Route Origin Authorization
$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630303a3a2f34382d3438203d3e203530353535.roa
File: 326131323a646434373a383630303a3a2f34382d3438203d3e203530353535.roa (raw, json)
Hash identifier: yrvepgHD+EruRCBvgsxTzh1sONR0mrzhriJHFMK894g=
Subject key identifier: AD:6B:28:49:B2:79:3D:43:BB:3F:17:02:53:14:86:03:0A:B6:1C:B0
Certificate issuer: /CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
Certificate serial: 13DB8D6D130E12C0CE2DC5CFC970C56E3D9690ED
Authority key identifier: 02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3
Authority info access: rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer
Subject info access: rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630303a3a2f34382d3438203d3e203530353535.roa
Signing time: Wed 12 Apr 2023 22:15:00 +0000
ROA not before: Wed 12 Apr 2023 22:10:00 +0000
ROA not after: Wed 10 Apr 2024 22:15:00 +0000
asID: 50555
IP address blocks: 2a12:dd47:8600::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:db:8d:6d:13:0e:12:c0:ce:2d:c5:cf:c9:70:c5:6e:3d:96:90:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
Validity
Not Before: Apr 12 22:10:00 2023 GMT
Not After : Apr 10 22:15:00 2024 GMT
Subject: CN=AD6B2849B2793D43BB3F1702531486030AB61CB0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5b:cd:09:ca:a0:6e:6c:16:8d:c9:22:47:35:
dd:52:e1:ed:2d:ce:ff:2b:9a:9e:c5:0d:27:12:84:
4f:fb:11:7a:d0:68:43:5c:a4:28:86:59:b3:6d:c0:
02:36:00:16:b9:d5:25:1b:3e:a1:d6:e4:a8:f2:e7:
4e:e9:2a:23:6a:92:8a:da:44:8a:e9:4b:17:ef:a1:
73:91:61:2c:b1:3a:1f:c1:20:5a:e7:cb:5a:59:27:
6a:7a:5c:7e:e7:2d:7f:e2:47:12:68:a0:99:92:60:
27:90:f6:96:71:41:5d:ac:5d:0e:9f:c6:c2:c3:a5:
1d:4e:a2:f5:28:44:db:a1:ba:81:72:24:99:62:c3:
5d:df:57:57:13:3b:b5:75:c4:b1:7a:5e:28:14:b6:
38:b9:68:14:6a:8a:73:2e:c9:0b:b9:08:ea:18:5c:
0f:a1:a9:8e:83:62:8a:e4:05:65:f9:55:1e:9f:7b:
d7:66:7a:89:7a:e8:41:94:fa:b5:e8:dc:6d:52:27:
5c:c1:0d:2c:b6:8b:fc:50:2e:4a:68:df:78:03:ff:
b9:cc:8d:cf:37:d4:0c:df:3b:ea:5c:bd:88:46:14:
22:d4:ed:f7:b0:24:7e:24:82:a1:c2:76:71:e1:67:
6c:5c:aa:7c:c6:91:af:f1:cc:d9:c1:a3:23:e5:ca:
59:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:6B:28:49:B2:79:3D:43:BB:3F:17:02:53:14:86:03:0A:B6:1C:B0
X509v3 Authority Key Identifier:
keyid:02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer
Subject Information Access:
Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630303a3a2f34382d3438203d3e203530353535.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:dd47:8600::/48
Signature Algorithm: sha256WithRSAEncryption
9a:73:77:cb:df:c8:d6:3e:9e:14:d2:e2:c1:6d:78:da:8f:8d:
77:cb:98:ee:2d:53:66:5a:40:0b:25:a5:61:ef:c8:98:8a:e5:
10:b5:71:65:fd:58:f2:2f:09:a5:7a:35:ac:54:22:c3:d3:0f:
6c:b1:f0:a5:06:92:75:00:39:6b:2a:34:bf:5b:63:8e:bf:11:
82:09:d6:77:9e:20:19:32:5f:10:e4:10:98:2f:cf:ca:8f:4c:
9a:1b:ba:6c:de:de:4a:c6:9e:72:90:46:2c:ea:16:9f:bf:41:
bd:74:8b:e4:f6:be:e9:13:e8:8a:ab:21:37:d5:cb:6e:69:e4:
b7:f6:d1:af:66:11:b6:c3:e4:e2:59:c1:2a:30:20:06:0a:a5:
e8:fe:44:16:d1:aa:9f:d2:44:85:bb:67:36:13:f9:3e:1c:6b:
29:66:94:f1:11:dd:87:79:22:d1:f4:a4:d5:a5:af:3f:94:5d:
4e:e8:27:81:c6:50:d0:c5:e6:42:97:32:e1:cb:aa:94:f1:8b:
3a:f1:57:a6:88:1e:5e:a4:5f:5e:d5:59:98:2b:03:f4:4f:be:
e6:db:3d:e8:40:ce:8b:46:e3:ce:d3:96:a0:2f:cc:e7:11:21:
8c:5f:b3:ca:8e:35:4d:b5:3f:6a:34:f4:a3:7b:24:73:f3:b6:
53:e0:7b:d8
-----BEGIN CERTIFICATE-----
MIIE7DCCA9SgAwIBAgIUE9uNbRMOEsDOLcXPyXDFbj2WkO0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZDRkFD
RENDNThBMzAeFw0yMzA0MTIyMjEwMDBaFw0yNDA0MTAyMjE1MDBaMDMxMTAvBgNV
BAMTKEFENkIyODQ5QjI3OTNENDNCQjNGMTcwMjUzMTQ4NjAzMEFCNjFDQjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5W80JyqBubBaNySJHNd1S4e0t
zv8rmp7FDScShE/7EXrQaENcpCiGWbNtwAI2ABa51SUbPqHW5Kjy507pKiNqkora
RIrpSxfvoXORYSyxOh/BIFrny1pZJ2p6XH7nLX/iRxJooJmSYCeQ9pZxQV2sXQ6f
xsLDpR1OovUoRNuhuoFyJJliw13fV1cTO7V1xLF6XigUtji5aBRqinMuyQu5COoY
XA+hqY6DYorkBWX5VR6fe9dmeol66EGU+rXo3G1SJ1zBDSy2i/xQLkpo33gD/7nM
jc831AzfO+pcvYhGFCLU7fewJH4kgqHCdnHhZ2xcqnzGka/xzNnBoyPlyllPAgMB
AAGjggH2MIIB8jAdBgNVHQ4EFgQUrWsoSbJ5PUO7PxcCUxSGAwq2HLAwHwYDVR0j
BBgwFoAUAodsEZJMvaAb4a05oyBs+s3MWKMwDgYDVR0PAQH/BAQDAgeAMGsGA1Ud
HwRkMGIwYKBeoFyGWnJzeW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdM
YWlyLVRFU1QvMS8wMjg3NkMxMTkyNENCREEwMUJFMUFEMzlBMzIwNkNGQUNEQ0M1
OEEzLmNybDBlBggrBgEFBQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBr
aS5jby9yZXBvL0FTOTQ1LzEvMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZD
RkFDRENDNThBMy5jZXIwgY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJz
eW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdMYWlyLVRFU1QvMS8zMjYx
MzEzMjNhNjQ2NDM0MzczYTM4MzYzMDMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIw
MzUzMDM1MzUzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEF
BQcBBwEB/wQTMBEwDwQCAAIwCQMHACoS3UeGADANBgkqhkiG9w0BAQsFAAOCAQEA
mnN3y9/I1j6eFNLiwW142o+Nd8uY7i1TZlpACyWlYe/ImIrlELVxZf1Y8i8JpXo1
rFQiw9MPbLHwpQaSdQA5ayo0v1tjjr8RggnWd54gGTJfEOQQmC/Pyo9Mmhu6bN7e
SsaecpBGLOoWn79BvXSL5Pa+6RPoiqshN9XLbmnkt/bRr2YRtsPk4lnBKjAgBgql
6P5EFtGqn9JEhbtnNhP5PhxrKWaU8RHdh3ki0fSk1aWvP5RdTugngcZQ0MXmQpcy
4cuqlPGLOvFXpogeXqRfXtVZmCsD9E++5ts96EDOi0bjztOWoC/M5xEhjF+zyo41
TbU/ajT0o3skc/O2U+B72A==
-----END CERTIFICATE-----
Generated at Tue May 27 18:29:11 2025 by rpki-client