Route Origin Authorization
$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair/0/3130342e33372e34302e302f32322d3232203d3e2030.roa
File: 3130342e33372e34302e302f32322d3232203d3e2030.roa (raw, json)
Hash identifier: vHzV9yuwB4p+FXvV7pq6ibofX3Oxg5SwuBjEw2YE3Pg=
Subject key identifier: 62:BF:7F:69:C8:F9:9D:63:83:7A:1E:AE:9A:CD:72:16:CF:18:8C:F7
Certificate issuer: /CN=02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351
Certificate serial: 3AC725DBCECCF09531F319E15CC97F9FA401BA86
Authority key identifier: 7E:C9:B5:D2:25:08:C0:23:1C:15:DA:BD:AF:51:35:99:0B:66:BF:ED
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04/02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351.cer
Subject info access: rsync://repo.kagl.me/rpki/KeatonAGLair/0/3130342e33372e34302e302f32322d3232203d3e2030.roa
Signing time: Mon 10 Feb 2025 07:22:35 +0000
ROA not before: Mon 10 Feb 2025 07:17:35 +0000
ROA not after: Mon 09 Feb 2026 07:22:35 +0000
asID: 0
IP address blocks: 104.37.40.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:c7:25:db:ce:cc:f0:95:31:f3:19:e1:5c:c9:7f:9f:a4:01:ba:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351
Validity
Not Before: Feb 10 07:17:35 2025 GMT
Not After : Feb 9 07:22:35 2026 GMT
Subject: CN=62BF7F69C8F99D63837A1EAE9ACD7216CF188CF7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:41:22:64:24:09:b7:c8:07:0f:bb:f4:34:b5:
07:2a:4d:34:af:1e:03:df:c4:08:da:d0:38:54:d4:
1e:65:cd:89:4f:20:22:f5:8e:53:18:74:12:5a:57:
cd:48:38:8a:4a:eb:1d:11:85:46:08:8f:14:e8:e0:
59:57:02:69:71:88:b0:ca:78:e8:de:18:22:07:2a:
83:0c:08:71:71:03:a9:65:d4:41:0b:cb:37:8b:46:
ed:23:3a:e7:5b:db:60:b8:a0:c8:eb:29:ec:33:fa:
59:01:80:09:b1:dc:bb:f2:5d:8e:2c:bd:fc:d9:3b:
08:67:77:65:1f:3b:e4:cb:7b:a6:24:5e:ab:6a:fe:
e6:58:a3:c6:1c:d2:fe:84:20:ec:03:41:75:5e:32:
02:b6:8d:46:90:62:f9:11:b0:36:f4:39:02:a1:3f:
38:17:92:b9:48:78:55:0e:37:7e:f0:a6:97:00:04:
da:8b:df:b0:9a:14:83:bc:8e:3f:d7:40:4b:c4:22:
63:49:5c:d2:b2:22:37:33:29:ab:20:9a:aa:b5:63:
2f:6d:f8:06:2f:54:74:2a:8e:73:a2:fe:68:10:85:
f3:da:44:5b:08:d2:31:28:89:d5:05:99:4a:f4:82:
25:4c:7e:a1:f1:4b:03:91:4f:73:a4:1c:e9:59:e6:
7a:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:BF:7F:69:C8:F9:9D:63:83:7A:1E:AE:9A:CD:72:16:CF:18:8C:F7
X509v3 Authority Key Identifier:
keyid:7E:C9:B5:D2:25:08:C0:23:1C:15:DA:BD:AF:51:35:99:0B:66:BF:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo.kagl.me/rpki/KeatonAGLair/0/7EC9B5D22508C0231C15DABDAF5135990B66BFED.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04/02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351.cer
Subject Information Access:
Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair/0/3130342e33372e34302e302f32322d3232203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.37.40.0/22
Signature Algorithm: sha256WithRSAEncryption
c9:c7:6b:cc:20:99:8e:06:11:36:47:1c:e9:15:97:de:88:19:
eb:1c:7e:9e:66:34:ba:bf:98:57:fe:44:7d:da:89:65:ed:80:
ba:08:77:40:e7:b4:ec:2c:82:1d:a2:a0:14:83:06:00:2d:aa:
06:53:72:94:36:03:d4:f7:8c:97:42:fa:71:d7:10:40:cd:2e:
76:5a:c8:db:1d:34:25:ce:12:1b:cd:fc:ef:7d:51:bc:0b:f2:
fe:b0:c2:8c:63:5e:62:83:4a:84:77:41:6e:18:b0:57:a2:80:
32:09:a3:a8:21:f5:3f:46:8d:9d:0a:6a:c1:d4:47:3c:00:07:
71:54:6e:cb:a3:7f:bd:ab:67:fb:40:ee:5e:96:e7:6f:3b:27:
54:74:72:12:44:53:8c:e1:0d:b0:44:4f:83:be:3d:17:9e:d9:
07:7d:0f:7c:a9:3e:64:f2:5f:dd:38:03:77:ce:d2:06:d5:33:
5a:19:c6:d9:0d:31:f7:84:14:7e:51:ad:07:26:40:89:03:b5:
72:b0:47:db:a0:d8:b4:12:e0:ad:25:1c:4b:f9:71:04:3b:28:
3b:04:1e:cf:96:81:f8:bd:f4:e5:d0:dd:14:35:a2:09:12:7e:
70:a2:ac:5d:8a:f6:fd:03:90:0b:07:2d:4d:bf:26:5a:63:a2:
3e:1b:db:04
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgIUOscl287M8JUx8xnhXMl/n6QBuoYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMDJiYTNmNTI1NGI4ODY4MWVjNmM1NDUwYTM4NzE3NDc5
YzA1ODliOTk1NmM1MWUzNTEwHhcNMjUwMjEwMDcxNzM1WhcNMjYwMjA5MDcyMjM1
WjAzMTEwLwYDVQQDEyg2MkJGN0Y2OUM4Rjk5RDYzODM3QTFFQUU5QUNENzIxNkNG
MTg4Q0Y3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEEiZCQJt8gH
D7v0NLUHKk00rx4D38QI2tA4VNQeZc2JTyAi9Y5TGHQSWlfNSDiKSusdEYVGCI8U
6OBZVwJpcYiwynjo3hgiByqDDAhxcQOpZdRBC8s3i0btIzrnW9tguKDI6ynsM/pZ
AYAJsdy78l2OLL382TsIZ3dlHzvky3umJF6rav7mWKPGHNL+hCDsA0F1XjICto1G
kGL5EbA29DkCoT84F5K5SHhVDjd+8KaXAATai9+wmhSDvI4/10BLxCJjSVzSsiI3
MymrIJqqtWMvbfgGL1R0Ko5zov5oEIXz2kRbCNIxKInVBZlK9IIlTH6h8UsDkU9z
pBzpWeZ6bQIDAQABo4ICZDCCAmAwHQYDVR0OBBYEFGK/f2nI+Z1jg3oerprNchbP
GIz3MB8GA1UdIwQYMBaAFH7JtdIlCMAjHBXava9RNZkLZr/tMA4GA1UdDwEB/wQE
AwIHgDBmBgNVHR8EXzBdMFugWaBXhlVyc3luYzovL3JlcG8ua2FnbC5tZS9ycGtp
L0tlYXRvbkFHTGFpci8wLzdFQzlCNUQyMjUwOEMwMjMxQzE1REFCREFGNTEzNTk5
MEI2NkJGRUQuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzAzNTcyNzJjLWE3OWEt
NDViZi05NTg2LTkyZGQ0OWVmMzIyMy8zOTA2NWFjYy1iZWVkLTQxMTUtYmM2Yy02
M2RlMjMyZjJhMDQvMDJiYTNmNTI1NGI4ODY4MWVjNmM1NDUwYTM4NzE3NDc5YzA1
ODliOTk1NmM1MWUzNTEuY2VyMHUGCCsGAQUFBwELBGkwZzBlBggrBgEFBQcwC4ZZ
cnN5bmM6Ly9yZXBvLmthZ2wubWUvcnBraS9LZWF0b25BR0xhaXIvMC8zMTMwMzQy
ZTMzMzcyZTM0MzAyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMC5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AmglKDANBgkqhkiG9w0BAQsFAAOCAQEAycdrzCCZjgYRNkcc6RWX3ogZ6xx+nmY0
ur+YV/5EfdqJZe2Augh3QOe07CyCHaKgFIMGAC2qBlNylDYD1PeMl0L6cdcQQM0u
dlrI2x00Jc4SG838731RvAvy/rDCjGNeYoNKhHdBbhiwV6KAMgmjqCH1P0aNnQpq
wdRHPAAHcVRuy6N/vatn+0DuXpbnbzsnVHRyEkRTjOENsERPg749F57ZB30PfKk+
ZPJf3TgDd87SBtUzWhnG2Q0x94QUflGtByZAiQO1crBH26DYtBLgrSUcS/lxBDso
OwQez5aB+L305dDdFDWiCRJ+cKKsXYr2/QOQCwctTb8mWmOiPhvbBA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:43:16 2025 by rpki-client