Route Origin Authorization
$ rpki-client -vvf rpki.apernet.io/repo/APERNET/1/323430363a343434303a37303a3a2f34342d3434203d3e20333936333033.roa
File: 323430363a343434303a37303a3a2f34342d3434203d3e20333936333033.roa (raw, json)
Hash identifier: 0hSv9ivds3VlkU3/ZNM/S+kNIqZZSn98rmTbqYgaB/4=
Subject key identifier: C1:0E:2F:F3:90:08:30:26:53:68:5C:26:F3:23:A6:83:FA:EF:0B:02
Certificate issuer: /CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Certificate serial: 7B18ACAD12FB98981ECBA9B82936A67849181703
Authority key identifier: FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
Authority info access: rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject info access: rsync://rpki.apernet.io/repo/APERNET/1/323430363a343434303a37303a3a2f34342d3434203d3e20333936333033.roa
Signing time: Sun 27 Oct 2024 06:00:00 +0000
ROA not before: Sun 27 Oct 2024 05:55:00 +0000
ROA not after: Mon 27 Oct 2025 06:00:00 +0000
asID: 396303
IP address blocks: 2406:4440:70::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.mft
rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.crl
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WheWSLPvI2nc5721gUD_fccGCr8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 22 Nov 2024 20:34:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:18:ac:ad:12:fb:98:98:1e:cb:a9:b8:29:36:a6:78:49:18:17:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Validity
Not Before: Oct 27 05:55:00 2024 GMT
Not After : Oct 27 06:00:00 2025 GMT
Subject: CN=3082010A0282010100C23CFB3B90E7EA617CA17A07D66729807CC9B94A7480B436387EDF25BBB12828750C990BBFADCE00EAB2D83AB7A3959705C0B65195CA95CAEF7C3C7549C584335343EB2FD448254D6F80CB07FD2830C275DCB80A83E706A6770D67F00586DF8D832624B419D123C1B3BCC0C94472B8FC15EC7F8BCBC4E94794F2AD4E7684BBE9BBBADB29D5C69B9C211D28046A7D01E481DD9B85C8F70E135C9084EBA1CBA6847C843469A3DAB1212A36D5CEBF740FD30E7242030137792308B08B91718C64B6B85C1D9927DE30147F87D3BEBF6C668B64D7DCB92CED07BDF5D4A5358C4552F36D264ECD305D3C0E61937C5D11FC5BAD011882A730B853BBDD61C1586022CF970203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3c:fb:3b:90:e7:ea:61:7c:a1:7a:07:d6:67:
29:80:7c:c9:b9:4a:74:80:b4:36:38:7e:df:25:bb:
b1:28:28:75:0c:99:0b:bf:ad:ce:00:ea:b2:d8:3a:
b7:a3:95:97:05:c0:b6:51:95:ca:95:ca:ef:7c:3c:
75:49:c5:84:33:53:43:eb:2f:d4:48:25:4d:6f:80:
cb:07:fd:28:30:c2:75:dc:b8:0a:83:e7:06:a6:77:
0d:67:f0:05:86:df:8d:83:26:24:b4:19:d1:23:c1:
b3:bc:c0:c9:44:72:b8:fc:15:ec:7f:8b:cb:c4:e9:
47:94:f2:ad:4e:76:84:bb:e9:bb:ba:db:29:d5:c6:
9b:9c:21:1d:28:04:6a:7d:01:e4:81:dd:9b:85:c8:
f7:0e:13:5c:90:84:eb:a1:cb:a6:84:7c:84:34:69:
a3:da:b1:21:2a:36:d5:ce:bf:74:0f:d3:0e:72:42:
03:01:37:79:23:08:b0:8b:91:71:8c:64:b6:b8:5c:
1d:99:27:de:30:14:7f:87:d3:be:bf:6c:66:8b:64:
d7:dc:b9:2c:ed:07:bd:f5:d4:a5:35:8c:45:52:f3:
6d:26:4e:cd:30:5d:3c:0e:61:93:7c:5d:11:fc:5b:
ad:01:18:82:a7:30:b8:53:bb:dd:61:c1:58:60:22:
cf:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:0E:2F:F3:90:08:30:26:53:68:5C:26:F3:23:A6:83:FA:EF:0B:02
X509v3 Authority Key Identifier:
keyid:FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
Authority Information Access:
CA Issuers - URI:rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.apernet.io/repo/APERNET/1/323430363a343434303a37303a3a2f34342d3434203d3e20333936333033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:4440:70::/44
Signature Algorithm: sha256WithRSAEncryption
8c:c7:69:da:8d:cd:c4:c0:0a:bd:08:eb:76:4c:f6:aa:f4:79:
dc:5a:16:7c:c1:08:0e:df:bf:2a:a1:c8:77:c3:11:b7:03:44:
e6:3b:79:da:c2:7e:03:d5:bd:a7:62:ec:c6:f9:bf:1b:52:55:
5f:70:57:09:f1:c4:47:a3:4c:09:d7:3a:a8:59:ec:fc:7e:10:
41:d5:7b:5f:a2:5d:54:a4:53:87:c1:48:99:54:03:7f:43:b7:
6a:d0:24:de:58:20:0b:66:a6:e9:64:5c:22:37:29:35:d2:ac:
72:b1:46:1b:ab:a6:a7:73:b0:54:7b:e4:e3:74:71:3d:fd:f0:
3d:3a:bf:3c:62:3f:f0:00:67:9c:b3:63:6e:5a:8d:41:fd:59:
07:84:b6:c6:37:dd:c9:ea:27:57:2f:58:f8:6d:c4:54:f4:7d:
3f:f3:b1:91:04:ad:86:c1:fc:e2:8d:4d:e8:c0:cf:b8:06:63:
5e:19:11:b1:3e:84:6c:27:22:ce:2a:86:ea:17:3b:a6:38:cf:
20:2f:2e:6c:13:ed:68:21:ff:29:65:50:9c:e4:1d:bd:b3:9a:
b5:44:b5:76:77:21:31:a8:48:5c:68:8c:d1:51:3c:4a:9d:e8:
91:e4:de:71:0b:42:76:e3:17:a2:d4:fb:10:aa:13:33:06:11:
0b:92:5d:e7
-----BEGIN CERTIFICATE-----
MIIG3zCCBcegAwIBAgIUexisrRL7mJgey6m4KTameEkYFwMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkNCMTgwNUZBN0FFMjJENTY1RTBBNTAyRDA4RDM3RUIy
QkQ4MzdBNzAeFw0yNDEwMjcwNTU1MDBaFw0yNTEwMjcwNjAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQzIzQ0ZCM0I5MEU3RUE2MTdD
QTE3QTA3RDY2NzI5ODA3Q0M5Qjk0QTc0ODBCNDM2Mzg3RURGMjVCQkIxMjgyODc1
MEM5OTBCQkZBRENFMDBFQUIyRDgzQUI3QTM5NTk3MDVDMEI2NTE5NUNBOTVDQUVG
N0MzQzc1NDlDNTg0MzM1MzQzRUIyRkQ0NDgyNTRENkY4MENCMDdGRDI4MzBDMjc1
RENCODBBODNFNzA2QTY3NzBENjdGMDA1ODZERjhEODMyNjI0QjQxOUQxMjNDMUIz
QkNDMEM5NDQ3MkI4RkMxNUVDN0Y4QkNCQzRFOTQ3OTRGMkFENEU3Njg0QkJFOUJC
QkFEQjI5RDVDNjlCOUMyMTFEMjgwNDZBN0QwMUU0ODFERDlCODVDOEY3MEUxMzVD
OTA4NEVCQTFDQkE2ODQ3Qzg0MzQ2OUEzREFCMTIxMkEzNkQ1Q0VCRjc0MEZEMzBF
NzI0MjAzMDEzNzc5MjMwOEIwOEI5MTcxOEM2NEI2Qjg1QzFEOTkyN0RFMzAxNDdG
ODdEM0JFQkY2QzY2OEI2NEQ3RENCOTJDRUQwN0JERjVENEE1MzU4QzQ1NTJGMzZE
MjY0RUNEMzA1RDNDMEU2MTkzN0M1RDExRkM1QkFEMDExODgyQTczMEI4NTNCQkRE
NjFDMTU4NjAyMkNGOTcwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAwjz7O5Dn6mF8oXoH1mcpgHzJuUp0gLQ2OH7fJbuxKCh1DJkLv63O
AOqy2Dq3o5WXBcC2UZXKlcrvfDx1ScWEM1ND6y/USCVNb4DLB/0oMMJ13LgKg+cG
pncNZ/AFht+NgyYktBnRI8GzvMDJRHK4/BXsf4vLxOlHlPKtTnaEu+m7utsp1cab
nCEdKARqfQHkgd2bhcj3DhNckITrocumhHyENGmj2rEhKjbVzr90D9MOckIDATd5
Iwiwi5FxjGS2uFwdmSfeMBR/h9O+v2xmi2TX3Lks7Qe99dSlNYxFUvNtJk7NMF08
DmGTfF0R/FutARiCpzC4U7vdYcFYYCLPlwIDAQABo4IB7TCCAekwHQYDVR0OBBYE
FMEOL/OQCDAmU2hcJvMjpoP67wsCMB8GA1UdIwQYMBaAFPyxgF+nriLVZeClAtCN
N+sr2DenMA4GA1UdDwEB/wQEAwIHgDBkBgNVHR8EXTBbMFmgV6BVhlNyc3luYzov
L3Jwa2kuYXBlcm5ldC5pby9yZXBvL0FQRVJORVQvMS9GQ0IxODA1RkE3QUUyMkQ1
NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNybDBtBggrBgEFBQcBAQRhMF8wXQYI
KwYBBQUHMAKGUXJzeW5jOi8vc2FrdXlhLm5hdC5tb2UvcmVwby9OQVRPQ0EvMS9G
Q0IxODA1RkE3QUUyMkQ1NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNlcjCBgwYI
KwYBBQUHAQsEdzB1MHMGCCsGAQUFBzALhmdyc3luYzovL3Jwa2kuYXBlcm5ldC5p
by9yZXBvL0FQRVJORVQvMS8zMjM0MzAzNjNhMzQzNDM0MzAzYTM3MzAzYTNhMmYz
NDM0MmQzNDM0MjAzZDNlMjAzMzM5MzYzMzMwMzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQkBkRAAHAw
DQYJKoZIhvcNAQELBQADggEBAIzHadqNzcTACr0I63ZM9qr0edxaFnzBCA7fvyqh
yHfDEbcDROY7edrCfgPVvadi7Mb5vxtSVV9wVwnxxEejTAnXOqhZ7Px+EEHVe1+i
XVSkU4fBSJlUA39Dt2rQJN5YIAtmpulkXCI3KTXSrHKxRhurpqdzsFR75ON0cT39
8D06vzxiP/AAZ5yzY25ajUH9WQeEtsY33cnqJ1cvWPhtxFT0fT/zsZEErYbB/OKN
TejAz7gGY14ZEbE+hGwnIs4qhuoXO6Y4zyAvLmwT7Wgh/yllUJzkHb2zmrVEtXZ3
ITGoSFxojNFRPEqd6JHk3nELQnbjF6LU+xCqEzMGEQuSXec=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:31:42 2024 by rpki-client on console-fra.rpki-client.org