Route Origin Authorization

$ rpki-client -vvf rpki.apernet.io/repo/APERNET/1/323430363a343434303a39303a3a2f34342d3438203d3e203436393937.roa
File:                     323430363a343434303a39303a3a2f34342d3438203d3e203436393937.roa (raw, json)
Hash identifier:          qmtN8NiOPZWmtfFTQ+rmZl7tpBpeX9jfrIjAtoE93/g=
Subject key identifier:   E7:2C:FB:25:4D:E8:47:15:86:0A:D7:CF:A0:77:13:25:82:AB:3E:FF
Certificate issuer:       /CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Certificate serial:       7DD5280D7A90F77B47E0AF67EE4E717FBCE5C174
Authority key identifier: FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
Authority info access:    rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject info access:      rsync://rpki.apernet.io/repo/APERNET/1/323430363a343434303a39303a3a2f34342d3438203d3e203436393937.roa
Signing time:             Tue 19 Mar 2024 07:00:00 +0000
ROA not before:           Tue 19 Mar 2024 06:55:00 +0000
ROA not after:            Wed 19 Mar 2025 07:00:00 +0000
asID:                     46997
IP address blocks:        2406:4440:90::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
                          rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.mft
                          rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
                          rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.crl
                          rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WheWSLPvI2nc5721gUD_fccGCr8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 22 Nov 2024 20:34:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:d5:28:0d:7a:90:f7:7b:47:e0:af:67:ee:4e:71:7f:bc:e5:c1:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
        Validity
            Not Before: Mar 19 06:55:00 2024 GMT
            Not After : Mar 19 07:00:00 2025 GMT
        Subject: CN=3082010A0282010100C55A51DC22DD2917E92E67F42210D2AE5F8040415170D3C8EAD83CE04D41FD1CCAFA3CA5F927BF270B557DA06B93CDA62E327F5D4349AD3C19AED26753A93BA2C3121357C333CD2470E6B15D842F05E68E900053EB0351558C6478EB7401807ABF5469D8C381E864C2571E697F87C7182C7BF1601AED86E0D0AD1CB795FFF72DBE1196BC323CEDA9B5994C94DAEE6F6279F2CB85CB6986B3D66EEB89C7CB31F2EE74912F9E87CC38FE42FA24910DE02155C56E738570FDBFA382B5587B42215F770645B8E09848EE839B617AD76CA8FC4C2F866183B09E6D33C830E7BFDDC8576A6DC88D63537D66AC6B794742D49B55368747D7B3F4BA91CAA2E21D851B3FAB0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:5a:51:dc:22:dd:29:17:e9:2e:67:f4:22:10:
                    d2:ae:5f:80:40:41:51:70:d3:c8:ea:d8:3c:e0:4d:
                    41:fd:1c:ca:fa:3c:a5:f9:27:bf:27:0b:55:7d:a0:
                    6b:93:cd:a6:2e:32:7f:5d:43:49:ad:3c:19:ae:d2:
                    67:53:a9:3b:a2:c3:12:13:57:c3:33:cd:24:70:e6:
                    b1:5d:84:2f:05:e6:8e:90:00:53:eb:03:51:55:8c:
                    64:78:eb:74:01:80:7a:bf:54:69:d8:c3:81:e8:64:
                    c2:57:1e:69:7f:87:c7:18:2c:7b:f1:60:1a:ed:86:
                    e0:d0:ad:1c:b7:95:ff:f7:2d:be:11:96:bc:32:3c:
                    ed:a9:b5:99:4c:94:da:ee:6f:62:79:f2:cb:85:cb:
                    69:86:b3:d6:6e:eb:89:c7:cb:31:f2:ee:74:91:2f:
                    9e:87:cc:38:fe:42:fa:24:91:0d:e0:21:55:c5:6e:
                    73:85:70:fd:bf:a3:82:b5:58:7b:42:21:5f:77:06:
                    45:b8:e0:98:48:ee:83:9b:61:7a:d7:6c:a8:fc:4c:
                    2f:86:61:83:b0:9e:6d:33:c8:30:e7:bf:dd:c8:57:
                    6a:6d:c8:8d:63:53:7d:66:ac:6b:79:47:42:d4:9b:
                    55:36:87:47:d7:b3:f4:ba:91:ca:a2:e2:1d:85:1b:
                    3f:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:2C:FB:25:4D:E8:47:15:86:0A:D7:CF:A0:77:13:25:82:AB:3E:FF
            X509v3 Authority Key Identifier:
                keyid:FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apernet.io/repo/APERNET/1/323430363a343434303a39303a3a2f34342d3438203d3e203436393937.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:4440:90::/44

    Signature Algorithm: sha256WithRSAEncryption
         00:8f:c9:e0:4a:a3:13:21:a4:c1:cc:75:54:0b:bd:d7:01:09:
         04:ed:35:35:f4:97:f5:71:90:ae:0e:b7:9d:a1:b9:09:6a:e3:
         8b:ae:a1:6f:2e:e8:ea:6e:4c:d2:ba:de:b3:6b:46:63:01:ad:
         c2:6f:3c:98:8c:40:b9:13:4d:12:6b:40:f1:79:94:1a:d0:a4:
         fd:0c:98:1d:87:c2:64:22:43:00:1e:48:c4:03:65:f7:b1:a9:
         3d:39:c8:84:6a:be:03:a4:f3:25:b0:43:39:95:10:cf:35:17:
         69:9b:08:c0:fd:59:74:35:68:2e:21:2e:3f:28:0e:5d:45:54:
         d8:dd:4e:b6:be:75:70:76:01:2c:97:74:4b:1c:9e:ef:7e:e6:
         7d:5c:79:85:59:2f:c3:bd:d3:1f:43:9e:ec:cd:a8:05:b3:f4:
         af:02:dd:1d:7f:a2:b4:7c:83:de:4d:0c:6a:e5:87:4b:2e:9c:
         7f:85:28:5a:5b:4a:79:b1:35:19:0e:ff:e1:ef:fa:10:e9:49:
         5c:86:4e:06:08:63:c0:68:da:a3:87:32:28:0f:e8:6f:08:08:
         86:80:72:2f:fa:31:2b:39:ac:9f:c7:60:bf:02:6c:47:ed:36:
         2c:fe:f0:fe:f1:37:cf:5a:8d:34:3b:8b:4c:3c:7b:ff:12:03:
         e4:ac:fc:76
-----BEGIN CERTIFICATE-----
MIIG3TCCBcWgAwIBAgIUfdUoDXqQ93tH4K9n7k5xf7zlwXQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkNCMTgwNUZBN0FFMjJENTY1RTBBNTAyRDA4RDM3RUIy
QkQ4MzdBNzAeFw0yNDAzMTkwNjU1MDBaFw0yNTAzMTkwNzAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQzU1QTUxREMyMkREMjkxN0U5
MkU2N0Y0MjIxMEQyQUU1RjgwNDA0MTUxNzBEM0M4RUFEODNDRTA0RDQxRkQxQ0NB
RkEzQ0E1RjkyN0JGMjcwQjU1N0RBMDZCOTNDREE2MkUzMjdGNUQ0MzQ5QUQzQzE5
QUVEMjY3NTNBOTNCQTJDMzEyMTM1N0MzMzNDRDI0NzBFNkIxNUQ4NDJGMDVFNjhF
OTAwMDUzRUIwMzUxNTU4QzY0NzhFQjc0MDE4MDdBQkY1NDY5RDhDMzgxRTg2NEMy
NTcxRTY5N0Y4N0M3MTgyQzdCRjE2MDFBRUQ4NkUwRDBBRDFDQjc5NUZGRjcyREJF
MTE5NkJDMzIzQ0VEQTlCNTk5NEM5NERBRUU2RjYyNzlGMkNCODVDQjY5ODZCM0Q2
NkVFQjg5QzdDQjMxRjJFRTc0OTEyRjlFODdDQzM4RkU0MkZBMjQ5MTBERTAyMTU1
QzU2RTczODU3MEZEQkZBMzgyQjU1ODdCNDIyMTVGNzcwNjQ1QjhFMDk4NDhFRTgz
OUI2MTdBRDc2Q0E4RkM0QzJGODY2MTgzQjA5RTZEMzNDODMwRTdCRkREQzg1NzZB
NkRDODhENjM1MzdENjZBQzZCNzk0NzQyRDQ5QjU1MzY4NzQ3RDdCM0Y0QkE5MUNB
QTJFMjFEODUxQjNGQUIwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAxVpR3CLdKRfpLmf0IhDSrl+AQEFRcNPI6tg84E1B/RzK+jyl+Se/
JwtVfaBrk82mLjJ/XUNJrTwZrtJnU6k7osMSE1fDM80kcOaxXYQvBeaOkABT6wNR
VYxkeOt0AYB6v1Rp2MOB6GTCVx5pf4fHGCx78WAa7Ybg0K0ct5X/9y2+EZa8Mjzt
qbWZTJTa7m9iefLLhctphrPWbuuJx8sx8u50kS+eh8w4/kL6JJEN4CFVxW5zhXD9
v6OCtVh7QiFfdwZFuOCYSO6Dm2F612yo/EwvhmGDsJ5tM8gw57/dyFdqbciNY1N9
ZqxreUdC1JtVNodH17P0upHKouIdhRs/qwIDAQABo4IB6zCCAecwHQYDVR0OBBYE
FOcs+yVN6EcVhgrXz6B3EyWCqz7/MB8GA1UdIwQYMBaAFPyxgF+nriLVZeClAtCN
N+sr2DenMA4GA1UdDwEB/wQEAwIHgDBkBgNVHR8EXTBbMFmgV6BVhlNyc3luYzov
L3Jwa2kuYXBlcm5ldC5pby9yZXBvL0FQRVJORVQvMS9GQ0IxODA1RkE3QUUyMkQ1
NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNybDBtBggrBgEFBQcBAQRhMF8wXQYI
KwYBBQUHMAKGUXJzeW5jOi8vc2FrdXlhLm5hdC5tb2UvcmVwby9OQVRPQ0EvMS9G
Q0IxODA1RkE3QUUyMkQ1NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNlcjCBgQYI
KwYBBQUHAQsEdTBzMHEGCCsGAQUFBzALhmVyc3luYzovL3Jwa2kuYXBlcm5ldC5p
by9yZXBvL0FQRVJORVQvMS8zMjM0MzAzNjNhMzQzNDM0MzAzYTM5MzAzYTNhMmYz
NDM0MmQzNDM4MjAzZDNlMjAzNDM2MzkzOTM3LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEJAZEQACQMA0G
CSqGSIb3DQEBCwUAA4IBAQAAj8ngSqMTIaTBzHVUC73XAQkE7TU19Jf1cZCuDred
obkJauOLrqFvLujqbkzSut6za0ZjAa3CbzyYjEC5E00Sa0DxeZQa0KT9DJgdh8Jk
IkMAHkjEA2X3sak9OciEar4DpPMlsEM5lRDPNRdpmwjA/Vl0NWguIS4/KA5dRVTY
3U62vnVwdgEsl3RLHJ7vfuZ9XHmFWS/DvdMfQ57szagFs/SvAt0df6K0fIPeTQxq
5YdLLpx/hShaW0p5sTUZDv/h7/oQ6Ulchk4GCGPAaNqjhzIoD+hvCAiGgHIv+jEr
Oayfx2C/AmxH7TYs/vD+8TfPWo00O4tMPHv/EgPkrPx2
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:41:15 2024 by rpki-client on console-ams.rpki-client.org