$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair/0/3130342e33372e34302e302f32342d3234203d3e20393730.roa File: 3130342e33372e34302e302f32342d3234203d3e20393730.roa (raw, json) Hash identifier: ek8Vg6kOrYHQQyaRN7UOy+nZ8uz9bhWO7ZAUVfTbaRI= Subject key identifier: B4:FD:CC:18:C9:BC:EB:A6:04:14:F5:F6:7A:40:98:C5:EF:E0:71:1B Certificate issuer: /CN=02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351 Certificate serial: 4E403C33BBA539A779FCE07BADA994FB8C758494 Authority key identifier: 7E:C9:B5:D2:25:08:C0:23:1C:15:DA:BD:AF:51:35:99:0B:66:BF:ED Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04/02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351.cer Subject info access: rsync://repo.kagl.me/rpki/KeatonAGLair/0/3130342e33372e34302e302f32342d3234203d3e20393730.roa Signing time: Mon 10 Feb 2025 07:22:36 +0000 ROA not before: Mon 10 Feb 2025 07:17:36 +0000 ROA not after: Mon 09 Feb 2026 07:22:36 +0000 asID: 970 IP address blocks: 104.37.40.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo.kagl.me/rpki/KeatonAGLair/0/7EC9B5D22508C0231C15DABDAF5135990B66BFED.crl rsync://repo.kagl.me/rpki/KeatonAGLair/0/7EC9B5D22508C0231C15DABDAF5135990B66BFED.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04/02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04/39065acc-beed-4115-bc6c-63de232f2a04.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04/39065acc-beed-4115-bc6c-63de232f2a04.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Thu 03 Apr 2025 17:51:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:40:3c:33:bb:a5:39:a7:79:fc:e0:7b:ad:a9:94:fb:8c:75:84:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351 Validity Not Before: Feb 10 07:17:36 2025 GMT Not After : Feb 9 07:22:36 2026 GMT Subject: CN=B4FDCC18C9BCEBA60414F5F67A4098C5EFE0711B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:87:f5:e7:d0:38:f6:b8:1e:2d:df:7e:0b:e0:cf: 0e:a9:22:38:65:ce:d6:50:e5:19:09:e3:3d:48:d8: 14:c3:75:e3:ee:b3:3e:8f:70:bb:53:45:fa:aa:60: 7c:df:ba:5d:1a:14:73:16:57:06:17:ee:cb:b5:85: 13:2d:d5:ce:e9:ef:c1:c1:30:dd:90:ec:51:9e:e6: 73:c3:ef:f3:33:fa:dc:f2:4f:df:59:84:ed:c4:d1: 17:2f:22:dc:af:73:44:e4:51:76:d7:d9:12:97:39: 29:d7:1d:e0:29:6f:8f:c6:e0:32:d7:00:1d:f1:cb: 7f:0b:2b:10:cf:ec:03:be:e3:d3:09:7a:07:71:97: 4a:8b:42:ca:b0:70:0d:46:c8:96:1a:ef:33:59:2f: f9:4a:ae:c7:f3:45:a8:91:e4:3d:a7:6c:48:c1:80: c0:4e:42:a8:c3:aa:92:3f:8a:ec:0f:4d:d9:3c:28: ab:eb:11:da:de:7d:1a:3b:01:16:a2:7a:bd:01:c1: fd:a5:3f:28:c4:bd:e9:ff:ff:dd:bd:4c:1e:ae:2f: 32:af:2d:fc:da:72:0c:0c:1d:d0:bb:71:86:f5:0a: 75:7d:dc:7a:a9:f7:81:69:ef:3f:47:c0:9b:69:0f: 4d:fe:40:30:70:28:97:ce:b2:c0:fe:fd:5a:23:0e: 38:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:FD:CC:18:C9:BC:EB:A6:04:14:F5:F6:7A:40:98:C5:EF:E0:71:1B X509v3 Authority Key Identifier: keyid:7E:C9:B5:D2:25:08:C0:23:1C:15:DA:BD:AF:51:35:99:0B:66:BF:ED X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo.kagl.me/rpki/KeatonAGLair/0/7EC9B5D22508C0231C15DABDAF5135990B66BFED.crl Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04/02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351.cer Subject Information Access: Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair/0/3130342e33372e34302e302f32342d3234203d3e20393730.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 104.37.40.0/24 Signature Algorithm: sha256WithRSAEncryption 24:e2:53:4d:d1:c9:d6:43:e3:14:29:e5:e9:9f:a8:5f:31:72: 9d:0a:67:94:a0:fb:f8:30:52:46:11:46:95:ee:de:97:2c:80: 6b:ed:de:9e:60:ef:84:fa:a9:86:55:51:e8:fd:5d:dd:5f:0f: 39:2f:10:39:47:19:9d:d7:84:fa:fc:b6:5e:18:56:90:5c:f1: 7d:09:ee:0f:b7:cd:bd:9e:d0:8f:a1:eb:2b:d0:96:52:05:3b: 1b:a5:d3:85:0e:e9:ed:77:ad:40:d3:9b:d5:1a:e5:73:fd:00: ad:10:7e:fc:67:a6:41:24:97:2d:4a:02:81:79:66:d8:55:d9: d0:c7:33:a9:8c:7d:86:be:d2:28:c5:df:dd:d0:5c:bb:6f:aa: 81:4d:dd:33:13:fa:71:43:ec:f9:fa:36:62:53:80:a7:7b:14: 23:e8:78:a2:60:b3:fe:b4:0e:dc:5f:03:d0:c3:3f:f6:3e:a8: e3:fa:46:d6:cd:88:90:7c:ac:dd:cb:ca:17:15:59:b5:2c:43: e5:9b:c5:c5:86:54:12:29:6f:bd:f3:fb:07:e5:45:28:99:ae: e1:cf:6b:82:9f:02:f0:2c:66:e0:b0:6b:bb:f9:eb:9d:00:73: 05:ce:17:a9:a5:ec:86:b0:ce:ee:04:59:74:59:ab:97:46:20: ec:1c:c1:1e -----BEGIN CERTIFICATE----- MIIFaDCCBFCgAwIBAgIUTkA8M7ulOad5/OB7ramU+4x1hJQwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyMDJiYTNmNTI1NGI4ODY4MWVjNmM1NDUwYTM4NzE3NDc5 YzA1ODliOTk1NmM1MWUzNTEwHhcNMjUwMjEwMDcxNzM2WhcNMjYwMjA5MDcyMjM2 WjAzMTEwLwYDVQQDEyhCNEZEQ0MxOEM5QkNFQkE2MDQxNEY1RjY3QTQwOThDNUVG RTA3MTFCMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/Xn0Dj2uB4t 334L4M8OqSI4Zc7WUOUZCeM9SNgUw3Xj7rM+j3C7U0X6qmB837pdGhRzFlcGF+7L tYUTLdXO6e/BwTDdkOxRnuZzw+/zM/rc8k/fWYTtxNEXLyLcr3NE5FF219kSlzkp 1x3gKW+PxuAy1wAd8ct/CysQz+wDvuPTCXoHcZdKi0LKsHANRsiWGu8zWS/5Sq7H 80WokeQ9p2xIwYDATkKow6qSP4rsD03ZPCir6xHa3n0aOwEWonq9AcH9pT8oxL3p ///dvUweri8yry382nIMDB3Qu3GG9Qp1fdx6qfeBae8/R8CbaQ9N/kAwcCiXzrLA /v1aIw44gQIDAQABo4ICaDCCAmQwHQYDVR0OBBYEFLT9zBjJvOumBBT19npAmMXv 4HEbMB8GA1UdIwQYMBaAFH7JtdIlCMAjHBXava9RNZkLZr/tMA4GA1UdDwEB/wQE AwIHgDBmBgNVHR8EXzBdMFugWaBXhlVyc3luYzovL3JlcG8ua2FnbC5tZS9ycGtp L0tlYXRvbkFHTGFpci8wLzdFQzlCNUQyMjUwOEMwMjMxQzE1REFCREFGNTEzNTk5 MEI2NkJGRUQuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0 YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzAzNTcyNzJjLWE3OWEt NDViZi05NTg2LTkyZGQ0OWVmMzIyMy8zOTA2NWFjYy1iZWVkLTQxMTUtYmM2Yy02 M2RlMjMyZjJhMDQvMDJiYTNmNTI1NGI4ODY4MWVjNmM1NDUwYTM4NzE3NDc5YzA1 ODliOTk1NmM1MWUzNTEuY2VyMHkGCCsGAQUFBwELBG0wazBpBggrBgEFBQcwC4Zd cnN5bmM6Ly9yZXBvLmthZ2wubWUvcnBraS9LZWF0b25BR0xhaXIvMC8zMTMwMzQy ZTMzMzcyZTM0MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzOTM3MzAucm9hMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBABoJSgwDQYJKoZIhvcNAQELBQADggEBACTiU03RydZD4xQp5emfqF8xcp0K Z5Sg+/gwUkYRRpXu3pcsgGvt3p5g74T6qYZVUej9Xd1fDzkvEDlHGZ3XhPr8tl4Y VpBc8X0J7g+3zb2e0I+h6yvQllIFOxul04UO6e13rUDTm9Ua5XP9AK0QfvxnpkEk ly1KAoF5ZthV2dDHM6mMfYa+0ijF393QXLtvqoFN3TMT+nFD7Pn6NmJTgKd7FCPo eKJgs/60DtxfA9DDP/Y+qOP6RtbNiJB8rN3LyhcVWbUsQ+WbxcWGVBIpb73z+wfl RSiZruHPa4KfAvAsZuCwa7v5650AcwXOF6ml7Iawzu4EWXRZq5dGIOwcwR4= -----END CERTIFICATE-----Generated at Thu Apr 3 11:06:41 2025 by rpki-client