Route Origin Authorization

$ rpki-client -vvf rpki.apernet.io/repo/APERNET/1/323430363a343434303a3a2f34342d3438203d3e203338303038.roa
File:                     323430363a343434303a3a2f34342d3438203d3e203338303038.roa (raw, json)
Hash identifier:          G+XcX1/8cBGg+LRrm3xDy7bx8agCbHKWzMeUncXRv2c=
Subject key identifier:   AF:E6:1A:3B:11:B2:22:DC:66:C6:ED:7C:7E:24:79:FC:EB:35:94:A0
Certificate issuer:       /CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Certificate serial:       7A74DA76955880E7BB0CF83D7B42F86081E98792
Authority key identifier: FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
Authority info access:    rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject info access:      rsync://rpki.apernet.io/repo/APERNET/1/323430363a343434303a3a2f34342d3438203d3e203338303038.roa
Signing time:             Tue 26 Mar 2024 08:00:00 +0000
ROA not before:           Tue 26 Mar 2024 07:55:00 +0000
ROA not after:            Wed 26 Mar 2025 08:00:00 +0000
asID:                     38008
IP address blocks:        2406:4440::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
                          rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.mft
                          rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
                          rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.crl
                          rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WheWSLPvI2nc5721gUD_fccGCr8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 22 Nov 2024 20:34:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:74:da:76:95:58:80:e7:bb:0c:f8:3d:7b:42:f8:60:81:e9:87:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
        Validity
            Not Before: Mar 26 07:55:00 2024 GMT
            Not After : Mar 26 08:00:00 2025 GMT
        Subject: CN=3082010A0282010100C6C744A394448BC81974F0A854B1E553A3DD365D6ACFD43D471C59DD4E5A76B7C1A992D6C1B599449C731AE86303787CC4F41DF71A6FE5E6D002A8623078AA4253E96A95D82E8E0C6FD8F679B9D85F5F1A178F9523126679861E87A6495F92D2730E9C848B15A8AACB87260F8EAA187BB12C1A326423CBB9C5308771C42C5415C3512FFB12F17DAF28507205247587AB0EA41B81B2B8A595B7AE8A300F648F90B886DAFE7943BC18F170063F8E062AE29DEF0CAB30C724F3C7DA4B1E37F34A7E50FC61A4D6CD8DB61ED77EA9DFFFC8B19EE4C51560CB2E4538693E2AD899AAF175CD7A997862FF4091C93A1435E0932873DBADD2EBCE8F6CB99C4C65E92367A90203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:c7:44:a3:94:44:8b:c8:19:74:f0:a8:54:b1:
                    e5:53:a3:dd:36:5d:6a:cf:d4:3d:47:1c:59:dd:4e:
                    5a:76:b7:c1:a9:92:d6:c1:b5:99:44:9c:73:1a:e8:
                    63:03:78:7c:c4:f4:1d:f7:1a:6f:e5:e6:d0:02:a8:
                    62:30:78:aa:42:53:e9:6a:95:d8:2e:8e:0c:6f:d8:
                    f6:79:b9:d8:5f:5f:1a:17:8f:95:23:12:66:79:86:
                    1e:87:a6:49:5f:92:d2:73:0e:9c:84:8b:15:a8:aa:
                    cb:87:26:0f:8e:aa:18:7b:b1:2c:1a:32:64:23:cb:
                    b9:c5:30:87:71:c4:2c:54:15:c3:51:2f:fb:12:f1:
                    7d:af:28:50:72:05:24:75:87:ab:0e:a4:1b:81:b2:
                    b8:a5:95:b7:ae:8a:30:0f:64:8f:90:b8:86:da:fe:
                    79:43:bc:18:f1:70:06:3f:8e:06:2a:e2:9d:ef:0c:
                    ab:30:c7:24:f3:c7:da:4b:1e:37:f3:4a:7e:50:fc:
                    61:a4:d6:cd:8d:b6:1e:d7:7e:a9:df:ff:c8:b1:9e:
                    e4:c5:15:60:cb:2e:45:38:69:3e:2a:d8:99:aa:f1:
                    75:cd:7a:99:78:62:ff:40:91:c9:3a:14:35:e0:93:
                    28:73:db:ad:d2:eb:ce:8f:6c:b9:9c:4c:65:e9:23:
                    67:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:E6:1A:3B:11:B2:22:DC:66:C6:ED:7C:7E:24:79:FC:EB:35:94:A0
            X509v3 Authority Key Identifier:
                keyid:FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apernet.io/repo/APERNET/1/323430363a343434303a3a2f34342d3438203d3e203338303038.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:4440::/44

    Signature Algorithm: sha256WithRSAEncryption
         3a:68:71:c2:25:72:57:4d:01:41:ba:19:68:c5:c4:a3:e9:fb:
         42:a4:25:aa:20:bb:f4:07:97:55:89:20:0d:61:af:32:d4:c2:
         36:d6:30:d1:2a:5e:3b:0d:9f:65:1b:0b:99:5a:97:7e:e5:f7:
         dd:3f:8c:b2:39:c0:49:01:f1:6e:41:09:6c:a6:f7:1a:43:9e:
         6e:c7:a7:0a:7b:e5:bf:9c:36:06:a8:26:8f:91:d7:24:22:55:
         d4:e8:e9:c2:59:6a:91:d0:c5:15:d7:e3:e5:e5:7f:f1:ec:63:
         ed:0c:fe:b6:aa:57:a6:4d:e9:ca:6e:46:bf:2e:4c:21:fc:bc:
         ac:4c:4b:23:92:b1:86:e4:23:82:0c:b8:45:83:07:98:ff:c8:
         d0:28:3b:d4:db:e7:1c:63:88:e1:7f:8f:e5:5b:9d:e3:50:06:
         09:ad:5c:11:a5:b7:74:82:cf:33:13:7c:17:cf:fa:f8:0f:bc:
         84:d1:e8:2d:63:eb:70:3d:86:d4:fd:53:7e:29:73:60:55:5f:
         99:e6:2d:84:38:4c:96:f9:c1:b0:61:59:a3:57:1e:df:51:23:
         c7:c7:69:6f:39:9c:73:fc:c5:42:f2:71:41:1d:91:cd:62:95:
         7c:22:19:18:cb:e0:6a:40:88:ec:cd:5c:7d:5a:29:a4:6b:11:
         05:90:af:ab
-----BEGIN CERTIFICATE-----
MIIG1jCCBb6gAwIBAgIUenTadpVYgOe7DPg9e0L4YIHph5IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkNCMTgwNUZBN0FFMjJENTY1RTBBNTAyRDA4RDM3RUIy
QkQ4MzdBNzAeFw0yNDAzMjYwNzU1MDBaFw0yNTAzMjYwODAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQzZDNzQ0QTM5NDQ0OEJDODE5
NzRGMEE4NTRCMUU1NTNBM0REMzY1RDZBQ0ZENDNENDcxQzU5REQ0RTVBNzZCN0Mx
QTk5MkQ2QzFCNTk5NDQ5QzczMUFFODYzMDM3ODdDQzRGNDFERjcxQTZGRTVFNkQw
MDJBODYyMzA3OEFBNDI1M0U5NkE5NUQ4MkU4RTBDNkZEOEY2NzlCOUQ4NUY1RjFB
MTc4Rjk1MjMxMjY2Nzk4NjFFODdBNjQ5NUY5MkQyNzMwRTlDODQ4QjE1QThBQUNC
ODcyNjBGOEVBQTE4N0JCMTJDMUEzMjY0MjNDQkI5QzUzMDg3NzFDNDJDNTQxNUMz
NTEyRkZCMTJGMTdEQUYyODUwNzIwNTI0NzU4N0FCMEVBNDFCODFCMkI4QTU5NUI3
QUU4QTMwMEY2NDhGOTBCODg2REFGRTc5NDNCQzE4RjE3MDA2M0Y4RTA2MkFFMjlE
RUYwQ0FCMzBDNzI0RjNDN0RBNEIxRTM3RjM0QTdFNTBGQzYxQTRENkNEOERCNjFF
RDc3RUE5REZGRkM4QjE5RUU0QzUxNTYwQ0IyRTQ1Mzg2OTNFMkFEODk5QUFGMTc1
Q0Q3QTk5Nzg2MkZGNDA5MUM5M0ExNDM1RTA5MzI4NzNEQkFERDJFQkNFOEY2Q0I5
OUM0QzY1RTkyMzY3QTkwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAxsdEo5REi8gZdPCoVLHlU6PdNl1qz9Q9RxxZ3U5adrfBqZLWwbWZ
RJxzGuhjA3h8xPQd9xpv5ebQAqhiMHiqQlPpapXYLo4Mb9j2ebnYX18aF4+VIxJm
eYYeh6ZJX5LScw6chIsVqKrLhyYPjqoYe7EsGjJkI8u5xTCHccQsVBXDUS/7EvF9
ryhQcgUkdYerDqQbgbK4pZW3roowD2SPkLiG2v55Q7wY8XAGP44GKuKd7wyrMMck
88faSx4380p+UPxhpNbNjbYe136p3//IsZ7kxRVgyy5FOGk+KtiZqvF1zXqZeGL/
QJHJOhQ14JMoc9ut0uvOj2y5nExl6SNnqQIDAQABo4IB5DCCAeAwHQYDVR0OBBYE
FK/mGjsRsiLcZsbtfH4kefzrNZSgMB8GA1UdIwQYMBaAFPyxgF+nriLVZeClAtCN
N+sr2DenMA4GA1UdDwEB/wQEAwIHgDBkBgNVHR8EXTBbMFmgV6BVhlNyc3luYzov
L3Jwa2kuYXBlcm5ldC5pby9yZXBvL0FQRVJORVQvMS9GQ0IxODA1RkE3QUUyMkQ1
NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNybDBtBggrBgEFBQcBAQRhMF8wXQYI
KwYBBQUHMAKGUXJzeW5jOi8vc2FrdXlhLm5hdC5tb2UvcmVwby9OQVRPQ0EvMS9G
Q0IxODA1RkE3QUUyMkQ1NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNlcjB7Bggr
BgEFBQcBCwRvMG0wawYIKwYBBQUHMAuGX3JzeW5jOi8vcnBraS5hcGVybmV0Lmlv
L3JlcG8vQVBFUk5FVC8xLzMyMzQzMDM2M2EzNDM0MzQzMDNhM2EyZjM0MzQyZDM0
MzgyMDNkM2UyMDMzMzgzMDMwMzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQkBkRAAAAwDQYJKoZIhvcN
AQELBQADggEBADpoccIlcldNAUG6GWjFxKPp+0KkJaogu/QHl1WJIA1hrzLUwjbW
MNEqXjsNn2UbC5lal37l990/jLI5wEkB8W5BCWym9xpDnm7Hpwp75b+cNgaoJo+R
1yQiVdTo6cJZapHQxRXX4+Xlf/HsY+0M/raqV6ZN6cpuRr8uTCH8vKxMSyOSsYbk
I4IMuEWDB5j/yNAoO9Tb5xxjiOF/j+VbneNQBgmtXBGlt3SCzzMTfBfP+vgPvITR
6C1j63A9htT9U34pc2BVX5nmLYQ4TJb5wbBhWaNXHt9RI8fHaW85nHP8xULycUEd
kc1ilXwiGRjL4GpAiOzNXH1aKaRrEQWQr6s=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:41:15 2024 by rpki-client on console-ams.rpki-client.org