Route Origin Authorization
$ rpki-client -vvf rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32342d3234203d3e203338303038.roa
File: 3130332e3135322e33342e302f32342d3234203d3e203338303038.roa (raw, json)
Hash identifier: BC754BBmLYtzW2DYjylW3Lxadf4mWhwcczkW75SRgsk=
Subject key identifier: AC:89:78:E3:E1:58:FC:D2:79:6B:07:C7:E3:96:D4:48:F6:DA:0F:55
Certificate issuer: /CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Certificate serial: 3AAF59C1B4106848AAF7C0697DBA4C61AB594232
Authority key identifier: FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
Authority info access: rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject info access: rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32342d3234203d3e203338303038.roa
Signing time: Fri 18 Apr 2025 00:00:00 +0000
ROA not before: Thu 17 Apr 2025 23:55:00 +0000
ROA not after: Sat 18 Apr 2026 00:00:00 +0000
asID: 38008
IP address blocks: 103.152.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.mft
rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.crl
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WheWSLPvI2nc5721gUD_fccGCr8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 25 Apr 2025 21:32:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:af:59:c1:b4:10:68:48:aa:f7:c0:69:7d:ba:4c:61:ab:59:42:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Validity
Not Before: Apr 17 23:55:00 2025 GMT
Not After : Apr 18 00:00:00 2026 GMT
Subject: CN=3082010A0282010100EC1C5DF387138172FD0D87C29BC83E1F6851D9CCB3C08D85D263C0B5433739E65C893085388B3C04804399CAA04BB66DA9E209AA567A816F066F5F03F566AED7635C59002DC0F53A4E2CBF43B704BC843894D9F961A7944F6DA340DB216F3E82FF15331644EB12BAE0019B609CB2F7A17EB8B72E4C17EB479F885DD51B057D7CAE6B394E91FFB2E47F1D6BEDC669FAFD990F22257DA87867CB016F4E1F4C879787DCB44ED7DA76028A3FE7BB6DCB86049FAE6F9181FEFF108B8F1C75DB811BDE84EB50B5AE73E4F866F4426C6F5C6D51733A9BDE5168D0A1396A643361D548C423D5594D6B8F44D867BF34B592FA22AFAB518D12BC3820E8B0D7015D3DAD5D870203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:1c:5d:f3:87:13:81:72:fd:0d:87:c2:9b:c8:
3e:1f:68:51:d9:cc:b3:c0:8d:85:d2:63:c0:b5:43:
37:39:e6:5c:89:30:85:38:8b:3c:04:80:43:99:ca:
a0:4b:b6:6d:a9:e2:09:aa:56:7a:81:6f:06:6f:5f:
03:f5:66:ae:d7:63:5c:59:00:2d:c0:f5:3a:4e:2c:
bf:43:b7:04:bc:84:38:94:d9:f9:61:a7:94:4f:6d:
a3:40:db:21:6f:3e:82:ff:15:33:16:44:eb:12:ba:
e0:01:9b:60:9c:b2:f7:a1:7e:b8:b7:2e:4c:17:eb:
47:9f:88:5d:d5:1b:05:7d:7c:ae:6b:39:4e:91:ff:
b2:e4:7f:1d:6b:ed:c6:69:fa:fd:99:0f:22:25:7d:
a8:78:67:cb:01:6f:4e:1f:4c:87:97:87:dc:b4:4e:
d7:da:76:02:8a:3f:e7:bb:6d:cb:86:04:9f:ae:6f:
91:81:fe:ff:10:8b:8f:1c:75:db:81:1b:de:84:eb:
50:b5:ae:73:e4:f8:66:f4:42:6c:6f:5c:6d:51:73:
3a:9b:de:51:68:d0:a1:39:6a:64:33:61:d5:48:c4:
23:d5:59:4d:6b:8f:44:d8:67:bf:34:b5:92:fa:22:
af:ab:51:8d:12:bc:38:20:e8:b0:d7:01:5d:3d:ad:
5d:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:89:78:E3:E1:58:FC:D2:79:6B:07:C7:E3:96:D4:48:F6:DA:0F:55
X509v3 Authority Key Identifier:
keyid:FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
Authority Information Access:
CA Issuers - URI:rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32342d3234203d3e203338303038.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.152.34.0/24
Signature Algorithm: sha256WithRSAEncryption
76:2e:da:af:73:7c:8e:95:04:42:83:5f:15:68:a0:de:73:92:
4d:c2:d5:65:e6:50:53:a2:12:18:a1:22:1f:ac:94:44:c4:d7:
8e:ee:ce:f4:5d:70:34:b8:46:85:8e:1a:fe:0b:61:6f:30:77:
7c:ca:71:fa:3d:f4:8f:8c:47:74:47:19:e4:c1:8a:81:28:d1:
07:c4:ac:57:15:8d:12:7d:2e:e9:67:b3:7e:b2:c0:00:8e:6e:
89:8a:b1:45:b6:cb:68:8b:db:a0:bc:e5:5e:b7:95:ef:5a:2c:
91:85:a5:8a:06:6f:19:00:a5:1b:0f:53:0d:81:55:94:2f:4f:
c4:19:d4:1a:c6:22:7d:b6:ba:3f:d7:af:6e:e0:4b:d2:e7:8b:
02:dc:f5:ff:30:34:01:f6:52:46:bd:47:cf:24:bf:9a:4e:ee:
40:e6:0b:09:a2:29:bd:16:35:b3:5b:b1:4b:5b:bc:d8:73:fc:
4d:c2:bd:ed:f4:1b:c7:06:51:c1:e0:da:ce:16:5d:54:d6:94:
20:3f:96:aa:56:22:da:f1:f9:9f:1a:f2:18:d6:aa:85:81:bc:
9c:1c:99:89:09:a0:fd:7b:40:12:4d:47:c6:00:61:a8:73:89:
2d:7d:94:ef:0e:ec:ba:ec:08:11:6e:57:54:2b:6b:2f:0c:01:
50:71:75:d5
-----BEGIN CERTIFICATE-----
MIIG1TCCBb2gAwIBAgIUOq9ZwbQQaEiq98BpfbpMYatZQjIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkNCMTgwNUZBN0FFMjJENTY1RTBBNTAyRDA4RDM3RUIy
QkQ4MzdBNzAeFw0yNTA0MTcyMzU1MDBaFw0yNjA0MTgwMDAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRUMxQzVERjM4NzEzODE3MkZE
MEQ4N0MyOUJDODNFMUY2ODUxRDlDQ0IzQzA4RDg1RDI2M0MwQjU0MzM3MzlFNjVD
ODkzMDg1Mzg4QjNDMDQ4MDQzOTlDQUEwNEJCNjZEQTlFMjA5QUE1NjdBODE2RjA2
NkY1RjAzRjU2NkFFRDc2MzVDNTkwMDJEQzBGNTNBNEUyQ0JGNDNCNzA0QkM4NDM4
OTREOUY5NjFBNzk0NEY2REEzNDBEQjIxNkYzRTgyRkYxNTMzMTY0NEVCMTJCQUUw
MDE5QjYwOUNCMkY3QTE3RUI4QjcyRTRDMTdFQjQ3OUY4ODVERDUxQjA1N0Q3Q0FF
NkIzOTRFOTFGRkIyRTQ3RjFENkJFREM2NjlGQUZEOTkwRjIyMjU3REE4Nzg2N0NC
MDE2RjRFMUY0Qzg3OTc4N0RDQjQ0RUQ3REE3NjAyOEEzRkU3QkI2RENCODYwNDlG
QUU2RjkxODFGRUZGMTA4QjhGMUM3NURCODExQkRFODRFQjUwQjVBRTczRTRGODY2
RjQ0MjZDNkY1QzZENTE3MzNBOUJERTUxNjhEMEExMzk2QTY0MzM2MUQ1NDhDNDIz
RDU1OTRENkI4RjQ0RDg2N0JGMzRCNTkyRkEyMkFGQUI1MThEMTJCQzM4MjBFOEIw
RDcwMTVEM0RBRDVEODcwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA7Bxd84cTgXL9DYfCm8g+H2hR2cyzwI2F0mPAtUM3OeZciTCFOIs8
BIBDmcqgS7ZtqeIJqlZ6gW8Gb18D9Wau12NcWQAtwPU6Tiy/Q7cEvIQ4lNn5YaeU
T22jQNshbz6C/xUzFkTrErrgAZtgnLL3oX64ty5MF+tHn4hd1RsFfXyuazlOkf+y
5H8da+3Gafr9mQ8iJX2oeGfLAW9OH0yHl4fctE7X2nYCij/nu23LhgSfrm+Rgf7/
EIuPHHXbgRvehOtQta5z5Phm9EJsb1xtUXM6m95RaNChOWpkM2HVSMQj1VlNa49E
2Ge/NLWS+iKvq1GNErw4IOiw1wFdPa1dhwIDAQABo4IB4zCCAd8wHQYDVR0OBBYE
FKyJeOPhWPzSeWsHx+OW1Ej22g9VMB8GA1UdIwQYMBaAFPyxgF+nriLVZeClAtCN
N+sr2DenMA4GA1UdDwEB/wQEAwIHgDBkBgNVHR8EXTBbMFmgV6BVhlNyc3luYzov
L3Jwa2kuYXBlcm5ldC5pby9yZXBvL0FQRVJORVQvMS9GQ0IxODA1RkE3QUUyMkQ1
NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNybDBtBggrBgEFBQcBAQRhMF8wXQYI
KwYBBQUHMAKGUXJzeW5jOi8vc2FrdXlhLm5hdC5tb2UvcmVwby9OQVRPQ0EvMS9G
Q0IxODA1RkE3QUUyMkQ1NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNlcjB9Bggr
BgEFBQcBCwRxMG8wbQYIKwYBBQUHMAuGYXJzeW5jOi8vcnBraS5hcGVybmV0Lmlv
L3JlcG8vQVBFUk5FVC8xLzMxMzAzMzJlMzEzNTMyMmUzMzM0MmUzMDJmMzIzNDJk
MzIzNDIwM2QzZTIwMzMzODMwMzAzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGeYIjANBgkqhkiG9w0B
AQsFAAOCAQEAdi7ar3N8jpUEQoNfFWig3nOSTcLVZeZQU6ISGKEiH6yURMTXju7O
9F1wNLhGhY4a/gthbzB3fMpx+j30j4xHdEcZ5MGKgSjRB8SsVxWNEn0u6WezfrLA
AI5uiYqxRbbLaIvboLzlXreV71oskYWligZvGQClGw9TDYFVlC9PxBnUGsYifba6
P9evbuBL0ueLAtz1/zA0AfZSRr1HzyS/mk7uQOYLCaIpvRY1s1uxS1u82HP8TcK9
7fQbxwZRweDazhZdVNaUID+WqlYi2vH5nxryGNaqhYG8nByZiQmg/XtAEk1HxgBh
qHOJLX2U7w7suuwIEW5XVCtrLwwBUHF11Q==
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:08:24 2025 by rpki-client on console.sobornost.net