Route Origin Authorization
$ rpki-client -vvf rpki.apernet.io/repo/APERNET/1/3130332e3135322e33352e302f32342d3234203d3e203338303038.roa
File: 3130332e3135322e33352e302f32342d3234203d3e203338303038.roa (raw, json)
Hash identifier: bKuhSsT08wXLsVY3bSkTN42hvJWfGU1KsSCkFJ4Ojck=
Subject key identifier: E1:B0:E6:1D:46:1D:DF:4A:85:1F:4D:6C:00:A1:48:60:42:97:87:E8
Certificate issuer: /CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Certificate serial: 13D7EEB97B7E451A5F274D9653F4FBAE742B685F
Authority key identifier: FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
Authority info access: rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject info access: rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33352e302f32342d3234203d3e203338303038.roa
Signing time: Thu 16 May 2024 01:00:00 +0000
ROA not before: Thu 16 May 2024 00:55:00 +0000
ROA not after: Fri 16 May 2025 01:00:00 +0000
asID: 38008
IP address blocks: 103.152.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.mft
rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.crl
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WheWSLPvI2nc5721gUD_fccGCr8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 26 Nov 2024 20:40:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:d7:ee:b9:7b:7e:45:1a:5f:27:4d:96:53:f4:fb:ae:74:2b:68:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Validity
Not Before: May 16 00:55:00 2024 GMT
Not After : May 16 01:00:00 2025 GMT
Subject: CN=3082010A0282010100AF6CF5FC92A952272C2A7C5CA92F15F37A5BD2676F3327137E5DD5486361E65A947D8760C7E1367D9FE1ACDF432219203EC0D1C529D3A22E052E09D2ED46EBCA4D52E62D134920D7EC31D16D76088B5F5B00D200F5623E9926CE7B705BAD22F07C409FF0C13CC5147E11DAA7ADECD0549CAB76CB65F05EB27A1B77FFCB149B613991524E40814E511EFF4591E90C0A0F7C944A96F58FE98566BDD6556D9E30547460F4FACC0298EA7D17D3192E6BC31318D8E6EE91AE59D7F273AB8C79709EC2B6AB8789792DCB5376558FE7D0862697B6B8D9879528B9A74F1FECA017A4249E90C029A55530644A29F361912E1C742255FC5F0972B2EC1CBACB97B3A40C102F0203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6c:f5:fc:92:a9:52:27:2c:2a:7c:5c:a9:2f:
15:f3:7a:5b:d2:67:6f:33:27:13:7e:5d:d5:48:63:
61:e6:5a:94:7d:87:60:c7:e1:36:7d:9f:e1:ac:df:
43:22:19:20:3e:c0:d1:c5:29:d3:a2:2e:05:2e:09:
d2:ed:46:eb:ca:4d:52:e6:2d:13:49:20:d7:ec:31:
d1:6d:76:08:8b:5f:5b:00:d2:00:f5:62:3e:99:26:
ce:7b:70:5b:ad:22:f0:7c:40:9f:f0:c1:3c:c5:14:
7e:11:da:a7:ad:ec:d0:54:9c:ab:76:cb:65:f0:5e:
b2:7a:1b:77:ff:cb:14:9b:61:39:91:52:4e:40:81:
4e:51:1e:ff:45:91:e9:0c:0a:0f:7c:94:4a:96:f5:
8f:e9:85:66:bd:d6:55:6d:9e:30:54:74:60:f4:fa:
cc:02:98:ea:7d:17:d3:19:2e:6b:c3:13:18:d8:e6:
ee:91:ae:59:d7:f2:73:ab:8c:79:70:9e:c2:b6:ab:
87:89:79:2d:cb:53:76:55:8f:e7:d0:86:26:97:b6:
b8:d9:87:95:28:b9:a7:4f:1f:ec:a0:17:a4:24:9e:
90:c0:29:a5:55:30:64:4a:29:f3:61:91:2e:1c:74:
22:55:fc:5f:09:72:b2:ec:1c:ba:cb:97:b3:a4:0c:
10:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:B0:E6:1D:46:1D:DF:4A:85:1F:4D:6C:00:A1:48:60:42:97:87:E8
X509v3 Authority Key Identifier:
keyid:FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
Authority Information Access:
CA Issuers - URI:rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33352e302f32342d3234203d3e203338303038.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.152.35.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:05:42:a1:cd:f3:72:23:50:c1:b8:89:43:83:92:e5:c1:e2:
96:2d:8f:eb:4c:3b:c6:09:2e:17:02:94:c7:50:7f:d9:36:02:
6f:ad:ad:03:dc:29:ab:7e:86:95:63:0e:54:1d:ef:43:14:73:
6e:e3:22:af:0d:0f:31:55:2d:9d:af:d4:83:7d:40:9e:80:d4:
82:87:87:0a:0d:5a:85:46:bf:e6:2f:07:e5:c7:15:9d:45:d6:
02:60:a4:a3:7f:33:56:d6:b7:14:2e:81:8e:d3:30:43:81:27:
ce:05:d9:12:c8:4f:48:48:89:a6:8f:3d:cd:72:29:04:c2:41:
ed:51:79:39:85:be:f2:55:20:b9:36:e6:01:73:9c:c1:62:1a:
14:fa:88:11:3f:06:21:00:b2:f4:9f:bb:77:8e:24:9a:b7:c2:
ff:d5:d7:c7:b4:1b:40:37:4e:ee:eb:f3:a4:ae:90:0b:12:9b:
84:c1:70:dc:92:69:77:aa:09:cb:eb:61:ce:e8:3a:52:66:57:
ff:93:41:4b:12:f3:ac:8d:b2:82:12:7a:72:1f:23:be:99:e9:
93:0e:14:ec:c8:b3:3b:bf:eb:83:69:7d:fd:66:8a:cb:98:da:
d5:34:1e:00:0d:76:67:df:85:74:c5:62:84:97:cd:1c:32:6f:
63:e2:d3:f5
-----BEGIN CERTIFICATE-----
MIIG1TCCBb2gAwIBAgIUE9fuuXt+RRpfJ02WU/T7rnQraF8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkNCMTgwNUZBN0FFMjJENTY1RTBBNTAyRDA4RDM3RUIy
QkQ4MzdBNzAeFw0yNDA1MTYwMDU1MDBaFw0yNTA1MTYwMTAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQUY2Q0Y1RkM5MkE5NTIyNzJD
MkE3QzVDQTkyRjE1RjM3QTVCRDI2NzZGMzMyNzEzN0U1REQ1NDg2MzYxRTY1QTk0
N0Q4NzYwQzdFMTM2N0Q5RkUxQUNERjQzMjIxOTIwM0VDMEQxQzUyOUQzQTIyRTA1
MkUwOUQyRUQ0NkVCQ0E0RDUyRTYyRDEzNDkyMEQ3RUMzMUQxNkQ3NjA4OEI1RjVC
MDBEMjAwRjU2MjNFOTkyNkNFN0I3MDVCQUQyMkYwN0M0MDlGRjBDMTNDQzUxNDdF
MTFEQUE3QURFQ0QwNTQ5Q0FCNzZDQjY1RjA1RUIyN0ExQjc3RkZDQjE0OUI2MTM5
OTE1MjRFNDA4MTRFNTExRUZGNDU5MUU5MEMwQTBGN0M5NDRBOTZGNThGRTk4NTY2
QkRENjU1NkQ5RTMwNTQ3NDYwRjRGQUNDMDI5OEVBN0QxN0QzMTkyRTZCQzMxMzE4
RDhFNkVFOTFBRTU5RDdGMjczQUI4Qzc5NzA5RUMyQjZBQjg3ODk3OTJEQ0I1Mzc2
NTU4RkU3RDA4NjI2OTdCNkI4RDk4Nzk1MjhCOUE3NEYxRkVDQTAxN0E0MjQ5RTkw
QzAyOUE1NTUzMDY0NEEyOUYzNjE5MTJFMUM3NDIyNTVGQzVGMDk3MkIyRUMxQ0JB
Q0I5N0IzQTQwQzEwMkYwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAr2z1/JKpUicsKnxcqS8V83pb0mdvMycTfl3VSGNh5lqUfYdgx+E2
fZ/hrN9DIhkgPsDRxSnToi4FLgnS7Ubryk1S5i0TSSDX7DHRbXYIi19bANIA9WI+
mSbOe3BbrSLwfECf8ME8xRR+EdqnrezQVJyrdstl8F6yeht3/8sUm2E5kVJOQIFO
UR7/RZHpDAoPfJRKlvWP6YVmvdZVbZ4wVHRg9PrMApjqfRfTGS5rwxMY2Obuka5Z
1/Jzq4x5cJ7CtquHiXkty1N2VY/n0IYml7a42YeVKLmnTx/soBekJJ6QwCmlVTBk
SinzYZEuHHQiVfxfCXKy7By6y5ezpAwQLwIDAQABo4IB4zCCAd8wHQYDVR0OBBYE
FOGw5h1GHd9KhR9NbAChSGBCl4foMB8GA1UdIwQYMBaAFPyxgF+nriLVZeClAtCN
N+sr2DenMA4GA1UdDwEB/wQEAwIHgDBkBgNVHR8EXTBbMFmgV6BVhlNyc3luYzov
L3Jwa2kuYXBlcm5ldC5pby9yZXBvL0FQRVJORVQvMS9GQ0IxODA1RkE3QUUyMkQ1
NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNybDBtBggrBgEFBQcBAQRhMF8wXQYI
KwYBBQUHMAKGUXJzeW5jOi8vc2FrdXlhLm5hdC5tb2UvcmVwby9OQVRPQ0EvMS9G
Q0IxODA1RkE3QUUyMkQ1NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNlcjB9Bggr
BgEFBQcBCwRxMG8wbQYIKwYBBQUHMAuGYXJzeW5jOi8vcnBraS5hcGVybmV0Lmlv
L3JlcG8vQVBFUk5FVC8xLzMxMzAzMzJlMzEzNTMyMmUzMzM1MmUzMDJmMzIzNDJk
MzIzNDIwM2QzZTIwMzMzODMwMzAzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGeYIzANBgkqhkiG9w0B
AQsFAAOCAQEAoAVCoc3zciNQwbiJQ4OS5cHili2P60w7xgkuFwKUx1B/2TYCb62t
A9wpq36GlWMOVB3vQxRzbuMirw0PMVUtna/Ug31AnoDUgoeHCg1ahUa/5i8H5ccV
nUXWAmCko38zVta3FC6BjtMwQ4EnzgXZEshPSEiJpo89zXIpBMJB7VF5OYW+8lUg
uTbmAXOcwWIaFPqIET8GIQCy9J+7d44kmrfC/9XXx7QbQDdO7uvzpK6QCxKbhMFw
3JJpd6oJy+thzug6UmZX/5NBSxLzrI2yghJ6ch8jvpnpkw4U7MizO7/rg2l9/WaK
y5ja1TQeAA12Z9+FdMVihJfNHDJvY+LT9Q==
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:05:52 2024 by rpki-client on console-fra.rpki-client.org