Route Origin Authorization
$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair/0/3130342e33372e34312e302f32342d3234203d3e203231393537.roa
File: 3130342e33372e34312e302f32342d3234203d3e203231393537.roa (raw, json)
Hash identifier: IRTKWsv2EGeDRsQ97JvbtSG0Rc6W53GcEAl3eMmmpqs=
Subject key identifier: 71:29:CB:AE:12:7B:98:BF:46:81:FD:63:EA:47:12:CE:6C:43:D9:66
Certificate issuer: /CN=02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351
Certificate serial: 7A44067909E0049759AB2FCEB1838FFA6D30588F
Authority key identifier: 7E:C9:B5:D2:25:08:C0:23:1C:15:DA:BD:AF:51:35:99:0B:66:BF:ED
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04/02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351.cer
Subject info access: rsync://repo.kagl.me/rpki/KeatonAGLair/0/3130342e33372e34312e302f32342d3234203d3e203231393537.roa
Signing time: Mon 10 Feb 2025 07:22:34 +0000
ROA not before: Mon 10 Feb 2025 07:17:34 +0000
ROA not after: Mon 09 Feb 2026 07:22:34 +0000
asID: 21957
IP address blocks: 104.37.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo.kagl.me/rpki/KeatonAGLair/0/7EC9B5D22508C0231C15DABDAF5135990B66BFED.crl
rsync://repo.kagl.me/rpki/KeatonAGLair/0/7EC9B5D22508C0231C15DABDAF5135990B66BFED.mft
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04/02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351.cer
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04/39065acc-beed-4115-bc6c-63de232f2a04.crl
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04/39065acc-beed-4115-bc6c-63de232f2a04.mft
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04.cer
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires: Mon 07 Apr 2025 09:37:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:44:06:79:09:e0:04:97:59:ab:2f:ce:b1:83:8f:fa:6d:30:58:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351
Validity
Not Before: Feb 10 07:17:34 2025 GMT
Not After : Feb 9 07:22:34 2026 GMT
Subject: CN=7129CBAE127B98BF4681FD63EA4712CE6C43D966
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:88:ba:da:70:4c:e5:94:73:cd:bc:14:4b:3d:
d7:a6:f6:62:53:46:11:cd:27:9b:43:7a:62:3a:fb:
7f:48:ca:e2:dd:01:cb:41:0e:34:96:30:6f:54:00:
9c:da:49:33:d7:05:12:0a:76:d4:e7:89:8f:b2:40:
b1:1e:33:b5:38:20:b0:73:98:1a:b5:8e:07:87:d3:
ae:f4:be:b9:0e:6e:60:38:27:58:d8:62:e1:ef:dc:
51:92:0a:5a:b0:57:d5:c9:47:35:bf:87:a5:e7:1e:
09:7f:aa:78:f4:2c:60:b0:73:db:20:fb:34:ff:ca:
0c:ca:99:15:16:fd:43:76:fa:72:43:7e:98:b1:2a:
4f:60:21:6d:7a:40:80:2e:6b:de:6a:62:63:61:5a:
d4:5c:5f:77:c3:d0:1d:af:d7:3d:fd:67:b1:cc:9b:
e5:3a:4e:8a:08:02:00:69:2e:23:ea:b2:21:f4:06:
84:c9:c9:0a:61:73:5e:89:ce:35:a0:d3:07:00:da:
29:73:d6:f7:48:ae:b9:42:d9:56:1a:30:06:00:66:
29:91:43:ca:f6:ad:21:bd:23:36:9b:2f:c6:80:bf:
16:22:99:a5:92:7a:c1:c1:f7:8b:dc:2a:f4:88:4a:
3a:fd:3a:39:88:b4:57:d6:37:0f:25:34:45:de:85:
3b:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:29:CB:AE:12:7B:98:BF:46:81:FD:63:EA:47:12:CE:6C:43:D9:66
X509v3 Authority Key Identifier:
keyid:7E:C9:B5:D2:25:08:C0:23:1C:15:DA:BD:AF:51:35:99:0B:66:BF:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo.kagl.me/rpki/KeatonAGLair/0/7EC9B5D22508C0231C15DABDAF5135990B66BFED.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04/02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351.cer
Subject Information Access:
Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair/0/3130342e33372e34312e302f32342d3234203d3e203231393537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.37.41.0/24
Signature Algorithm: sha256WithRSAEncryption
39:a1:37:2e:f2:35:52:3c:e1:61:17:7e:6c:96:fb:f8:1c:d4:
6a:8a:10:89:6a:32:00:e3:66:89:26:24:4f:3d:8f:d5:16:b4:
6b:af:fd:74:ea:4f:98:28:7c:c5:34:18:4a:3d:16:a3:37:2f:
98:56:41:d5:68:53:d8:9e:71:6c:c0:78:8f:50:9d:08:c0:d3:
16:d4:15:a9:36:a1:15:c5:ac:ea:1c:61:f9:98:ce:9b:12:22:
b0:87:97:ca:73:01:18:f3:f7:f6:ec:0f:f5:c0:a4:b7:08:a5:
3c:bf:c8:ec:16:b5:59:08:23:85:4f:32:3b:dd:f4:1a:f7:be:
e0:b3:25:73:e6:fc:b6:f9:db:01:92:ef:aa:32:4f:54:47:e1:
7a:0d:a5:06:52:7b:85:9d:5e:0e:08:f5:f8:80:51:7d:e2:da:
0e:ca:63:df:50:48:60:09:95:d6:ad:54:bb:70:24:38:2a:df:
c4:38:c4:96:4c:b0:65:25:a0:5a:23:48:3b:17:54:84:11:42:
7d:29:76:eb:aa:bf:a2:c8:28:a2:58:54:2c:c6:49:40:21:db:
10:58:78:8b:b5:94:98:2c:db:d0:bc:c6:6e:f1:5c:2c:8c:3e:
75:09:02:1c:92:c4:71:89:ac:22:97:9e:0a:e6:e9:65:4f:67:
e5:cf:4d:6d
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIUekQGeQngBJdZqy/OsYOP+m0wWI8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMDJiYTNmNTI1NGI4ODY4MWVjNmM1NDUwYTM4NzE3NDc5
YzA1ODliOTk1NmM1MWUzNTEwHhcNMjUwMjEwMDcxNzM0WhcNMjYwMjA5MDcyMjM0
WjAzMTEwLwYDVQQDEyg3MTI5Q0JBRTEyN0I5OEJGNDY4MUZENjNFQTQ3MTJDRTZD
NDNEOTY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4i62nBM5ZRz
zbwUSz3XpvZiU0YRzSebQ3piOvt/SMri3QHLQQ40ljBvVACc2kkz1wUSCnbU54mP
skCxHjO1OCCwc5gatY4Hh9Ou9L65Dm5gOCdY2GLh79xRkgpasFfVyUc1v4el5x4J
f6p49CxgsHPbIPs0/8oMypkVFv1DdvpyQ36YsSpPYCFtekCALmveamJjYVrUXF93
w9Adr9c9/WexzJvlOk6KCAIAaS4j6rIh9AaEyckKYXNeic41oNMHANopc9b3SK65
QtlWGjAGAGYpkUPK9q0hvSM2my/GgL8WIpmlknrBwfeL3Cr0iEo6/To5iLRX1jcP
JTRF3oU70wIDAQABo4ICbDCCAmgwHQYDVR0OBBYEFHEpy64Se5i/RoH9Y+pHEs5s
Q9lmMB8GA1UdIwQYMBaAFH7JtdIlCMAjHBXava9RNZkLZr/tMA4GA1UdDwEB/wQE
AwIHgDBmBgNVHR8EXzBdMFugWaBXhlVyc3luYzovL3JlcG8ua2FnbC5tZS9ycGtp
L0tlYXRvbkFHTGFpci8wLzdFQzlCNUQyMjUwOEMwMjMxQzE1REFCREFGNTEzNTk5
MEI2NkJGRUQuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzAzNTcyNzJjLWE3OWEt
NDViZi05NTg2LTkyZGQ0OWVmMzIyMy8zOTA2NWFjYy1iZWVkLTQxMTUtYmM2Yy02
M2RlMjMyZjJhMDQvMDJiYTNmNTI1NGI4ODY4MWVjNmM1NDUwYTM4NzE3NDc5YzA1
ODliOTk1NmM1MWUzNTEuY2VyMH0GCCsGAQUFBwELBHEwbzBtBggrBgEFBQcwC4Zh
cnN5bmM6Ly9yZXBvLmthZ2wubWUvcnBraS9LZWF0b25BR0xhaXIvMC8zMTMwMzQy
ZTMzMzcyZTM0MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzkzNTM3LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAaCUpMA0GCSqGSIb3DQEBCwUAA4IBAQA5oTcu8jVSPOFhF35slvv4
HNRqihCJajIA42aJJiRPPY/VFrRrr/106k+YKHzFNBhKPRajNy+YVkHVaFPYnnFs
wHiPUJ0IwNMW1BWpNqEVxazqHGH5mM6bEiKwh5fKcwEY8/f27A/1wKS3CKU8v8js
FrVZCCOFTzI73fQa977gsyVz5vy2+dsBku+qMk9UR+F6DaUGUnuFnV4OCPX4gFF9
4toOymPfUEhgCZXWrVS7cCQ4Kt/EOMSWTLBlJaBaI0g7F1SEEUJ9KXbrqr+iyCii
WFQsxklAIdsQWHiLtZSYLNvQvMZu8VwsjD51CQIcksRxiawil54K5ullT2flz01t
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:34:51 2025 by rpki-client