Route Origin Authorization
$ rpki-client -vvf rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32332d3233203d3e203436393937.roa
File: 3130332e3135322e33342e302f32332d3233203d3e203436393937.roa (raw, json)
Hash identifier: Ey6/pdWtzRm/CBKBZ8uStFOA2aGd+FdlNsTVeyBIrb4=
Subject key identifier: A8:98:B3:12:B8:33:15:35:E1:70:22:CA:E7:31:B3:3E:F8:9C:90:8E
Certificate issuer: /CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Certificate serial: 32D2DEF4B6D68E27BED2C6A97A615F541EC601F9
Authority key identifier: FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
Authority info access: rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject info access: rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32332d3233203d3e203436393937.roa
Signing time: Sat 11 Nov 2023 09:00:00 +0000
ROA not before: Sat 11 Nov 2023 08:55:00 +0000
ROA not after: Mon 11 Nov 2024 09:00:00 +0000
asID: 46997
IP address blocks: 103.152.34.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.mft
rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.crl
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WheWSLPvI2nc5721gUD_fccGCr8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 26 Apr 2024 11:00:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:d2:de:f4:b6:d6:8e:27:be:d2:c6:a9:7a:61:5f:54:1e:c6:01:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Validity
Not Before: Nov 11 08:55:00 2023 GMT
Not After : Nov 11 09:00:00 2024 GMT
Subject: CN=3082010A0282010100C6EAB64256BB0DA76174F816A4CF2A6916C0205D3CE6C75B063F6395CE76C7C99C2D19A38F7D9980B19ACBB53178D42553FC3A2B4D2A8190C3F7FAE90F8DCE56400D6232EAA91D35C02C5861FB169CDDDC9419437A5471B424412B7EE366DB75569FCEEDA91064D5240E16C00F7BED60AD119694276BEBC286FCB38FBECF942F44B68EE11AB2A2F4613891F3E141962E197E7CC33388E7821E5716F1F10500BDC6DDB5823B0F52A5E2E7E5720D8BF3172220B020B3227B3DFEB9E8342798835D2106E132BCFC98ABBAD29C46F9423DFE6DCDB065BFFF6FDB712761207900100D08B25594A90E2D4797B8B454719727D6472822E88E22ED5EBA0A5A165CBE40B90203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ea:b6:42:56:bb:0d:a7:61:74:f8:16:a4:cf:
2a:69:16:c0:20:5d:3c:e6:c7:5b:06:3f:63:95:ce:
76:c7:c9:9c:2d:19:a3:8f:7d:99:80:b1:9a:cb:b5:
31:78:d4:25:53:fc:3a:2b:4d:2a:81:90:c3:f7:fa:
e9:0f:8d:ce:56:40:0d:62:32:ea:a9:1d:35:c0:2c:
58:61:fb:16:9c:dd:dc:94:19:43:7a:54:71:b4:24:
41:2b:7e:e3:66:db:75:56:9f:ce:ed:a9:10:64:d5:
24:0e:16:c0:0f:7b:ed:60:ad:11:96:94:27:6b:eb:
c2:86:fc:b3:8f:be:cf:94:2f:44:b6:8e:e1:1a:b2:
a2:f4:61:38:91:f3:e1:41:96:2e:19:7e:7c:c3:33:
88:e7:82:1e:57:16:f1:f1:05:00:bd:c6:dd:b5:82:
3b:0f:52:a5:e2:e7:e5:72:0d:8b:f3:17:22:20:b0:
20:b3:22:7b:3d:fe:b9:e8:34:27:98:83:5d:21:06:
e1:32:bc:fc:98:ab:ba:d2:9c:46:f9:42:3d:fe:6d:
cd:b0:65:bf:ff:6f:db:71:27:61:20:79:00:10:0d:
08:b2:55:94:a9:0e:2d:47:97:b8:b4:54:71:97:27:
d6:47:28:22:e8:8e:22:ed:5e:ba:0a:5a:16:5c:be:
40:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:98:B3:12:B8:33:15:35:E1:70:22:CA:E7:31:B3:3E:F8:9C:90:8E
X509v3 Authority Key Identifier:
keyid:FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
Authority Information Access:
CA Issuers - URI:rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32332d3233203d3e203436393937.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.152.34.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:4f:d2:ad:9f:94:d6:6c:cf:db:af:57:dd:a2:8a:af:14:54:
5e:22:8b:f0:66:f4:5e:f4:32:d7:8a:ac:b6:ed:78:5b:2e:f7:
75:86:4b:23:73:f6:6a:7e:af:52:69:44:a0:85:63:f9:f3:bd:
73:3e:02:23:f6:c5:e9:97:af:0a:53:cb:03:aa:a7:66:30:58:
4a:9d:d8:bd:93:51:3e:f4:bd:b0:18:94:ea:34:bf:0e:f8:bd:
d9:86:48:49:83:a5:cf:fc:74:a4:10:ac:7e:7f:9f:87:57:8f:
f8:a3:8c:77:55:73:48:44:7f:5e:a9:2f:f3:76:32:02:88:43:
2b:9f:4b:c7:23:66:93:ac:d9:98:b6:62:d5:d9:f9:8a:8c:41:
1b:05:8d:28:76:45:70:0e:1f:86:04:31:70:a0:a0:b8:e0:11:
ed:8c:4b:81:c4:bb:f5:11:f7:73:cf:36:d5:73:78:21:da:42:
72:9f:93:63:52:73:94:9a:0e:0b:b9:62:55:0a:97:59:8d:a8:
f6:d6:ab:0f:80:6b:ff:93:da:f4:88:ed:04:bc:6e:b0:19:28:
c1:7e:87:cf:36:e1:55:14:b0:8a:44:04:41:c2:05:5c:ff:56:
da:59:3d:bf:99:b8:6d:db:6e:2c:c5:9c:26:ef:96:5a:73:57:
ef:40:49:56
-----BEGIN CERTIFICATE-----
MIIG1TCCBb2gAwIBAgIUMtLe9LbWjie+0sapemFfVB7GAfkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkNCMTgwNUZBN0FFMjJENTY1RTBBNTAyRDA4RDM3RUIy
QkQ4MzdBNzAeFw0yMzExMTEwODU1MDBaFw0yNDExMTEwOTAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQzZFQUI2NDI1NkJCMERBNzYx
NzRGODE2QTRDRjJBNjkxNkMwMjA1RDNDRTZDNzVCMDYzRjYzOTVDRTc2QzdDOTlD
MkQxOUEzOEY3RDk5ODBCMTlBQ0JCNTMxNzhENDI1NTNGQzNBMkI0RDJBODE5MEMz
RjdGQUU5MEY4RENFNTY0MDBENjIzMkVBQTkxRDM1QzAyQzU4NjFGQjE2OUNERERD
OTQxOTQzN0E1NDcxQjQyNDQxMkI3RUUzNjZEQjc1NTY5RkNFRURBOTEwNjRENTI0
MEUxNkMwMEY3QkVENjBBRDExOTY5NDI3NkJFQkMyODZGQ0IzOEZCRUNGOTQyRjQ0
QjY4RUUxMUFCMkEyRjQ2MTM4OTFGM0UxNDE5NjJFMTk3RTdDQzMzMzg4RTc4MjFF
NTcxNkYxRjEwNTAwQkRDNkREQjU4MjNCMEY1MkE1RTJFN0U1NzIwRDhCRjMxNzIy
MjBCMDIwQjMyMjdCM0RGRUI5RTgzNDI3OTg4MzVEMjEwNkUxMzJCQ0ZDOThBQkJB
RDI5QzQ2Rjk0MjNERkU2RENEQjA2NUJGRkY2RkRCNzEyNzYxMjA3OTAwMTAwRDA4
QjI1NTk0QTkwRTJENDc5N0I4QjQ1NDcxOTcyN0Q2NDcyODIyRTg4RTIyRUQ1RUJB
MEE1QTE2NUNCRTQwQjkwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAxuq2Qla7DadhdPgWpM8qaRbAIF085sdbBj9jlc52x8mcLRmjj32Z
gLGay7UxeNQlU/w6K00qgZDD9/rpD43OVkANYjLqqR01wCxYYfsWnN3clBlDelRx
tCRBK37jZtt1Vp/O7akQZNUkDhbAD3vtYK0RlpQna+vChvyzj77PlC9Eto7hGrKi
9GE4kfPhQZYuGX58wzOI54IeVxbx8QUAvcbdtYI7D1Kl4uflcg2L8xciILAgsyJ7
Pf656DQnmINdIQbhMrz8mKu60pxG+UI9/m3NsGW//2/bcSdhIHkAEA0IslWUqQ4t
R5e4tFRxlyfWRygi6I4i7V66CloWXL5AuQIDAQABo4IB4zCCAd8wHQYDVR0OBBYE
FKiYsxK4MxU14XAiyucxsz74nJCOMB8GA1UdIwQYMBaAFPyxgF+nriLVZeClAtCN
N+sr2DenMA4GA1UdDwEB/wQEAwIHgDBkBgNVHR8EXTBbMFmgV6BVhlNyc3luYzov
L3Jwa2kuYXBlcm5ldC5pby9yZXBvL0FQRVJORVQvMS9GQ0IxODA1RkE3QUUyMkQ1
NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNybDBtBggrBgEFBQcBAQRhMF8wXQYI
KwYBBQUHMAKGUXJzeW5jOi8vc2FrdXlhLm5hdC5tb2UvcmVwby9OQVRPQ0EvMS9G
Q0IxODA1RkE3QUUyMkQ1NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNlcjB9Bggr
BgEFBQcBCwRxMG8wbQYIKwYBBQUHMAuGYXJzeW5jOi8vcnBraS5hcGVybmV0Lmlv
L3JlcG8vQVBFUk5FVC8xLzMxMzAzMzJlMzEzNTMyMmUzMzM0MmUzMDJmMzIzMzJk
MzIzMzIwM2QzZTIwMzQzNjM5MzkzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWeYIjANBgkqhkiG9w0B
AQsFAAOCAQEADU/SrZ+U1mzP269X3aKKrxRUXiKL8Gb0XvQy14qstu14Wy73dYZL
I3P2an6vUmlEoIVj+fO9cz4CI/bF6ZevClPLA6qnZjBYSp3YvZNRPvS9sBiU6jS/
Dvi92YZISYOlz/x0pBCsfn+fh1eP+KOMd1VzSER/Xqkv83YyAohDK59LxyNmk6zZ
mLZi1dn5ioxBGwWNKHZFcA4fhgQxcKCguOAR7YxLgcS79RH3c8821XN4IdpCcp+T
Y1JzlJoOC7liVQqXWY2o9tarD4Br/5Pa9IjtBLxusBkowX6HzzbhVRSwikQEQcIF
XP9W2lk9v5m4bdtuLMWcJu+WWnNX70BJVg==
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:33:47 2024 by rpki-client on console-fra.rpki-client.org