Route Origin Authorization
$ rpki-client -vvf rpki.apernet.io/repo/APERNET/1/323430363a343434303a36303a3a2f34342d3434203d3e20333936333033.roa
File: 323430363a343434303a36303a3a2f34342d3434203d3e20333936333033.roa (raw, json)
Hash identifier: dtJg25DLWyz0zFzEmPGZYOuijcAMqxDZS9hH1WUnAvY=
Subject key identifier: 60:6E:9B:D7:EF:CD:1A:55:6B:CE:41:91:86:F7:B1:50:F7:49:7B:4F
Certificate issuer: /CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Certificate serial: 442D9994730B612D95AD25DDB767BD9D37B72D88
Authority key identifier: FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
Authority info access: rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject info access: rsync://rpki.apernet.io/repo/APERNET/1/323430363a343434303a36303a3a2f34342d3434203d3e20333936333033.roa
Signing time: Fri 24 Nov 2023 05:00:00 +0000
ROA not before: Fri 24 Nov 2023 04:55:00 +0000
ROA not after: Sun 24 Nov 2024 05:00:00 +0000
asID: 396303
IP address blocks: 2406:4440:60::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.mft
rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.crl
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WheWSLPvI2nc5721gUD_fccGCr8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 03 May 2024 10:02:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:2d:99:94:73:0b:61:2d:95:ad:25:dd:b7:67:bd:9d:37:b7:2d:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Validity
Not Before: Nov 24 04:55:00 2023 GMT
Not After : Nov 24 05:00:00 2024 GMT
Subject: CN=3082010A0282010100D698EAB2AD8B769166761F1260C6AA1255CB91D41DB739C4DB52BEAAEEE572504C8CCAE70BC39249E41E8B541F7B6F93BB4032C2E29EFE35360199F363E36DA9DF40A79950A65CF203C3DF1867613F66CB6AA5C1D5C65534B9FACCA58ED23FD1155706446F1CF6711D77334432F4247CD103AC04434BA6925FD15070DA12B033B316BBB865ACAB6BED8FE3D6D2E52BC4B8ADB45AA2E0A4508A405BFDEAF768160B7303721E5357FA213D0B7F35AB884B08A927B5FF21081F5567E80D845DF38F7A2374F7519C876DEB80DE42CB8AA269AAA175E1C8128CB091E7DBD3CBC72FD39F2CBA0E1E4E0240491C754D95E3F7EDF47754CF4975C69A3507AC9FB721B4DF0203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:98:ea:b2:ad:8b:76:91:66:76:1f:12:60:c6:
aa:12:55:cb:91:d4:1d:b7:39:c4:db:52:be:aa:ee:
e5:72:50:4c:8c:ca:e7:0b:c3:92:49:e4:1e:8b:54:
1f:7b:6f:93:bb:40:32:c2:e2:9e:fe:35:36:01:99:
f3:63:e3:6d:a9:df:40:a7:99:50:a6:5c:f2:03:c3:
df:18:67:61:3f:66:cb:6a:a5:c1:d5:c6:55:34:b9:
fa:cc:a5:8e:d2:3f:d1:15:57:06:44:6f:1c:f6:71:
1d:77:33:44:32:f4:24:7c:d1:03:ac:04:43:4b:a6:
92:5f:d1:50:70:da:12:b0:33:b3:16:bb:b8:65:ac:
ab:6b:ed:8f:e3:d6:d2:e5:2b:c4:b8:ad:b4:5a:a2:
e0:a4:50:8a:40:5b:fd:ea:f7:68:16:0b:73:03:72:
1e:53:57:fa:21:3d:0b:7f:35:ab:88:4b:08:a9:27:
b5:ff:21:08:1f:55:67:e8:0d:84:5d:f3:8f:7a:23:
74:f7:51:9c:87:6d:eb:80:de:42:cb:8a:a2:69:aa:
a1:75:e1:c8:12:8c:b0:91:e7:db:d3:cb:c7:2f:d3:
9f:2c:ba:0e:1e:4e:02:40:49:1c:75:4d:95:e3:f7:
ed:f4:77:54:cf:49:75:c6:9a:35:07:ac:9f:b7:21:
b4:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:6E:9B:D7:EF:CD:1A:55:6B:CE:41:91:86:F7:B1:50:F7:49:7B:4F
X509v3 Authority Key Identifier:
keyid:FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
Authority Information Access:
CA Issuers - URI:rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.apernet.io/repo/APERNET/1/323430363a343434303a36303a3a2f34342d3434203d3e20333936333033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:4440:60::/44
Signature Algorithm: sha256WithRSAEncryption
20:40:53:2b:76:02:56:08:2c:24:84:11:02:4d:35:f7:87:77:
cb:f1:c6:d5:3e:2b:da:ca:41:9c:01:d8:5b:da:cd:16:fa:51:
15:a5:bc:da:9e:cc:3d:94:4a:b9:e1:4a:ee:68:64:9d:63:50:
b9:7d:35:91:33:c7:3d:96:ed:2e:b3:33:b8:0b:d8:a0:9d:f9:
e9:46:49:63:ed:42:5a:bc:7d:10:d4:b8:b3:65:16:e4:f6:da:
ed:eb:9a:71:f1:03:51:57:76:13:88:23:cc:f3:c1:36:19:de:
41:17:37:12:c7:d0:e0:30:ba:92:3f:55:ac:f4:81:ca:d0:1d:
16:ac:72:a7:e3:29:dc:ab:86:b4:5d:6d:a2:c9:68:a9:22:fe:
43:9f:fc:e3:5c:ce:6d:7a:a8:35:95:7d:ee:9f:a2:91:62:89:
38:a6:5b:ab:12:e8:dd:2b:13:50:bb:22:9a:a0:eb:d5:92:47:
09:3e:e8:d5:57:93:f6:db:f7:de:80:9b:8a:a4:21:25:a6:4f:
15:a2:8f:41:4d:29:ef:32:b6:9b:b3:a6:a6:c3:4f:a8:ce:27:
ac:6a:55:62:50:45:b1:84:0d:7b:f6:15:6e:60:a4:91:bc:8c:
97:97:1e:35:38:d6:ce:96:a5:9c:98:e7:bc:d3:77:5a:94:98:
4a:0a:3a:e5
-----BEGIN CERTIFICATE-----
MIIG3zCCBcegAwIBAgIURC2ZlHMLYS2VrSXdt2e9nTe3LYgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkNCMTgwNUZBN0FFMjJENTY1RTBBNTAyRDA4RDM3RUIy
QkQ4MzdBNzAeFw0yMzExMjQwNDU1MDBaFw0yNDExMjQwNTAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRDY5OEVBQjJBRDhCNzY5MTY2
NzYxRjEyNjBDNkFBMTI1NUNCOTFENDFEQjczOUM0REI1MkJFQUFFRUU1NzI1MDRD
OENDQUU3MEJDMzkyNDlFNDFFOEI1NDFGN0I2RjkzQkI0MDMyQzJFMjlFRkUzNTM2
MDE5OUYzNjNFMzZEQTlERjQwQTc5OTUwQTY1Q0YyMDNDM0RGMTg2NzYxM0Y2NkNC
NkFBNUMxRDVDNjU1MzRCOUZBQ0NBNThFRDIzRkQxMTU1NzA2NDQ2RjFDRjY3MTFE
NzczMzQ0MzJGNDI0N0NEMTAzQUMwNDQzNEJBNjkyNUZEMTUwNzBEQTEyQjAzM0Iz
MTZCQkI4NjVBQ0FCNkJFRDhGRTNENkQyRTUyQkM0QjhBREI0NUFBMkUwQTQ1MDhB
NDA1QkZERUFGNzY4MTYwQjczMDM3MjFFNTM1N0ZBMjEzRDBCN0YzNUFCODg0QjA4
QTkyN0I1RkYyMTA4MUY1NTY3RTgwRDg0NURGMzhGN0EyMzc0Rjc1MTlDODc2REVC
ODBERTQyQ0I4QUEyNjlBQUExNzVFMUM4MTI4Q0IwOTFFN0RCRDNDQkM3MkZEMzlG
MkNCQTBFMUU0RTAyNDA0OTFDNzU0RDk1RTNGN0VERjQ3NzU0Q0Y0OTc1QzY5QTM1
MDdBQzlGQjcyMUI0REYwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA1pjqsq2LdpFmdh8SYMaqElXLkdQdtznE21K+qu7lclBMjMrnC8OS
SeQei1Qfe2+Tu0AywuKe/jU2AZnzY+Ntqd9Ap5lQplzyA8PfGGdhP2bLaqXB1cZV
NLn6zKWO0j/RFVcGRG8c9nEddzNEMvQkfNEDrARDS6aSX9FQcNoSsDOzFru4Zayr
a+2P49bS5SvEuK20WqLgpFCKQFv96vdoFgtzA3IeU1f6IT0LfzWriEsIqSe1/yEI
H1Vn6A2EXfOPeiN091Gch23rgN5Cy4qiaaqhdeHIEoywkefb08vHL9OfLLoOHk4C
QEkcdU2V4/ft9HdUz0l1xpo1B6yftyG03wIDAQABo4IB7TCCAekwHQYDVR0OBBYE
FGBum9fvzRpVa85BkYb3sVD3SXtPMB8GA1UdIwQYMBaAFPyxgF+nriLVZeClAtCN
N+sr2DenMA4GA1UdDwEB/wQEAwIHgDBkBgNVHR8EXTBbMFmgV6BVhlNyc3luYzov
L3Jwa2kuYXBlcm5ldC5pby9yZXBvL0FQRVJORVQvMS9GQ0IxODA1RkE3QUUyMkQ1
NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNybDBtBggrBgEFBQcBAQRhMF8wXQYI
KwYBBQUHMAKGUXJzeW5jOi8vc2FrdXlhLm5hdC5tb2UvcmVwby9OQVRPQ0EvMS9G
Q0IxODA1RkE3QUUyMkQ1NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNlcjCBgwYI
KwYBBQUHAQsEdzB1MHMGCCsGAQUFBzALhmdyc3luYzovL3Jwa2kuYXBlcm5ldC5p
by9yZXBvL0FQRVJORVQvMS8zMjM0MzAzNjNhMzQzNDM0MzAzYTM2MzAzYTNhMmYz
NDM0MmQzNDM0MjAzZDNlMjAzMzM5MzYzMzMwMzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQkBkRAAGAw
DQYJKoZIhvcNAQELBQADggEBACBAUyt2AlYILCSEEQJNNfeHd8vxxtU+K9rKQZwB
2FvazRb6URWlvNqezD2USrnhSu5oZJ1jULl9NZEzxz2W7S6zM7gL2KCd+elGSWPt
Qlq8fRDUuLNlFuT22u3rmnHxA1FXdhOII8zzwTYZ3kEXNxLH0OAwupI/Vaz0gcrQ
HRascqfjKdyrhrRdbaLJaKki/kOf/ONczm16qDWVfe6fopFiiTimW6sS6N0rE1C7
Ipqg69WSRwk+6NVXk/bb996Am4qkISWmTxWij0FNKe8ytpuzpqbDT6jOJ6xqVWJQ
RbGEDXv2FW5gpJG8jJeXHjU41s6WpZyY57zTd1qUmEoKOuU=
-----END CERTIFICATE-----
Generated at Thu May 2 12:23:49 2024 by rpki-client on console-ams.rpki-client.org