Route Origin Authorization
$ rpki-client -vvf rpki.apernet.io/repo/APERNET/1/323430363a343434303a3a2f34342d313238203d3e2031303239.roa
File: 323430363a343434303a3a2f34342d313238203d3e2031303239.roa (raw, json)
Hash identifier: cmEAybMqPuIfLlMXrSUEMt6Vuv/W/pq4j5d4IDZPeMI=
Subject key identifier: 27:77:15:DE:62:70:98:3C:63:FB:06:D9:CF:D2:A3:F8:DA:83:48:42
Certificate issuer: /CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Certificate serial: 62C866A48DF7F5AC45EA1E31984A94C619FED11C
Authority key identifier: FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
Authority info access: rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject info access: rsync://rpki.apernet.io/repo/APERNET/1/323430363a343434303a3a2f34342d313238203d3e2031303239.roa
Signing time: Tue 18 Mar 2025 17:00:00 +0000
ROA not before: Tue 18 Mar 2025 16:55:00 +0000
ROA not after: Wed 18 Mar 2026 17:00:00 +0000
asID: 1029
IP address blocks: 2406:4440::/44 maxlen: 128
Validation: OK
Signature path: rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.mft
rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.crl
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WheWSLPvI2nc5721gUD_fccGCr8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 06 Apr 2025 05:00:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:c8:66:a4:8d:f7:f5:ac:45:ea:1e:31:98:4a:94:c6:19:fe:d1:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Validity
Not Before: Mar 18 16:55:00 2025 GMT
Not After : Mar 18 17:00:00 2026 GMT
Subject: CN=3082010A0282010100BC48CB7AE528ABF750A928CD14B2686E67018AE1C9C0ECAAB6A5A48715EA7E23760A2F6CA7217F0948FF6F54EA6DCAEE930D4E46EF210AADE7D88479F1710314E4D5281157C76735C7D7E0EDAD42E25CB6D0B1DE7E8ED1B8F267AB88F4FE4237ED643C7C6BFEC0ACD981E6A65A70556E923FB3C0061C51C6A03CA08243DD53BFE7BB09AD65ED54B3AC831E9D1E32C371891047321E7EFE8F589FFCF066B488B36863DDFBF8CB0A35FAAD3A137D593AC12CC1052ACF8826D4282BF1C4BFCCB25829FD81DC274F3AC56EA2216DA4350B14C7E11EE591C192FEAD6EF332EC825B7CCBA01C6C5AFD23FE4939453DFE9F3E20A7F30A10553D74BAA4704C8FE1DFA3190203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:48:cb:7a:e5:28:ab:f7:50:a9:28:cd:14:b2:
68:6e:67:01:8a:e1:c9:c0:ec:aa:b6:a5:a4:87:15:
ea:7e:23:76:0a:2f:6c:a7:21:7f:09:48:ff:6f:54:
ea:6d:ca:ee:93:0d:4e:46:ef:21:0a:ad:e7:d8:84:
79:f1:71:03:14:e4:d5:28:11:57:c7:67:35:c7:d7:
e0:ed:ad:42:e2:5c:b6:d0:b1:de:7e:8e:d1:b8:f2:
67:ab:88:f4:fe:42:37:ed:64:3c:7c:6b:fe:c0:ac:
d9:81:e6:a6:5a:70:55:6e:92:3f:b3:c0:06:1c:51:
c6:a0:3c:a0:82:43:dd:53:bf:e7:bb:09:ad:65:ed:
54:b3:ac:83:1e:9d:1e:32:c3:71:89:10:47:32:1e:
7e:fe:8f:58:9f:fc:f0:66:b4:88:b3:68:63:dd:fb:
f8:cb:0a:35:fa:ad:3a:13:7d:59:3a:c1:2c:c1:05:
2a:cf:88:26:d4:28:2b:f1:c4:bf:cc:b2:58:29:fd:
81:dc:27:4f:3a:c5:6e:a2:21:6d:a4:35:0b:14:c7:
e1:1e:e5:91:c1:92:fe:ad:6e:f3:32:ec:82:5b:7c:
cb:a0:1c:6c:5a:fd:23:fe:49:39:45:3d:fe:9f:3e:
20:a7:f3:0a:10:55:3d:74:ba:a4:70:4c:8f:e1:df:
a3:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:77:15:DE:62:70:98:3C:63:FB:06:D9:CF:D2:A3:F8:DA:83:48:42
X509v3 Authority Key Identifier:
keyid:FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
Authority Information Access:
CA Issuers - URI:rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.apernet.io/repo/APERNET/1/323430363a343434303a3a2f34342d313238203d3e2031303239.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:4440::/44
Signature Algorithm: sha256WithRSAEncryption
75:90:01:63:5a:ed:4a:9b:d3:55:40:16:c0:a4:21:18:51:39:
7e:39:cd:2f:0e:c6:c8:3a:fd:32:6a:de:a6:d9:fa:b4:82:b7:
70:41:04:55:c8:69:4b:c0:65:ce:d4:2a:05:c7:45:a8:03:46:
7e:d6:c4:57:8e:39:38:e4:70:a1:01:2a:21:52:99:f5:8e:26:
72:da:3c:e2:87:b8:5d:69:24:91:59:e0:05:96:00:dc:97:d5:
a8:a8:af:9e:6d:43:58:9f:8c:a4:ae:d1:2f:88:e8:c1:70:ab:
e2:b8:58:3c:ca:dd:ee:9b:03:85:91:b5:4b:97:26:bf:34:b9:
eb:36:12:70:af:a3:37:87:92:ff:7b:68:73:0d:4e:b8:d7:a8:
41:84:05:9f:0e:49:b6:51:6c:cf:90:e9:35:3f:c4:ba:a9:f8:
51:4e:48:2f:87:3d:67:1d:20:a9:44:f1:4a:2e:7d:22:32:3b:
fe:ff:11:5f:38:ea:d9:53:ec:6b:e8:6f:7c:26:9b:e5:53:43:
d8:d2:77:c5:77:cd:2f:59:05:f6:9a:d1:3e:dc:75:7d:85:32:
e8:62:7a:0b:ef:15:bb:a0:d1:7f:cc:67:02:6d:c6:80:89:8f:
ad:71:2c:42:d4:4a:f2:ea:b6:b3:b2:b9:63:8a:c9:26:d3:db:
e8:15:a5:99
-----BEGIN CERTIFICATE-----
MIIG1jCCBb6gAwIBAgIUYshmpI339axF6h4xmEqUxhn+0RwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkNCMTgwNUZBN0FFMjJENTY1RTBBNTAyRDA4RDM3RUIy
QkQ4MzdBNzAeFw0yNTAzMTgxNjU1MDBaFw0yNjAzMTgxNzAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQkM0OENCN0FFNTI4QUJGNzUw
QTkyOENEMTRCMjY4NkU2NzAxOEFFMUM5QzBFQ0FBQjZBNUE0ODcxNUVBN0UyMzc2
MEEyRjZDQTcyMTdGMDk0OEZGNkY1NEVBNkRDQUVFOTMwRDRFNDZFRjIxMEFBREU3
RDg4NDc5RjE3MTAzMTRFNEQ1MjgxMTU3Qzc2NzM1QzdEN0UwRURBRDQyRTI1Q0I2
RDBCMURFN0U4RUQxQjhGMjY3QUI4OEY0RkU0MjM3RUQ2NDNDN0M2QkZFQzBBQ0Q5
ODFFNkE2NUE3MDU1NkU5MjNGQjNDMDA2MUM1MUM2QTAzQ0EwODI0M0RENTNCRkU3
QkIwOUFENjVFRDU0QjNBQzgzMUU5RDFFMzJDMzcxODkxMDQ3MzIxRTdFRkU4RjU4
OUZGQ0YwNjZCNDg4QjM2ODYzRERGQkY4Q0IwQTM1RkFBRDNBMTM3RDU5M0FDMTJD
QzEwNTJBQ0Y4ODI2RDQyODJCRjFDNEJGQ0NCMjU4MjlGRDgxREMyNzRGM0FDNTZF
QTIyMTZEQTQzNTBCMTRDN0UxMUVFNTkxQzE5MkZFQUQ2RUYzMzJFQzgyNUI3Q0NC
QTAxQzZDNUFGRDIzRkU0OTM5NDUzREZFOUYzRTIwQTdGMzBBMTA1NTNENzRCQUE0
NzA0QzhGRTFERkEzMTkwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAvEjLeuUoq/dQqSjNFLJobmcBiuHJwOyqtqWkhxXqfiN2Ci9spyF/
CUj/b1Tqbcrukw1ORu8hCq3n2IR58XEDFOTVKBFXx2c1x9fg7a1C4ly20LHefo7R
uPJnq4j0/kI37WQ8fGv+wKzZgeamWnBVbpI/s8AGHFHGoDyggkPdU7/nuwmtZe1U
s6yDHp0eMsNxiRBHMh5+/o9Yn/zwZrSIs2hj3fv4ywo1+q06E31ZOsEswQUqz4gm
1Cgr8cS/zLJYKf2B3CdPOsVuoiFtpDULFMfhHuWRwZL+rW7zMuyCW3zLoBxsWv0j
/kk5RT3+nz4gp/MKEFU9dLqkcEyP4d+jGQIDAQABo4IB5DCCAeAwHQYDVR0OBBYE
FCd3Fd5icJg8Y/sG2c/So/jag0hCMB8GA1UdIwQYMBaAFPyxgF+nriLVZeClAtCN
N+sr2DenMA4GA1UdDwEB/wQEAwIHgDBkBgNVHR8EXTBbMFmgV6BVhlNyc3luYzov
L3Jwa2kuYXBlcm5ldC5pby9yZXBvL0FQRVJORVQvMS9GQ0IxODA1RkE3QUUyMkQ1
NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNybDBtBggrBgEFBQcBAQRhMF8wXQYI
KwYBBQUHMAKGUXJzeW5jOi8vc2FrdXlhLm5hdC5tb2UvcmVwby9OQVRPQ0EvMS9G
Q0IxODA1RkE3QUUyMkQ1NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNlcjB7Bggr
BgEFBQcBCwRvMG0wawYIKwYBBQUHMAuGX3JzeW5jOi8vcnBraS5hcGVybmV0Lmlv
L3JlcG8vQVBFUk5FVC8xLzMyMzQzMDM2M2EzNDM0MzQzMDNhM2EyZjM0MzQyZDMx
MzIzODIwM2QzZTIwMzEzMDMyMzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQkBkRAAAAwDQYJKoZIhvcN
AQELBQADggEBAHWQAWNa7Uqb01VAFsCkIRhROX45zS8Oxsg6/TJq3qbZ+rSCt3BB
BFXIaUvAZc7UKgXHRagDRn7WxFeOOTjkcKEBKiFSmfWOJnLaPOKHuF1pJJFZ4AWW
ANyX1aior55tQ1ifjKSu0S+I6MFwq+K4WDzK3e6bA4WRtUuXJr80ues2EnCvozeH
kv97aHMNTrjXqEGEBZ8OSbZRbM+Q6TU/xLqp+FFOSC+HPWcdIKlE8UoufSIyO/7/
EV846tlT7Gvob3wmm+VTQ9jSd8V3zS9ZBfaa0T7cdX2FMuhiegvvFbug0X/MZwJt
xoCJj61xLELUSvLqtrOyuWOKySbT2+gVpZk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:26:57 2025 by rpki-client