Route Origin Authorization
$ rpki-client -vvf rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32332d3234203d3e203134363138.roa
File: 3130332e3135322e33342e302f32332d3234203d3e203134363138.roa (raw, json)
Hash identifier: pDr5tsFplOJsMtQn4U8LproSrPLlhumdi85cJm6E0TY=
Subject key identifier: C8:D6:81:16:68:9D:25:ED:4B:A5:49:40:71:6C:7F:8A:E5:8B:28:76
Certificate issuer: /CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Certificate serial: 783E0B91F59F2EC030FFF16A7DC2AD12D5CFEA86
Authority key identifier: FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
Authority info access: rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject info access: rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32332d3234203d3e203134363138.roa
Signing time: Sun 23 Feb 2025 21:00:00 +0000
ROA not before: Sun 23 Feb 2025 20:55:00 +0000
ROA not after: Mon 23 Feb 2026 21:00:00 +0000
asID: 14618
IP address blocks: 103.152.34.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.mft
rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.crl
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WheWSLPvI2nc5721gUD_fccGCr8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 25 Apr 2025 05:31:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:3e:0b:91:f5:9f:2e:c0:30:ff:f1:6a:7d:c2:ad:12:d5:cf:ea:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Validity
Not Before: Feb 23 20:55:00 2025 GMT
Not After : Feb 23 21:00:00 2026 GMT
Subject: CN=3082010A0282010100DCE30723E038F6F9218AC5EB72FFABEF65EB1FE4BD9D7A8FB73E0D1924EC306F4522DA47EA188D7E6316C1F3CA7CD6DD624A92DD5FCF0376DEAF6C0667B2F32231E63E9AC2F9B91F28253844CC1F98F9DE7C63EBC5E348C7537BCB27A9839D01D20640904B90436DAFC18B607CA69FB363C8781AF72D0B5F4C445C7E8ACC7197422109C16EDFC09BBDCAE2B489F5DACA0DB499C3F460D0A8174019EA73D0B38DC293CE857A26E615550E8F220C891E11C13E5AC0E399B6C1A0306DE26431FF094673A79A7001F72388D458494BE33E2BEBCFC12CB35AD8197C73E4D3DDF6E96569B4FE987ABFA4193DD7E4D08DAF005E0E92FB5D51D857F561461D7E3A0E8EE90203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e3:07:23:e0:38:f6:f9:21:8a:c5:eb:72:ff:
ab:ef:65:eb:1f:e4:bd:9d:7a:8f:b7:3e:0d:19:24:
ec:30:6f:45:22:da:47:ea:18:8d:7e:63:16:c1:f3:
ca:7c:d6:dd:62:4a:92:dd:5f:cf:03:76:de:af:6c:
06:67:b2:f3:22:31:e6:3e:9a:c2:f9:b9:1f:28:25:
38:44:cc:1f:98:f9:de:7c:63:eb:c5:e3:48:c7:53:
7b:cb:27:a9:83:9d:01:d2:06:40:90:4b:90:43:6d:
af:c1:8b:60:7c:a6:9f:b3:63:c8:78:1a:f7:2d:0b:
5f:4c:44:5c:7e:8a:cc:71:97:42:21:09:c1:6e:df:
c0:9b:bd:ca:e2:b4:89:f5:da:ca:0d:b4:99:c3:f4:
60:d0:a8:17:40:19:ea:73:d0:b3:8d:c2:93:ce:85:
7a:26:e6:15:55:0e:8f:22:0c:89:1e:11:c1:3e:5a:
c0:e3:99:b6:c1:a0:30:6d:e2:64:31:ff:09:46:73:
a7:9a:70:01:f7:23:88:d4:58:49:4b:e3:3e:2b:eb:
cf:c1:2c:b3:5a:d8:19:7c:73:e4:d3:dd:f6:e9:65:
69:b4:fe:98:7a:bf:a4:19:3d:d7:e4:d0:8d:af:00:
5e:0e:92:fb:5d:51:d8:57:f5:61:46:1d:7e:3a:0e:
8e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:D6:81:16:68:9D:25:ED:4B:A5:49:40:71:6C:7F:8A:E5:8B:28:76
X509v3 Authority Key Identifier:
keyid:FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
Authority Information Access:
CA Issuers - URI:rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32332d3234203d3e203134363138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.152.34.0/23
Signature Algorithm: sha256WithRSAEncryption
31:16:55:ec:93:0d:1f:98:18:d8:7c:08:e9:04:ca:61:50:fb:
09:15:1c:ef:e8:fb:8c:ea:09:60:f1:ac:48:0a:6d:88:e0:22:
d8:81:97:df:ab:14:22:0b:8c:13:2f:66:c3:4b:1b:b9:4a:76:
3d:65:75:be:75:03:91:24:44:b2:05:a8:49:28:a6:7b:6a:ac:
cb:9d:fa:45:fa:77:88:ab:75:b3:44:15:59:51:ef:d7:07:5d:
78:c4:93:d0:16:21:0c:9c:d5:ae:4c:9c:38:bd:a1:2a:bc:34:
2c:86:f8:a8:20:8e:ef:4b:f0:a1:72:94:a4:9b:d6:8e:b1:5b:
39:91:fa:ca:1a:42:c1:29:bd:c2:94:68:d7:ef:b6:e5:35:f2:
f8:5f:86:2e:fd:8b:66:76:02:39:5f:c3:36:2d:1e:c6:c9:62:
32:1e:cf:55:8c:8f:d0:99:e2:a3:03:a4:de:8c:e1:4a:64:8e:
b4:b4:3c:96:ba:b1:98:1f:d4:b1:9a:bc:9a:a7:b5:9b:a5:8e:
33:21:9b:f1:8e:f8:ef:39:55:8b:a6:3d:37:c2:a9:59:ef:25:
83:89:ed:16:b0:00:77:fd:92:d4:04:52:af:06:a0:2e:26:5a:
7c:26:ff:65:d6:ee:22:24:95:2d:9a:c1:31:c9:78:ea:c1:c5:
82:3f:1a:61
-----BEGIN CERTIFICATE-----
MIIG1TCCBb2gAwIBAgIUeD4LkfWfLsAw//FqfcKtEtXP6oYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkNCMTgwNUZBN0FFMjJENTY1RTBBNTAyRDA4RDM3RUIy
QkQ4MzdBNzAeFw0yNTAyMjMyMDU1MDBaFw0yNjAyMjMyMTAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRENFMzA3MjNFMDM4RjZGOTIx
OEFDNUVCNzJGRkFCRUY2NUVCMUZFNEJEOUQ3QThGQjczRTBEMTkyNEVDMzA2RjQ1
MjJEQTQ3RUExODhEN0U2MzE2QzFGM0NBN0NENkRENjI0QTkyREQ1RkNGMDM3NkRF
QUY2QzA2NjdCMkYzMjIzMUU2M0U5QUMyRjlCOTFGMjgyNTM4NDRDQzFGOThGOURF
N0M2M0VCQzVFMzQ4Qzc1MzdCQ0IyN0E5ODM5RDAxRDIwNjQwOTA0QjkwNDM2REFG
QzE4QjYwN0NBNjlGQjM2M0M4NzgxQUY3MkQwQjVGNEM0NDVDN0U4QUNDNzE5NzQy
MjEwOUMxNkVERkMwOUJCRENBRTJCNDg5RjVEQUNBMERCNDk5QzNGNDYwRDBBODE3
NDAxOUVBNzNEMEIzOERDMjkzQ0U4NTdBMjZFNjE1NTUwRThGMjIwQzg5MUUxMUMx
M0U1QUMwRTM5OUI2QzFBMDMwNkRFMjY0MzFGRjA5NDY3M0E3OUE3MDAxRjcyMzg4
RDQ1ODQ5NEJFMzNFMkJFQkNGQzEyQ0IzNUFEODE5N0M3M0U0RDNEREY2RTk2NTY5
QjRGRTk4N0FCRkE0MTkzREQ3RTREMDhEQUYwMDVFMEU5MkZCNUQ1MUQ4NTdGNTYx
NDYxRDdFM0EwRThFRTkwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA3OMHI+A49vkhisXrcv+r72XrH+S9nXqPtz4NGSTsMG9FItpH6hiN
fmMWwfPKfNbdYkqS3V/PA3ber2wGZ7LzIjHmPprC+bkfKCU4RMwfmPnefGPrxeNI
x1N7yyepg50B0gZAkEuQQ22vwYtgfKafs2PIeBr3LQtfTERcforMcZdCIQnBbt/A
m73K4rSJ9drKDbSZw/Rg0KgXQBnqc9CzjcKTzoV6JuYVVQ6PIgyJHhHBPlrA45m2
waAwbeJkMf8JRnOnmnAB9yOI1FhJS+M+K+vPwSyzWtgZfHPk09326WVptP6Yer+k
GT3X5NCNrwBeDpL7XVHYV/VhRh1+Og6O6QIDAQABo4IB4zCCAd8wHQYDVR0OBBYE
FMjWgRZonSXtS6VJQHFsf4rliyh2MB8GA1UdIwQYMBaAFPyxgF+nriLVZeClAtCN
N+sr2DenMA4GA1UdDwEB/wQEAwIHgDBkBgNVHR8EXTBbMFmgV6BVhlNyc3luYzov
L3Jwa2kuYXBlcm5ldC5pby9yZXBvL0FQRVJORVQvMS9GQ0IxODA1RkE3QUUyMkQ1
NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNybDBtBggrBgEFBQcBAQRhMF8wXQYI
KwYBBQUHMAKGUXJzeW5jOi8vc2FrdXlhLm5hdC5tb2UvcmVwby9OQVRPQ0EvMS9G
Q0IxODA1RkE3QUUyMkQ1NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNlcjB9Bggr
BgEFBQcBCwRxMG8wbQYIKwYBBQUHMAuGYXJzeW5jOi8vcnBraS5hcGVybmV0Lmlv
L3JlcG8vQVBFUk5FVC8xLzMxMzAzMzJlMzEzNTMyMmUzMzM0MmUzMDJmMzIzMzJk
MzIzNDIwM2QzZTIwMzEzNDM2MzEzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWeYIjANBgkqhkiG9w0B
AQsFAAOCAQEAMRZV7JMNH5gY2HwI6QTKYVD7CRUc7+j7jOoJYPGsSAptiOAi2IGX
36sUIguMEy9mw0sbuUp2PWV1vnUDkSREsgWoSSime2qsy536Rfp3iKt1s0QVWVHv
1wddeMST0BYhDJzVrkycOL2hKrw0LIb4qCCO70vwoXKUpJvWjrFbOZH6yhpCwSm9
wpRo1++25TXy+F+GLv2LZnYCOV/DNi0exsliMh7PVYyP0JniowOk3ozhSmSOtLQ8
lrqxmB/UsZq8mqe1m6WOMyGb8Y747zlVi6Y9N8KpWe8lg4ntFrAAd/2S1ARSrwag
LiZafCb/ZdbuIiSVLZrBMcl46sHFgj8aYQ==
-----END CERTIFICATE-----
Generated at Thu Apr 24 11:26:07 2025 by rpki-client on console.sobornost.net