Route Origin Authorization
$ rpki-client -vvf rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32332d3233203d3e203332353139.roa
File: 3130332e3135322e33342e302f32332d3233203d3e203332353139.roa (raw, json)
Hash identifier: MAbIUElpvFGTdzArltpZ/RudA4ffnwWPNRH58qLgk6U=
Subject key identifier: C2:10:53:9D:0F:E6:6E:0C:0B:8D:0E:88:36:38:9D:85:36:97:61:1A
Certificate issuer: /CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Certificate serial: 2CAD384527A2714D6EBC5A5D5CAAE85E5F321538
Authority key identifier: FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
Authority info access: rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject info access: rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32332d3233203d3e203332353139.roa
Signing time: Sun 31 Mar 2024 16:00:00 +0000
ROA not before: Sun 31 Mar 2024 15:55:00 +0000
ROA not after: Mon 31 Mar 2025 16:00:00 +0000
asID: 32519
IP address blocks: 103.152.34.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.mft
rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.crl
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WheWSLPvI2nc5721gUD_fccGCr8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 19 May 2024 11:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:ad:38:45:27:a2:71:4d:6e:bc:5a:5d:5c:aa:e8:5e:5f:32:15:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Validity
Not Before: Mar 31 15:55:00 2024 GMT
Not After : Mar 31 16:00:00 2025 GMT
Subject: CN=3082010A0282010100BF1AFAB5659D77C64CA515EB55F2640069F819B556CDD42651FBD143E6213719276B3EDEA66436598B8C74DAB8C8B299EE1ED207A828D0D1AE624CB74C91D0DCAB86AE03CB37D744AE7B8C5212DDF1DCAD6C915E552665B98CAE0323F737595E8D6DB1ADF5177926FA77163828C1DC9B018FCE0F201A5B08A51C62380F2D709DE14C63492EFE97829489E19B059131E7D388B966153CAB1089D3459342FAB62C32A26973E45F5C94477362386CB7A09C41547FCAA3E35874AE13C0853D9324F66A50C38ECDB855AAE7F442993A5CE67EC49976B1D40EA7A8F636E81E709BA365D55347E884C486E66C93E1E639033E7D883CA06E95DF57ECE51F93BE48D1794D0203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1a:fa:b5:65:9d:77:c6:4c:a5:15:eb:55:f2:
64:00:69:f8:19:b5:56:cd:d4:26:51:fb:d1:43:e6:
21:37:19:27:6b:3e:de:a6:64:36:59:8b:8c:74:da:
b8:c8:b2:99:ee:1e:d2:07:a8:28:d0:d1:ae:62:4c:
b7:4c:91:d0:dc:ab:86:ae:03:cb:37:d7:44:ae:7b:
8c:52:12:dd:f1:dc:ad:6c:91:5e:55:26:65:b9:8c:
ae:03:23:f7:37:59:5e:8d:6d:b1:ad:f5:17:79:26:
fa:77:16:38:28:c1:dc:9b:01:8f:ce:0f:20:1a:5b:
08:a5:1c:62:38:0f:2d:70:9d:e1:4c:63:49:2e:fe:
97:82:94:89:e1:9b:05:91:31:e7:d3:88:b9:66:15:
3c:ab:10:89:d3:45:93:42:fa:b6:2c:32:a2:69:73:
e4:5f:5c:94:47:73:62:38:6c:b7:a0:9c:41:54:7f:
ca:a3:e3:58:74:ae:13:c0:85:3d:93:24:f6:6a:50:
c3:8e:cd:b8:55:aa:e7:f4:42:99:3a:5c:e6:7e:c4:
99:76:b1:d4:0e:a7:a8:f6:36:e8:1e:70:9b:a3:65:
d5:53:47:e8:84:c4:86:e6:6c:93:e1:e6:39:03:3e:
7d:88:3c:a0:6e:95:df:57:ec:e5:1f:93:be:48:d1:
79:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:10:53:9D:0F:E6:6E:0C:0B:8D:0E:88:36:38:9D:85:36:97:61:1A
X509v3 Authority Key Identifier:
keyid:FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
Authority Information Access:
CA Issuers - URI:rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32332d3233203d3e203332353139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.152.34.0/23
Signature Algorithm: sha256WithRSAEncryption
77:c7:11:90:c1:b9:2c:84:c0:9c:5b:f3:b8:15:6c:88:5d:66:
a4:ca:0b:de:b4:44:4e:53:69:42:3a:d5:a5:0d:1e:6f:5e:01:
76:8b:ba:d1:a9:bb:6c:8a:a8:db:e1:69:17:64:f2:91:d8:b7:
56:1f:34:40:87:3b:97:4b:b4:42:08:3e:6b:eb:02:ae:c7:58:
43:c4:7e:29:6d:22:e6:c0:fd:f1:f5:dd:0c:82:80:d7:f5:1f:
e1:d5:ac:c9:46:4b:b6:be:66:36:38:1e:47:5c:18:6c:e4:98:
0c:64:27:a9:90:41:76:d9:fd:cd:da:93:53:11:c7:0e:98:34:
e4:68:e3:4f:c5:5a:b4:c4:3a:95:e7:c7:d6:24:f8:f0:63:da:
47:c5:03:48:d6:af:c1:98:70:e7:1f:e6:5e:09:2d:2b:ee:66:
81:97:c6:48:73:25:dc:b7:5f:66:d4:43:64:55:4f:a3:b3:44:
a2:43:be:08:06:21:a4:87:bb:f7:60:74:73:74:23:4c:70:14:
18:08:dc:1d:b8:49:a7:f5:d0:df:85:07:8e:68:48:f7:a5:a3:
c7:be:73:ad:a1:ac:1b:af:75:85:d3:5f:00:1a:f1:52:94:cd:
9e:a4:38:1b:be:36:1a:4e:ac:af:4f:ee:17:49:1b:61:d9:b8:
62:7b:6a:cb
-----BEGIN CERTIFICATE-----
MIIG1TCCBb2gAwIBAgIULK04RSeicU1uvFpdXKroXl8yFTgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkNCMTgwNUZBN0FFMjJENTY1RTBBNTAyRDA4RDM3RUIy
QkQ4MzdBNzAeFw0yNDAzMzExNTU1MDBaFw0yNTAzMzExNjAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQkYxQUZBQjU2NTlENzdDNjRD
QTUxNUVCNTVGMjY0MDA2OUY4MTlCNTU2Q0RENDI2NTFGQkQxNDNFNjIxMzcxOTI3
NkIzRURFQTY2NDM2NTk4QjhDNzREQUI4QzhCMjk5RUUxRUQyMDdBODI4RDBEMUFF
NjI0Q0I3NEM5MUQwRENBQjg2QUUwM0NCMzdENzQ0QUU3QjhDNTIxMkRERjFEQ0FE
NkM5MTVFNTUyNjY1Qjk4Q0FFMDMyM0Y3Mzc1OTVFOEQ2REIxQURGNTE3NzkyNkZB
NzcxNjM4MjhDMURDOUIwMThGQ0UwRjIwMUE1QjA4QTUxQzYyMzgwRjJENzA5REUx
NEM2MzQ5MkVGRTk3ODI5NDg5RTE5QjA1OTEzMUU3RDM4OEI5NjYxNTNDQUIxMDg5
RDM0NTkzNDJGQUI2MkMzMkEyNjk3M0U0NUY1Qzk0NDc3MzYyMzg2Q0I3QTA5QzQx
NTQ3RkNBQTNFMzU4NzRBRTEzQzA4NTNEOTMyNEY2NkE1MEMzOEVDREI4NTVBQUU3
RjQ0Mjk5M0E1Q0U2N0VDNDk5NzZCMUQ0MEVBN0E4RjYzNkU4MUU3MDlCQTM2NUQ1
NTM0N0U4ODRDNDg2RTY2QzkzRTFFNjM5MDMzRTdEODgzQ0EwNkU5NURGNTdFQ0U1
MUY5M0JFNDhEMTc5NEQwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAvxr6tWWdd8ZMpRXrVfJkAGn4GbVWzdQmUfvRQ+YhNxknaz7epmQ2
WYuMdNq4yLKZ7h7SB6go0NGuYky3TJHQ3KuGrgPLN9dErnuMUhLd8dytbJFeVSZl
uYyuAyP3N1lejW2xrfUXeSb6dxY4KMHcmwGPzg8gGlsIpRxiOA8tcJ3hTGNJLv6X
gpSJ4ZsFkTHn04i5ZhU8qxCJ00WTQvq2LDKiaXPkX1yUR3NiOGy3oJxBVH/Ko+NY
dK4TwIU9kyT2alDDjs24Varn9EKZOlzmfsSZdrHUDqeo9jboHnCbo2XVU0fohMSG
5myT4eY5Az59iDygbpXfV+zlH5O+SNF5TQIDAQABo4IB4zCCAd8wHQYDVR0OBBYE
FMIQU50P5m4MC40OiDY4nYU2l2EaMB8GA1UdIwQYMBaAFPyxgF+nriLVZeClAtCN
N+sr2DenMA4GA1UdDwEB/wQEAwIHgDBkBgNVHR8EXTBbMFmgV6BVhlNyc3luYzov
L3Jwa2kuYXBlcm5ldC5pby9yZXBvL0FQRVJORVQvMS9GQ0IxODA1RkE3QUUyMkQ1
NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNybDBtBggrBgEFBQcBAQRhMF8wXQYI
KwYBBQUHMAKGUXJzeW5jOi8vc2FrdXlhLm5hdC5tb2UvcmVwby9OQVRPQ0EvMS9G
Q0IxODA1RkE3QUUyMkQ1NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNlcjB9Bggr
BgEFBQcBCwRxMG8wbQYIKwYBBQUHMAuGYXJzeW5jOi8vcnBraS5hcGVybmV0Lmlv
L3JlcG8vQVBFUk5FVC8xLzMxMzAzMzJlMzEzNTMyMmUzMzM0MmUzMDJmMzIzMzJk
MzIzMzIwM2QzZTIwMzMzMjM1MzEzOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWeYIjANBgkqhkiG9w0B
AQsFAAOCAQEAd8cRkMG5LITAnFvzuBVsiF1mpMoL3rRETlNpQjrVpQ0eb14Bdou6
0am7bIqo2+FpF2Tykdi3Vh80QIc7l0u0Qgg+a+sCrsdYQ8R+KW0i5sD98fXdDIKA
1/Uf4dWsyUZLtr5mNjgeR1wYbOSYDGQnqZBBdtn9zdqTUxHHDpg05GjjT8VatMQ6
lefH1iT48GPaR8UDSNavwZhw5x/mXgktK+5mgZfGSHMl3LdfZtRDZFVPo7NEokO+
CAYhpIe792B0c3QjTHAUGAjcHbhJp/XQ34UHjmhI96Wjx75zraGsG691hdNfABrx
UpTNnqQ4G742Gk6sr0/uF0kbYdm4Yntqyw==
-----END CERTIFICATE-----
Generated at Sat May 18 21:31:24 2024 by rpki-client on console-ams.rpki-client.org