Route Origin Authorization
$ rpki-client -vvf rpki.apernet.io/repo/APERNET/1/323430363a343434303a3a2f34342d313238203d3e2031303239.roa
File: 323430363a343434303a3a2f34342d313238203d3e2031303239.roa (raw, json)
Hash identifier: S+k6sDy/aBYq10vSWW6GxvvJJw/U5GaFZGHVZnCCZ68=
Subject key identifier: 8C:34:21:D8:4C:AC:3A:2E:DD:5D:B5:F7:75:C9:92:15:79:BB:99:54
Certificate issuer: /CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Certificate serial: 5A4FAFF4CC7087A939C9A5A8856BA5995FF78744
Authority key identifier: FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
Authority info access: rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject info access: rsync://rpki.apernet.io/repo/APERNET/1/323430363a343434303a3a2f34342d313238203d3e2031303239.roa
Signing time: Mon 15 Apr 2024 17:00:00 +0000
ROA not before: Mon 15 Apr 2024 16:55:00 +0000
ROA not after: Tue 15 Apr 2025 17:00:00 +0000
asID: 1029
IP address blocks: 2406:4440::/44 maxlen: 128
Validation: OK
Signature path: rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.mft
rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.crl
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WheWSLPvI2nc5721gUD_fccGCr8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 26 Nov 2024 20:40:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:4f:af:f4:cc:70:87:a9:39:c9:a5:a8:85:6b:a5:99:5f:f7:87:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Validity
Not Before: Apr 15 16:55:00 2024 GMT
Not After : Apr 15 17:00:00 2025 GMT
Subject: CN=3082010A0282010100B4C26413BF27B3121EAE71BBAEC6BFEA24B05D7340D77537FD61F918B0F1151C047F4926FDCF46C786FC9959B01EE9F9EE851F89EDEDD3DFC2E59F21C47A400944253233770791AEF038A02CDC48461D897B2659A94D85A82E88FE1D6926CD26CC7C45F9E18802F7AD9A9D70F190AF28EE4E8AA7975947FDC21821348D72FF4B9804C00D044B1A305073CC0303EC40079D5A34BF1F373ECA221125BCFFDBB71885762C28996F6199D4D602F37F4797BA4615394671A6B8494B0479978B6F4ACDB8C8C5B89B977131AFCEE8A47509BE882D033D6B5BEFF596869A53E2A123D063E29CE641F198659ED977EDBB3DA4755682793B541C400085E79E861CDCF39FD70203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c2:64:13:bf:27:b3:12:1e:ae:71:bb:ae:c6:
bf:ea:24:b0:5d:73:40:d7:75:37:fd:61:f9:18:b0:
f1:15:1c:04:7f:49:26:fd:cf:46:c7:86:fc:99:59:
b0:1e:e9:f9:ee:85:1f:89:ed:ed:d3:df:c2:e5:9f:
21:c4:7a:40:09:44:25:32:33:77:07:91:ae:f0:38:
a0:2c:dc:48:46:1d:89:7b:26:59:a9:4d:85:a8:2e:
88:fe:1d:69:26:cd:26:cc:7c:45:f9:e1:88:02:f7:
ad:9a:9d:70:f1:90:af:28:ee:4e:8a:a7:97:59:47:
fd:c2:18:21:34:8d:72:ff:4b:98:04:c0:0d:04:4b:
1a:30:50:73:cc:03:03:ec:40:07:9d:5a:34:bf:1f:
37:3e:ca:22:11:25:bc:ff:db:b7:18:85:76:2c:28:
99:6f:61:99:d4:d6:02:f3:7f:47:97:ba:46:15:39:
46:71:a6:b8:49:4b:04:79:97:8b:6f:4a:cd:b8:c8:
c5:b8:9b:97:71:31:af:ce:e8:a4:75:09:be:88:2d:
03:3d:6b:5b:ef:f5:96:86:9a:53:e2:a1:23:d0:63:
e2:9c:e6:41:f1:98:65:9e:d9:77:ed:bb:3d:a4:75:
56:82:79:3b:54:1c:40:00:85:e7:9e:86:1c:dc:f3:
9f:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:34:21:D8:4C:AC:3A:2E:DD:5D:B5:F7:75:C9:92:15:79:BB:99:54
X509v3 Authority Key Identifier:
keyid:FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
Authority Information Access:
CA Issuers - URI:rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.apernet.io/repo/APERNET/1/323430363a343434303a3a2f34342d313238203d3e2031303239.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:4440::/44
Signature Algorithm: sha256WithRSAEncryption
62:d9:e9:e6:3b:a9:be:be:f9:ab:59:95:1b:2a:a2:b7:64:d9:
4c:9a:de:4f:d1:e9:9d:33:b7:f9:09:e4:c1:26:d4:ed:8a:d0:
8b:70:bc:dc:d2:b4:a3:53:52:b4:7f:4f:bf:c9:25:b6:2e:c8:
de:8f:9d:8c:57:b4:c2:e5:2e:d1:a4:8a:50:9c:d3:4b:71:fa:
a8:9a:78:96:8a:bd:a4:a6:ed:e0:af:88:b2:43:52:08:5a:ce:
ba:a4:06:b0:a0:97:19:4a:11:35:b7:21:63:bf:05:1c:23:9c:
b1:a1:61:e9:2f:4a:03:78:d6:20:63:e7:eb:60:6d:8c:dc:12:
f1:f2:fd:99:32:45:1a:5a:17:25:c4:fd:0c:74:1d:1f:96:65:
cd:60:26:2c:6d:80:91:d4:2b:a7:2c:f5:58:e1:ca:5a:d5:88:
e9:08:e0:f5:fe:88:4b:43:eb:4e:95:d1:dc:24:2a:82:02:48:
1f:bd:6d:51:c9:d9:5a:8a:cd:33:39:af:ba:ca:64:0a:95:1c:
39:3b:9d:9d:6a:f1:cc:51:47:bb:8e:5d:dd:b3:79:33:1e:9a:
1c:16:bb:31:96:5f:b3:74:f3:7c:61:cf:f5:90:e3:f1:6f:19:
a2:1f:49:59:7c:92:3f:85:08:0a:6d:b1:70:67:72:b7:d1:d3:
c5:08:3a:c5
-----BEGIN CERTIFICATE-----
MIIG1jCCBb6gAwIBAgIUWk+v9Mxwh6k5yaWohWulmV/3h0QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkNCMTgwNUZBN0FFMjJENTY1RTBBNTAyRDA4RDM3RUIy
QkQ4MzdBNzAeFw0yNDA0MTUxNjU1MDBaFw0yNTA0MTUxNzAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQjRDMjY0MTNCRjI3QjMxMjFF
QUU3MUJCQUVDNkJGRUEyNEIwNUQ3MzQwRDc3NTM3RkQ2MUY5MThCMEYxMTUxQzA0
N0Y0OTI2RkRDRjQ2Qzc4NkZDOTk1OUIwMUVFOUY5RUU4NTFGODlFREVERDNERkMy
RTU5RjIxQzQ3QTQwMDk0NDI1MzIzMzc3MDc5MUFFRjAzOEEwMkNEQzQ4NDYxRDg5
N0IyNjU5QTk0RDg1QTgyRTg4RkUxRDY5MjZDRDI2Q0M3QzQ1RjlFMTg4MDJGN0FE
OUE5RDcwRjE5MEFGMjhFRTRFOEFBNzk3NTk0N0ZEQzIxODIxMzQ4RDcyRkY0Qjk4
MDRDMDBEMDQ0QjFBMzA1MDczQ0MwMzAzRUM0MDA3OUQ1QTM0QkYxRjM3M0VDQTIy
MTEyNUJDRkZEQkI3MTg4NTc2MkMyODk5NkY2MTk5RDRENjAyRjM3RjQ3OTdCQTQ2
MTUzOTQ2NzFBNkI4NDk0QjA0Nzk5NzhCNkY0QUNEQjhDOEM1Qjg5Qjk3NzEzMUFG
Q0VFOEE0NzUwOUJFODgyRDAzM0Q2QjVCRUZGNTk2ODY5QTUzRTJBMTIzRDA2M0Uy
OUNFNjQxRjE5ODY1OUVEOTc3RURCQjNEQTQ3NTU2ODI3OTNCNTQxQzQwMDA4NUU3
OUU4NjFDRENGMzlGRDcwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAtMJkE78nsxIernG7rsa/6iSwXXNA13U3/WH5GLDxFRwEf0km/c9G
x4b8mVmwHun57oUfie3t09/C5Z8hxHpACUQlMjN3B5Gu8DigLNxIRh2JeyZZqU2F
qC6I/h1pJs0mzHxF+eGIAvetmp1w8ZCvKO5OiqeXWUf9whghNI1y/0uYBMANBEsa
MFBzzAMD7EAHnVo0vx83PsoiESW8/9u3GIV2LCiZb2GZ1NYC839Hl7pGFTlGcaa4
SUsEeZeLb0rNuMjFuJuXcTGvzuikdQm+iC0DPWtb7/WWhppT4qEj0GPinOZB8Zhl
ntl37bs9pHVWgnk7VBxAAIXnnoYc3POf1wIDAQABo4IB5DCCAeAwHQYDVR0OBBYE
FIw0IdhMrDou3V2193XJkhV5u5lUMB8GA1UdIwQYMBaAFPyxgF+nriLVZeClAtCN
N+sr2DenMA4GA1UdDwEB/wQEAwIHgDBkBgNVHR8EXTBbMFmgV6BVhlNyc3luYzov
L3Jwa2kuYXBlcm5ldC5pby9yZXBvL0FQRVJORVQvMS9GQ0IxODA1RkE3QUUyMkQ1
NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNybDBtBggrBgEFBQcBAQRhMF8wXQYI
KwYBBQUHMAKGUXJzeW5jOi8vc2FrdXlhLm5hdC5tb2UvcmVwby9OQVRPQ0EvMS9G
Q0IxODA1RkE3QUUyMkQ1NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNlcjB7Bggr
BgEFBQcBCwRvMG0wawYIKwYBBQUHMAuGX3JzeW5jOi8vcnBraS5hcGVybmV0Lmlv
L3JlcG8vQVBFUk5FVC8xLzMyMzQzMDM2M2EzNDM0MzQzMDNhM2EyZjM0MzQyZDMx
MzIzODIwM2QzZTIwMzEzMDMyMzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQkBkRAAAAwDQYJKoZIhvcN
AQELBQADggEBAGLZ6eY7qb6++atZlRsqordk2Uya3k/R6Z0zt/kJ5MEm1O2K0Itw
vNzStKNTUrR/T7/JJbYuyN6PnYxXtMLlLtGkilCc00tx+qiaeJaKvaSm7eCviLJD
UghazrqkBrCglxlKETW3IWO/BRwjnLGhYekvSgN41iBj5+tgbYzcEvHy/ZkyRRpa
FyXE/Qx0HR+WZc1gJixtgJHUK6cs9VjhylrViOkI4PX+iEtD606V0dwkKoICSB+9
bVHJ2VqKzTM5r7rKZAqVHDk7nZ1q8cxRR7uOXd2zeTMemhwWuzGWX7N083xhz/WQ
4/FvGaIfSVl8kj+FCAptsXBncrfR08UIOsU=
-----END CERTIFICATE-----
Generated at Mon Nov 25 23:56:20 2024 by rpki-client on console-ams.rpki-client.org