Route Origin Authorization
$ rpki-client -vvf rpki.apernet.io/repo/APERNET/1/323430363a343434303a3a2f34342d3438203d3e203136353039.roa
File: 323430363a343434303a3a2f34342d3438203d3e203136353039.roa (raw, json)
Hash identifier: CfFGit4cz8Im152rFnV7muQ0Cl5ndiWxfPL70dNC/G0=
Subject key identifier: 99:91:B6:1B:28:25:75:72:D5:1C:49:BF:42:91:9F:93:D2:DA:9C:F7
Certificate issuer: /CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Certificate serial: 5FA36DDB8F0EB6D16BAACBEB695669DD04A6F79E
Authority key identifier: FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
Authority info access: rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject info access: rsync://rpki.apernet.io/repo/APERNET/1/323430363a343434303a3a2f34342d3438203d3e203136353039.roa
Signing time: Tue 26 Mar 2024 08:00:00 +0000
ROA not before: Tue 26 Mar 2024 07:55:00 +0000
ROA not after: Wed 26 Mar 2025 08:00:00 +0000
asID: 16509
IP address blocks: 2406:4440::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.mft
rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.crl
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WheWSLPvI2nc5721gUD_fccGCr8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 19 Apr 2024 09:42:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:a3:6d:db:8f:0e:b6:d1:6b:aa:cb:eb:69:56:69:dd:04:a6:f7:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Validity
Not Before: Mar 26 07:55:00 2024 GMT
Not After : Mar 26 08:00:00 2025 GMT
Subject: CN=3082010A0282010100A7C5FD7EB4A4FD7AC7DFD0AF891B1F06513F1D9386685485A539ED1491E21382A45E4084B190CB5F42A41F567930C281F3EE1EA77C2889BC53B0D52DCD02C665460B2B3CE3D0B7B4ADABE7EA188807201DFB79E02F9AD9EF87B1EAFF2B91D7059DFF716DEAF783E7EB5838572C52970B988A771B29C07A1806AD7A93FEA0DB0D98813537D9B742A8F6704749F7A5F61B710650BCF67973D3D0D6162CDAD5BDAF1CEFDBAFED5B6AE268DE0CA347DB866C2DDFFF19A0146AC55988CEEFF3C5FE00ADBD1D6F246C4512C5F91E5AEE69457794773482D34DFB77AE73A0AB28DCB2F4ED93CAEDF77E476709B6634571CBCBFF0DDFBAD6A73DE07E1AC253A7C284A6530203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c5:fd:7e:b4:a4:fd:7a:c7:df:d0:af:89:1b:
1f:06:51:3f:1d:93:86:68:54:85:a5:39:ed:14:91:
e2:13:82:a4:5e:40:84:b1:90:cb:5f:42:a4:1f:56:
79:30:c2:81:f3:ee:1e:a7:7c:28:89:bc:53:b0:d5:
2d:cd:02:c6:65:46:0b:2b:3c:e3:d0:b7:b4:ad:ab:
e7:ea:18:88:07:20:1d:fb:79:e0:2f:9a:d9:ef:87:
b1:ea:ff:2b:91:d7:05:9d:ff:71:6d:ea:f7:83:e7:
eb:58:38:57:2c:52:97:0b:98:8a:77:1b:29:c0:7a:
18:06:ad:7a:93:fe:a0:db:0d:98:81:35:37:d9:b7:
42:a8:f6:70:47:49:f7:a5:f6:1b:71:06:50:bc:f6:
79:73:d3:d0:d6:16:2c:da:d5:bd:af:1c:ef:db:af:
ed:5b:6a:e2:68:de:0c:a3:47:db:86:6c:2d:df:ff:
19:a0:14:6a:c5:59:88:ce:ef:f3:c5:fe:00:ad:bd:
1d:6f:24:6c:45:12:c5:f9:1e:5a:ee:69:45:77:94:
77:34:82:d3:4d:fb:77:ae:73:a0:ab:28:dc:b2:f4:
ed:93:ca:ed:f7:7e:47:67:09:b6:63:45:71:cb:cb:
ff:0d:df:ba:d6:a7:3d:e0:7e:1a:c2:53:a7:c2:84:
a6:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:91:B6:1B:28:25:75:72:D5:1C:49:BF:42:91:9F:93:D2:DA:9C:F7
X509v3 Authority Key Identifier:
keyid:FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
Authority Information Access:
CA Issuers - URI:rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.apernet.io/repo/APERNET/1/323430363a343434303a3a2f34342d3438203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:4440::/44
Signature Algorithm: sha256WithRSAEncryption
46:30:ee:d6:a9:3f:a4:f4:d2:e0:4a:73:d7:ed:9b:05:63:91:
2a:c4:cd:f2:44:23:56:81:e5:2f:15:d6:e8:7b:2a:aa:d2:94:
34:11:4c:ba:65:bd:b8:72:4e:d2:73:54:09:af:95:ef:5b:18:
a5:1f:4b:91:72:f1:aa:95:50:8b:a1:0f:53:83:82:3b:29:af:
c8:7f:e9:5a:21:58:c9:75:0e:c8:ba:8d:85:2f:57:d2:98:45:
c2:80:5e:de:77:b3:3b:e5:60:47:3c:2b:7c:31:a3:e0:a4:97:
0c:31:ad:f4:7a:ba:cd:cb:c3:a5:57:5e:e7:4d:a0:6c:79:9f:
e2:a9:39:b2:4e:b1:62:97:19:b7:66:2a:13:1d:2a:37:6e:02:
f5:0b:6d:e9:2a:03:ce:93:6a:ef:48:56:b9:43:a2:e0:c6:5e:
56:23:89:a0:f0:0b:54:2a:b0:36:f7:56:da:87:d4:6a:c8:7a:
4c:f9:c8:02:91:90:53:6c:9d:3d:82:82:1d:1b:11:60:42:1d:
d6:7e:5e:01:d3:b0:1c:b3:a5:77:32:2c:8e:c3:4a:9b:06:86:
3e:db:43:db:6d:e2:ac:64:07:fb:62:9e:52:99:b1:fc:a2:a1:
e7:f3:9c:ca:d1:00:36:67:e1:d0:6e:07:d0:dd:d5:19:28:4e:
2f:3d:11:eb
-----BEGIN CERTIFICATE-----
MIIG1jCCBb6gAwIBAgIUX6Nt248OttFrqsvraVZp3QSm954wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkNCMTgwNUZBN0FFMjJENTY1RTBBNTAyRDA4RDM3RUIy
QkQ4MzdBNzAeFw0yNDAzMjYwNzU1MDBaFw0yNTAzMjYwODAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQTdDNUZEN0VCNEE0RkQ3QUM3
REZEMEFGODkxQjFGMDY1MTNGMUQ5Mzg2Njg1NDg1QTUzOUVEMTQ5MUUyMTM4MkE0
NUU0MDg0QjE5MENCNUY0MkE0MUY1Njc5MzBDMjgxRjNFRTFFQTc3QzI4ODlCQzUz
QjBENTJEQ0QwMkM2NjU0NjBCMkIzQ0UzRDBCN0I0QURBQkU3RUExODg4MDcyMDFE
RkI3OUUwMkY5QUQ5RUY4N0IxRUFGRjJCOTFENzA1OURGRjcxNkRFQUY3ODNFN0VC
NTgzODU3MkM1Mjk3MEI5ODhBNzcxQjI5QzA3QTE4MDZBRDdBOTNGRUEwREIwRDk4
ODEzNTM3RDlCNzQyQThGNjcwNDc0OUY3QTVGNjFCNzEwNjUwQkNGNjc5NzNEM0Qw
RDYxNjJDREFENUJEQUYxQ0VGREJBRkVENUI2QUUyNjhERTBDQTM0N0RCODY2QzJE
REZGRjE5QTAxNDZBQzU1OTg4Q0VFRkYzQzVGRTAwQURCRDFENkYyNDZDNDUxMkM1
RjkxRTVBRUU2OTQ1Nzc5NDc3MzQ4MkQzNERGQjc3QUU3M0EwQUIyOERDQjJGNEVE
OTNDQUVERjc3RTQ3NjcwOUI2NjM0NTcxQ0JDQkZGMERERkJBRDZBNzNERTA3RTFB
QzI1M0E3QzI4NEE2NTMwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAp8X9frSk/XrH39CviRsfBlE/HZOGaFSFpTntFJHiE4KkXkCEsZDL
X0KkH1Z5MMKB8+4ep3woibxTsNUtzQLGZUYLKzzj0Le0ravn6hiIByAd+3ngL5rZ
74ex6v8rkdcFnf9xber3g+frWDhXLFKXC5iKdxspwHoYBq16k/6g2w2YgTU32bdC
qPZwR0n3pfYbcQZQvPZ5c9PQ1hYs2tW9rxzv26/tW2riaN4Mo0fbhmwt3/8ZoBRq
xVmIzu/zxf4Arb0dbyRsRRLF+R5a7mlFd5R3NILTTft3rnOgqyjcsvTtk8rt935H
Zwm2Y0Vxy8v/Dd+61qc94H4awlOnwoSmUwIDAQABo4IB5DCCAeAwHQYDVR0OBBYE
FJmRthsoJXVy1RxJv0KRn5PS2pz3MB8GA1UdIwQYMBaAFPyxgF+nriLVZeClAtCN
N+sr2DenMA4GA1UdDwEB/wQEAwIHgDBkBgNVHR8EXTBbMFmgV6BVhlNyc3luYzov
L3Jwa2kuYXBlcm5ldC5pby9yZXBvL0FQRVJORVQvMS9GQ0IxODA1RkE3QUUyMkQ1
NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNybDBtBggrBgEFBQcBAQRhMF8wXQYI
KwYBBQUHMAKGUXJzeW5jOi8vc2FrdXlhLm5hdC5tb2UvcmVwby9OQVRPQ0EvMS9G
Q0IxODA1RkE3QUUyMkQ1NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNlcjB7Bggr
BgEFBQcBCwRvMG0wawYIKwYBBQUHMAuGX3JzeW5jOi8vcnBraS5hcGVybmV0Lmlv
L3JlcG8vQVBFUk5FVC8xLzMyMzQzMDM2M2EzNDM0MzQzMDNhM2EyZjM0MzQyZDM0
MzgyMDNkM2UyMDMxMzYzNTMwMzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQkBkRAAAAwDQYJKoZIhvcN
AQELBQADggEBAEYw7tapP6T00uBKc9ftmwVjkSrEzfJEI1aB5S8V1uh7KqrSlDQR
TLplvbhyTtJzVAmvle9bGKUfS5Fy8aqVUIuhD1ODgjspr8h/6VohWMl1Dsi6jYUv
V9KYRcKAXt53szvlYEc8K3wxo+CklwwxrfR6us3Lw6VXXudNoGx5n+KpObJOsWKX
GbdmKhMdKjduAvULbekqA86Tau9IVrlDouDGXlYjiaDwC1QqsDb3VtqH1GrIekz5
yAKRkFNsnT2Cgh0bEWBCHdZ+XgHTsByzpXcyLI7DSpsGhj7bQ9tt4qxkB/tinlKZ
sfyioefznMrRADZn4dBuB9Dd1RkoTi89Ees=
-----END CERTIFICATE-----
Generated at Thu Apr 18 14:07:20 2024 by rpki-client on console-ams.rpki-client.org