$ rpki-client -vvf rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32332d3233203d3e203338303038.roa File: 3130332e3135322e33342e302f32332d3233203d3e203338303038.roa (raw, json) Hash identifier: B1nBYxAs50zgsqErVLGUMzYZqOCYEKZEMw+J5SQOX4Y= Subject key identifier: C0:52:10:73:C4:D7:6F:DC:F2:83:02:82:A1:38:94:8D:3B:E8:5B:8D Certificate issuer: /CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7 Certificate serial: 4C6CE38F80B08249CC6679501A0198C805D6AC48 Authority key identifier: FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7 Authority info access: rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer Subject info access: rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32332d3233203d3e203338303038.roa Signing time: Tue 16 Sep 2025 04:00:00 +0000 ROA not before: Tue 16 Sep 2025 03:55:00 +0000 ROA not after: Wed 16 Sep 2026 04:00:00 +0000 asID: 38008 IP address blocks: 103.152.34.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.mft rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.crl rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WheWSLPvI2nc5721gUD_fccGCr8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 20:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:6c:e3:8f:80:b0:82:49:cc:66:79:50:1a:01:98:c8:05:d6:ac:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7 Validity Not Before: Sep 16 03:55:00 2025 GMT Not After : Sep 16 04:00:00 2026 GMT Subject: CN=3082010A02820101009E8447D72ABAA91334FEFBAB2068942DA2C55B86645E9BB7B1A1276D52F2EECD1E8D240B14E832CF09D999B9FEC16A67272E587B4BEF1754C5FB2EDFE06DC664888BF9472F7BFC46D57B80827B20C9C862A43E78337040A2610268E5F3A8BDD1754186797E9C40DC9C5CDBB562B42D1859158CE21385B2B366705C15DF1DA48323CB47DAF7B4EEAA31954956C7ABB141E86BF7255CAC6054D4C3D17639E721403F00F66D00DBDD6591788D03CCE66A611D68805DD2B9620FD1B583DBEF51B836B4D62169573A649F580340A88857698C4EFAD4225F0428E8F34318DE6F2AFFDE0E20501BB2EC9766E726A1204FCC3855489365F33AFB8A6E0E00FB3279206E370203010001 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:84:47:d7:2a:ba:a9:13:34:fe:fb:ab:20:68: 94:2d:a2:c5:5b:86:64:5e:9b:b7:b1:a1:27:6d:52: f2:ee:cd:1e:8d:24:0b:14:e8:32:cf:09:d9:99:b9: fe:c1:6a:67:27:2e:58:7b:4b:ef:17:54:c5:fb:2e: df:e0:6d:c6:64:88:8b:f9:47:2f:7b:fc:46:d5:7b: 80:82:7b:20:c9:c8:62:a4:3e:78:33:70:40:a2:61: 02:68:e5:f3:a8:bd:d1:75:41:86:79:7e:9c:40:dc: 9c:5c:db:b5:62:b4:2d:18:59:15:8c:e2:13:85:b2: b3:66:70:5c:15:df:1d:a4:83:23:cb:47:da:f7:b4: ee:aa:31:95:49:56:c7:ab:b1:41:e8:6b:f7:25:5c: ac:60:54:d4:c3:d1:76:39:e7:21:40:3f:00:f6:6d: 00:db:dd:65:91:78:8d:03:cc:e6:6a:61:1d:68:80: 5d:d2:b9:62:0f:d1:b5:83:db:ef:51:b8:36:b4:d6: 21:69:57:3a:64:9f:58:03:40:a8:88:57:69:8c:4e: fa:d4:22:5f:04:28:e8:f3:43:18:de:6f:2a:ff:de: 0e:20:50:1b:b2:ec:97:66:e7:26:a1:20:4f:cc:38: 55:48:93:65:f3:3a:fb:8a:6e:0e:00:fb:32:79:20: 6e:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:52:10:73:C4:D7:6F:DC:F2:83:02:82:A1:38:94:8D:3B:E8:5B:8D X509v3 Authority Key Identifier: keyid:FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl Authority Information Access: CA Issuers - URI:rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer Subject Information Access: Signed Object - URI:rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32332d3233203d3e203338303038.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.152.34.0/23 Signature Algorithm: sha256WithRSAEncryption 9f:b6:43:73:35:da:f2:e2:2e:f2:bb:39:f3:95:71:52:92:99: e1:02:8e:ff:c0:7f:4e:c7:2d:dd:ac:91:78:56:a1:14:22:c7: 0c:18:7f:bf:45:37:0e:d8:37:2b:9c:6c:84:4f:b3:57:14:1b: 36:4f:d3:46:29:d8:bb:35:a0:06:41:fc:a4:f6:31:7a:11:38: 6a:3b:9e:49:c7:85:6c:11:80:00:97:bc:ba:c0:23:10:82:98: 67:51:4c:bd:b3:62:94:ce:8c:da:da:1d:5b:6b:0c:f0:a7:00: 59:e3:41:24:f3:35:a5:43:9a:b0:ba:f8:8c:02:0d:da:12:53: 27:20:6e:54:41:f3:33:75:1b:fc:a4:f4:e2:d2:ee:a8:7c:5f: 77:91:bd:d1:0e:06:fa:ce:91:23:fc:6f:00:c4:74:ab:46:a9: 8e:24:ab:74:fa:65:99:67:6c:5b:8d:d4:94:ed:e3:cf:6d:fe: b4:77:0b:7b:d6:19:41:f4:51:f9:85:4e:13:d0:a3:be:a9:8c: c8:e8:7a:ae:d6:2f:d3:59:2c:e8:0b:32:1b:8a:68:d3:b8:92: 00:af:39:a3:04:89:6f:39:db:80:83:54:f1:6f:01:76:5a:29: b1:5d:7e:7a:97:4c:d9:44:4a:c3:86:cc:b2:1a:6b:25:ea:2e: 42:79:5f:c8 -----BEGIN CERTIFICATE----- MIIG1TCCBb2gAwIBAgIUTGzjj4CwgknMZnlQGgGYyAXWrEgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRkNCMTgwNUZBN0FFMjJENTY1RTBBNTAyRDA4RDM3RUIy QkQ4MzdBNzAeFw0yNTA5MTYwMzU1MDBaFw0yNjA5MTYwNDAwMDBaMIICLTGCAikw ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwOUU4NDQ3RDcyQUJBQTkxMzM0 RkVGQkFCMjA2ODk0MkRBMkM1NUI4NjY0NUU5QkI3QjFBMTI3NkQ1MkYyRUVDRDFF OEQyNDBCMTRFODMyQ0YwOUQ5OTlCOUZFQzE2QTY3MjcyRTU4N0I0QkVGMTc1NEM1 RkIyRURGRTA2REM2NjQ4ODhCRjk0NzJGN0JGQzQ2RDU3QjgwODI3QjIwQzlDODYy QTQzRTc4MzM3MDQwQTI2MTAyNjhFNUYzQThCREQxNzU0MTg2Nzk3RTlDNDBEQzlD NUNEQkI1NjJCNDJEMTg1OTE1OENFMjEzODVCMkIzNjY3MDVDMTVERjFEQTQ4MzIz Q0I0N0RBRjdCNEVFQUEzMTk1NDk1NkM3QUJCMTQxRTg2QkY3MjU1Q0FDNjA1NEQ0 QzNEMTc2MzlFNzIxNDAzRjAwRjY2RDAwREJERDY1OTE3ODhEMDNDQ0U2NkE2MTFE Njg4MDVERDJCOTYyMEZEMUI1ODNEQkVGNTFCODM2QjRENjIxNjk1NzNBNjQ5RjU4 MDM0MEE4ODg1NzY5OEM0RUZBRDQyMjVGMDQyOEU4RjM0MzE4REU2RjJBRkZERTBF MjA1MDFCQjJFQzk3NjZFNzI2QTEyMDRGQ0MzODU1NDg5MzY1RjMzQUZCOEE2RTBF MDBGQjMyNzkyMDZFMzcwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEAnoRH1yq6qRM0/vurIGiULaLFW4ZkXpu3saEnbVLy7s0ejSQLFOgy zwnZmbn+wWpnJy5Ye0vvF1TF+y7f4G3GZIiL+Ucve/xG1XuAgnsgychipD54M3BA omECaOXzqL3RdUGGeX6cQNycXNu1YrQtGFkVjOIThbKzZnBcFd8dpIMjy0fa97Tu qjGVSVbHq7FB6Gv3JVysYFTUw9F2OechQD8A9m0A291lkXiNA8zmamEdaIBd0rli D9G1g9vvUbg2tNYhaVc6ZJ9YA0CoiFdpjE761CJfBCjo80MY3m8q/94OIFAbsuyX ZucmoSBPzDhVSJNl8zr7im4OAPsyeSBuNwIDAQABo4IB4zCCAd8wHQYDVR0OBBYE FMBSEHPE12/c8oMCgqE4lI076FuNMB8GA1UdIwQYMBaAFPyxgF+nriLVZeClAtCN N+sr2DenMA4GA1UdDwEB/wQEAwIHgDBkBgNVHR8EXTBbMFmgV6BVhlNyc3luYzov L3Jwa2kuYXBlcm5ldC5pby9yZXBvL0FQRVJORVQvMS9GQ0IxODA1RkE3QUUyMkQ1 NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNybDBtBggrBgEFBQcBAQRhMF8wXQYI KwYBBQUHMAKGUXJzeW5jOi8vc2FrdXlhLm5hdC5tb2UvcmVwby9OQVRPQ0EvMS9G Q0IxODA1RkE3QUUyMkQ1NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNlcjB9Bggr BgEFBQcBCwRxMG8wbQYIKwYBBQUHMAuGYXJzeW5jOi8vcnBraS5hcGVybmV0Lmlv L3JlcG8vQVBFUk5FVC8xLzMxMzAzMzJlMzEzNTMyMmUzMzM0MmUzMDJmMzIzMzJk MzIzMzIwM2QzZTIwMzMzODMwMzAzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWeYIjANBgkqhkiG9w0B AQsFAAOCAQEAn7ZDczXa8uIu8rs585VxUpKZ4QKO/8B/Tsct3ayReFahFCLHDBh/ v0U3Dtg3K5xshE+zVxQbNk/TRinYuzWgBkH8pPYxehE4ajueSceFbBGAAJe8usAj EIKYZ1FMvbNilM6M2todW2sM8KcAWeNBJPM1pUOasLr4jAIN2hJTJyBuVEHzM3Ub /KT04tLuqHxfd5G90Q4G+s6RI/xvAMR0q0apjiSrdPplmWdsW43UlO3jz23+tHcL e9YZQfRR+YVOE9CjvqmMyOh6rtYv01ks6AsyG4po07iSAK85owSJbznbgINU8W8B dlopsV1+epdM2URKw4bMshprJeouQnlfyA== -----END CERTIFICATE-----Generated at Mon Oct 20 08:08:07 2025 by rpki-client