Route Origin Authorization
$ rpki-client -vvf rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32332d3233203d3e203338303038.roa
File: 3130332e3135322e33342e302f32332d3233203d3e203338303038.roa (raw, json)
Hash identifier: Z2kToLXpI7c0b1PbtL91xustIKaSxJN+JMus3cPU16A=
Subject key identifier: 53:01:4E:CE:CD:9E:D9:ED:87:A3:41:E2:21:80:3C:10:E8:F7:C9:D1
Certificate issuer: /CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Certificate serial: 1D691F2BBA82C51C53381CAEA378B147251EA133
Authority key identifier: FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
Authority info access: rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject info access: rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32332d3233203d3e203338303038.roa
Signing time: Sat 11 Nov 2023 04:00:00 +0000
ROA not before: Sat 11 Nov 2023 03:55:00 +0000
ROA not after: Mon 11 Nov 2024 04:00:00 +0000
asID: 38008
IP address blocks: 103.152.34.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.mft
rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.crl
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WheWSLPvI2nc5721gUD_fccGCr8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 25 Apr 2024 09:54:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:69:1f:2b:ba:82:c5:1c:53:38:1c:ae:a3:78:b1:47:25:1e:a1:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Validity
Not Before: Nov 11 03:55:00 2023 GMT
Not After : Nov 11 04:00:00 2024 GMT
Subject: CN=3082010A0282010100C796FFFD2321482D17DE7C0416376BE4163F96B1357D810957345142B2A3BA7A8A6C829FEE0B537D902E8BBE0249D574B7515C4A116CBAA5BC63934132F020C378B58B1089AD9BF010937574DB3E9562D7C89EF8E20F784DB1D687D6C8316E6C52E5DB7164CB86C77D492A4C263C1ECAE60C97A8C0D1FE79A94BE1E3DE30AB492828CE2AC10B8CBE102506981DF374C5E3D3B57966D14A80579504E64B606BE1F66306865A1A8D2D44F84BE309CBB24EF0C14E840F30344B48B11C9DDE9DC978FB9E6E9934B88145BE3645985588887C096C91131B17FA127114F593C5A47529631D16993F2D77F1F9D7CDDF925F905EAC1A60C64D862C7652CF45A59A60F7B90203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:96:ff:fd:23:21:48:2d:17:de:7c:04:16:37:
6b:e4:16:3f:96:b1:35:7d:81:09:57:34:51:42:b2:
a3:ba:7a:8a:6c:82:9f:ee:0b:53:7d:90:2e:8b:be:
02:49:d5:74:b7:51:5c:4a:11:6c:ba:a5:bc:63:93:
41:32:f0:20:c3:78:b5:8b:10:89:ad:9b:f0:10:93:
75:74:db:3e:95:62:d7:c8:9e:f8:e2:0f:78:4d:b1:
d6:87:d6:c8:31:6e:6c:52:e5:db:71:64:cb:86:c7:
7d:49:2a:4c:26:3c:1e:ca:e6:0c:97:a8:c0:d1:fe:
79:a9:4b:e1:e3:de:30:ab:49:28:28:ce:2a:c1:0b:
8c:be:10:25:06:98:1d:f3:74:c5:e3:d3:b5:79:66:
d1:4a:80:57:95:04:e6:4b:60:6b:e1:f6:63:06:86:
5a:1a:8d:2d:44:f8:4b:e3:09:cb:b2:4e:f0:c1:4e:
84:0f:30:34:4b:48:b1:1c:9d:de:9d:c9:78:fb:9e:
6e:99:34:b8:81:45:be:36:45:98:55:88:88:7c:09:
6c:91:13:1b:17:fa:12:71:14:f5:93:c5:a4:75:29:
63:1d:16:99:3f:2d:77:f1:f9:d7:cd:df:92:5f:90:
5e:ac:1a:60:c6:4d:86:2c:76:52:cf:45:a5:9a:60:
f7:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:01:4E:CE:CD:9E:D9:ED:87:A3:41:E2:21:80:3C:10:E8:F7:C9:D1
X509v3 Authority Key Identifier:
keyid:FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
Authority Information Access:
CA Issuers - URI:rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32332d3233203d3e203338303038.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.152.34.0/23
Signature Algorithm: sha256WithRSAEncryption
9b:69:2d:6b:1a:21:96:e4:b6:05:3e:37:d6:6c:bb:cd:05:29:
83:a0:02:d5:5f:ef:a8:b5:b4:f3:3a:55:ea:59:94:48:03:05:
5b:63:51:7c:94:7c:7f:21:e8:74:78:e4:a8:8d:1c:aa:58:e5:
78:db:d7:09:f1:e1:ca:7c:dc:77:42:ef:fb:ba:da:59:fa:7c:
1d:ef:4c:29:4d:28:31:f5:d5:bb:8b:e2:3a:dd:f0:17:28:e2:
d3:de:c4:9a:95:aa:a6:f6:c6:3b:c3:2e:50:35:42:cb:ab:f3:
3a:be:b0:61:1b:7f:4f:30:ed:ed:97:e0:74:09:4a:c4:19:62:
91:02:59:e4:5d:e3:b3:44:d9:3b:cd:72:47:e0:b4:73:66:02:
46:d3:29:57:b4:51:97:57:23:61:ca:4a:c7:50:bc:2d:f0:9e:
25:b9:81:e0:3a:3c:d6:80:57:99:52:2d:91:6a:ad:2e:ae:1f:
a9:9b:c1:58:31:91:b2:12:9f:7f:c2:90:ad:72:fa:f9:6f:a4:
75:5e:50:f7:ce:1a:df:6a:6a:9c:0c:7c:2f:61:10:bb:94:60:
16:c0:30:15:d1:95:e7:71:0c:f8:6a:90:09:30:39:b2:d2:fc:
dc:75:90:44:9b:dc:09:86:62:87:25:2a:c5:57:9a:a7:1c:e2:
70:cc:e1:04
-----BEGIN CERTIFICATE-----
MIIG1TCCBb2gAwIBAgIUHWkfK7qCxRxTOByuo3ixRyUeoTMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkNCMTgwNUZBN0FFMjJENTY1RTBBNTAyRDA4RDM3RUIy
QkQ4MzdBNzAeFw0yMzExMTEwMzU1MDBaFw0yNDExMTEwNDAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQzc5NkZGRkQyMzIxNDgyRDE3
REU3QzA0MTYzNzZCRTQxNjNGOTZCMTM1N0Q4MTA5NTczNDUxNDJCMkEzQkE3QThB
NkM4MjlGRUUwQjUzN0Q5MDJFOEJCRTAyNDlENTc0Qjc1MTVDNEExMTZDQkFBNUJD
NjM5MzQxMzJGMDIwQzM3OEI1OEIxMDg5QUQ5QkYwMTA5Mzc1NzREQjNFOTU2MkQ3
Qzg5RUY4RTIwRjc4NERCMUQ2ODdENkM4MzE2RTZDNTJFNURCNzE2NENCODZDNzdE
NDkyQTRDMjYzQzFFQ0FFNjBDOTdBOEMwRDFGRTc5QTk0QkUxRTNERTMwQUI0OTI4
MjhDRTJBQzEwQjhDQkUxMDI1MDY5ODFERjM3NEM1RTNEM0I1Nzk2NkQxNEE4MDU3
OTUwNEU2NEI2MDZCRTFGNjYzMDY4NjVBMUE4RDJENDRGODRCRTMwOUNCQjI0RUYw
QzE0RTg0MEYzMDM0NEI0OEIxMUM5RERFOURDOTc4RkI5RTZFOTkzNEI4ODE0NUJF
MzY0NTk4NTU4ODg4N0MwOTZDOTExMzFCMTdGQTEyNzExNEY1OTNDNUE0NzUyOTYz
MUQxNjk5M0YyRDc3RjFGOUQ3Q0RERjkyNUY5MDVFQUMxQTYwQzY0RDg2MkM3NjUy
Q0Y0NUE1OUE2MEY3QjkwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAx5b//SMhSC0X3nwEFjdr5BY/lrE1fYEJVzRRQrKjunqKbIKf7gtT
fZAui74CSdV0t1FcShFsuqW8Y5NBMvAgw3i1ixCJrZvwEJN1dNs+lWLXyJ744g94
TbHWh9bIMW5sUuXbcWTLhsd9SSpMJjweyuYMl6jA0f55qUvh494wq0koKM4qwQuM
vhAlBpgd83TF49O1eWbRSoBXlQTmS2Br4fZjBoZaGo0tRPhL4wnLsk7wwU6EDzA0
S0ixHJ3encl4+55umTS4gUW+NkWYVYiIfAlskRMbF/oScRT1k8WkdSljHRaZPy13
8fnXzd+SX5BerBpgxk2GLHZSz0WlmmD3uQIDAQABo4IB4zCCAd8wHQYDVR0OBBYE
FFMBTs7Nntnth6NB4iGAPBDo98nRMB8GA1UdIwQYMBaAFPyxgF+nriLVZeClAtCN
N+sr2DenMA4GA1UdDwEB/wQEAwIHgDBkBgNVHR8EXTBbMFmgV6BVhlNyc3luYzov
L3Jwa2kuYXBlcm5ldC5pby9yZXBvL0FQRVJORVQvMS9GQ0IxODA1RkE3QUUyMkQ1
NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNybDBtBggrBgEFBQcBAQRhMF8wXQYI
KwYBBQUHMAKGUXJzeW5jOi8vc2FrdXlhLm5hdC5tb2UvcmVwby9OQVRPQ0EvMS9G
Q0IxODA1RkE3QUUyMkQ1NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNlcjB9Bggr
BgEFBQcBCwRxMG8wbQYIKwYBBQUHMAuGYXJzeW5jOi8vcnBraS5hcGVybmV0Lmlv
L3JlcG8vQVBFUk5FVC8xLzMxMzAzMzJlMzEzNTMyMmUzMzM0MmUzMDJmMzIzMzJk
MzIzMzIwM2QzZTIwMzMzODMwMzAzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWeYIjANBgkqhkiG9w0B
AQsFAAOCAQEAm2ktaxohluS2BT431my7zQUpg6AC1V/vqLW08zpV6lmUSAMFW2NR
fJR8fyHodHjkqI0cqljleNvXCfHhynzcd0Lv+7raWfp8He9MKU0oMfXVu4viOt3w
Fyji097EmpWqpvbGO8MuUDVCy6vzOr6wYRt/TzDt7ZfgdAlKxBlikQJZ5F3js0TZ
O81yR+C0c2YCRtMpV7RRl1cjYcpKx1C8LfCeJbmB4Do81oBXmVItkWqtLq4fqZvB
WDGRshKff8KQrXL6+W+kdV5Q984a32pqnAx8L2EQu5RgFsAwFdGV53EM+GqQCTA5
stL83HWQRJvcCYZihyUqxVeapxzicMzhBA==
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:50 2024 by rpki-client on console-ams.rpki-client.org