Route Origin Authorization
$ rpki-client -vvf rpki.apernet.io/repo/APERNET/1/3130332e3135322e33352e302f32342d3234203d3e203338303038.roa
File: 3130332e3135322e33352e302f32342d3234203d3e203338303038.roa (raw, json)
Hash identifier: 3HkSBkgK4LRC6JzSCbaaRRptvnynVy4LYa9iN1sN/qw=
Subject key identifier: 5B:6E:38:5E:0B:E1:D0:CD:CB:3F:D5:97:DC:9E:81:7F:DB:1F:48:70
Certificate issuer: /CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Certificate serial: 47A0A2BDFD7437E812A09C8489E044DD4E4D5D1B
Authority key identifier: FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
Authority info access: rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject info access: rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33352e302f32342d3234203d3e203338303038.roa
Signing time: Fri 18 Apr 2025 01:00:00 +0000
ROA not before: Fri 18 Apr 2025 00:55:00 +0000
ROA not after: Sat 18 Apr 2026 01:00:00 +0000
asID: 38008
IP address blocks: 103.152.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.mft
rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.crl
rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WheWSLPvI2nc5721gUD_fccGCr8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 25 Apr 2025 21:32:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:a0:a2:bd:fd:74:37:e8:12:a0:9c:84:89:e0:44:dd:4e:4d:5d:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Validity
Not Before: Apr 18 00:55:00 2025 GMT
Not After : Apr 18 01:00:00 2026 GMT
Subject: CN=3082010A0282010100A64103327C37DADF7CE8F8F8758E33CBAD5A0AE58A5D5A5CE9DD73792FAB8364A718E7FE487D130BFCC6774C48E2D6145401808A043046CA0041AB55EF07EBBDDB18E1147ED36678FF697B89EB1B06252E1F0B9C37BD2F1B33D81DC942708B922720000B0F69961BDA9D45F4FEE10E286EA8FD3A870852B2866318B35515B913D5D98EBD4A0097DF4CF698C71D93B85ED80A3FD7319D547A81C5EC4C33F18664AAFEF8DFAD42A57408A5267B081CA5BD81268E51CC71983E5D521438F5F5DC4F5E13F2106532BFBF3B2B6D43F6F249F4D04D502FB41A18D6F5BC31CE487F935C771DC505104B176397143BDCDDA22BDA1AA9FBC35A63395A64A2063633057A330203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:41:03:32:7c:37:da:df:7c:e8:f8:f8:75:8e:
33:cb:ad:5a:0a:e5:8a:5d:5a:5c:e9:dd:73:79:2f:
ab:83:64:a7:18:e7:fe:48:7d:13:0b:fc:c6:77:4c:
48:e2:d6:14:54:01:80:8a:04:30:46:ca:00:41:ab:
55:ef:07:eb:bd:db:18:e1:14:7e:d3:66:78:ff:69:
7b:89:eb:1b:06:25:2e:1f:0b:9c:37:bd:2f:1b:33:
d8:1d:c9:42:70:8b:92:27:20:00:0b:0f:69:96:1b:
da:9d:45:f4:fe:e1:0e:28:6e:a8:fd:3a:87:08:52:
b2:86:63:18:b3:55:15:b9:13:d5:d9:8e:bd:4a:00:
97:df:4c:f6:98:c7:1d:93:b8:5e:d8:0a:3f:d7:31:
9d:54:7a:81:c5:ec:4c:33:f1:86:64:aa:fe:f8:df:
ad:42:a5:74:08:a5:26:7b:08:1c:a5:bd:81:26:8e:
51:cc:71:98:3e:5d:52:14:38:f5:f5:dc:4f:5e:13:
f2:10:65:32:bf:bf:3b:2b:6d:43:f6:f2:49:f4:d0:
4d:50:2f:b4:1a:18:d6:f5:bc:31:ce:48:7f:93:5c:
77:1d:c5:05:10:4b:17:63:97:14:3b:dc:dd:a2:2b:
da:1a:a9:fb:c3:5a:63:39:5a:64:a2:06:36:33:05:
7a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:6E:38:5E:0B:E1:D0:CD:CB:3F:D5:97:DC:9E:81:7F:DB:1F:48:70
X509v3 Authority Key Identifier:
keyid:FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
Authority Information Access:
CA Issuers - URI:rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33352e302f32342d3234203d3e203338303038.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.152.35.0/24
Signature Algorithm: sha256WithRSAEncryption
11:17:1a:87:06:fe:e9:3f:26:a6:27:0d:6b:56:3f:51:98:28:
17:ea:96:05:f3:6c:ab:11:7d:de:ed:6a:74:fa:4d:51:0e:c9:
14:0e:36:81:2a:15:da:df:b5:78:4a:a7:96:14:f6:3a:45:b3:
3e:eb:a3:08:47:5c:e7:1c:bf:2d:46:aa:25:26:a7:bd:65:21:
50:d7:ab:e7:4d:a3:9b:04:74:f1:d6:c0:fe:82:bb:c1:10:dc:
e9:89:a2:5a:67:90:d7:2b:72:61:7f:44:87:e2:20:1b:1a:e7:
7a:c6:b9:8a:99:2f:64:b6:e6:f7:bc:7e:19:f4:5a:9f:74:23:
f6:27:14:76:29:7d:cf:0b:43:38:07:8c:f5:53:92:e5:ea:44:
dc:d7:dd:cd:e3:ea:75:7e:0a:38:30:54:d5:17:cd:ff:45:15:
65:62:e6:ae:79:0d:9b:3b:79:cd:eb:0f:08:14:63:27:ee:a4:
49:f5:b4:a5:8c:7e:4e:17:99:aa:74:d1:5b:b6:aa:15:89:fd:
d9:75:4a:60:89:d4:45:88:c1:6d:a8:01:c0:cc:e8:54:5e:69:
0e:0b:34:58:a8:e4:2e:89:7d:ca:b4:1c:92:5e:8f:e9:ac:c5:
dd:c3:33:cf:3f:dd:5c:cf:05:9e:2d:4f:f7:61:ba:b1:6a:a1:
ec:03:8c:df
-----BEGIN CERTIFICATE-----
MIIG1TCCBb2gAwIBAgIUR6Civf10N+gSoJyEieBE3U5NXRswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkNCMTgwNUZBN0FFMjJENTY1RTBBNTAyRDA4RDM3RUIy
QkQ4MzdBNzAeFw0yNTA0MTgwMDU1MDBaFw0yNjA0MTgwMTAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQTY0MTAzMzI3QzM3REFERjdD
RThGOEY4NzU4RTMzQ0JBRDVBMEFFNThBNUQ1QTVDRTlERDczNzkyRkFCODM2NEE3
MThFN0ZFNDg3RDEzMEJGQ0M2Nzc0QzQ4RTJENjE0NTQwMTgwOEEwNDMwNDZDQTAw
NDFBQjU1RUYwN0VCQkREQjE4RTExNDdFRDM2Njc4RkY2OTdCODlFQjFCMDYyNTJF
MUYwQjlDMzdCRDJGMUIzM0Q4MURDOTQyNzA4QjkyMjcyMDAwMEIwRjY5OTYxQkRB
OUQ0NUY0RkVFMTBFMjg2RUE4RkQzQTg3MDg1MkIyODY2MzE4QjM1NTE1QjkxM0Q1
RDk4RUJENEEwMDk3REY0Q0Y2OThDNzFEOTNCODVFRDgwQTNGRDczMTlENTQ3QTgx
QzVFQzRDMzNGMTg2NjRBQUZFRjhERkFENDJBNTc0MDhBNTI2N0IwODFDQTVCRDgx
MjY4RTUxQ0M3MTk4M0U1RDUyMTQzOEY1RjVEQzRGNUUxM0YyMTA2NTMyQkZCRjNC
MkI2RDQzRjZGMjQ5RjREMDRENTAyRkI0MUExOEQ2RjVCQzMxQ0U0ODdGOTM1Qzc3
MURDNTA1MTA0QjE3NjM5NzE0M0JEQ0REQTIyQkRBMUFBOUZCQzM1QTYzMzk1QTY0
QTIwNjM2MzMwNTdBMzMwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEApkEDMnw32t986Pj4dY4zy61aCuWKXVpc6d1zeS+rg2SnGOf+SH0T
C/zGd0xI4tYUVAGAigQwRsoAQatV7wfrvdsY4RR+02Z4/2l7iesbBiUuHwucN70v
GzPYHclCcIuSJyAACw9plhvanUX0/uEOKG6o/TqHCFKyhmMYs1UVuRPV2Y69SgCX
30z2mMcdk7he2Ao/1zGdVHqBxexMM/GGZKr++N+tQqV0CKUmewgcpb2BJo5RzHGY
Pl1SFDj19dxPXhPyEGUyv787K21D9vJJ9NBNUC+0GhjW9bwxzkh/k1x3HcUFEEsX
Y5cUO9zdoivaGqn7w1pjOVpkogY2MwV6MwIDAQABo4IB4zCCAd8wHQYDVR0OBBYE
FFtuOF4L4dDNyz/Vl9yegX/bH0hwMB8GA1UdIwQYMBaAFPyxgF+nriLVZeClAtCN
N+sr2DenMA4GA1UdDwEB/wQEAwIHgDBkBgNVHR8EXTBbMFmgV6BVhlNyc3luYzov
L3Jwa2kuYXBlcm5ldC5pby9yZXBvL0FQRVJORVQvMS9GQ0IxODA1RkE3QUUyMkQ1
NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNybDBtBggrBgEFBQcBAQRhMF8wXQYI
KwYBBQUHMAKGUXJzeW5jOi8vc2FrdXlhLm5hdC5tb2UvcmVwby9OQVRPQ0EvMS9G
Q0IxODA1RkE3QUUyMkQ1NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNlcjB9Bggr
BgEFBQcBCwRxMG8wbQYIKwYBBQUHMAuGYXJzeW5jOi8vcnBraS5hcGVybmV0Lmlv
L3JlcG8vQVBFUk5FVC8xLzMxMzAzMzJlMzEzNTMyMmUzMzM1MmUzMDJmMzIzNDJk
MzIzNDIwM2QzZTIwMzMzODMwMzAzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGeYIzANBgkqhkiG9w0B
AQsFAAOCAQEAERcahwb+6T8mpicNa1Y/UZgoF+qWBfNsqxF93u1qdPpNUQ7JFA42
gSoV2t+1eEqnlhT2OkWzPuujCEdc5xy/LUaqJSanvWUhUNer502jmwR08dbA/oK7
wRDc6YmiWmeQ1ytyYX9Eh+IgGxrnesa5ipkvZLbm97x+GfRan3Qj9icUdil9zwtD
OAeM9VOS5epE3NfdzePqdX4KODBU1RfN/0UVZWLmrnkNmzt5zesPCBRjJ+6kSfW0
pYx+TheZqnTRW7aqFYn92XVKYInURYjBbagBwMzoVF5pDgs0WKjkLol9yrQckl6P
6azF3cMzzz/dXM8Fni1P92G6sWqh7AOM3w==
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:08:24 2025 by rpki-client on console.sobornost.net