Route Origin Authorization
$ rpki-client -vvf rpki.apernet.io/repo/APERNET/1/323430363a343434303a3a2f34342d3438203d3e203136353039.roa
File: 323430363a343434303a3a2f34342d3438203d3e203136353039.roa (raw, json)
Hash identifier: lQy3knNW2EhGHIy8oK5UYeMbNiPGa0t8op4cMQ9UJsM=
Subject key identifier: FF:23:8C:27:50:30:84:5B:25:20:5B:61:DD:D6:94:82:A7:18:01:B0
Certificate issuer: /CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Certificate serial: 73D6C42F474C1441A29418D10E21D8B4E43E320A
Authority key identifier: FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
Authority info access: rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject info access: rsync://rpki.apernet.io/repo/APERNET/1/323430363a343434303a3a2f34342d3438203d3e203136353039.roa
Signing time: Wed 26 Feb 2025 08:00:00 +0000
ROA not before: Wed 26 Feb 2025 07:55:00 +0000
ROA not after: Thu 26 Feb 2026 08:00:00 +0000
asID: 16509
IP address blocks: 2406:4440::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.mft
rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.crl
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WheWSLPvI2nc5721gUD_fccGCr8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 06 Apr 2025 05:00:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:d6:c4:2f:47:4c:14:41:a2:94:18:d1:0e:21:d8:b4:e4:3e:32:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Validity
Not Before: Feb 26 07:55:00 2025 GMT
Not After : Feb 26 08:00:00 2026 GMT
Subject: CN=3082010A0282010100D77081EB228C473F0F358B04FE7259938AD3A14F6CA78A1B7E665F2AF36A08097466C732F3312972BDE58C8146CCA93C40B069F9BD27C697B9833647AB4DBF77ECB9906238ACD23D3F3B82F702FD16F048FF9E1587AFA566FA7EF5C039FB87DBED5165D6CC354E6C4A3A31ED2798855A590EF7368D9FEF094DD7987F0AAC7A6ED7C87F80B9E0F02C7647F46490A581B55CBB8C8424535DF11CB1A7709F983D825702655E495A117C8669760C1AC42A1795714A635F6C0BB06995A5E7D46EEBA1F29BD431A3CF1EC69703C6F0A1C03E2722B87A860A194B0B9592B558F946CC2DA559D3D4AD6BACA2D8CB7A8AB9B294235E13248EC83560F92CC59A4D7BE79C4F0203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:70:81:eb:22:8c:47:3f:0f:35:8b:04:fe:72:
59:93:8a:d3:a1:4f:6c:a7:8a:1b:7e:66:5f:2a:f3:
6a:08:09:74:66:c7:32:f3:31:29:72:bd:e5:8c:81:
46:cc:a9:3c:40:b0:69:f9:bd:27:c6:97:b9:83:36:
47:ab:4d:bf:77:ec:b9:90:62:38:ac:d2:3d:3f:3b:
82:f7:02:fd:16:f0:48:ff:9e:15:87:af:a5:66:fa:
7e:f5:c0:39:fb:87:db:ed:51:65:d6:cc:35:4e:6c:
4a:3a:31:ed:27:98:85:5a:59:0e:f7:36:8d:9f:ef:
09:4d:d7:98:7f:0a:ac:7a:6e:d7:c8:7f:80:b9:e0:
f0:2c:76:47:f4:64:90:a5:81:b5:5c:bb:8c:84:24:
53:5d:f1:1c:b1:a7:70:9f:98:3d:82:57:02:65:5e:
49:5a:11:7c:86:69:76:0c:1a:c4:2a:17:95:71:4a:
63:5f:6c:0b:b0:69:95:a5:e7:d4:6e:eb:a1:f2:9b:
d4:31:a3:cf:1e:c6:97:03:c6:f0:a1:c0:3e:27:22:
b8:7a:86:0a:19:4b:0b:95:92:b5:58:f9:46:cc:2d:
a5:59:d3:d4:ad:6b:ac:a2:d8:cb:7a:8a:b9:b2:94:
23:5e:13:24:8e:c8:35:60:f9:2c:c5:9a:4d:7b:e7:
9c:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:23:8C:27:50:30:84:5B:25:20:5B:61:DD:D6:94:82:A7:18:01:B0
X509v3 Authority Key Identifier:
keyid:FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
Authority Information Access:
CA Issuers - URI:rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.apernet.io/repo/APERNET/1/323430363a343434303a3a2f34342d3438203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:4440::/44
Signature Algorithm: sha256WithRSAEncryption
cb:9a:a3:52:75:d6:ee:f2:ec:66:be:13:55:ef:c7:9f:38:88:
ee:24:a5:d8:74:5a:79:72:c5:99:c1:e3:ea:26:ca:47:f1:d5:
39:b4:df:f8:5b:b3:7f:7d:15:de:c2:68:91:a4:6c:43:f5:57:
d3:37:02:50:ce:c8:2c:32:65:82:ce:b9:cc:e7:41:7e:af:33:
dc:b2:2d:7d:7b:5d:b8:e3:85:43:c7:56:65:d6:cc:b3:e6:5b:
84:d8:94:36:99:88:41:b6:f4:e9:09:24:f7:43:6e:39:43:a6:
19:a2:00:6b:7c:36:fc:07:43:ba:09:38:0b:f8:70:87:99:52:
b2:1c:24:19:a6:1f:60:89:4b:26:ee:b3:a2:22:17:ed:2c:be:
27:b6:ca:bb:a3:96:1a:29:87:5d:b2:ef:0b:6a:6a:e8:cd:07:
97:08:28:d1:f6:73:d6:d0:c1:d3:99:b1:a0:38:b5:fb:45:d4:
bf:2b:79:13:57:58:9d:04:b1:1f:3e:c2:e2:58:4d:70:ac:69:
56:05:c1:19:a2:fd:14:c2:8f:38:01:2b:25:5b:fa:bf:6a:90:
1a:b2:ca:f9:db:e9:eb:2e:dc:66:4b:36:34:85:20:e1:85:f0:
e7:f9:76:a5:eb:8a:a2:cc:50:9a:b0:b0:da:45:d1:15:b5:9a:
b0:5a:bb:19
-----BEGIN CERTIFICATE-----
MIIG1jCCBb6gAwIBAgIUc9bEL0dMFEGilBjRDiHYtOQ+MgowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkNCMTgwNUZBN0FFMjJENTY1RTBBNTAyRDA4RDM3RUIy
QkQ4MzdBNzAeFw0yNTAyMjYwNzU1MDBaFw0yNjAyMjYwODAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRDc3MDgxRUIyMjhDNDczRjBG
MzU4QjA0RkU3MjU5OTM4QUQzQTE0RjZDQTc4QTFCN0U2NjVGMkFGMzZBMDgwOTc0
NjZDNzMyRjMzMTI5NzJCREU1OEM4MTQ2Q0NBOTNDNDBCMDY5RjlCRDI3QzY5N0I5
ODMzNjQ3QUI0REJGNzdFQ0I5OTA2MjM4QUNEMjNEM0YzQjgyRjcwMkZEMTZGMDQ4
RkY5RTE1ODdBRkE1NjZGQTdFRjVDMDM5RkI4N0RCRUQ1MTY1RDZDQzM1NEU2QzRB
M0EzMUVEMjc5ODg1NUE1OTBFRjczNjhEOUZFRjA5NERENzk4N0YwQUFDN0E2RUQ3
Qzg3RjgwQjlFMEYwMkM3NjQ3RjQ2NDkwQTU4MUI1NUNCQjhDODQyNDUzNURGMTFD
QjFBNzcwOUY5ODNEODI1NzAyNjU1RTQ5NUExMTdDODY2OTc2MEMxQUM0MkExNzk1
NzE0QTYzNUY2QzBCQjA2OTk1QTVFN0Q0NkVFQkExRjI5QkQ0MzFBM0NGMUVDNjk3
MDNDNkYwQTFDMDNFMjcyMkI4N0E4NjBBMTk0QjBCOTU5MkI1NThGOTQ2Q0MyREE1
NTlEM0Q0QUQ2QkFDQTJEOENCN0E4QUI5QjI5NDIzNUUxMzI0OEVDODM1NjBGOTJD
QzU5QTREN0JFNzlDNEYwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA13CB6yKMRz8PNYsE/nJZk4rToU9sp4obfmZfKvNqCAl0Zscy8zEp
cr3ljIFGzKk8QLBp+b0nxpe5gzZHq02/d+y5kGI4rNI9PzuC9wL9FvBI/54Vh6+l
Zvp+9cA5+4fb7VFl1sw1TmxKOjHtJ5iFWlkO9zaNn+8JTdeYfwqsem7XyH+AueDw
LHZH9GSQpYG1XLuMhCRTXfEcsadwn5g9glcCZV5JWhF8hml2DBrEKheVcUpjX2wL
sGmVpefUbuuh8pvUMaPPHsaXA8bwocA+JyK4eoYKGUsLlZK1WPlGzC2lWdPUrWus
otjLeoq5spQjXhMkjsg1YPksxZpNe+ecTwIDAQABo4IB5DCCAeAwHQYDVR0OBBYE
FP8jjCdQMIRbJSBbYd3WlIKnGAGwMB8GA1UdIwQYMBaAFPyxgF+nriLVZeClAtCN
N+sr2DenMA4GA1UdDwEB/wQEAwIHgDBkBgNVHR8EXTBbMFmgV6BVhlNyc3luYzov
L3Jwa2kuYXBlcm5ldC5pby9yZXBvL0FQRVJORVQvMS9GQ0IxODA1RkE3QUUyMkQ1
NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNybDBtBggrBgEFBQcBAQRhMF8wXQYI
KwYBBQUHMAKGUXJzeW5jOi8vc2FrdXlhLm5hdC5tb2UvcmVwby9OQVRPQ0EvMS9G
Q0IxODA1RkE3QUUyMkQ1NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNlcjB7Bggr
BgEFBQcBCwRvMG0wawYIKwYBBQUHMAuGX3JzeW5jOi8vcnBraS5hcGVybmV0Lmlv
L3JlcG8vQVBFUk5FVC8xLzMyMzQzMDM2M2EzNDM0MzQzMDNhM2EyZjM0MzQyZDM0
MzgyMDNkM2UyMDMxMzYzNTMwMzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQkBkRAAAAwDQYJKoZIhvcN
AQELBQADggEBAMuao1J11u7y7Ga+E1Xvx584iO4kpdh0WnlyxZnB4+omykfx1Tm0
3/hbs399Fd7CaJGkbEP1V9M3AlDOyCwyZYLOucznQX6vM9yyLX17XbjjhUPHVmXW
zLPmW4TYlDaZiEG29OkJJPdDbjlDphmiAGt8NvwHQ7oJOAv4cIeZUrIcJBmmH2CJ
Sybus6IiF+0svie2yrujlhoph12y7wtqaujNB5cIKNH2c9bQwdOZsaA4tftF1L8r
eRNXWJ0EsR8+wuJYTXCsaVYFwRmi/RTCjzgBKyVb+r9qkBqyyvnb6esu3GZLNjSF
IOGF8Of5dqXriqLMUJqwsNpF0RW1mrBauxk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:08:49 2025 by rpki-client