Route Origin Authorization
$ rpki-client -vvf rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32342d3234203d3e203338303038.roa
File: 3130332e3135322e33342e302f32342d3234203d3e203338303038.roa (raw, json)
Hash identifier: 9GanKW9gn0En+pslc+DKssQUbTHIvGXwUDzW0GDMFxo=
Subject key identifier: 64:90:2A:AE:A4:8A:64:6C:0F:F9:C8:88:CE:D9:11:E1:6D:DE:C0:07
Certificate issuer: /CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Certificate serial: 545F67803C3A0602898D7FC95CB2A06316B55A99
Authority key identifier: FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
Authority info access: rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject info access: rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32342d3234203d3e203338303038.roa
Signing time: Thu 16 May 2024 00:00:00 +0000
ROA not before: Wed 15 May 2024 23:55:00 +0000
ROA not after: Fri 16 May 2025 00:00:00 +0000
asID: 38008
IP address blocks: 103.152.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.mft
rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.crl
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WheWSLPvI2nc5721gUD_fccGCr8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 26 Nov 2024 20:40:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:5f:67:80:3c:3a:06:02:89:8d:7f:c9:5c:b2:a0:63:16:b5:5a:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Validity
Not Before: May 15 23:55:00 2024 GMT
Not After : May 16 00:00:00 2025 GMT
Subject: CN=3082010A0282010100D06E5987ECECFE75856EC5A2A7311F78E356E292B96C9F0BA1C191CB966C15784511EB381C8DEBF60EBA3A17105B34B6379A3A1BFCBAEDECDD02729A60E872D94A816AD246546B6B861251F9F82325AF2B26593218712C1A330D5DB52538C2ACC9AD4A9CE54033463F7F46425DF7D344385D3E4CCEDDD3B4F9A1968CC2216F47CF7380545BB4766142B7A6B30DF5D93FF8BFF70557DD4DDB3B8E300FEE6745B91228E121922F44B3AD3842535B22432A92F66A5F6E0DDA401C4598E5731EC33D5F9D1466D821F8AE430905360ABDE1E96F5705A906F6038173A1D5988BF3C88D448D225E44571292DF795E8D3F04A9925C28C4BA63C4C86EAED317239108F6310203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:6e:59:87:ec:ec:fe:75:85:6e:c5:a2:a7:31:
1f:78:e3:56:e2:92:b9:6c:9f:0b:a1:c1:91:cb:96:
6c:15:78:45:11:eb:38:1c:8d:eb:f6:0e:ba:3a:17:
10:5b:34:b6:37:9a:3a:1b:fc:ba:ed:ec:dd:02:72:
9a:60:e8:72:d9:4a:81:6a:d2:46:54:6b:6b:86:12:
51:f9:f8:23:25:af:2b:26:59:32:18:71:2c:1a:33:
0d:5d:b5:25:38:c2:ac:c9:ad:4a:9c:e5:40:33:46:
3f:7f:46:42:5d:f7:d3:44:38:5d:3e:4c:ce:dd:d3:
b4:f9:a1:96:8c:c2:21:6f:47:cf:73:80:54:5b:b4:
76:61:42:b7:a6:b3:0d:f5:d9:3f:f8:bf:f7:05:57:
dd:4d:db:3b:8e:30:0f:ee:67:45:b9:12:28:e1:21:
92:2f:44:b3:ad:38:42:53:5b:22:43:2a:92:f6:6a:
5f:6e:0d:da:40:1c:45:98:e5:73:1e:c3:3d:5f:9d:
14:66:d8:21:f8:ae:43:09:05:36:0a:bd:e1:e9:6f:
57:05:a9:06:f6:03:81:73:a1:d5:98:8b:f3:c8:8d:
44:8d:22:5e:44:57:12:92:df:79:5e:8d:3f:04:a9:
92:5c:28:c4:ba:63:c4:c8:6e:ae:d3:17:23:91:08:
f6:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:90:2A:AE:A4:8A:64:6C:0F:F9:C8:88:CE:D9:11:E1:6D:DE:C0:07
X509v3 Authority Key Identifier:
keyid:FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
Authority Information Access:
CA Issuers - URI:rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32342d3234203d3e203338303038.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.152.34.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:e9:14:9b:01:b8:44:a8:4b:82:4b:38:a6:45:b7:a3:76:66:
69:76:63:a2:67:d9:96:1f:47:f0:ca:1c:80:89:30:a6:9b:56:
20:6a:66:0a:a2:54:a4:ca:31:5a:ee:d1:01:9f:2b:57:90:8f:
e3:36:a1:cc:61:13:a0:c9:0c:fa:d4:36:13:db:d3:6c:d7:e0:
6f:33:03:ff:48:04:98:49:f4:11:e0:ef:99:29:76:e4:a7:d5:
8e:d0:3b:0f:a7:c0:ca:b5:22:f1:cb:56:cc:a4:ca:68:c0:be:
f4:46:83:80:cd:69:ed:87:5a:be:d6:01:90:9b:fe:38:51:06:
8c:99:95:9c:c4:d8:30:52:a8:39:93:13:ac:1b:57:82:35:5f:
06:10:da:00:e0:18:50:a4:30:66:b5:8d:df:9d:46:4e:9c:43:
16:7c:fc:5a:de:3e:d9:19:b3:ac:ef:28:b3:c7:00:2d:f1:a8:
e1:af:5d:83:b8:57:a9:cc:25:f8:58:e3:b3:ee:f5:a2:15:49:
d8:14:1b:52:8d:78:78:f2:41:46:e7:ff:57:f6:c8:a5:56:4b:
05:c1:80:d8:03:9f:7c:fe:17:79:ba:23:89:89:85:70:c1:c7:
21:be:cf:3b:5a:e7:6b:c2:96:89:10:55:6f:1a:b8:05:36:9e:
0a:f2:03:3e
-----BEGIN CERTIFICATE-----
MIIG1TCCBb2gAwIBAgIUVF9ngDw6BgKJjX/JXLKgYxa1WpkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkNCMTgwNUZBN0FFMjJENTY1RTBBNTAyRDA4RDM3RUIy
QkQ4MzdBNzAeFw0yNDA1MTUyMzU1MDBaFw0yNTA1MTYwMDAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRDA2RTU5ODdFQ0VDRkU3NTg1
NkVDNUEyQTczMTFGNzhFMzU2RTI5MkI5NkM5RjBCQTFDMTkxQ0I5NjZDMTU3ODQ1
MTFFQjM4MUM4REVCRjYwRUJBM0ExNzEwNUIzNEI2Mzc5QTNBMUJGQ0JBRURFQ0RE
MDI3MjlBNjBFODcyRDk0QTgxNkFEMjQ2NTQ2QjZCODYxMjUxRjlGODIzMjVBRjJC
MjY1OTMyMTg3MTJDMUEzMzBENURCNTI1MzhDMkFDQzlBRDRBOUNFNTQwMzM0NjNG
N0Y0NjQyNURGN0QzNDQzODVEM0U0Q0NFREREM0I0RjlBMTk2OENDMjIxNkY0N0NG
NzM4MDU0NUJCNDc2NjE0MkI3QTZCMzBERjVEOTNGRjhCRkY3MDU1N0RENEREQjNC
OEUzMDBGRUU2NzQ1QjkxMjI4RTEyMTkyMkY0NEIzQUQzODQyNTM1QjIyNDMyQTky
RjY2QTVGNkUwRERBNDAxQzQ1OThFNTczMUVDMzNENUY5RDE0NjZEODIxRjhBRTQz
MDkwNTM2MEFCREUxRTk2RjU3MDVBOTA2RjYwMzgxNzNBMUQ1OTg4QkYzQzg4RDQ0
OEQyMjVFNDQ1NzEyOTJERjc5NUU4RDNGMDRBOTkyNUMyOEM0QkE2M0M0Qzg2RUFF
RDMxNzIzOTEwOEY2MzEwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA0G5Zh+zs/nWFbsWipzEfeONW4pK5bJ8LocGRy5ZsFXhFEes4HI3r
9g66OhcQWzS2N5o6G/y67ezdAnKaYOhy2UqBatJGVGtrhhJR+fgjJa8rJlkyGHEs
GjMNXbUlOMKsya1KnOVAM0Y/f0ZCXffTRDhdPkzO3dO0+aGWjMIhb0fPc4BUW7R2
YUK3prMN9dk/+L/3BVfdTds7jjAP7mdFuRIo4SGSL0SzrThCU1siQyqS9mpfbg3a
QBxFmOVzHsM9X50UZtgh+K5DCQU2Cr3h6W9XBakG9gOBc6HVmIvzyI1EjSJeRFcS
kt95Xo0/BKmSXCjEumPEyG6u0xcjkQj2MQIDAQABo4IB4zCCAd8wHQYDVR0OBBYE
FGSQKq6kimRsD/nIiM7ZEeFt3sAHMB8GA1UdIwQYMBaAFPyxgF+nriLVZeClAtCN
N+sr2DenMA4GA1UdDwEB/wQEAwIHgDBkBgNVHR8EXTBbMFmgV6BVhlNyc3luYzov
L3Jwa2kuYXBlcm5ldC5pby9yZXBvL0FQRVJORVQvMS9GQ0IxODA1RkE3QUUyMkQ1
NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNybDBtBggrBgEFBQcBAQRhMF8wXQYI
KwYBBQUHMAKGUXJzeW5jOi8vc2FrdXlhLm5hdC5tb2UvcmVwby9OQVRPQ0EvMS9G
Q0IxODA1RkE3QUUyMkQ1NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNlcjB9Bggr
BgEFBQcBCwRxMG8wbQYIKwYBBQUHMAuGYXJzeW5jOi8vcnBraS5hcGVybmV0Lmlv
L3JlcG8vQVBFUk5FVC8xLzMxMzAzMzJlMzEzNTMyMmUzMzM0MmUzMDJmMzIzNDJk
MzIzNDIwM2QzZTIwMzMzODMwMzAzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGeYIjANBgkqhkiG9w0B
AQsFAAOCAQEAnukUmwG4RKhLgks4pkW3o3ZmaXZjomfZlh9H8MocgIkwpptWIGpm
CqJUpMoxWu7RAZ8rV5CP4zahzGEToMkM+tQ2E9vTbNfgbzMD/0gEmEn0EeDvmSl2
5KfVjtA7D6fAyrUi8ctWzKTKaMC+9EaDgM1p7YdavtYBkJv+OFEGjJmVnMTYMFKo
OZMTrBtXgjVfBhDaAOAYUKQwZrWN351GTpxDFnz8Wt4+2RmzrO8os8cALfGo4a9d
g7hXqcwl+Fjjs+71ohVJ2BQbUo14ePJBRuf/V/bIpVZLBcGA2AOffP4XebojiYmF
cMHHIb7PO1rna8KWiRBVbxq4BTaeCvIDPg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 23:56:20 2024 by rpki-client on console-ams.rpki-client.org