Route Origin Authorization
$ rpki-client -vvf rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32342d3234203d3e203338303038.roa
File: 3130332e3135322e33342e302f32342d3234203d3e203338303038.roa (raw, json)
Hash identifier: 2y5RrEm7AmncXQavryz34HGOq3g39MIR1G4EV+1W3mM=
Subject key identifier: DC:4D:19:C5:93:65:E3:F3:2F:54:88:69:BC:E0:F5:61:D2:21:8A:45
Certificate issuer: /CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Certificate serial: 0D4856E5DA43FFBB284E9F2824408A6DF94D6A35
Authority key identifier: FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
Authority info access: rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject info access: rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32342d3234203d3e203338303038.roa
Signing time: Tue 13 Jun 2023 00:00:00 +0000
ROA not before: Mon 12 Jun 2023 23:55:00 +0000
ROA not after: Thu 13 Jun 2024 00:00:00 +0000
asID: 38008
IP address blocks: 103.152.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.mft
rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.crl
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WheWSLPvI2nc5721gUD_fccGCr8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 20 Apr 2024 17:44:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:48:56:e5:da:43:ff:bb:28:4e:9f:28:24:40:8a:6d:f9:4d:6a:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Validity
Not Before: Jun 12 23:55:00 2023 GMT
Not After : Jun 13 00:00:00 2024 GMT
Subject: CN=3082010A0282010100C25AB1E1B3A3DC56561B61B6AB8DFFF31E3B4D86FB3375F56AEE80B950EB0765B075C8123AFEC36D509B265E260AD72743403245B6820228B827A6C879EC4108CC2223BCE9C172B23F2B952704F96D9894CC279747F9379246A41E4F4B8B7B8BFC74FCE9D7E039ED9E8C1C0D30D46EBCEB4EE02D99A22D4DFDA55A23693A7E0522B2FC75155A58152FB7AF4F3D66FF828B73DDB8E87086FD46B3B80F11F1BDDE1ACFC720A880EB301AFEF3C7DFBF670181AAE09B93922435652E27CFA51D3C085C265A8E0457FFD3212AE40375CE8A91061CEC37F6BCFFC580C310685B7EA213158E02B4EEB32D721AC04F2F3C7F81C9B5B594BEF5EB54C046475E8E2506D6AD0203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:5a:b1:e1:b3:a3:dc:56:56:1b:61:b6:ab:8d:
ff:f3:1e:3b:4d:86:fb:33:75:f5:6a:ee:80:b9:50:
eb:07:65:b0:75:c8:12:3a:fe:c3:6d:50:9b:26:5e:
26:0a:d7:27:43:40:32:45:b6:82:02:28:b8:27:a6:
c8:79:ec:41:08:cc:22:23:bc:e9:c1:72:b2:3f:2b:
95:27:04:f9:6d:98:94:cc:27:97:47:f9:37:92:46:
a4:1e:4f:4b:8b:7b:8b:fc:74:fc:e9:d7:e0:39:ed:
9e:8c:1c:0d:30:d4:6e:bc:eb:4e:e0:2d:99:a2:2d:
4d:fd:a5:5a:23:69:3a:7e:05:22:b2:fc:75:15:5a:
58:15:2f:b7:af:4f:3d:66:ff:82:8b:73:dd:b8:e8:
70:86:fd:46:b3:b8:0f:11:f1:bd:de:1a:cf:c7:20:
a8:80:eb:30:1a:fe:f3:c7:df:bf:67:01:81:aa:e0:
9b:93:92:24:35:65:2e:27:cf:a5:1d:3c:08:5c:26:
5a:8e:04:57:ff:d3:21:2a:e4:03:75:ce:8a:91:06:
1c:ec:37:f6:bc:ff:c5:80:c3:10:68:5b:7e:a2:13:
15:8e:02:b4:ee:b3:2d:72:1a:c0:4f:2f:3c:7f:81:
c9:b5:b5:94:be:f5:eb:54:c0:46:47:5e:8e:25:06:
d6:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:4D:19:C5:93:65:E3:F3:2F:54:88:69:BC:E0:F5:61:D2:21:8A:45
X509v3 Authority Key Identifier:
keyid:FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
Authority Information Access:
CA Issuers - URI:rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32342d3234203d3e203338303038.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.152.34.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:17:df:89:c6:40:6e:48:e3:d1:d3:c4:b3:92:95:d8:ce:07:
8b:04:9c:43:26:37:6f:28:d9:f1:df:5c:cd:37:40:57:a5:8d:
a7:24:82:22:50:c1:71:51:bd:39:45:36:c5:22:c4:f1:c6:43:
63:b8:92:f5:df:c5:9d:9e:0c:5f:03:74:60:f5:f4:94:f5:d0:
27:9a:da:6a:64:e4:85:04:ff:ad:a5:f0:d1:b2:73:97:a1:9a:
d0:11:f1:10:c1:6a:17:30:3e:67:45:2a:a3:90:7b:76:e0:77:
b6:78:41:c7:0e:6c:85:a3:d8:ca:14:e6:48:33:bf:22:40:7f:
2e:65:5c:d2:4e:f3:97:e8:d8:f4:12:9e:ed:e3:b0:29:cd:aa:
f1:ef:03:90:a4:18:64:94:8b:6e:74:9d:a5:02:e4:81:19:36:
40:38:e1:9c:43:e7:36:6b:fd:c9:ce:74:4f:b6:72:73:3b:db:
de:9b:d0:be:a8:dc:69:8e:6e:2c:0a:3f:db:2b:e7:f1:48:f0:
af:46:52:67:fa:ba:89:69:93:d7:9c:d3:a7:79:5f:f5:f8:2c:
ac:32:8c:dd:9e:3e:62:29:58:dd:04:0f:74:cb:64:b6:b2:c6:
2c:cc:f1:62:bf:ae:7f:af:52:90:ac:a4:ee:f6:32:e8:c7:51:
55:65:ff:fc
-----BEGIN CERTIFICATE-----
MIIG1TCCBb2gAwIBAgIUDUhW5dpD/7soTp8oJECKbflNajUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkNCMTgwNUZBN0FFMjJENTY1RTBBNTAyRDA4RDM3RUIy
QkQ4MzdBNzAeFw0yMzA2MTIyMzU1MDBaFw0yNDA2MTMwMDAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQzI1QUIxRTFCM0EzREM1NjU2
MUI2MUI2QUI4REZGRjMxRTNCNEQ4NkZCMzM3NUY1NkFFRTgwQjk1MEVCMDc2NUIw
NzVDODEyM0FGRUMzNkQ1MDlCMjY1RTI2MEFENzI3NDM0MDMyNDVCNjgyMDIyOEI4
MjdBNkM4NzlFQzQxMDhDQzIyMjNCQ0U5QzE3MkIyM0YyQjk1MjcwNEY5NkQ5ODk0
Q0MyNzk3NDdGOTM3OTI0NkE0MUU0RjRCOEI3QjhCRkM3NEZDRTlEN0UwMzlFRDlF
OEMxQzBEMzBENDZFQkNFQjRFRTAyRDk5QTIyRDRERkRBNTVBMjM2OTNBN0UwNTIy
QjJGQzc1MTU1QTU4MTUyRkI3QUY0RjNENjZGRjgyOEI3M0REQjhFODcwODZGRDQ2
QjNCODBGMTFGMUJEREUxQUNGQzcyMEE4ODBFQjMwMUFGRUYzQzdERkJGNjcwMTgx
QUFFMDlCOTM5MjI0MzU2NTJFMjdDRkE1MUQzQzA4NUMyNjVBOEUwNDU3RkZEMzIx
MkFFNDAzNzVDRThBOTEwNjFDRUMzN0Y2QkNGRkM1ODBDMzEwNjg1QjdFQTIxMzE1
OEUwMkI0RUVCMzJENzIxQUMwNEYyRjNDN0Y4MUM5QjVCNTk0QkVGNUVCNTRDMDQ2
NDc1RThFMjUwNkQ2QUQwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAwlqx4bOj3FZWG2G2q43/8x47TYb7M3X1au6AuVDrB2WwdcgSOv7D
bVCbJl4mCtcnQ0AyRbaCAii4J6bIeexBCMwiI7zpwXKyPyuVJwT5bZiUzCeXR/k3
kkakHk9Li3uL/HT86dfgOe2ejBwNMNRuvOtO4C2Zoi1N/aVaI2k6fgUisvx1FVpY
FS+3r089Zv+Ci3PduOhwhv1Gs7gPEfG93hrPxyCogOswGv7zx9+/ZwGBquCbk5Ik
NWUuJ8+lHTwIXCZajgRX/9MhKuQDdc6KkQYc7Df2vP/FgMMQaFt+ohMVjgK07rMt
chrATy88f4HJtbWUvvXrVMBGR16OJQbWrQIDAQABo4IB4zCCAd8wHQYDVR0OBBYE
FNxNGcWTZePzL1SIabzg9WHSIYpFMB8GA1UdIwQYMBaAFPyxgF+nriLVZeClAtCN
N+sr2DenMA4GA1UdDwEB/wQEAwIHgDBkBgNVHR8EXTBbMFmgV6BVhlNyc3luYzov
L3Jwa2kuYXBlcm5ldC5pby9yZXBvL0FQRVJORVQvMS9GQ0IxODA1RkE3QUUyMkQ1
NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNybDBtBggrBgEFBQcBAQRhMF8wXQYI
KwYBBQUHMAKGUXJzeW5jOi8vc2FrdXlhLm5hdC5tb2UvcmVwby9OQVRPQ0EvMS9G
Q0IxODA1RkE3QUUyMkQ1NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNlcjB9Bggr
BgEFBQcBCwRxMG8wbQYIKwYBBQUHMAuGYXJzeW5jOi8vcnBraS5hcGVybmV0Lmlv
L3JlcG8vQVBFUk5FVC8xLzMxMzAzMzJlMzEzNTMyMmUzMzM0MmUzMDJmMzIzNDJk
MzIzNDIwM2QzZTIwMzMzODMwMzAzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGeYIjANBgkqhkiG9w0B
AQsFAAOCAQEAwxfficZAbkjj0dPEs5KV2M4HiwScQyY3byjZ8d9czTdAV6WNpySC
IlDBcVG9OUU2xSLE8cZDY7iS9d/FnZ4MXwN0YPX0lPXQJ5raamTkhQT/raXw0bJz
l6Ga0BHxEMFqFzA+Z0Uqo5B7duB3tnhBxw5shaPYyhTmSDO/IkB/LmVc0k7zl+jY
9BKe7eOwKc2q8e8DkKQYZJSLbnSdpQLkgRk2QDjhnEPnNmv9yc50T7Zyczvb3pvQ
vqjcaY5uLAo/2yvn8Ujwr0ZSZ/q6iWmT15zTp3lf9fgsrDKM3Z4+YilY3QQPdMtk
trLGLMzxYr+uf69SkKyk7vYy6MdRVWX//A==
-----END CERTIFICATE-----
Generated at Fri Apr 19 22:16:21 2024 by rpki-client on console-fra.rpki-client.org