Route Origin Authorization
$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair/0/3130342e33372e34312e302f32342d3234203d3e203231393537.roa
File: 3130342e33372e34312e302f32342d3234203d3e203231393537.roa (raw, json)
Hash identifier: XaNBV09FvARLrTtiUD7xLrsJU5+S/V2B1ry0LCMI7Cg=
Subject key identifier: AE:80:9A:01:AF:46:F2:98:37:D1:C5:57:48:BB:C3:36:4E:3B:35:86
Certificate issuer: /CN=02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351
Certificate serial: 6DE354F382BF766C9D76C026C8BEE575444FF669
Authority key identifier: 7E:C9:B5:D2:25:08:C0:23:1C:15:DA:BD:AF:51:35:99:0B:66:BF:ED
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04/02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351.cer
Subject info access: rsync://repo.kagl.me/rpki/KeatonAGLair/0/3130342e33372e34312e302f32342d3234203d3e203231393537.roa
Signing time: Mon 11 Mar 2024 07:12:39 +0000
ROA not before: Mon 11 Mar 2024 07:07:39 +0000
ROA not after: Mon 10 Mar 2025 07:12:39 +0000
asID: 21957
IP address blocks: 104.37.41.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:e3:54:f3:82:bf:76:6c:9d:76:c0:26:c8:be:e5:75:44:4f:f6:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351
Validity
Not Before: Mar 11 07:07:39 2024 GMT
Not After : Mar 10 07:12:39 2025 GMT
Subject: CN=AE809A01AF46F29837D1C55748BBC3364E3B3586
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:8e:ce:ac:09:88:e3:c3:65:0b:9b:1f:24:07:
f4:78:b9:6b:d7:46:ea:c0:d0:9c:af:d8:89:b3:6a:
c9:ac:b5:67:46:c0:ca:f2:3f:e7:b8:42:b2:7f:bb:
c4:d0:b0:ae:f0:f9:54:ec:7f:64:13:f2:c6:50:ee:
0f:07:0f:98:8c:ee:c7:39:31:f2:26:e6:bb:1a:7c:
82:40:a8:84:25:f4:40:8f:f2:d0:15:90:c8:6a:1a:
70:2f:73:b6:24:6f:2e:46:f6:5f:b3:77:17:bf:79:
4d:8e:d3:f0:aa:35:e3:b3:ee:78:8f:c1:a9:7d:5e:
0c:cb:78:20:bc:26:5b:47:ec:76:8a:c5:54:4c:f5:
72:77:a9:e5:53:74:c6:27:74:aa:43:28:bc:b3:77:
fc:c8:f6:03:e4:33:1c:6c:57:09:16:a1:ad:74:0c:
14:2b:92:4f:52:bd:3e:58:ca:cf:a9:b0:2c:b0:2a:
0e:c8:ad:cc:98:c6:7a:e7:b8:d3:c8:99:e9:d8:47:
65:ed:61:24:8c:8c:97:45:25:7c:11:7f:93:04:f3:
9d:d7:f3:5b:7a:4a:cc:d0:ff:53:66:2c:e4:99:8a:
c9:20:85:ec:e7:f4:c9:c2:15:11:cb:0a:1e:2b:a5:
b0:cf:b0:a7:1b:67:0b:3d:d2:71:a3:5c:67:34:a5:
c6:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:80:9A:01:AF:46:F2:98:37:D1:C5:57:48:BB:C3:36:4E:3B:35:86
X509v3 Authority Key Identifier:
keyid:7E:C9:B5:D2:25:08:C0:23:1C:15:DA:BD:AF:51:35:99:0B:66:BF:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo.kagl.me/rpki/KeatonAGLair/0/7EC9B5D22508C0231C15DABDAF5135990B66BFED.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04/02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351.cer
Subject Information Access:
Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair/0/3130342e33372e34312e302f32342d3234203d3e203231393537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.37.41.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:fe:a4:09:67:1e:5d:27:c1:77:9a:a8:68:3e:40:6c:6c:81:
39:2d:63:84:fc:fc:fa:94:df:d0:23:af:b4:af:ab:29:27:e4:
04:e1:29:11:fd:74:f1:96:f4:b9:78:fc:88:66:41:8f:2a:f4:
a9:4a:05:b3:5d:98:ae:e0:c1:2d:d3:a6:4a:b1:a9:47:73:27:
bc:ca:58:73:0e:b5:3a:36:d3:bb:26:47:cd:2f:12:6c:00:7c:
a2:8d:c8:03:47:dc:c7:7f:6b:e7:b0:53:29:7c:80:3b:07:3f:
a3:ff:ed:1f:d5:f2:a7:e0:69:65:e4:e0:9d:b9:d0:fe:30:14:
7f:ed:9a:76:47:2c:96:b0:53:97:e4:78:16:f0:4f:87:11:99:
45:fc:5c:9d:74:3b:cb:88:19:ab:47:97:6f:0e:42:f5:6a:4d:
2f:23:b5:bd:73:ca:54:26:97:80:00:01:92:00:31:a1:82:7d:
bd:59:2e:f8:19:b6:07:52:41:e6:7a:c3:c4:cc:f4:4a:f1:62:
01:f0:f4:fb:78:02:f5:77:f4:92:df:63:78:68:5a:1e:fa:bb:
63:00:e4:2f:09:1f:b0:e2:f4:ed:d8:96:1c:63:22:56:c6:f6:
f6:2e:21:09:70:7c:32:e1:e3:8a:cb:ea:9a:83:e4:78:53:ca:
e5:34:41:24
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIUbeNU84K/dmyddsAmyL7ldURP9mkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMDJiYTNmNTI1NGI4ODY4MWVjNmM1NDUwYTM4NzE3NDc5
YzA1ODliOTk1NmM1MWUzNTEwHhcNMjQwMzExMDcwNzM5WhcNMjUwMzEwMDcxMjM5
WjAzMTEwLwYDVQQDEyhBRTgwOUEwMUFGNDZGMjk4MzdEMUM1NTc0OEJCQzMzNjRF
M0IzNTg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1o7OrAmI48Nl
C5sfJAf0eLlr10bqwNCcr9iJs2rJrLVnRsDK8j/nuEKyf7vE0LCu8PlU7H9kE/LG
UO4PBw+YjO7HOTHyJua7GnyCQKiEJfRAj/LQFZDIahpwL3O2JG8uRvZfs3cXv3lN
jtPwqjXjs+54j8GpfV4My3ggvCZbR+x2isVUTPVyd6nlU3TGJ3SqQyi8s3f8yPYD
5DMcbFcJFqGtdAwUK5JPUr0+WMrPqbAssCoOyK3MmMZ657jTyJnp2Edl7WEkjIyX
RSV8EX+TBPOd1/NbekrM0P9TZizkmYrJIIXs5/TJwhURywoeK6Wwz7CnG2cLPdJx
o1xnNKXGMQIDAQABo4ICbDCCAmgwHQYDVR0OBBYEFK6AmgGvRvKYN9HFV0i7wzZO
OzWGMB8GA1UdIwQYMBaAFH7JtdIlCMAjHBXava9RNZkLZr/tMA4GA1UdDwEB/wQE
AwIHgDBmBgNVHR8EXzBdMFugWaBXhlVyc3luYzovL3JlcG8ua2FnbC5tZS9ycGtp
L0tlYXRvbkFHTGFpci8wLzdFQzlCNUQyMjUwOEMwMjMxQzE1REFCREFGNTEzNTk5
MEI2NkJGRUQuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzAzNTcyNzJjLWE3OWEt
NDViZi05NTg2LTkyZGQ0OWVmMzIyMy8zOTA2NWFjYy1iZWVkLTQxMTUtYmM2Yy02
M2RlMjMyZjJhMDQvMDJiYTNmNTI1NGI4ODY4MWVjNmM1NDUwYTM4NzE3NDc5YzA1
ODliOTk1NmM1MWUzNTEuY2VyMH0GCCsGAQUFBwELBHEwbzBtBggrBgEFBQcwC4Zh
cnN5bmM6Ly9yZXBvLmthZ2wubWUvcnBraS9LZWF0b25BR0xhaXIvMC8zMTMwMzQy
ZTMzMzcyZTM0MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzkzNTM3LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAaCUpMA0GCSqGSIb3DQEBCwUAA4IBAQCL/qQJZx5dJ8F3mqhoPkBs
bIE5LWOE/Pz6lN/QI6+0r6spJ+QE4SkR/XTxlvS5ePyIZkGPKvSpSgWzXZiu4MEt
06ZKsalHcye8ylhzDrU6NtO7JkfNLxJsAHyijcgDR9zHf2vnsFMpfIA7Bz+j/+0f
1fKn4Gll5OCdudD+MBR/7Zp2RyyWsFOX5HgW8E+HEZlF/FyddDvLiBmrR5dvDkL1
ak0vI7W9c8pUJpeAAAGSADGhgn29WS74GbYHUkHmesPEzPRK8WIB8PT7eAL1d/SS
32N4aFoe+rtjAOQvCR+w4vTt2JYcYyJWxvb2LiEJcHwy4eOKy+qag+R4U8rlNEEk
-----END CERTIFICATE-----
Generated at Thu Apr 24 17:47:21 2025 by rpki-client