Route Origin Authorization

$ rpki-client -vvf rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32332d3233203d3e203338303038.roa
File:                     3130332e3135322e33342e302f32332d3233203d3e203338303038.roa (raw, json)
Hash identifier:          B1nBYxAs50zgsqErVLGUMzYZqOCYEKZEMw+J5SQOX4Y=
Subject key identifier:   C0:52:10:73:C4:D7:6F:DC:F2:83:02:82:A1:38:94:8D:3B:E8:5B:8D
Certificate issuer:       /CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
Certificate serial:       4C6CE38F80B08249CC6679501A0198C805D6AC48
Authority key identifier: FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7
Authority info access:    rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
Subject info access:      rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32332d3233203d3e203338303038.roa
Signing time:             Tue 16 Sep 2025 04:00:00 +0000
ROA not before:           Tue 16 Sep 2025 03:55:00 +0000
ROA not after:            Wed 16 Sep 2026 04:00:00 +0000
asID:                     38008
IP address blocks:        103.152.34.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl
                          rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.mft
                          rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer
                          rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.crl
                          rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WheWSLPvI2nc5721gUD_fccGCr8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 20 Oct 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:6c:e3:8f:80:b0:82:49:cc:66:79:50:1a:01:98:c8:05:d6:ac:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7
        Validity
            Not Before: Sep 16 03:55:00 2025 GMT
            Not After : Sep 16 04:00:00 2026 GMT
        Subject: CN=3082010A02820101009E8447D72ABAA91334FEFBAB2068942DA2C55B86645E9BB7B1A1276D52F2EECD1E8D240B14E832CF09D999B9FEC16A67272E587B4BEF1754C5FB2EDFE06DC664888BF9472F7BFC46D57B80827B20C9C862A43E78337040A2610268E5F3A8BDD1754186797E9C40DC9C5CDBB562B42D1859158CE21385B2B366705C15DF1DA48323CB47DAF7B4EEAA31954956C7ABB141E86BF7255CAC6054D4C3D17639E721403F00F66D00DBDD6591788D03CCE66A611D68805DD2B9620FD1B583DBEF51B836B4D62169573A649F580340A88857698C4EFAD4225F0428E8F34318DE6F2AFFDE0E20501BB2EC9766E726A1204FCC3855489365F33AFB8A6E0E00FB3279206E370203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:84:47:d7:2a:ba:a9:13:34:fe:fb:ab:20:68:
                    94:2d:a2:c5:5b:86:64:5e:9b:b7:b1:a1:27:6d:52:
                    f2:ee:cd:1e:8d:24:0b:14:e8:32:cf:09:d9:99:b9:
                    fe:c1:6a:67:27:2e:58:7b:4b:ef:17:54:c5:fb:2e:
                    df:e0:6d:c6:64:88:8b:f9:47:2f:7b:fc:46:d5:7b:
                    80:82:7b:20:c9:c8:62:a4:3e:78:33:70:40:a2:61:
                    02:68:e5:f3:a8:bd:d1:75:41:86:79:7e:9c:40:dc:
                    9c:5c:db:b5:62:b4:2d:18:59:15:8c:e2:13:85:b2:
                    b3:66:70:5c:15:df:1d:a4:83:23:cb:47:da:f7:b4:
                    ee:aa:31:95:49:56:c7:ab:b1:41:e8:6b:f7:25:5c:
                    ac:60:54:d4:c3:d1:76:39:e7:21:40:3f:00:f6:6d:
                    00:db:dd:65:91:78:8d:03:cc:e6:6a:61:1d:68:80:
                    5d:d2:b9:62:0f:d1:b5:83:db:ef:51:b8:36:b4:d6:
                    21:69:57:3a:64:9f:58:03:40:a8:88:57:69:8c:4e:
                    fa:d4:22:5f:04:28:e8:f3:43:18:de:6f:2a:ff:de:
                    0e:20:50:1b:b2:ec:97:66:e7:26:a1:20:4f:cc:38:
                    55:48:93:65:f3:3a:fb:8a:6e:0e:00:fb:32:79:20:
                    6e:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:52:10:73:C4:D7:6F:DC:F2:83:02:82:A1:38:94:8D:3B:E8:5B:8D
            X509v3 Authority Key Identifier:
                keyid:FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32332d3233203d3e203338303038.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.152.34.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9f:b6:43:73:35:da:f2:e2:2e:f2:bb:39:f3:95:71:52:92:99:
         e1:02:8e:ff:c0:7f:4e:c7:2d:dd:ac:91:78:56:a1:14:22:c7:
         0c:18:7f:bf:45:37:0e:d8:37:2b:9c:6c:84:4f:b3:57:14:1b:
         36:4f:d3:46:29:d8:bb:35:a0:06:41:fc:a4:f6:31:7a:11:38:
         6a:3b:9e:49:c7:85:6c:11:80:00:97:bc:ba:c0:23:10:82:98:
         67:51:4c:bd:b3:62:94:ce:8c:da:da:1d:5b:6b:0c:f0:a7:00:
         59:e3:41:24:f3:35:a5:43:9a:b0:ba:f8:8c:02:0d:da:12:53:
         27:20:6e:54:41:f3:33:75:1b:fc:a4:f4:e2:d2:ee:a8:7c:5f:
         77:91:bd:d1:0e:06:fa:ce:91:23:fc:6f:00:c4:74:ab:46:a9:
         8e:24:ab:74:fa:65:99:67:6c:5b:8d:d4:94:ed:e3:cf:6d:fe:
         b4:77:0b:7b:d6:19:41:f4:51:f9:85:4e:13:d0:a3:be:a9:8c:
         c8:e8:7a:ae:d6:2f:d3:59:2c:e8:0b:32:1b:8a:68:d3:b8:92:
         00:af:39:a3:04:89:6f:39:db:80:83:54:f1:6f:01:76:5a:29:
         b1:5d:7e:7a:97:4c:d9:44:4a:c3:86:cc:b2:1a:6b:25:ea:2e:
         42:79:5f:c8
-----BEGIN CERTIFICATE-----
MIIG1TCCBb2gAwIBAgIUTGzjj4CwgknMZnlQGgGYyAXWrEgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkNCMTgwNUZBN0FFMjJENTY1RTBBNTAyRDA4RDM3RUIy
QkQ4MzdBNzAeFw0yNTA5MTYwMzU1MDBaFw0yNjA5MTYwNDAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwOUU4NDQ3RDcyQUJBQTkxMzM0
RkVGQkFCMjA2ODk0MkRBMkM1NUI4NjY0NUU5QkI3QjFBMTI3NkQ1MkYyRUVDRDFF
OEQyNDBCMTRFODMyQ0YwOUQ5OTlCOUZFQzE2QTY3MjcyRTU4N0I0QkVGMTc1NEM1
RkIyRURGRTA2REM2NjQ4ODhCRjk0NzJGN0JGQzQ2RDU3QjgwODI3QjIwQzlDODYy
QTQzRTc4MzM3MDQwQTI2MTAyNjhFNUYzQThCREQxNzU0MTg2Nzk3RTlDNDBEQzlD
NUNEQkI1NjJCNDJEMTg1OTE1OENFMjEzODVCMkIzNjY3MDVDMTVERjFEQTQ4MzIz
Q0I0N0RBRjdCNEVFQUEzMTk1NDk1NkM3QUJCMTQxRTg2QkY3MjU1Q0FDNjA1NEQ0
QzNEMTc2MzlFNzIxNDAzRjAwRjY2RDAwREJERDY1OTE3ODhEMDNDQ0U2NkE2MTFE
Njg4MDVERDJCOTYyMEZEMUI1ODNEQkVGNTFCODM2QjRENjIxNjk1NzNBNjQ5RjU4
MDM0MEE4ODg1NzY5OEM0RUZBRDQyMjVGMDQyOEU4RjM0MzE4REU2RjJBRkZERTBF
MjA1MDFCQjJFQzk3NjZFNzI2QTEyMDRGQ0MzODU1NDg5MzY1RjMzQUZCOEE2RTBF
MDBGQjMyNzkyMDZFMzcwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAnoRH1yq6qRM0/vurIGiULaLFW4ZkXpu3saEnbVLy7s0ejSQLFOgy
zwnZmbn+wWpnJy5Ye0vvF1TF+y7f4G3GZIiL+Ucve/xG1XuAgnsgychipD54M3BA
omECaOXzqL3RdUGGeX6cQNycXNu1YrQtGFkVjOIThbKzZnBcFd8dpIMjy0fa97Tu
qjGVSVbHq7FB6Gv3JVysYFTUw9F2OechQD8A9m0A291lkXiNA8zmamEdaIBd0rli
D9G1g9vvUbg2tNYhaVc6ZJ9YA0CoiFdpjE761CJfBCjo80MY3m8q/94OIFAbsuyX
ZucmoSBPzDhVSJNl8zr7im4OAPsyeSBuNwIDAQABo4IB4zCCAd8wHQYDVR0OBBYE
FMBSEHPE12/c8oMCgqE4lI076FuNMB8GA1UdIwQYMBaAFPyxgF+nriLVZeClAtCN
N+sr2DenMA4GA1UdDwEB/wQEAwIHgDBkBgNVHR8EXTBbMFmgV6BVhlNyc3luYzov
L3Jwa2kuYXBlcm5ldC5pby9yZXBvL0FQRVJORVQvMS9GQ0IxODA1RkE3QUUyMkQ1
NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNybDBtBggrBgEFBQcBAQRhMF8wXQYI
KwYBBQUHMAKGUXJzeW5jOi8vc2FrdXlhLm5hdC5tb2UvcmVwby9OQVRPQ0EvMS9G
Q0IxODA1RkE3QUUyMkQ1NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNlcjB9Bggr
BgEFBQcBCwRxMG8wbQYIKwYBBQUHMAuGYXJzeW5jOi8vcnBraS5hcGVybmV0Lmlv
L3JlcG8vQVBFUk5FVC8xLzMxMzAzMzJlMzEzNTMyMmUzMzM0MmUzMDJmMzIzMzJk
MzIzMzIwM2QzZTIwMzMzODMwMzAzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWeYIjANBgkqhkiG9w0B
AQsFAAOCAQEAn7ZDczXa8uIu8rs585VxUpKZ4QKO/8B/Tsct3ayReFahFCLHDBh/
v0U3Dtg3K5xshE+zVxQbNk/TRinYuzWgBkH8pPYxehE4ajueSceFbBGAAJe8usAj
EIKYZ1FMvbNilM6M2todW2sM8KcAWeNBJPM1pUOasLr4jAIN2hJTJyBuVEHzM3Ub
/KT04tLuqHxfd5G90Q4G+s6RI/xvAMR0q0apjiSrdPplmWdsW43UlO3jz23+tHcL
e9YZQfRR+YVOE9CjvqmMyOh6rtYv01ks6AsyG4po07iSAK85owSJbznbgINU8W8B
dlopsV1+epdM2URKw4bMshprJeouQnlfyA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:46:04 2025 by rpki-client