Route Origin Authorization
$ rpki-client -vvf rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32332d3233203d3e203436393937.roa
File: 3130332e3135322e33342e302f32332d3233203d3e203436393937.roa (raw, json)
Hash identifier: PAib4q5gqzf83GH7LrPfkT4IMy/qivltx9b7ElD8vEQ=
Subject key identifier: EE:50:A5:49:B6:A9:19:6E:E1:42:A6:9A:7A:E1:DE:7F:DA:BF:A0:DA
Certificate issuer: /CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Certificate serial: 0724A755F5B36CBEAF0F797511A13916E01B7E1E
Authority key identifier: FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
Authority info access: rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject info access: rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32332d3233203d3e203436393937.roa
Signing time: Mon 14 Oct 2024 09:00:00 +0000
ROA not before: Mon 14 Oct 2024 08:55:00 +0000
ROA not after: Tue 14 Oct 2025 09:00:00 +0000
asID: 46997
IP address blocks: 103.152.34.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.mft
rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.crl
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WheWSLPvI2nc5721gUD_fccGCr8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 22 Nov 2024 20:34:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:24:a7:55:f5:b3:6c:be:af:0f:79:75:11:a1:39:16:e0:1b:7e:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Validity
Not Before: Oct 14 08:55:00 2024 GMT
Not After : Oct 14 09:00:00 2025 GMT
Subject: CN=3082010A0282010100CBC96A375C3357E3AA4F3FBC712D1958D271EB2B991B26035A2FAC698B6EDFF61C5420061FEF4F3CB12B0B300F5F386482BF7288265977970550C0040FDD2EE80367D40614BACA227AE995961C3CFBF7D9A6DE3C7332B400EAA55A22115F2D3644A24DCDD3F41CE4F85520B16993E3F42A4F0672A2BA7095B2116A83A83375DE1495B597FEA01C2E9C3632E5A14DCE6FBFC8FE973EF02E538C72D5BF7A6D3C9AB0839A05E815850D74F67BFD6978A66F3AC011386532DC849C77D15367E2533B6DAA69A0CE1E04013DDD993CB8221FD80E89FF2CB7D0AD67BA505293A6AEA83988E73D40448E07840B76B0B1F9D602749A48569D4600B2676BCF781420BAC6470203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c9:6a:37:5c:33:57:e3:aa:4f:3f:bc:71:2d:
19:58:d2:71:eb:2b:99:1b:26:03:5a:2f:ac:69:8b:
6e:df:f6:1c:54:20:06:1f:ef:4f:3c:b1:2b:0b:30:
0f:5f:38:64:82:bf:72:88:26:59:77:97:05:50:c0:
04:0f:dd:2e:e8:03:67:d4:06:14:ba:ca:22:7a:e9:
95:96:1c:3c:fb:f7:d9:a6:de:3c:73:32:b4:00:ea:
a5:5a:22:11:5f:2d:36:44:a2:4d:cd:d3:f4:1c:e4:
f8:55:20:b1:69:93:e3:f4:2a:4f:06:72:a2:ba:70:
95:b2:11:6a:83:a8:33:75:de:14:95:b5:97:fe:a0:
1c:2e:9c:36:32:e5:a1:4d:ce:6f:bf:c8:fe:97:3e:
f0:2e:53:8c:72:d5:bf:7a:6d:3c:9a:b0:83:9a:05:
e8:15:85:0d:74:f6:7b:fd:69:78:a6:6f:3a:c0:11:
38:65:32:dc:84:9c:77:d1:53:67:e2:53:3b:6d:aa:
69:a0:ce:1e:04:01:3d:dd:99:3c:b8:22:1f:d8:0e:
89:ff:2c:b7:d0:ad:67:ba:50:52:93:a6:ae:a8:39:
88:e7:3d:40:44:8e:07:84:0b:76:b0:b1:f9:d6:02:
74:9a:48:56:9d:46:00:b2:67:6b:cf:78:14:20:ba:
c6:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:50:A5:49:B6:A9:19:6E:E1:42:A6:9A:7A:E1:DE:7F:DA:BF:A0:DA
X509v3 Authority Key Identifier:
keyid:FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
Authority Information Access:
CA Issuers - URI:rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32332d3233203d3e203436393937.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.152.34.0/23
Signature Algorithm: sha256WithRSAEncryption
c9:f6:d2:3e:6d:9c:5d:8e:0e:af:39:67:72:c6:2a:e5:f3:9f:
f9:60:ff:23:5d:cf:73:fe:82:06:04:3a:1a:da:4a:0a:79:d5:
02:13:dc:32:78:3b:90:3b:91:43:c0:8c:fc:58:80:e7:48:16:
10:8d:49:ca:64:fe:5e:bb:60:c2:6b:94:a1:cc:71:58:d6:ca:
09:14:4e:32:60:80:48:82:96:67:54:fa:ca:7b:dc:85:11:8b:
46:37:16:b3:84:7f:cb:a7:59:4f:f5:c3:df:bd:e8:eb:ae:ce:
37:03:60:5a:c6:72:b2:48:75:85:95:c0:2e:8d:4e:a6:57:62:
df:fc:d3:54:ab:91:3b:ed:39:51:74:fb:12:10:e4:03:44:16:
ec:b3:5f:8b:92:fd:1e:00:64:88:ef:05:2b:36:79:13:ae:43:
76:36:43:bb:f0:3a:14:ad:92:3a:8d:87:fe:4a:5e:9b:81:9e:
c7:2d:8c:83:36:0a:21:a8:7d:ea:99:3d:83:73:94:67:6e:08:
ec:7d:0e:15:c2:81:03:b6:b0:86:75:5f:36:b6:3c:6a:b3:1b:
b1:dc:d5:a2:6f:12:9f:8a:fe:12:d5:b2:f4:93:78:b9:ff:c7:
79:25:83:f6:73:8e:b5:71:d0:41:af:0b:92:60:4f:65:44:a7:
f8:e1:45:cd
-----BEGIN CERTIFICATE-----
MIIG1TCCBb2gAwIBAgIUBySnVfWzbL6vD3l1EaE5FuAbfh4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkNCMTgwNUZBN0FFMjJENTY1RTBBNTAyRDA4RDM3RUIy
QkQ4MzdBNzAeFw0yNDEwMTQwODU1MDBaFw0yNTEwMTQwOTAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQ0JDOTZBMzc1QzMzNTdFM0FB
NEYzRkJDNzEyRDE5NThEMjcxRUIyQjk5MUIyNjAzNUEyRkFDNjk4QjZFREZGNjFD
NTQyMDA2MUZFRjRGM0NCMTJCMEIzMDBGNUYzODY0ODJCRjcyODgyNjU5Nzc5NzA1
NTBDMDA0MEZERDJFRTgwMzY3RDQwNjE0QkFDQTIyN0FFOTk1OTYxQzNDRkJGN0Q5
QTZERTNDNzMzMkI0MDBFQUE1NUEyMjExNUYyRDM2NDRBMjREQ0REM0Y0MUNFNEY4
NTUyMEIxNjk5M0UzRjQyQTRGMDY3MkEyQkE3MDk1QjIxMTZBODNBODMzNzVERTE0
OTVCNTk3RkVBMDFDMkU5QzM2MzJFNUExNERDRTZGQkZDOEZFOTczRUYwMkU1MzhD
NzJENUJGN0E2RDNDOUFCMDgzOUEwNUU4MTU4NTBENzRGNjdCRkQ2OTc4QTY2RjNB
QzAxMTM4NjUzMkRDODQ5Qzc3RDE1MzY3RTI1MzNCNkRBQTY5QTBDRTFFMDQwMTNE
REQ5OTNDQjgyMjFGRDgwRTg5RkYyQ0I3RDBBRDY3QkE1MDUyOTNBNkFFQTgzOTg4
RTczRDQwNDQ4RTA3ODQwQjc2QjBCMUY5RDYwMjc0OUE0ODU2OUQ0NjAwQjI2NzZC
Q0Y3ODE0MjBCQUM2NDcwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAy8lqN1wzV+OqTz+8cS0ZWNJx6yuZGyYDWi+saYtu3/YcVCAGH+9P
PLErCzAPXzhkgr9yiCZZd5cFUMAED90u6ANn1AYUusoieumVlhw8+/fZpt48czK0
AOqlWiIRXy02RKJNzdP0HOT4VSCxaZPj9CpPBnKiunCVshFqg6gzdd4UlbWX/qAc
Lpw2MuWhTc5vv8j+lz7wLlOMctW/em08mrCDmgXoFYUNdPZ7/Wl4pm86wBE4ZTLc
hJx30VNn4lM7bappoM4eBAE93Zk8uCIf2A6J/yy30K1nulBSk6auqDmI5z1ARI4H
hAt2sLH51gJ0mkhWnUYAsmdrz3gUILrGRwIDAQABo4IB4zCCAd8wHQYDVR0OBBYE
FO5QpUm2qRlu4UKmmnrh3n/av6DaMB8GA1UdIwQYMBaAFPyxgF+nriLVZeClAtCN
N+sr2DenMA4GA1UdDwEB/wQEAwIHgDBkBgNVHR8EXTBbMFmgV6BVhlNyc3luYzov
L3Jwa2kuYXBlcm5ldC5pby9yZXBvL0FQRVJORVQvMS9GQ0IxODA1RkE3QUUyMkQ1
NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNybDBtBggrBgEFBQcBAQRhMF8wXQYI
KwYBBQUHMAKGUXJzeW5jOi8vc2FrdXlhLm5hdC5tb2UvcmVwby9OQVRPQ0EvMS9G
Q0IxODA1RkE3QUUyMkQ1NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNlcjB9Bggr
BgEFBQcBCwRxMG8wbQYIKwYBBQUHMAuGYXJzeW5jOi8vcnBraS5hcGVybmV0Lmlv
L3JlcG8vQVBFUk5FVC8xLzMxMzAzMzJlMzEzNTMyMmUzMzM0MmUzMDJmMzIzMzJk
MzIzMzIwM2QzZTIwMzQzNjM5MzkzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWeYIjANBgkqhkiG9w0B
AQsFAAOCAQEAyfbSPm2cXY4OrzlncsYq5fOf+WD/I13Pc/6CBgQ6GtpKCnnVAhPc
Mng7kDuRQ8CM/FiA50gWEI1JymT+XrtgwmuUocxxWNbKCRROMmCASIKWZ1T6ynvc
hRGLRjcWs4R/y6dZT/XD373o667ONwNgWsZyskh1hZXALo1Opldi3/zTVKuRO+05
UXT7EhDkA0QW7LNfi5L9HgBkiO8FKzZ5E65DdjZDu/A6FK2SOo2H/kpem4Gexy2M
gzYKIah96pk9g3OUZ24I7H0OFcKBA7awhnVfNrY8arMbsdzVom8Sn4r+EtWy9JN4
uf/HeSWD9nOOtXHQQa8LkmBPZUSn+OFFzQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:31:42 2024 by rpki-client on console-fra.rpki-client.org