Route Origin Authorization
$ rpki-client -vvf rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32332d3233203d3e203338303038.roa
File: 3130332e3135322e33342e302f32332d3233203d3e203338303038.roa (raw, json)
Hash identifier: e+q0bIN8ircxSQJpGQG1uOUqbNIONHabjSAyeFRt6FY=
Subject key identifier: 81:50:62:91:16:9B:38:12:5C:7B:19:5B:0E:81:2F:59:3A:36:54:31
Certificate issuer: /CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Certificate serial: 579E896FB1F4D984AE23B2D52F13C233D82975C7
Authority key identifier: FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
Authority info access: rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject info access: rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32332d3233203d3e203338303038.roa
Signing time: Mon 14 Oct 2024 04:00:00 +0000
ROA not before: Mon 14 Oct 2024 03:55:00 +0000
ROA not after: Tue 14 Oct 2025 04:00:00 +0000
asID: 38008
IP address blocks: 103.152.34.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.mft
rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.crl
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WheWSLPvI2nc5721gUD_fccGCr8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 22 Nov 2024 20:34:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:9e:89:6f:b1:f4:d9:84:ae:23:b2:d5:2f:13:c2:33:d8:29:75:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Validity
Not Before: Oct 14 03:55:00 2024 GMT
Not After : Oct 14 04:00:00 2025 GMT
Subject: CN=3082010A0282010100B174763992AB8EEE2E805ED3983C5B812AA11E51779EE51BCF7FCBA032D91AB6403D46C30B16B443AB31C063177387A40831FDB8B9928B75739E8EF6418C9DAEB507F5C575E37EF49439BFB3201A2BFCB87307B3404888B48FAC6572AC6E7514B96166DE178AC206743E6900774B6CF4129511E4CC60A43BC11F744F6692115E0015A05267782140246C6456025CF380D53B8758299AB1B2FB9BA369F93BAF70127C9DCD7C9B057E0DB3763670FE12020878DF63A41E5289B526CA2CD8D94B272D17F9F23273B9CFA35370372362BAA3533937C7E5D9A3F1ACE9455C8B25420A73294A59BB2BAB221C1891B0F08BC13DB4E884CB7560BF76DE2B5958DFD231430203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:74:76:39:92:ab:8e:ee:2e:80:5e:d3:98:3c:
5b:81:2a:a1:1e:51:77:9e:e5:1b:cf:7f:cb:a0:32:
d9:1a:b6:40:3d:46:c3:0b:16:b4:43:ab:31:c0:63:
17:73:87:a4:08:31:fd:b8:b9:92:8b:75:73:9e:8e:
f6:41:8c:9d:ae:b5:07:f5:c5:75:e3:7e:f4:94:39:
bf:b3:20:1a:2b:fc:b8:73:07:b3:40:48:88:b4:8f:
ac:65:72:ac:6e:75:14:b9:61:66:de:17:8a:c2:06:
74:3e:69:00:77:4b:6c:f4:12:95:11:e4:cc:60:a4:
3b:c1:1f:74:4f:66:92:11:5e:00:15:a0:52:67:78:
21:40:24:6c:64:56:02:5c:f3:80:d5:3b:87:58:29:
9a:b1:b2:fb:9b:a3:69:f9:3b:af:70:12:7c:9d:cd:
7c:9b:05:7e:0d:b3:76:36:70:fe:12:02:08:78:df:
63:a4:1e:52:89:b5:26:ca:2c:d8:d9:4b:27:2d:17:
f9:f2:32:73:b9:cf:a3:53:70:37:23:62:ba:a3:53:
39:37:c7:e5:d9:a3:f1:ac:e9:45:5c:8b:25:42:0a:
73:29:4a:59:bb:2b:ab:22:1c:18:91:b0:f0:8b:c1:
3d:b4:e8:84:cb:75:60:bf:76:de:2b:59:58:df:d2:
31:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:50:62:91:16:9B:38:12:5C:7B:19:5B:0E:81:2F:59:3A:36:54:31
X509v3 Authority Key Identifier:
keyid:FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
Authority Information Access:
CA Issuers - URI:rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32332d3233203d3e203338303038.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.152.34.0/23
Signature Algorithm: sha256WithRSAEncryption
78:9e:c4:c7:a4:b8:87:35:e4:ea:87:fd:c6:6e:b6:61:8c:60:
a8:1f:bf:24:91:81:04:0e:19:69:e9:9e:71:f7:87:cf:6d:c6:
c4:f7:93:ea:29:35:70:0d:50:7f:50:08:5d:a0:4d:17:6f:0e:
3e:e5:1e:7c:6f:1d:65:26:10:45:a7:e2:82:90:cf:87:b3:d5:
b2:96:37:6b:61:43:8b:f7:f8:8f:fc:6e:39:35:d9:8f:b3:73:
f0:e7:af:b9:d9:05:ef:08:86:4b:f9:ce:c8:bd:c5:2b:2d:60:
54:e6:4e:05:b8:5f:bc:75:bb:33:43:05:69:da:d5:4a:c8:60:
f9:5c:c4:c7:34:97:a8:14:e7:8d:bf:f9:96:06:72:8b:c4:0d:
c2:9b:cb:be:27:a3:f5:ec:b1:3c:fd:8a:0d:a7:c8:37:30:7c:
c1:90:39:a7:33:97:df:0d:cf:2f:b4:0e:7f:5b:96:d1:7c:f7:
8b:c7:ce:a5:13:41:b8:4e:f5:c7:7e:11:d4:4a:c4:26:16:13:
43:5a:7d:97:2c:9e:ee:1f:06:07:88:e4:2a:4c:85:e0:69:d8:
a5:0c:6f:e3:30:d3:a4:8f:9e:62:49:22:d2:05:06:ed:6e:63:
da:9a:a2:d8:1b:3c:b4:3d:da:2f:19:da:5e:ad:f7:98:ed:82:
1c:f5:6e:e5
-----BEGIN CERTIFICATE-----
MIIG1TCCBb2gAwIBAgIUV56Jb7H02YSuI7LVLxPCM9gpdccwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkNCMTgwNUZBN0FFMjJENTY1RTBBNTAyRDA4RDM3RUIy
QkQ4MzdBNzAeFw0yNDEwMTQwMzU1MDBaFw0yNTEwMTQwNDAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQjE3NDc2Mzk5MkFCOEVFRTJF
ODA1RUQzOTgzQzVCODEyQUExMUU1MTc3OUVFNTFCQ0Y3RkNCQTAzMkQ5MUFCNjQw
M0Q0NkMzMEIxNkI0NDNBQjMxQzA2MzE3NzM4N0E0MDgzMUZEQjhCOTkyOEI3NTcz
OUU4RUY2NDE4QzlEQUVCNTA3RjVDNTc1RTM3RUY0OTQzOUJGQjMyMDFBMkJGQ0I4
NzMwN0IzNDA0ODg4QjQ4RkFDNjU3MkFDNkU3NTE0Qjk2MTY2REUxNzhBQzIwNjc0
M0U2OTAwNzc0QjZDRjQxMjk1MTFFNENDNjBBNDNCQzExRjc0NEY2NjkyMTE1RTAw
MTVBMDUyNjc3ODIxNDAyNDZDNjQ1NjAyNUNGMzgwRDUzQjg3NTgyOTlBQjFCMkZC
OUJBMzY5RjkzQkFGNzAxMjdDOURDRDdDOUIwNTdFMERCMzc2MzY3MEZFMTIwMjA4
NzhERjYzQTQxRTUyODlCNTI2Q0EyQ0Q4RDk0QjI3MkQxN0Y5RjIzMjczQjlDRkEz
NTM3MDM3MjM2MkJBQTM1MzM5MzdDN0U1RDlBM0YxQUNFOTQ1NUM4QjI1NDIwQTcz
Mjk0QTU5QkIyQkFCMjIxQzE4OTFCMEYwOEJDMTNEQjRFODg0Q0I3NTYwQkY3NkRF
MkI1OTU4REZEMjMxNDMwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAsXR2OZKrju4ugF7TmDxbgSqhHlF3nuUbz3/LoDLZGrZAPUbDCxa0
Q6sxwGMXc4ekCDH9uLmSi3Vzno72QYydrrUH9cV14370lDm/syAaK/y4cwezQEiI
tI+sZXKsbnUUuWFm3heKwgZ0PmkAd0ts9BKVEeTMYKQ7wR90T2aSEV4AFaBSZ3gh
QCRsZFYCXPOA1TuHWCmasbL7m6Np+TuvcBJ8nc18mwV+DbN2NnD+EgIIeN9jpB5S
ibUmyizY2UsnLRf58jJzuc+jU3A3I2K6o1M5N8fl2aPxrOlFXIslQgpzKUpZuyur
IhwYkbDwi8E9tOiEy3Vgv3beK1lY39IxQwIDAQABo4IB4zCCAd8wHQYDVR0OBBYE
FIFQYpEWmzgSXHsZWw6BL1k6NlQxMB8GA1UdIwQYMBaAFPyxgF+nriLVZeClAtCN
N+sr2DenMA4GA1UdDwEB/wQEAwIHgDBkBgNVHR8EXTBbMFmgV6BVhlNyc3luYzov
L3Jwa2kuYXBlcm5ldC5pby9yZXBvL0FQRVJORVQvMS9GQ0IxODA1RkE3QUUyMkQ1
NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNybDBtBggrBgEFBQcBAQRhMF8wXQYI
KwYBBQUHMAKGUXJzeW5jOi8vc2FrdXlhLm5hdC5tb2UvcmVwby9OQVRPQ0EvMS9G
Q0IxODA1RkE3QUUyMkQ1NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNlcjB9Bggr
BgEFBQcBCwRxMG8wbQYIKwYBBQUHMAuGYXJzeW5jOi8vcnBraS5hcGVybmV0Lmlv
L3JlcG8vQVBFUk5FVC8xLzMxMzAzMzJlMzEzNTMyMmUzMzM0MmUzMDJmMzIzMzJk
MzIzMzIwM2QzZTIwMzMzODMwMzAzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWeYIjANBgkqhkiG9w0B
AQsFAAOCAQEAeJ7Ex6S4hzXk6of9xm62YYxgqB+/JJGBBA4ZaemecfeHz23GxPeT
6ik1cA1Qf1AIXaBNF28OPuUefG8dZSYQRafigpDPh7PVspY3a2FDi/f4j/xuOTXZ
j7Nz8OevudkF7wiGS/nOyL3FKy1gVOZOBbhfvHW7M0MFadrVSshg+VzExzSXqBTn
jb/5lgZyi8QNwpvLviej9eyxPP2KDafINzB8wZA5pzOX3w3PL7QOf1uW0Xz3i8fO
pRNBuE71x34R1ErEJhYTQ1p9lyye7h8GB4jkKkyF4GnYpQxv4zDTpI+eYkki0gUG
7W5j2pqi2Bs8tD3aLxnaXq33mO2CHPVu5Q==
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:31:42 2024 by rpki-client on console-fra.rpki-client.org