Autonomous System Provider Authorization
$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair/0/AS21957.asa
File: AS21957.asa (raw, json)
Hash identifier: JfXRjy3PBHQ21sZWZ6j+8b+Oy1M6wY5jz3ZmlNCr4es=
Subject key identifier: 3B:D0:72:BA:07:BC:F7:98:1F:48:A3:94:6D:BA:56:62:C3:A5:E0:A6
Certificate issuer: /CN=02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351
Certificate serial: 4BD1EC5B3B1C404DAE9CC5B898C2502151F49D53
Authority key identifier: 7E:C9:B5:D2:25:08:C0:23:1C:15:DA:BD:AF:51:35:99:0B:66:BF:ED
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04/02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351.cer
Subject info access: rsync://repo.kagl.me/rpki/KeatonAGLair/0/AS21957.asa
Signing time: Sat 30 Aug 2025 20:28:19 +0000
ASPA not before: Sat 30 Aug 2025 20:23:19 +0000
ASPA not after: Sat 29 Aug 2026 20:28:19 +0000
Customer ASID: 21957
Providers: AS: 970
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:d1:ec:5b:3b:1c:40:4d:ae:9c:c5:b8:98:c2:50:21:51:f4:9d:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351
Validity
Not Before: Aug 30 20:23:19 2025 GMT
Not After : Aug 29 20:28:19 2026 GMT
Subject: CN=3BD072BA07BCF7981F48A3946DBA5662C3A5E0A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:00:c2:12:35:73:0b:10:96:92:76:b1:17:bf:
5e:29:13:52:66:b3:4e:25:9c:26:a5:13:70:08:bd:
40:49:40:27:c8:d3:b5:d6:19:ac:5f:16:c7:d6:90:
2e:38:b1:16:73:1c:42:0b:89:41:f8:20:78:42:aa:
26:c8:2e:7c:c5:19:0a:a7:ec:17:42:78:47:a6:70:
cb:42:6b:0c:92:53:c9:1d:f1:4c:67:a4:31:74:7e:
46:d2:3a:ef:e9:cc:30:8c:91:ff:46:ba:04:ef:09:
29:92:35:b8:80:ca:5b:50:d8:12:df:fa:95:cd:97:
a2:7d:23:f7:43:8b:8d:f1:a8:5b:af:08:51:a4:8d:
7d:99:48:92:38:bb:ec:92:ef:ca:3b:94:d3:0c:b5:
17:bc:58:69:9c:b6:98:08:e9:11:48:74:99:41:c2:
57:e4:10:c1:b8:b1:b0:61:d8:ef:34:83:c2:09:fe:
43:09:38:ce:ff:0c:20:41:eb:98:f0:6a:43:a4:7c:
40:73:60:68:09:c2:e9:59:76:75:2b:7a:1b:95:a8:
62:d7:92:3c:96:33:52:db:12:8d:61:08:9c:cc:ff:
da:e6:93:65:e8:a1:9b:da:8e:37:6b:aa:79:81:dd:
51:ed:30:04:43:17:8c:30:8e:61:ef:c7:2a:f5:3f:
a3:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:D0:72:BA:07:BC:F7:98:1F:48:A3:94:6D:BA:56:62:C3:A5:E0:A6
X509v3 Authority Key Identifier:
keyid:7E:C9:B5:D2:25:08:C0:23:1C:15:DA:BD:AF:51:35:99:0B:66:BF:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo.kagl.me/rpki/KeatonAGLair/0/7EC9B5D22508C0231C15DABDAF5135990B66BFED.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04/02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351.cer
Subject Information Access:
Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair/0/AS21957.asa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
21957
Signature Algorithm: sha256WithRSAEncryption
ab:84:2e:e9:08:0c:57:cc:8f:1f:d1:b1:8b:64:eb:5f:ae:7d:
09:b2:e3:0c:41:9e:73:01:d0:d0:aa:cf:e1:36:e3:b4:18:41:
0b:ee:24:c7:e3:79:4e:32:c1:49:b9:a4:2a:b9:95:12:20:35:
34:7b:00:3b:86:70:33:f1:a9:cf:be:7e:10:7d:1d:9b:d6:94:
80:ce:05:43:26:9f:ca:d6:12:91:86:ad:93:71:a2:95:af:a1:
86:67:ad:d3:9e:4c:7a:e8:18:02:df:b7:e3:f5:b4:e4:57:76:
15:97:60:84:c7:d3:a0:05:05:93:81:13:98:00:86:1f:3d:39:
5f:a3:65:19:47:e7:b8:ff:a9:a2:6b:e7:5c:ba:51:17:4e:33:
b3:1f:6e:1a:19:01:16:ee:4e:42:6a:98:57:f4:7b:82:5e:a0:
bb:ee:e9:c1:4a:9d:b1:74:e7:41:8b:76:2f:ad:70:c5:22:b8:
9e:e2:1a:81:d3:de:86:15:05:b0:3f:10:61:32:d5:5c:43:b1:
b8:50:f3:fe:6a:8d:e9:ce:5c:2a:00:58:90:d2:dd:62:86:4c:
7c:33:3d:86:13:55:a9:8f:46:a2:c1:fe:19:3b:30:04:ad:f3:
00:d3:2f:29:fa:d0:e4:3f:fe:a6:fa:23:e4:c7:ab:7f:a2:d8:
33:d2:f8:fe
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgIUS9HsWzscQE2unMW4mMJQIVH0nVMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMDJiYTNmNTI1NGI4ODY4MWVjNmM1NDUwYTM4NzE3NDc5
YzA1ODliOTk1NmM1MWUzNTEwHhcNMjUwODMwMjAyMzE5WhcNMjYwODI5MjAyODE5
WjAzMTEwLwYDVQQDEygzQkQwNzJCQTA3QkNGNzk4MUY0OEEzOTQ2REJBNTY2MkMz
QTVFMEE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgDCEjVzCxCW
knaxF79eKRNSZrNOJZwmpRNwCL1ASUAnyNO11hmsXxbH1pAuOLEWcxxCC4lB+CB4
QqomyC58xRkKp+wXQnhHpnDLQmsMklPJHfFMZ6QxdH5G0jrv6cwwjJH/RroE7wkp
kjW4gMpbUNgS3/qVzZeifSP3Q4uN8ahbrwhRpI19mUiSOLvsku/KO5TTDLUXvFhp
nLaYCOkRSHSZQcJX5BDBuLGwYdjvNIPCCf5DCTjO/wwgQeuY8GpDpHxAc2BoCcLp
WXZ1K3oblahi15I8ljNS2xKNYQiczP/a5pNl6KGb2o43a6p5gd1R7TAEQxeMMI5h
78cq9T+jgQIDAQABo4ICOTCCAjUwHQYDVR0OBBYEFDvQcroHvPeYH0ijlG26VmLD
peCmMB8GA1UdIwQYMBaAFH7JtdIlCMAjHBXava9RNZkLZr/tMA4GA1UdDwEB/wQE
AwIHgDBmBgNVHR8EXzBdMFugWaBXhlVyc3luYzovL3JlcG8ua2FnbC5tZS9ycGtp
L0tlYXRvbkFHTGFpci8wLzdFQzlCNUQyMjUwOEMwMjMxQzE1REFCREFGNTEzNTk5
MEI2NkJGRUQuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzAzNTcyNzJjLWE3OWEt
NDViZi05NTg2LTkyZGQ0OWVmMzIyMy8zOTA2NWFjYy1iZWVkLTQxMTUtYmM2Yy02
M2RlMjMyZjJhMDQvMDJiYTNmNTI1NGI4ODY4MWVjNmM1NDUwYTM4NzE3NDc5YzA1
ODliOTk1NmM1MWUzNTEuY2VyMFAGCCsGAQUFBwELBEQwQjBABggrBgEFBQcwC4Y0
cnN5bmM6Ly9yZXBvLmthZ2wubWUvcnBraS9LZWF0b25BR0xhaXIvMC9BUzIxOTU3
LmFzYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBkGCCsGAQUFBwEIAQH/BAow
CKAGMAQCAlXFMA0GCSqGSIb3DQEBCwUAA4IBAQCrhC7pCAxXzI8f0bGLZOtfrn0J
suMMQZ5zAdDQqs/hNuO0GEEL7iTH43lOMsFJuaQquZUSIDU0ewA7hnAz8anPvn4Q
fR2b1pSAzgVDJp/K1hKRhq2TcaKVr6GGZ63Tnkx66BgC37fj9bTkV3YVl2CEx9Og
BQWTgROYAIYfPTlfo2UZR+e4/6mia+dculEXTjOzH24aGQEW7k5CaphX9HuCXqC7
7unBSp2xdOdBi3YvrXDFIrie4hqB096GFQWwPxBhMtVcQ7G4UPP+ao3pzlwqAFiQ
0t1ihkx8Mz2GE1Wpj0aiwf4ZOzAErfMA0y8p+tDkP/6m+iPkx6t/otgz0vj+
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:55:49 2025 by rpki-client