Route Origin Authorization
$ rpki-client -vvf rpki.apernet.io/repo/APERNET/1/323430363a343434303a35303a3a2f34342d3434203d3e20333936333033.roa
File: 323430363a343434303a35303a3a2f34342d3434203d3e20333936333033.roa (raw, json)
Hash identifier: 60g2fcy/avHbWFQdy40t0kDg2FVvvAZEHy7kSgqVAV4=
Subject key identifier: 97:ED:99:E3:3B:0A:88:9A:A2:C9:1A:D3:00:07:C9:2E:94:BA:CB:4C
Certificate issuer: /CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Certificate serial: 3212982EF6401EB448BBA9ABFF4FE30AC955F817
Authority key identifier: FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
Authority info access: rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject info access: rsync://rpki.apernet.io/repo/APERNET/1/323430363a343434303a35303a3a2f34342d3434203d3e20333936333033.roa
Signing time: Sun 27 Oct 2024 05:00:00 +0000
ROA not before: Sun 27 Oct 2024 04:55:00 +0000
ROA not after: Mon 27 Oct 2025 05:00:00 +0000
asID: 396303
IP address blocks: 2406:4440:50::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.mft
rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.crl
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WheWSLPvI2nc5721gUD_fccGCr8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 26 Nov 2024 20:40:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:12:98:2e:f6:40:1e:b4:48:bb:a9:ab:ff:4f:e3:0a:c9:55:f8:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Validity
Not Before: Oct 27 04:55:00 2024 GMT
Not After : Oct 27 05:00:00 2025 GMT
Subject: CN=3082010A0282010100A9FEA2CCE86EEC7D1304F7B788CD6E4D67DC5F65D4D92E4452411BF7EE32036CCC94B618622CC1A2BAE61A61C120D091C42194B7EDFC8E86ED5331C9F9550995C9840785C5D021B1B153B93528203D97548F65D8E104C136A290EC4742CB0FE3A76DFD91219C1689EBA312C777B7253E17B6CD87E19347776115294199E248FD65E1AB2EDF6026E5F973D74EBF8F8DCD685EEF6F46BC07B2E641DBFB98FA73B55EF1465F244E0AF08408421ADA745BC31B0CBD20A281964FF1D541F8CA091C50EE957AFC7BB408BE574164F6266060A82026B6EF8C0B2D36C6268214A903C055DCAD54511EB0898969B734EBF7C60B773CFE5002D992172B633DF1DBA52154810203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fe:a2:cc:e8:6e:ec:7d:13:04:f7:b7:88:cd:
6e:4d:67:dc:5f:65:d4:d9:2e:44:52:41:1b:f7:ee:
32:03:6c:cc:94:b6:18:62:2c:c1:a2:ba:e6:1a:61:
c1:20:d0:91:c4:21:94:b7:ed:fc:8e:86:ed:53:31:
c9:f9:55:09:95:c9:84:07:85:c5:d0:21:b1:b1:53:
b9:35:28:20:3d:97:54:8f:65:d8:e1:04:c1:36:a2:
90:ec:47:42:cb:0f:e3:a7:6d:fd:91:21:9c:16:89:
eb:a3:12:c7:77:b7:25:3e:17:b6:cd:87:e1:93:47:
77:61:15:29:41:99:e2:48:fd:65:e1:ab:2e:df:60:
26:e5:f9:73:d7:4e:bf:8f:8d:cd:68:5e:ef:6f:46:
bc:07:b2:e6:41:db:fb:98:fa:73:b5:5e:f1:46:5f:
24:4e:0a:f0:84:08:42:1a:da:74:5b:c3:1b:0c:bd:
20:a2:81:96:4f:f1:d5:41:f8:ca:09:1c:50:ee:95:
7a:fc:7b:b4:08:be:57:41:64:f6:26:60:60:a8:20:
26:b6:ef:8c:0b:2d:36:c6:26:82:14:a9:03:c0:55:
dc:ad:54:51:1e:b0:89:89:69:b7:34:eb:f7:c6:0b:
77:3c:fe:50:02:d9:92:17:2b:63:3d:f1:db:a5:21:
54:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:ED:99:E3:3B:0A:88:9A:A2:C9:1A:D3:00:07:C9:2E:94:BA:CB:4C
X509v3 Authority Key Identifier:
keyid:FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
Authority Information Access:
CA Issuers - URI:rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.apernet.io/repo/APERNET/1/323430363a343434303a35303a3a2f34342d3434203d3e20333936333033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:4440:50::/44
Signature Algorithm: sha256WithRSAEncryption
c4:32:b9:05:40:3d:19:8e:71:0c:e0:bf:0d:0c:a4:d8:4b:79:
39:b9:72:96:e6:b4:ef:ac:cd:0f:08:9c:a3:f2:c5:c4:f6:0d:
11:15:3f:ca:17:7f:75:29:56:fc:bf:1e:02:6e:cd:a0:d5:60:
0b:43:24:5e:57:36:aa:1b:c4:25:4b:8e:6b:91:cb:03:94:00:
73:f6:cd:db:d7:ca:31:3f:62:93:3b:03:9a:42:94:ee:0f:c4:
6a:3b:2d:7a:16:90:f7:1d:e1:a6:d1:83:2d:0e:3f:d0:44:2e:
0f:51:df:2d:40:9b:37:a0:3f:46:1a:40:d2:47:55:e8:97:ad:
d1:f7:c9:7b:e7:1c:6c:a0:d0:df:06:db:7e:41:ff:53:89:22:
9f:c4:14:44:6d:1b:a9:d4:2a:fd:2c:78:72:cd:de:0d:ba:54:
98:3b:94:87:38:0f:0a:bd:94:2c:e7:2c:a0:74:94:d4:bc:f4:
42:24:b8:cc:94:de:02:1c:d5:33:52:74:03:7b:ee:72:45:79:
2f:b6:90:ea:f4:fe:94:98:50:22:cb:71:f2:69:f9:7d:92:fe:
5f:a2:02:8d:3f:ae:cd:15:2e:74:80:79:20:b2:e1:9f:6c:df:
fe:1b:f0:f3:83:d0:92:9d:04:99:10:b5:af:dc:c7:49:89:53:
32:8c:e8:d0
-----BEGIN CERTIFICATE-----
MIIG3zCCBcegAwIBAgIUMhKYLvZAHrRIu6mr/0/jCslV+BcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkNCMTgwNUZBN0FFMjJENTY1RTBBNTAyRDA4RDM3RUIy
QkQ4MzdBNzAeFw0yNDEwMjcwNDU1MDBaFw0yNTEwMjcwNTAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQTlGRUEyQ0NFODZFRUM3RDEz
MDRGN0I3ODhDRDZFNEQ2N0RDNUY2NUQ0RDkyRTQ0NTI0MTFCRjdFRTMyMDM2Q0ND
OTRCNjE4NjIyQ0MxQTJCQUU2MUE2MUMxMjBEMDkxQzQyMTk0QjdFREZDOEU4NkVE
NTMzMUM5Rjk1NTA5OTVDOTg0MDc4NUM1RDAyMUIxQjE1M0I5MzUyODIwM0Q5NzU0
OEY2NUQ4RTEwNEMxMzZBMjkwRUM0NzQyQ0IwRkUzQTc2REZEOTEyMTlDMTY4OUVC
QTMxMkM3NzdCNzI1M0UxN0I2Q0Q4N0UxOTM0Nzc3NjExNTI5NDE5OUUyNDhGRDY1
RTFBQjJFREY2MDI2RTVGOTczRDc0RUJGOEY4RENENjg1RUVGNkY0NkJDMDdCMkU2
NDFEQkZCOThGQTczQjU1RUYxNDY1RjI0NEUwQUYwODQwODQyMUFEQTc0NUJDMzFC
MENCRDIwQTI4MTk2NEZGMUQ1NDFGOENBMDkxQzUwRUU5NTdBRkM3QkI0MDhCRTU3
NDE2NEY2MjY2MDYwQTgyMDI2QjZFRjhDMEIyRDM2QzYyNjgyMTRBOTAzQzA1NURD
QUQ1NDUxMUVCMDg5ODk2OUI3MzRFQkY3QzYwQjc3M0NGRTUwMDJEOTkyMTcyQjYz
M0RGMURCQTUyMTU0ODEwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAqf6izOhu7H0TBPe3iM1uTWfcX2XU2S5EUkEb9+4yA2zMlLYYYizB
orrmGmHBINCRxCGUt+38jobtUzHJ+VUJlcmEB4XF0CGxsVO5NSggPZdUj2XY4QTB
NqKQ7EdCyw/jp239kSGcFonroxLHd7clPhe2zYfhk0d3YRUpQZniSP1l4asu32Am
5flz106/j43NaF7vb0a8B7LmQdv7mPpztV7xRl8kTgrwhAhCGtp0W8MbDL0gooGW
T/HVQfjKCRxQ7pV6/Hu0CL5XQWT2JmBgqCAmtu+MCy02xiaCFKkDwFXcrVRRHrCJ
iWm3NOv3xgt3PP5QAtmSFytjPfHbpSFUgQIDAQABo4IB7TCCAekwHQYDVR0OBBYE
FJftmeM7Coiaoska0wAHyS6UustMMB8GA1UdIwQYMBaAFPyxgF+nriLVZeClAtCN
N+sr2DenMA4GA1UdDwEB/wQEAwIHgDBkBgNVHR8EXTBbMFmgV6BVhlNyc3luYzov
L3Jwa2kuYXBlcm5ldC5pby9yZXBvL0FQRVJORVQvMS9GQ0IxODA1RkE3QUUyMkQ1
NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNybDBtBggrBgEFBQcBAQRhMF8wXQYI
KwYBBQUHMAKGUXJzeW5jOi8vc2FrdXlhLm5hdC5tb2UvcmVwby9OQVRPQ0EvMS9G
Q0IxODA1RkE3QUUyMkQ1NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNlcjCBgwYI
KwYBBQUHAQsEdzB1MHMGCCsGAQUFBzALhmdyc3luYzovL3Jwa2kuYXBlcm5ldC5p
by9yZXBvL0FQRVJORVQvMS8zMjM0MzAzNjNhMzQzNDM0MzAzYTM1MzAzYTNhMmYz
NDM0MmQzNDM0MjAzZDNlMjAzMzM5MzYzMzMwMzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQkBkRAAFAw
DQYJKoZIhvcNAQELBQADggEBAMQyuQVAPRmOcQzgvw0MpNhLeTm5cpbmtO+szQ8I
nKPyxcT2DREVP8oXf3UpVvy/HgJuzaDVYAtDJF5XNqobxCVLjmuRywOUAHP2zdvX
yjE/YpM7A5pClO4PxGo7LXoWkPcd4abRgy0OP9BELg9R3y1AmzegP0YaQNJHVeiX
rdH3yXvnHGyg0N8G235B/1OJIp/EFERtG6nUKv0seHLN3g26VJg7lIc4Dwq9lCzn
LKB0lNS89EIkuMyU3gIc1TNSdAN77nJFeS+2kOr0/pSYUCLLcfJp+X2S/l+iAo0/
rs0VLnSAeSCy4Z9s3/4b8POD0JKdBJkQta/cx0mJUzKM6NA=
-----END CERTIFICATE-----
Generated at Mon Nov 25 23:56:20 2024 by rpki-client on console-ams.rpki-client.org