Route Origin Authorization
$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630613a3a2f34382d3438203d3e203530353535.roa
File: 326131323a646434373a383630613a3a2f34382d3438203d3e203530353535.roa (raw, json)
Hash identifier: /cOHJR/5vVLUKJTYy5n56zDmw63N4O/Wa6PPxbWFoGs=
Subject key identifier: 32:FF:76:4B:64:28:D5:B5:DE:7A:37:3D:63:3D:9D:7D:F3:E3:AE:E1
Certificate issuer: /CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
Certificate serial: 6A45A235BF3B92F6F765EA768A9C0CF7EAA2E231
Authority key identifier: 02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3
Authority info access: rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer
Subject info access: rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630613a3a2f34382d3438203d3e203530353535.roa
Signing time: Mon 10 Apr 2023 06:43:00 +0000
ROA not before: Mon 10 Apr 2023 06:38:00 +0000
ROA not after: Mon 08 Apr 2024 06:43:00 +0000
asID: 50555
IP address blocks: 2a12:dd47:860a::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:45:a2:35:bf:3b:92:f6:f7:65:ea:76:8a:9c:0c:f7:ea:a2:e2:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
Validity
Not Before: Apr 10 06:38:00 2023 GMT
Not After : Apr 8 06:43:00 2024 GMT
Subject: CN=32FF764B6428D5B5DE7A373D633D9D7DF3E3AEE1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b7:43:bb:8b:a9:2b:eb:3b:c0:89:86:8b:30:
83:40:d2:02:ab:9b:62:d2:b9:d2:f0:9b:b3:e5:c1:
fd:4a:66:64:29:60:2a:6f:e6:c0:6a:6c:7f:82:c3:
9e:15:72:db:46:be:fe:a1:cc:e8:88:e6:fe:46:7a:
5e:92:fa:fe:b3:f2:47:6b:d7:e5:cb:64:b5:bc:0d:
7d:89:07:f1:9c:69:56:e4:2f:69:5e:c4:eb:5c:a7:
60:4a:35:17:85:91:2a:61:d4:62:05:22:7f:d2:1a:
bb:85:83:24:cf:a4:cb:78:ab:fd:a8:77:cb:32:f7:
81:fa:7e:a9:83:af:0d:84:37:0e:d7:2e:77:45:7b:
af:f4:53:19:f5:fe:6d:60:8a:97:52:9b:3c:30:37:
83:3c:ba:78:77:df:e1:89:a8:7e:ae:c8:9e:2b:6c:
f8:af:f2:8f:4d:54:94:b5:72:fc:00:52:f0:df:8c:
b2:e6:8a:11:89:04:02:25:33:7d:6f:ea:21:8f:6d:
49:ef:62:81:86:81:35:ec:5c:d0:36:2b:87:d1:43:
3d:a1:03:e8:18:75:88:27:3f:30:e7:32:f9:73:f9:
5c:50:32:d9:13:f5:7a:e0:0c:5d:b6:77:aa:da:b7:
7e:05:a4:3f:ef:0e:cc:e3:20:ae:52:5b:e6:f3:8a:
06:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:FF:76:4B:64:28:D5:B5:DE:7A:37:3D:63:3D:9D:7D:F3:E3:AE:E1
X509v3 Authority Key Identifier:
keyid:02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer
Subject Information Access:
Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630613a3a2f34382d3438203d3e203530353535.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:dd47:860a::/48
Signature Algorithm: sha256WithRSAEncryption
8c:2c:92:50:fa:1c:6b:e9:ff:e9:d1:c3:4c:02:1d:2a:04:80:
87:4d:b6:08:f1:2d:f1:08:61:a6:3c:99:25:cf:aa:16:55:d2:
4b:9f:5a:e4:7a:75:79:c4:85:bd:17:34:1f:c7:f7:b1:03:b8:
cb:c7:64:bc:64:ea:16:dc:0b:46:76:f7:86:5a:bc:e2:cc:4c:
d1:31:df:50:c3:cb:b0:80:4d:ab:31:91:e3:4d:33:71:02:68:
3e:b0:db:e9:b8:14:1a:b8:6c:9f:c1:3d:1f:1a:d5:74:4b:b6:
28:eb:26:63:e8:e6:db:87:58:30:8c:1b:17:e9:80:bc:d3:bc:
f5:27:ad:7a:c9:22:f9:a6:37:64:81:d4:fe:be:64:be:b8:18:
00:7c:ad:e5:1f:45:9b:db:9b:8e:81:ba:4c:d2:97:54:67:9e:
a2:21:2a:c4:d7:ce:2c:a0:a1:81:d8:37:81:73:6c:03:ee:1f:
97:1b:aa:f8:b2:04:6b:46:c2:b5:b8:6c:db:a7:cc:20:11:05:
5f:f2:8f:9e:5d:c5:c4:61:04:3c:4a:41:46:fb:0a:3e:3e:ce:
32:55:9e:45:85:6f:72:3d:1c:e1:3b:dd:d9:4e:c8:3e:24:41:
d9:b5:53:a6:8c:10:65:24:dc:f1:a3:7f:0b:12:7c:6f:14:77:
62:60:8e:42
-----BEGIN CERTIFICATE-----
MIIE7DCCA9SgAwIBAgIUakWiNb87kvb3Zep2ipwM9+qi4jEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZDRkFD
RENDNThBMzAeFw0yMzA0MTAwNjM4MDBaFw0yNDA0MDgwNjQzMDBaMDMxMTAvBgNV
BAMTKDMyRkY3NjRCNjQyOEQ1QjVERTdBMzczRDYzM0Q5RDdERjNFM0FFRTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOt0O7i6kr6zvAiYaLMINA0gKr
m2LSudLwm7Plwf1KZmQpYCpv5sBqbH+Cw54VcttGvv6hzOiI5v5Gel6S+v6z8kdr
1+XLZLW8DX2JB/GcaVbkL2lexOtcp2BKNReFkSph1GIFIn/SGruFgyTPpMt4q/2o
d8sy94H6fqmDrw2ENw7XLndFe6/0Uxn1/m1gipdSmzwwN4M8unh33+GJqH6uyJ4r
bPiv8o9NVJS1cvwAUvDfjLLmihGJBAIlM31v6iGPbUnvYoGGgTXsXNA2K4fRQz2h
A+gYdYgnPzDnMvlz+VxQMtkT9XrgDF22d6rat34FpD/vDszjIK5SW+bzigY1AgMB
AAGjggH2MIIB8jAdBgNVHQ4EFgQUMv92S2Qo1bXeejc9Yz2dffPjruEwHwYDVR0j
BBgwFoAUAodsEZJMvaAb4a05oyBs+s3MWKMwDgYDVR0PAQH/BAQDAgeAMGsGA1Ud
HwRkMGIwYKBeoFyGWnJzeW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdM
YWlyLVRFU1QvMS8wMjg3NkMxMTkyNENCREEwMUJFMUFEMzlBMzIwNkNGQUNEQ0M1
OEEzLmNybDBlBggrBgEFBQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBr
aS5jby9yZXBvL0FTOTQ1LzEvMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZD
RkFDRENDNThBMy5jZXIwgY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJz
eW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdMYWlyLVRFU1QvMS8zMjYx
MzEzMjNhNjQ2NDM0MzczYTM4MzYzMDYxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIw
MzUzMDM1MzUzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEF
BQcBBwEB/wQTMBEwDwQCAAIwCQMHACoS3UeGCjANBgkqhkiG9w0BAQsFAAOCAQEA
jCySUPoca+n/6dHDTAIdKgSAh022CPEt8QhhpjyZJc+qFlXSS59a5Hp1ecSFvRc0
H8f3sQO4y8dkvGTqFtwLRnb3hlq84sxM0THfUMPLsIBNqzGR400zcQJoPrDb6bgU
Grhsn8E9HxrVdEu2KOsmY+jm24dYMIwbF+mAvNO89Seteski+aY3ZIHU/r5kvrgY
AHyt5R9Fm9ubjoG6TNKXVGeeoiEqxNfOLKChgdg3gXNsA+4flxuq+LIEa0bCtbhs
26fMIBEFX/KPnl3FxGEEPEpBRvsKPj7OMlWeRYVvcj0c4Tvd2U7IPiRB2bVTpowQ
ZSTc8aN/CxJ8bxR3YmCOQg==
-----END CERTIFICATE-----
Generated at Tue May 27 18:11:23 2025 by rpki-client