Route Origin Authorization
$ rpki-client -vvf rpki.apernet.io/repo/APERNET/1/323430363a343434303a3a2f34342d3438203d3e203134363138.roa
File: 323430363a343434303a3a2f34342d3438203d3e203134363138.roa (raw, json)
Hash identifier: zzjAa1375lugS7WLL910yr8v1ytd05ZjcRaTjIgwtpc=
Subject key identifier: D5:F0:7C:C6:45:60:FC:F4:B1:4D:61:F1:66:3E:1B:B0:8B:6A:D6:C8
Certificate issuer: /CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Certificate serial: 61C04A3BCEEB42174BCAC7515031BB0EF692AA08
Authority key identifier: FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
Authority info access: rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject info access: rsync://rpki.apernet.io/repo/APERNET/1/323430363a343434303a3a2f34342d3438203d3e203134363138.roa
Signing time: Wed 26 Feb 2025 08:00:00 +0000
ROA not before: Wed 26 Feb 2025 07:55:00 +0000
ROA not after: Thu 26 Feb 2026 08:00:00 +0000
asID: 14618
IP address blocks: 2406:4440::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.mft
rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.crl
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WheWSLPvI2nc5721gUD_fccGCr8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 05 Apr 2025 12:00:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:c0:4a:3b:ce:eb:42:17:4b:ca:c7:51:50:31:bb:0e:f6:92:aa:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Validity
Not Before: Feb 26 07:55:00 2025 GMT
Not After : Feb 26 08:00:00 2026 GMT
Subject: CN=3082010A0282010100BAF490146B50199ECD600774EDF691E1BB0BF2291F817C88ACC97FAB2C017DBE12DE0C2588C38D6915C33A1231E7961108D0D49CC2DB0B8508F169E7D997518CBBF6560A05D6979DE1621FEB7EA0CE7F713BC5846B8AA59C786AD6094A57B9E2CCCA651B33C3ED165F592FEE257F844A882D51C71FC4082B04875A6980085C0A4FE145D083658B4F3736CA23237D6E7030987C06C9C5A8BBEE548ED3502C2CE0BD18CD8153DAB019212BC57ED3F5329F3334FCCA7D1F60B9C83F297951DF1212071CA75DF34F4B9DAA9664BA28136F36D77CE06FED6C5F64017C3E282DD9FB312DDE0C50CB6B9EE0A07306F15B24D6924DBBAF7C7F5636D4F15C7465600EFF2D0203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f4:90:14:6b:50:19:9e:cd:60:07:74:ed:f6:
91:e1:bb:0b:f2:29:1f:81:7c:88:ac:c9:7f:ab:2c:
01:7d:be:12:de:0c:25:88:c3:8d:69:15:c3:3a:12:
31:e7:96:11:08:d0:d4:9c:c2:db:0b:85:08:f1:69:
e7:d9:97:51:8c:bb:f6:56:0a:05:d6:97:9d:e1:62:
1f:eb:7e:a0:ce:7f:71:3b:c5:84:6b:8a:a5:9c:78:
6a:d6:09:4a:57:b9:e2:cc:ca:65:1b:33:c3:ed:16:
5f:59:2f:ee:25:7f:84:4a:88:2d:51:c7:1f:c4:08:
2b:04:87:5a:69:80:08:5c:0a:4f:e1:45:d0:83:65:
8b:4f:37:36:ca:23:23:7d:6e:70:30:98:7c:06:c9:
c5:a8:bb:ee:54:8e:d3:50:2c:2c:e0:bd:18:cd:81:
53:da:b0:19:21:2b:c5:7e:d3:f5:32:9f:33:34:fc:
ca:7d:1f:60:b9:c8:3f:29:79:51:df:12:12:07:1c:
a7:5d:f3:4f:4b:9d:aa:96:64:ba:28:13:6f:36:d7:
7c:e0:6f:ed:6c:5f:64:01:7c:3e:28:2d:d9:fb:31:
2d:de:0c:50:cb:6b:9e:e0:a0:73:06:f1:5b:24:d6:
92:4d:bb:af:7c:7f:56:36:d4:f1:5c:74:65:60:0e:
ff:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:F0:7C:C6:45:60:FC:F4:B1:4D:61:F1:66:3E:1B:B0:8B:6A:D6:C8
X509v3 Authority Key Identifier:
keyid:FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
Authority Information Access:
CA Issuers - URI:rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.apernet.io/repo/APERNET/1/323430363a343434303a3a2f34342d3438203d3e203134363138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:4440::/44
Signature Algorithm: sha256WithRSAEncryption
9d:54:fc:ff:6e:a0:f6:1d:e6:3a:6f:a8:e4:89:26:60:c8:93:
17:93:b6:a5:9f:56:67:a4:8e:b7:7f:3f:0d:73:8b:25:54:13:
9f:c7:04:d4:a6:30:1b:db:6e:d0:c6:44:74:60:12:24:ce:67:
1d:3e:a2:61:b8:ae:e8:b1:03:49:66:d8:3a:d5:16:a6:de:2c:
7e:00:eb:53:dd:95:40:0f:fa:1e:ac:60:b8:a5:eb:dc:39:85:
29:71:f6:30:32:dc:85:dd:eb:62:ef:3b:e5:53:46:21:32:f7:
a0:9e:7b:8a:af:4a:17:67:e7:49:ae:4c:56:68:b3:6c:59:5f:
fa:81:f3:ea:9d:8b:e5:c3:92:65:aa:4d:5b:ed:35:3f:b2:af:
3c:b2:6a:c1:35:b7:b5:7c:a1:2b:05:98:a5:0e:50:91:52:08:
47:ca:b1:e1:4a:2e:cf:00:1c:10:9a:ff:fa:4d:41:21:7b:40:
ec:11:07:98:84:d1:06:80:e6:58:98:9b:2f:8c:6c:ef:6e:c4:
4f:68:c1:da:88:b3:11:cc:e7:16:95:ed:06:de:6b:65:5e:5b:
a0:c5:5b:2c:01:54:3a:bc:6a:f6:a7:5a:35:6e:35:b1:07:e5:
42:b5:f3:79:5f:16:6f:00:67:fb:74:85:24:3f:6f:48:4b:3d:
93:a8:68:8f
-----BEGIN CERTIFICATE-----
MIIG1jCCBb6gAwIBAgIUYcBKO87rQhdLysdRUDG7DvaSqggwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkNCMTgwNUZBN0FFMjJENTY1RTBBNTAyRDA4RDM3RUIy
QkQ4MzdBNzAeFw0yNTAyMjYwNzU1MDBaFw0yNjAyMjYwODAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQkFGNDkwMTQ2QjUwMTk5RUNE
NjAwNzc0RURGNjkxRTFCQjBCRjIyOTFGODE3Qzg4QUNDOTdGQUIyQzAxN0RCRTEy
REUwQzI1ODhDMzhENjkxNUMzM0ExMjMxRTc5NjExMDhEMEQ0OUNDMkRCMEI4NTA4
RjE2OUU3RDk5NzUxOENCQkY2NTYwQTA1RDY5NzlERTE2MjFGRUI3RUEwQ0U3Rjcx
M0JDNTg0NkI4QUE1OUM3ODZBRDYwOTRBNTdCOUUyQ0NDQTY1MUIzM0MzRUQxNjVG
NTkyRkVFMjU3Rjg0NEE4ODJENTFDNzFGQzQwODJCMDQ4NzVBNjk4MDA4NUMwQTRG
RTE0NUQwODM2NThCNEYzNzM2Q0EyMzIzN0Q2RTcwMzA5ODdDMDZDOUM1QThCQkVF
NTQ4RUQzNTAyQzJDRTBCRDE4Q0Q4MTUzREFCMDE5MjEyQkM1N0VEM0Y1MzI5RjMz
MzRGQ0NBN0QxRjYwQjlDODNGMjk3OTUxREYxMjEyMDcxQ0E3NURGMzRGNEI5REFB
OTY2NEJBMjgxMzZGMzZENzdDRTA2RkVENkM1RjY0MDE3QzNFMjgyREQ5RkIzMTJE
REUwQzUwQ0I2QjlFRTBBMDczMDZGMTVCMjRENjkyNERCQkFGN0M3RjU2MzZENEYx
NUM3NDY1NjAwRUZGMkQwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAuvSQFGtQGZ7NYAd07faR4bsL8ikfgXyIrMl/qywBfb4S3gwliMON
aRXDOhIx55YRCNDUnMLbC4UI8Wnn2ZdRjLv2VgoF1ped4WIf636gzn9xO8WEa4ql
nHhq1glKV7nizMplGzPD7RZfWS/uJX+ESogtUccfxAgrBIdaaYAIXApP4UXQg2WL
Tzc2yiMjfW5wMJh8BsnFqLvuVI7TUCws4L0YzYFT2rAZISvFftP1Mp8zNPzKfR9g
ucg/KXlR3xISBxynXfNPS52qlmS6KBNvNtd84G/tbF9kAXw+KC3Z+zEt3gxQy2ue
4KBzBvFbJNaSTbuvfH9WNtTxXHRlYA7/LQIDAQABo4IB5DCCAeAwHQYDVR0OBBYE
FNXwfMZFYPz0sU1h8WY+G7CLatbIMB8GA1UdIwQYMBaAFPyxgF+nriLVZeClAtCN
N+sr2DenMA4GA1UdDwEB/wQEAwIHgDBkBgNVHR8EXTBbMFmgV6BVhlNyc3luYzov
L3Jwa2kuYXBlcm5ldC5pby9yZXBvL0FQRVJORVQvMS9GQ0IxODA1RkE3QUUyMkQ1
NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNybDBtBggrBgEFBQcBAQRhMF8wXQYI
KwYBBQUHMAKGUXJzeW5jOi8vc2FrdXlhLm5hdC5tb2UvcmVwby9OQVRPQ0EvMS9G
Q0IxODA1RkE3QUUyMkQ1NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNlcjB7Bggr
BgEFBQcBCwRvMG0wawYIKwYBBQUHMAuGX3JzeW5jOi8vcnBraS5hcGVybmV0Lmlv
L3JlcG8vQVBFUk5FVC8xLzMyMzQzMDM2M2EzNDM0MzQzMDNhM2EyZjM0MzQyZDM0
MzgyMDNkM2UyMDMxMzQzNjMxMzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQkBkRAAAAwDQYJKoZIhvcN
AQELBQADggEBAJ1U/P9uoPYd5jpvqOSJJmDIkxeTtqWfVmekjrd/Pw1ziyVUE5/H
BNSmMBvbbtDGRHRgEiTOZx0+omG4ruixA0lm2DrVFqbeLH4A61PdlUAP+h6sYLil
69w5hSlx9jAy3IXd62LvO+VTRiEy96Cee4qvShdn50muTFZos2xZX/qB8+qdi+XD
kmWqTVvtNT+yrzyyasE1t7V8oSsFmKUOUJFSCEfKseFKLs8AHBCa//pNQSF7QOwR
B5iE0QaA5liYmy+MbO9uxE9owdqIsxHM5xaV7Qbea2VeW6DFWywBVDq8avanWjVu
NbEH5UK183lfFm8AZ/t0hSQ/b0hLPZOoaI8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:26:55 2025 by rpki-client