Route Origin Authorization
$ rpki-client -vvf rpki.apernet.io/repo/APERNET/1/323430363a343434303a3a2f34342d3438203d3e203338303038.roa
File: 323430363a343434303a3a2f34342d3438203d3e203338303038.roa (raw, json)
Hash identifier: pQK9jxtNXa4vbFwT34ESWxnCP+0ul/B5K896H7Ww21M=
Subject key identifier: 77:8A:3A:50:7E:4C:A9:79:CC:8C:2A:E1:45:50:12:6A:A5:82:5F:77
Certificate issuer: /CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Certificate serial: 2E0217BF5E98AE73C1DD86468F18489B6C7B01D1
Authority key identifier: FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
Authority info access: rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject info access: rsync://rpki.apernet.io/repo/APERNET/1/323430363a343434303a3a2f34342d3438203d3e203338303038.roa
Signing time: Wed 26 Feb 2025 08:00:01 +0000
ROA not before: Wed 26 Feb 2025 07:55:01 +0000
ROA not after: Thu 26 Feb 2026 08:00:01 +0000
asID: 38008
IP address blocks: 2406:4440::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.mft
rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.crl
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WheWSLPvI2nc5721gUD_fccGCr8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 06 Apr 2025 05:00:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:02:17:bf:5e:98:ae:73:c1:dd:86:46:8f:18:48:9b:6c:7b:01:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Validity
Not Before: Feb 26 07:55:01 2025 GMT
Not After : Feb 26 08:00:01 2026 GMT
Subject: CN=3082010A0282010100C2121BD281FEB564D2A2BFEBACE0EF3F0A7DE138754DA9FCFFE6302B6CEF3E79883DFB6DE2CE050AA48515308360E931D5EA48F588A4E5C0F31B399FBE79E3A52B7B5A99738B6ADBC18CE32CDCFB06CD74113AAAB0B76B86AB92FC6E1024A6C34E9AC761BBCF5297EEAD5CAEBAE169AB1FEBC44942098389CE7A4157FEA099CB462D9AA91043A4E215F55D06095F8E9AE794F18C0EFB0388BDDB2E3989400F84035633D5BBBCF8CC65A05FF42E3239233317628F2EE9ABBA9FC9D6BAE4C219C7B1B191FCC32F1FCECC72069720774EE302A5755EDBEE5D33B9B567DECC58D15093700849F8ACC1CD9CD70D73ECFECABD5BEC1793ADC63FF783DF6EC060D0EE7B0203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:12:1b:d2:81:fe:b5:64:d2:a2:bf:eb:ac:e0:
ef:3f:0a:7d:e1:38:75:4d:a9:fc:ff:e6:30:2b:6c:
ef:3e:79:88:3d:fb:6d:e2:ce:05:0a:a4:85:15:30:
83:60:e9:31:d5:ea:48:f5:88:a4:e5:c0:f3:1b:39:
9f:be:79:e3:a5:2b:7b:5a:99:73:8b:6a:db:c1:8c:
e3:2c:dc:fb:06:cd:74:11:3a:aa:b0:b7:6b:86:ab:
92:fc:6e:10:24:a6:c3:4e:9a:c7:61:bb:cf:52:97:
ee:ad:5c:ae:ba:e1:69:ab:1f:eb:c4:49:42:09:83:
89:ce:7a:41:57:fe:a0:99:cb:46:2d:9a:a9:10:43:
a4:e2:15:f5:5d:06:09:5f:8e:9a:e7:94:f1:8c:0e:
fb:03:88:bd:db:2e:39:89:40:0f:84:03:56:33:d5:
bb:bc:f8:cc:65:a0:5f:f4:2e:32:39:23:33:17:62:
8f:2e:e9:ab:ba:9f:c9:d6:ba:e4:c2:19:c7:b1:b1:
91:fc:c3:2f:1f:ce:cc:72:06:97:20:77:4e:e3:02:
a5:75:5e:db:ee:5d:33:b9:b5:67:de:cc:58:d1:50:
93:70:08:49:f8:ac:c1:cd:9c:d7:0d:73:ec:fe:ca:
bd:5b:ec:17:93:ad:c6:3f:f7:83:df:6e:c0:60:d0:
ee:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:8A:3A:50:7E:4C:A9:79:CC:8C:2A:E1:45:50:12:6A:A5:82:5F:77
X509v3 Authority Key Identifier:
keyid:FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
Authority Information Access:
CA Issuers - URI:rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.apernet.io/repo/APERNET/1/323430363a343434303a3a2f34342d3438203d3e203338303038.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:4440::/44
Signature Algorithm: sha256WithRSAEncryption
30:df:00:8a:a2:bb:e2:41:25:b3:6c:7d:e6:cb:25:5a:f4:b7:
74:58:ca:fa:8d:11:4e:2a:97:fe:89:c0:fa:63:8c:59:b1:ba:
b3:1b:6d:a4:39:4b:73:a6:48:e4:63:49:56:56:6f:8a:4b:90:
54:b9:31:e9:a5:98:8e:48:9d:98:3e:96:55:a2:77:58:ad:3e:
7a:b2:4e:68:de:3f:67:c5:18:e0:94:d1:11:4c:c4:1e:ab:94:
9a:0c:49:46:a0:ae:e1:f4:de:a2:8c:38:f8:50:47:82:1b:6a:
f4:e5:d6:06:bc:f0:07:d1:b2:6f:f2:d2:7e:cc:de:72:f0:4e:
95:43:7b:56:fe:99:5c:cb:c4:6b:ed:dd:fe:91:09:79:00:88:
3e:10:ac:10:a4:e9:ba:1b:cd:91:87:09:19:4d:fe:5c:6d:5e:
a3:0e:f8:66:f0:9f:a5:6d:9f:24:4e:8a:82:68:69:7c:ad:f4:
d7:fc:35:58:71:3e:66:a5:22:28:3f:88:bb:81:01:ad:ff:d6:
7b:bc:45:63:34:1c:c4:74:22:56:fe:43:6a:a5:f7:9f:ba:c6:
cb:46:36:54:f9:62:60:74:30:80:17:a4:5e:55:93:7f:e3:ae:
96:3a:ad:8e:e6:c1:84:e9:49:34:84:b3:c0:fe:61:06:a1:ce:
1f:fd:92:b8
-----BEGIN CERTIFICATE-----
MIIG1jCCBb6gAwIBAgIULgIXv16YrnPB3YZGjxhIm2x7AdEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkNCMTgwNUZBN0FFMjJENTY1RTBBNTAyRDA4RDM3RUIy
QkQ4MzdBNzAeFw0yNTAyMjYwNzU1MDFaFw0yNjAyMjYwODAwMDFaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQzIxMjFCRDI4MUZFQjU2NEQy
QTJCRkVCQUNFMEVGM0YwQTdERTEzODc1NERBOUZDRkZFNjMwMkI2Q0VGM0U3OTg4
M0RGQjZERTJDRTA1MEFBNDg1MTUzMDgzNjBFOTMxRDVFQTQ4RjU4OEE0RTVDMEYz
MUIzOTlGQkU3OUUzQTUyQjdCNUE5OTczOEI2QURCQzE4Q0UzMkNEQ0ZCMDZDRDc0
MTEzQUFBQjBCNzZCODZBQjkyRkM2RTEwMjRBNkMzNEU5QUM3NjFCQkNGNTI5N0VF
QUQ1Q0FFQkFFMTY5QUIxRkVCQzQ0OTQyMDk4Mzg5Q0U3QTQxNTdGRUEwOTlDQjQ2
MkQ5QUE5MTA0M0E0RTIxNUY1NUQwNjA5NUY4RTlBRTc5NEYxOEMwRUZCMDM4OEJE
REIyRTM5ODk0MDBGODQwMzU2MzNENUJCQkNGOENDNjVBMDVGRjQyRTMyMzkyMzMz
MTc2MjhGMkVFOUFCQkE5RkM5RDZCQUU0QzIxOUM3QjFCMTkxRkNDMzJGMUZDRUND
NzIwNjk3MjA3NzRFRTMwMkE1NzU1RURCRUU1RDMzQjlCNTY3REVDQzU4RDE1MDkz
NzAwODQ5RjhBQ0MxQ0Q5Q0Q3MEQ3M0VDRkVDQUJENUJFQzE3OTNBREM2M0ZGNzgz
REY2RUMwNjBEMEVFN0IwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAwhIb0oH+tWTSor/rrODvPwp94Th1Tan8/+YwK2zvPnmIPftt4s4F
CqSFFTCDYOkx1epI9Yik5cDzGzmfvnnjpSt7Wplzi2rbwYzjLNz7Bs10ETqqsLdr
hquS/G4QJKbDTprHYbvPUpfurVyuuuFpqx/rxElCCYOJznpBV/6gmctGLZqpEEOk
4hX1XQYJX46a55TxjA77A4i92y45iUAPhANWM9W7vPjMZaBf9C4yOSMzF2KPLumr
up/J1rrkwhnHsbGR/MMvH87McgaXIHdO4wKldV7b7l0zubVn3sxY0VCTcAhJ+KzB
zZzXDXPs/sq9W+wXk63GP/eD327AYNDuewIDAQABo4IB5DCCAeAwHQYDVR0OBBYE
FHeKOlB+TKl5zIwq4UVQEmqlgl93MB8GA1UdIwQYMBaAFPyxgF+nriLVZeClAtCN
N+sr2DenMA4GA1UdDwEB/wQEAwIHgDBkBgNVHR8EXTBbMFmgV6BVhlNyc3luYzov
L3Jwa2kuYXBlcm5ldC5pby9yZXBvL0FQRVJORVQvMS9GQ0IxODA1RkE3QUUyMkQ1
NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNybDBtBggrBgEFBQcBAQRhMF8wXQYI
KwYBBQUHMAKGUXJzeW5jOi8vc2FrdXlhLm5hdC5tb2UvcmVwby9OQVRPQ0EvMS9G
Q0IxODA1RkE3QUUyMkQ1NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNlcjB7Bggr
BgEFBQcBCwRvMG0wawYIKwYBBQUHMAuGX3JzeW5jOi8vcnBraS5hcGVybmV0Lmlv
L3JlcG8vQVBFUk5FVC8xLzMyMzQzMDM2M2EzNDM0MzQzMDNhM2EyZjM0MzQyZDM0
MzgyMDNkM2UyMDMzMzgzMDMwMzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQkBkRAAAAwDQYJKoZIhvcN
AQELBQADggEBADDfAIqiu+JBJbNsfebLJVr0t3RYyvqNEU4ql/6JwPpjjFmxurMb
baQ5S3OmSORjSVZWb4pLkFS5MemlmI5InZg+llWid1itPnqyTmjeP2fFGOCU0RFM
xB6rlJoMSUagruH03qKMOPhQR4IbavTl1ga88AfRsm/y0n7M3nLwTpVDe1b+mVzL
xGvt3f6RCXkAiD4QrBCk6bobzZGHCRlN/lxtXqMO+Gbwn6VtnyROioJoaXyt9Nf8
NVhxPmalIig/iLuBAa3/1nu8RWM0HMR0Ilb+Q2ql95+6xstGNlT5YmB0MIAXpF5V
k3/jrpY6rY7mwYTpSTSEs8D+YQahzh/9krg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:55:56 2025 by rpki-client