Route Origin Authorization

$ rpki-client -vvf rpki.apernet.io/repo/APERNET/1/323430363a343434303a3a2f34342d3438203d3e203136353039.roa
File:                     323430363a343434303a3a2f34342d3438203d3e203136353039.roa (raw, json)
Hash identifier:          CfFGit4cz8Im152rFnV7muQ0Cl5ndiWxfPL70dNC/G0=
Subject key identifier:   99:91:B6:1B:28:25:75:72:D5:1C:49:BF:42:91:9F:93:D2:DA:9C:F7
Certificate issuer:       /CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Certificate serial:       5FA36DDB8F0EB6D16BAACBEB695669DD04A6F79E
Authority key identifier: FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
Authority info access:    rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject info access:      rsync://rpki.apernet.io/repo/APERNET/1/323430363a343434303a3a2f34342d3438203d3e203136353039.roa
Signing time:             Tue 26 Mar 2024 08:00:00 +0000
ROA not before:           Tue 26 Mar 2024 07:55:00 +0000
ROA not after:            Wed 26 Mar 2025 08:00:00 +0000
asID:                     16509
IP address blocks:        2406:4440::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
                          rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.mft
                          rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
                          rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.crl
                          rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WheWSLPvI2nc5721gUD_fccGCr8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 22 Nov 2024 04:32:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:a3:6d:db:8f:0e:b6:d1:6b:aa:cb:eb:69:56:69:dd:04:a6:f7:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
        Validity
            Not Before: Mar 26 07:55:00 2024 GMT
            Not After : Mar 26 08:00:00 2025 GMT
        Subject: CN=3082010A0282010100A7C5FD7EB4A4FD7AC7DFD0AF891B1F06513F1D9386685485A539ED1491E21382A45E4084B190CB5F42A41F567930C281F3EE1EA77C2889BC53B0D52DCD02C665460B2B3CE3D0B7B4ADABE7EA188807201DFB79E02F9AD9EF87B1EAFF2B91D7059DFF716DEAF783E7EB5838572C52970B988A771B29C07A1806AD7A93FEA0DB0D98813537D9B742A8F6704749F7A5F61B710650BCF67973D3D0D6162CDAD5BDAF1CEFDBAFED5B6AE268DE0CA347DB866C2DDFFF19A0146AC55988CEEFF3C5FE00ADBD1D6F246C4512C5F91E5AEE69457794773482D34DFB77AE73A0AB28DCB2F4ED93CAEDF77E476709B6634571CBCBFF0DDFBAD6A73DE07E1AC253A7C284A6530203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:c5:fd:7e:b4:a4:fd:7a:c7:df:d0:af:89:1b:
                    1f:06:51:3f:1d:93:86:68:54:85:a5:39:ed:14:91:
                    e2:13:82:a4:5e:40:84:b1:90:cb:5f:42:a4:1f:56:
                    79:30:c2:81:f3:ee:1e:a7:7c:28:89:bc:53:b0:d5:
                    2d:cd:02:c6:65:46:0b:2b:3c:e3:d0:b7:b4:ad:ab:
                    e7:ea:18:88:07:20:1d:fb:79:e0:2f:9a:d9:ef:87:
                    b1:ea:ff:2b:91:d7:05:9d:ff:71:6d:ea:f7:83:e7:
                    eb:58:38:57:2c:52:97:0b:98:8a:77:1b:29:c0:7a:
                    18:06:ad:7a:93:fe:a0:db:0d:98:81:35:37:d9:b7:
                    42:a8:f6:70:47:49:f7:a5:f6:1b:71:06:50:bc:f6:
                    79:73:d3:d0:d6:16:2c:da:d5:bd:af:1c:ef:db:af:
                    ed:5b:6a:e2:68:de:0c:a3:47:db:86:6c:2d:df:ff:
                    19:a0:14:6a:c5:59:88:ce:ef:f3:c5:fe:00:ad:bd:
                    1d:6f:24:6c:45:12:c5:f9:1e:5a:ee:69:45:77:94:
                    77:34:82:d3:4d:fb:77:ae:73:a0:ab:28:dc:b2:f4:
                    ed:93:ca:ed:f7:7e:47:67:09:b6:63:45:71:cb:cb:
                    ff:0d:df:ba:d6:a7:3d:e0:7e:1a:c2:53:a7:c2:84:
                    a6:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:91:B6:1B:28:25:75:72:D5:1C:49:BF:42:91:9F:93:D2:DA:9C:F7
            X509v3 Authority Key Identifier:
                keyid:FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apernet.io/repo/APERNET/1/323430363a343434303a3a2f34342d3438203d3e203136353039.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:4440::/44

    Signature Algorithm: sha256WithRSAEncryption
         46:30:ee:d6:a9:3f:a4:f4:d2:e0:4a:73:d7:ed:9b:05:63:91:
         2a:c4:cd:f2:44:23:56:81:e5:2f:15:d6:e8:7b:2a:aa:d2:94:
         34:11:4c:ba:65:bd:b8:72:4e:d2:73:54:09:af:95:ef:5b:18:
         a5:1f:4b:91:72:f1:aa:95:50:8b:a1:0f:53:83:82:3b:29:af:
         c8:7f:e9:5a:21:58:c9:75:0e:c8:ba:8d:85:2f:57:d2:98:45:
         c2:80:5e:de:77:b3:3b:e5:60:47:3c:2b:7c:31:a3:e0:a4:97:
         0c:31:ad:f4:7a:ba:cd:cb:c3:a5:57:5e:e7:4d:a0:6c:79:9f:
         e2:a9:39:b2:4e:b1:62:97:19:b7:66:2a:13:1d:2a:37:6e:02:
         f5:0b:6d:e9:2a:03:ce:93:6a:ef:48:56:b9:43:a2:e0:c6:5e:
         56:23:89:a0:f0:0b:54:2a:b0:36:f7:56:da:87:d4:6a:c8:7a:
         4c:f9:c8:02:91:90:53:6c:9d:3d:82:82:1d:1b:11:60:42:1d:
         d6:7e:5e:01:d3:b0:1c:b3:a5:77:32:2c:8e:c3:4a:9b:06:86:
         3e:db:43:db:6d:e2:ac:64:07:fb:62:9e:52:99:b1:fc:a2:a1:
         e7:f3:9c:ca:d1:00:36:67:e1:d0:6e:07:d0:dd:d5:19:28:4e:
         2f:3d:11:eb
-----BEGIN CERTIFICATE-----
MIIG1jCCBb6gAwIBAgIUX6Nt248OttFrqsvraVZp3QSm954wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkNCMTgwNUZBN0FFMjJENTY1RTBBNTAyRDA4RDM3RUIy
QkQ4MzdBNzAeFw0yNDAzMjYwNzU1MDBaFw0yNTAzMjYwODAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQTdDNUZEN0VCNEE0RkQ3QUM3
REZEMEFGODkxQjFGMDY1MTNGMUQ5Mzg2Njg1NDg1QTUzOUVEMTQ5MUUyMTM4MkE0
NUU0MDg0QjE5MENCNUY0MkE0MUY1Njc5MzBDMjgxRjNFRTFFQTc3QzI4ODlCQzUz
QjBENTJEQ0QwMkM2NjU0NjBCMkIzQ0UzRDBCN0I0QURBQkU3RUExODg4MDcyMDFE
RkI3OUUwMkY5QUQ5RUY4N0IxRUFGRjJCOTFENzA1OURGRjcxNkRFQUY3ODNFN0VC
NTgzODU3MkM1Mjk3MEI5ODhBNzcxQjI5QzA3QTE4MDZBRDdBOTNGRUEwREIwRDk4
ODEzNTM3RDlCNzQyQThGNjcwNDc0OUY3QTVGNjFCNzEwNjUwQkNGNjc5NzNEM0Qw
RDYxNjJDREFENUJEQUYxQ0VGREJBRkVENUI2QUUyNjhERTBDQTM0N0RCODY2QzJE
REZGRjE5QTAxNDZBQzU1OTg4Q0VFRkYzQzVGRTAwQURCRDFENkYyNDZDNDUxMkM1
RjkxRTVBRUU2OTQ1Nzc5NDc3MzQ4MkQzNERGQjc3QUU3M0EwQUIyOERDQjJGNEVE
OTNDQUVERjc3RTQ3NjcwOUI2NjM0NTcxQ0JDQkZGMERERkJBRDZBNzNERTA3RTFB
QzI1M0E3QzI4NEE2NTMwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAp8X9frSk/XrH39CviRsfBlE/HZOGaFSFpTntFJHiE4KkXkCEsZDL
X0KkH1Z5MMKB8+4ep3woibxTsNUtzQLGZUYLKzzj0Le0ravn6hiIByAd+3ngL5rZ
74ex6v8rkdcFnf9xber3g+frWDhXLFKXC5iKdxspwHoYBq16k/6g2w2YgTU32bdC
qPZwR0n3pfYbcQZQvPZ5c9PQ1hYs2tW9rxzv26/tW2riaN4Mo0fbhmwt3/8ZoBRq
xVmIzu/zxf4Arb0dbyRsRRLF+R5a7mlFd5R3NILTTft3rnOgqyjcsvTtk8rt935H
Zwm2Y0Vxy8v/Dd+61qc94H4awlOnwoSmUwIDAQABo4IB5DCCAeAwHQYDVR0OBBYE
FJmRthsoJXVy1RxJv0KRn5PS2pz3MB8GA1UdIwQYMBaAFPyxgF+nriLVZeClAtCN
N+sr2DenMA4GA1UdDwEB/wQEAwIHgDBkBgNVHR8EXTBbMFmgV6BVhlNyc3luYzov
L3Jwa2kuYXBlcm5ldC5pby9yZXBvL0FQRVJORVQvMS9GQ0IxODA1RkE3QUUyMkQ1
NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNybDBtBggrBgEFBQcBAQRhMF8wXQYI
KwYBBQUHMAKGUXJzeW5jOi8vc2FrdXlhLm5hdC5tb2UvcmVwby9OQVRPQ0EvMS9G
Q0IxODA1RkE3QUUyMkQ1NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNlcjB7Bggr
BgEFBQcBCwRvMG0wawYIKwYBBQUHMAuGX3JzeW5jOi8vcnBraS5hcGVybmV0Lmlv
L3JlcG8vQVBFUk5FVC8xLzMyMzQzMDM2M2EzNDM0MzQzMDNhM2EyZjM0MzQyZDM0
MzgyMDNkM2UyMDMxMzYzNTMwMzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQkBkRAAAAwDQYJKoZIhvcN
AQELBQADggEBAEYw7tapP6T00uBKc9ftmwVjkSrEzfJEI1aB5S8V1uh7KqrSlDQR
TLplvbhyTtJzVAmvle9bGKUfS5Fy8aqVUIuhD1ODgjspr8h/6VohWMl1Dsi6jYUv
V9KYRcKAXt53szvlYEc8K3wxo+CklwwxrfR6us3Lw6VXXudNoGx5n+KpObJOsWKX
GbdmKhMdKjduAvULbekqA86Tau9IVrlDouDGXlYjiaDwC1QqsDb3VtqH1GrIekz5
yAKRkFNsnT2Cgh0bEWBCHdZ+XgHTsByzpXcyLI7DSpsGhj7bQ9tt4qxkB/tinlKZ
sfyioefznMrRADZn4dBuB9Dd1RkoTi89Ees=
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:50:39 2024 by rpki-client on console-ams.rpki-client.org