c-63de232f2a04.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04/39065acc-beed-4115-bc6c-63de232f2a04.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 01 Jun 2025 16:40:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:c7:25:db:ce:cc:f0:95:31:f3:19:e1:5c:c9:7f:9f:a4:01:ba:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351 Validity Not Before: Feb 10 07:17:35 2025 GMT Not After : Feb 9 07:22:35 2026 GMT Subject: CN=62BF7F69C8F99D63837A1EAE9ACD7216CF188CF7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:41:22:64:24:09:b7:c8:07:0f:bb:f4:34:b5: 07:2a:4d:34:af:1e:03:df:c4:08:da:d0:38:54:d4: 1e:65:cd:89:4f:20:22:f5:8e:53:18:74:12:5a:57: cd:48:38:8a:4a:eb:1d:11:85:46:08:8f:14:e8:e0: 59:57:02:69:71:88:b0:ca:78:e8:de:18:22:07:2a: 83:0c:08:71:71:03:a9:65:d4:41:0b:cb:37:8b:46: ed:23:3a:e7:5b:db:60:b8:a0:c8:eb:29:ec:33:fa: 59:01:80:09:b1:dc:bb:f2:5d:8e:2c:bd:fc:d9:3b: 08:67:77:65:1f:3b:e4:cb:7b:a6:24:5e:ab:6a:fe: e6:58:a3:c6:1c:d2:fe:84:20:ec:03:41:75:5e:32: 02:b6:8d:46:90:62:f9:11:b0:36:f4:39:02:a1:3f: 38:17:92:b9:48:78:55:0e:37:7e:f0:a6:97:00:04: da:8b:df:b0:9a:14:83:bc:8e:3f:d7:40:4b:c4:22: 63:49:5c:d2:b2:22:37:33:29:ab:20:9a:aa:b5:63: 2f:6d:f8:06:2f:54:74:2a:8e:73:a2:fe:68:10:85: f3:da:44:5b:08:d2:31:28:89:d5:05:99:4a:f4:82: 25:4c:7e:a1:f1:4b:03:91:4f:73:a4:1c:e9:59:e6: 7a:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:BF:7F:69:C8:F9:9D:63:83:7A:1E:AE:9A:CD:72:16:CF:18:8C:F7 X509v3 Authority Key Identifier: keyid:7E:C9:B5:D2:25:08:C0:23:1C:15:DA:BD:AF:51:35:99:0B:66:BF:ED X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo.kagl.me/rpki/KeatonAGLair/0/7EC9B5D22508C0231C15DABDAF5135990B66BFED.crl Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04/02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351.cer Subject Information Access: Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair/0/3130342e33372e34302e302f32322d3232203d3e2030.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 104.37.40.0/22 Signature Algorithm: sha256WithRSAEncryption c9:c7:6b:cc:20:99:8e:06:11:36:47:1c:e9:15:97:de:88:19: eb:1c:7e:9e:66:34:ba:bf:98:57:fe:44:7d:da:89:65:ed:80: ba:08:77:40:e7:b4:ec:2c:82:1d:a2:a0:14:83:06:00:2d:aa: 06:53:72:94:36:03:d4:f7:8c:97:42:fa:71:d7:10:40:cd:2e: 76:5a:c8:db:1d:34:25:ce:12:1b:cd:fc:ef:7d:51:bc:0b:f2: fe:b0:c2:8c:63:5e:62:83:4a:84:77:41:6e:18:b0:57:a2:80: 32:09:a3:a8:21:f5:3f:46:8d:9d:0a:6a:c1:d4:47:3c:00:07: 71:54:6e:cb:a3:7f:bd:ab:67:fb:40:ee:5e:96:e7:6f:3b:27: 54:74:72:12:44:53:8c:e1:0d:b0:44:4f:83:be:3d:17:9e:d9: 07:7d:0f:7c:a9:3e:64:f2:5f:dd:38:03:77:ce:d2:06:d5:33: 5a:19:c6:d9:0d:31:f7:84:14:7e:51:ad:07:26:40:89:03:b5: 72:b0:47:db:a0:d8:b4:12:e0:ad:25:1c:4b:f9:71:04:3b:28: 3b:04:1e:cf:96:81:f8:bd:f4:e5:d0:dd:14:35:a2:09:12:7e: 70:a2:ac:5d:8a:f6:fd:03:90:0b:07:2d:4d:bf:26:5a:63:a2: 3e:1b:db:04 -----BEGIN CERTIFICATE----- MIIFZDCCBEygAwIBAgIUOscl287M8JUx8xnhXMl/n6QBuoYwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyMDJiYTNmNTI1NGI4ODY4MWVjNmM1NDUwYTM4NzE3NDc5 YzA1ODliOTk1NmM1MWUzNTEwHhcNMjUwMjEwMDcxNzM1WhcNMjYwMjA5MDcyMjM1 WjAzMTEwLwYDVQQDEyg2MkJGN0Y2OUM4Rjk5RDYzODM3QTFFQUU5QUNENzIxNkNG MTg4Q0Y3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEEiZCQJt8gH D7v0NLUHKk00rx4D38QI2tA4VNQeZc2JTyAi9Y5TGHQSWlfNSDiKSusdEYVGCI8U 6OBZVwJpcYiwynjo3hgiByqDDAhxcQOpZdRBC8s3i0btIzrnW9tguKDI6ynsM/pZ AYAJsdy78l2OLL382TsIZ3dlHzvky3umJF6rav7mWKPGHNL+hCDsA0F1XjICto1G kGL5EbA29DkCoT84F5K5SHhVDjd+8KaXAATai9+wmhSDvI4/10BLxCJjSVzSsiI3 MymrIJqqtWMvbfgGL1R0Ko5zov5oEIXz2kRbCNIxKInVBZlK9IIlTH6h8UsDkU9z pBzpWeZ6bQIDAQABo4ICZDCCAmAwHQYDVR0OBBYEFGK/f2nI+Z1jg3oerprNchbP GIz3MB8GA1UdIwQYMBaAFH7JtdIlCMAjHBXava9RNZkLZr/tMA4GA1UdDwEB/wQE AwIHgDBmBgNVHR8EXzBdMFugWaBXhlVyc3luYzovL3JlcG8ua2FnbC5tZS9ycGtp L0tlYXRvbkFHTGFpci8wLzdFQzlCNUQyMjUwOEMwMjMxQzE1REFCREFGNTEzNTk5 MEI2NkJGRUQuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0 YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzAzNTcyNzJjLWE3OWEt NDViZi05NTg2LTkyZGQ0OWVmMzIyMy8zOTA2NWFjYy1iZWVkLTQxMTUtYmM2Yy02 M2RlMjMyZjJhMDQvMDJiYTNmNTI1NGI4ODY4MWVjNmM1NDUwYTM4NzE3NDc5YzA1 ODliOTk1NmM1MWUzNTEuY2VyMHUGCCsGAQUFBwELBGkwZzBlBggrBgEFBQcwC4ZZ cnN5bmM6Ly9yZXBvLmthZ2wubWUvcnBraS9LZWF0b25BR0xhaXIvMC8zMTMwMzQy ZTMzMzcyZTM0MzAyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMC5yb2EwGAYDVR0g AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME AmglKDANBgkqhkiG9w0BAQsFAAOCAQEAycdrzCCZjgYRNkcc6RWX3ogZ6xx+nmY0 ur+YV/5EfdqJZe2Augh3QOe07CyCHaKgFIMGAC2qBlNylDYD1PeMl0L6cdcQQM0u dlrI2x00Jc4SG838731RvAvy/rDCjGNeYoNKhHdBbhiwV6KAMgmjqCH1P0aNnQpq wdRHPAAHcVRuy6N/vatn+0DuXpbnbzsnVHRyEkRTjOENsERPg749F57ZB30PfKk+ ZPJf3TgDd87SBtUzWhnG2Q0x94QUflGtByZAiQO1crBH26DYtBLgrSUcS/lxBDso OwQez5aB+L305dDdFDWiCRJ+cKKsXYr2/QOQCwctTb8mWmOiPhvbBA== -----END CERTIFICATE-----Generated at Sun Jun 1 03:08:42 2025 by rpki-client