Route Origin Authorization

$ rpki-client -vvf rpki.apernet.io/repo/APERNET/1/323430363a343434303a3a2f34342d3438203d3e203134363138.roa
File:                     323430363a343434303a3a2f34342d3438203d3e203134363138.roa (raw, json)
Hash identifier:          49L2LQW9c5IgH7Ybceennr8SuvgOI0+ebX5fXGXjg00=
Subject key identifier:   73:C3:4B:AF:54:CC:CB:76:D3:CB:1C:AA:EC:23:B5:AA:14:D8:A9:0E
Certificate issuer:       /CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Certificate serial:       3588D40DB96CE5F2BD5C096A573F52A0EAA19F5F
Authority key identifier: FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
Authority info access:    rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject info access:      rsync://rpki.apernet.io/repo/APERNET/1/323430363a343434303a3a2f34342d3438203d3e203134363138.roa
Signing time:             Tue 26 Mar 2024 08:00:00 +0000
ROA not before:           Tue 26 Mar 2024 07:55:00 +0000
ROA not after:            Wed 26 Mar 2025 08:00:00 +0000
asID:                     14618
IP address blocks:        2406:4440::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
                          rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.mft
                          rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
                          rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.crl
                          rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WheWSLPvI2nc5721gUD_fccGCr8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 22 Nov 2024 04:32:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:88:d4:0d:b9:6c:e5:f2:bd:5c:09:6a:57:3f:52:a0:ea:a1:9f:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
        Validity
            Not Before: Mar 26 07:55:00 2024 GMT
            Not After : Mar 26 08:00:00 2025 GMT
        Subject: CN=3082010A0282010100B2D131966F3948BEAFE98CFED6515E7CE0D81D6CFCA1838FD0E37B6D2246F77FEC4BD8B8AC3C0481820C5E17E10F223CDE6D54DC97FF3F8B9D391E3E2B363C473D2D2AAD6B2B58C9C6431DCAA2077E710116B766E19E89DF2AAE399A1877B26433D82B6AF46A323A3465A0B01EF0846228DE831EC6281AC2D8D41205082E327C33D06DD5DAAE7A7BEAC642074C09798F8E541AE759827F6FF0D4F2EBACEABB059DCCBC1425353760F62754EFBABFAA08B84E5FA7295095AE3C2D1E080935C9D79370027456C2679210BA71C3D00218ADC0676B18899A16D1122FB2808F36A2B5321783EC87DD31042B393AD39FC72B9D353081E3E0D2F54D8CC7D08A53B835CD0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:d1:31:96:6f:39:48:be:af:e9:8c:fe:d6:51:
                    5e:7c:e0:d8:1d:6c:fc:a1:83:8f:d0:e3:7b:6d:22:
                    46:f7:7f:ec:4b:d8:b8:ac:3c:04:81:82:0c:5e:17:
                    e1:0f:22:3c:de:6d:54:dc:97:ff:3f:8b:9d:39:1e:
                    3e:2b:36:3c:47:3d:2d:2a:ad:6b:2b:58:c9:c6:43:
                    1d:ca:a2:07:7e:71:01:16:b7:66:e1:9e:89:df:2a:
                    ae:39:9a:18:77:b2:64:33:d8:2b:6a:f4:6a:32:3a:
                    34:65:a0:b0:1e:f0:84:62:28:de:83:1e:c6:28:1a:
                    c2:d8:d4:12:05:08:2e:32:7c:33:d0:6d:d5:da:ae:
                    7a:7b:ea:c6:42:07:4c:09:79:8f:8e:54:1a:e7:59:
                    82:7f:6f:f0:d4:f2:eb:ac:ea:bb:05:9d:cc:bc:14:
                    25:35:37:60:f6:27:54:ef:ba:bf:aa:08:b8:4e:5f:
                    a7:29:50:95:ae:3c:2d:1e:08:09:35:c9:d7:93:70:
                    02:74:56:c2:67:92:10:ba:71:c3:d0:02:18:ad:c0:
                    67:6b:18:89:9a:16:d1:12:2f:b2:80:8f:36:a2:b5:
                    32:17:83:ec:87:dd:31:04:2b:39:3a:d3:9f:c7:2b:
                    9d:35:30:81:e3:e0:d2:f5:4d:8c:c7:d0:8a:53:b8:
                    35:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:C3:4B:AF:54:CC:CB:76:D3:CB:1C:AA:EC:23:B5:AA:14:D8:A9:0E
            X509v3 Authority Key Identifier:
                keyid:FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apernet.io/repo/APERNET/1/323430363a343434303a3a2f34342d3438203d3e203134363138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:4440::/44

    Signature Algorithm: sha256WithRSAEncryption
         5a:51:9b:af:ac:92:8d:34:6c:3f:53:4a:2b:d2:83:8d:a0:90:
         ae:73:93:33:61:24:92:1a:d2:06:c8:58:50:6a:aa:a7:d7:a6:
         c9:24:60:63:a6:11:8f:e5:c3:4e:6b:7f:74:7e:87:e0:64:f0:
         da:63:fa:b6:4e:7b:78:78:2c:8d:5f:71:c6:2b:e6:d7:e4:d2:
         7f:c4:82:2b:4e:bf:82:c6:78:70:01:65:34:a5:5e:d5:8e:00:
         0e:b8:ac:56:8c:e8:00:9d:64:d8:6e:2a:39:c9:b5:04:bb:6b:
         6c:58:c4:78:17:4c:3c:29:c8:f0:d2:dd:4b:b7:07:c9:29:ff:
         f1:b7:40:0b:2f:e9:db:fd:69:bb:22:c5:4c:c6:5f:cf:fd:76:
         2a:fc:4f:f0:cf:e9:fc:54:f5:11:57:a9:2a:87:45:aa:c7:91:
         6f:ac:bd:60:2a:92:94:39:a0:2c:e5:aa:3d:11:f1:98:d1:c2:
         70:63:48:92:85:4c:98:05:5e:44:7b:cc:2c:c0:37:5b:35:5f:
         32:d7:3a:7a:8a:cc:1c:bb:7b:df:cb:b2:8d:ed:db:1e:b0:9c:
         47:d7:ea:a2:68:72:53:d6:df:a3:81:37:87:94:60:70:a3:9e:
         c3:38:b0:1b:ac:91:57:ed:ef:ef:47:0b:a5:38:99:9f:7e:cf:
         c0:f5:ee:18
-----BEGIN CERTIFICATE-----
MIIG1jCCBb6gAwIBAgIUNYjUDbls5fK9XAlqVz9SoOqhn18wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkNCMTgwNUZBN0FFMjJENTY1RTBBNTAyRDA4RDM3RUIy
QkQ4MzdBNzAeFw0yNDAzMjYwNzU1MDBaFw0yNTAzMjYwODAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQjJEMTMxOTY2RjM5NDhCRUFG
RTk4Q0ZFRDY1MTVFN0NFMEQ4MUQ2Q0ZDQTE4MzhGRDBFMzdCNkQyMjQ2Rjc3RkVD
NEJEOEI4QUMzQzA0ODE4MjBDNUUxN0UxMEYyMjNDREU2RDU0REM5N0ZGM0Y4QjlE
MzkxRTNFMkIzNjNDNDczRDJEMkFBRDZCMkI1OEM5QzY0MzFEQ0FBMjA3N0U3MTAx
MTZCNzY2RTE5RTg5REYyQUFFMzk5QTE4NzdCMjY0MzNEODJCNkFGNDZBMzIzQTM0
NjVBMEIwMUVGMDg0NjIyOERFODMxRUM2MjgxQUMyRDhENDEyMDUwODJFMzI3QzMz
RDA2REQ1REFBRTdBN0JFQUM2NDIwNzRDMDk3OThGOEU1NDFBRTc1OTgyN0Y2RkYw
RDRGMkVCQUNFQUJCMDU5RENDQkMxNDI1MzUzNzYwRjYyNzU0RUZCQUJGQUEwOEI4
NEU1RkE3Mjk1MDk1QUUzQzJEMUUwODA5MzVDOUQ3OTM3MDAyNzQ1NkMyNjc5MjEw
QkE3MUMzRDAwMjE4QURDMDY3NkIxODg5OUExNkQxMTIyRkIyODA4RjM2QTJCNTMy
MTc4M0VDODdERDMxMDQyQjM5M0FEMzlGQzcyQjlEMzUzMDgxRTNFMEQyRjU0RDhD
QzdEMDhBNTNCODM1Q0QwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAstExlm85SL6v6Yz+1lFefODYHWz8oYOP0ON7bSJG93/sS9i4rDwE
gYIMXhfhDyI83m1U3Jf/P4udOR4+KzY8Rz0tKq1rK1jJxkMdyqIHfnEBFrdm4Z6J
3yquOZoYd7JkM9gravRqMjo0ZaCwHvCEYijegx7GKBrC2NQSBQguMnwz0G3V2q56
e+rGQgdMCXmPjlQa51mCf2/w1PLrrOq7BZ3MvBQlNTdg9idU77q/qgi4Tl+nKVCV
rjwtHggJNcnXk3ACdFbCZ5IQunHD0AIYrcBnaxiJmhbREi+ygI82orUyF4Psh90x
BCs5OtOfxyudNTCB4+DS9U2Mx9CKU7g1zQIDAQABo4IB5DCCAeAwHQYDVR0OBBYE
FHPDS69UzMt208scquwjtaoU2KkOMB8GA1UdIwQYMBaAFPyxgF+nriLVZeClAtCN
N+sr2DenMA4GA1UdDwEB/wQEAwIHgDBkBgNVHR8EXTBbMFmgV6BVhlNyc3luYzov
L3Jwa2kuYXBlcm5ldC5pby9yZXBvL0FQRVJORVQvMS9GQ0IxODA1RkE3QUUyMkQ1
NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNybDBtBggrBgEFBQcBAQRhMF8wXQYI
KwYBBQUHMAKGUXJzeW5jOi8vc2FrdXlhLm5hdC5tb2UvcmVwby9OQVRPQ0EvMS9G
Q0IxODA1RkE3QUUyMkQ1NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNlcjB7Bggr
BgEFBQcBCwRvMG0wawYIKwYBBQUHMAuGX3JzeW5jOi8vcnBraS5hcGVybmV0Lmlv
L3JlcG8vQVBFUk5FVC8xLzMyMzQzMDM2M2EzNDM0MzQzMDNhM2EyZjM0MzQyZDM0
MzgyMDNkM2UyMDMxMzQzNjMxMzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQkBkRAAAAwDQYJKoZIhvcN
AQELBQADggEBAFpRm6+sko00bD9TSivSg42gkK5zkzNhJJIa0gbIWFBqqqfXpskk
YGOmEY/lw05rf3R+h+Bk8Npj+rZOe3h4LI1fccYr5tfk0n/EgitOv4LGeHABZTSl
XtWOAA64rFaM6ACdZNhuKjnJtQS7a2xYxHgXTDwpyPDS3Uu3B8kp//G3QAsv6dv9
absixUzGX8/9dir8T/DP6fxU9RFXqSqHRarHkW+svWAqkpQ5oCzlqj0R8ZjRwnBj
SJKFTJgFXkR7zCzAN1s1XzLXOnqKzBy7e9/Lso3t2x6wnEfX6qJoclPW36OBN4eU
YHCjnsM4sBuskVft7+9HC6U4mZ9+z8D17hg=
-----END CERTIFICATE-----
Generated at Thu Nov 21 17:28:40 2024 by rpki-client on console-fra.rpki-client.org