$ rpki-client -vvf rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32342d3234203d3e203338303038.roa File: 3130332e3135322e33342e302f32342d3234203d3e203338303038.roa (raw, json) Hash identifier: PBlellj4ewr+5Yi7IfzeFQB87Jb2lW/mh91ATEE+ypA= Subject key identifier: DC:7A:F5:94:91:CE:D5:9A:03:D6:5B:68:00:E0:9C:A1:43:A5:FE:2C Certificate issuer: /CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7 Certificate serial: 4E51C0A06F4FAE0795B36CCCE581697A8E786B99 Authority key identifier: FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7 Authority info access: rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer Subject info access: rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32342d3234203d3e203338303038.roa Signing time: Sat 21 Mar 2026 00:00:00 +0000 ROA not before: Fri 20 Mar 2026 23:55:00 +0000 ROA not after: Sun 21 Mar 2027 00:00:00 +0000 asID: 38008 IP address blocks: 103.152.34.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.mft rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.crl rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WheWSLPvI2nc5721gUD_fccGCr8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 26 Mar 2026 23:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:51:c0:a0:6f:4f:ae:07:95:b3:6c:cc:e5:81:69:7a:8e:78:6b:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7 Validity Not Before: Mar 20 23:55:00 2026 GMT Not After : Mar 21 00:00:00 2027 GMT Subject: CN=3082010A0282010100BDD66C5A511738F54BE0460110FBA6140406F4744C022ADAA40C02C837D21180D410D10D997320BB412E39CE810B323579FBA63D9EF1DA381F2E798997763208CB92E226849F9F480489EBB5FBC0E054516529ECBA6E3F0F59514D2734C1C1E8F8EEB1FDB318F0E3C0CB52AB76BC219E69128934125F9ECA0D3D9D9A7DCD6D24CDCD7E834D2579EB297E293F54037F5DDFB7C37EA9CF97A6B6D64423B64BD6E05DD553B8B50C214BBFAC2709B78DD46AB763D429B049B12F79DB75D25478E72825A2FA5EAF949B97E16F7505FCDC9B9D336F95B2DE5455DC9F8A46E08BDEEE8EA99516E07EC35CAAD03AEEDD1849272AE2F8D38C197BA1B07B79A6C13769F2F30203010001 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:d6:6c:5a:51:17:38:f5:4b:e0:46:01:10:fb: a6:14:04:06:f4:74:4c:02:2a:da:a4:0c:02:c8:37: d2:11:80:d4:10:d1:0d:99:73:20:bb:41:2e:39:ce: 81:0b:32:35:79:fb:a6:3d:9e:f1:da:38:1f:2e:79: 89:97:76:32:08:cb:92:e2:26:84:9f:9f:48:04:89: eb:b5:fb:c0:e0:54:51:65:29:ec:ba:6e:3f:0f:59: 51:4d:27:34:c1:c1:e8:f8:ee:b1:fd:b3:18:f0:e3: c0:cb:52:ab:76:bc:21:9e:69:12:89:34:12:5f:9e: ca:0d:3d:9d:9a:7d:cd:6d:24:cd:cd:7e:83:4d:25: 79:eb:29:7e:29:3f:54:03:7f:5d:df:b7:c3:7e:a9: cf:97:a6:b6:d6:44:23:b6:4b:d6:e0:5d:d5:53:b8: b5:0c:21:4b:bf:ac:27:09:b7:8d:d4:6a:b7:63:d4: 29:b0:49:b1:2f:79:db:75:d2:54:78:e7:28:25:a2: fa:5e:af:94:9b:97:e1:6f:75:05:fc:dc:9b:9d:33: 6f:95:b2:de:54:55:dc:9f:8a:46:e0:8b:de:ee:8e: a9:95:16:e0:7e:c3:5c:aa:d0:3a:ee:dd:18:49:27: 2a:e2:f8:d3:8c:19:7b:a1:b0:7b:79:a6:c1:37:69: f2:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:7A:F5:94:91:CE:D5:9A:03:D6:5B:68:00:E0:9C:A1:43:A5:FE:2C X509v3 Authority Key Identifier: keyid:FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl Authority Information Access: CA Issuers - URI:rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer Subject Information Access: Signed Object - URI:rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33342e302f32342d3234203d3e203338303038.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.152.34.0/24 Signature Algorithm: sha256WithRSAEncryption 7e:b1:50:e8:01:90:36:1c:6a:bb:2e:b9:ca:70:e9:c5:76:d1: 92:54:78:03:11:71:cb:b8:39:12:bc:ac:ba:e3:ae:ee:4e:1a: b8:0d:d6:c8:f4:e8:78:2a:d2:52:8d:b4:63:af:07:8e:be:29: 11:7c:83:66:b0:ee:0c:b3:b2:0c:07:c4:6a:be:a2:ca:60:9c: b1:63:f7:37:44:93:f1:c4:04:2f:c3:e1:1d:30:31:be:60:e7: b1:de:16:2b:0e:32:af:32:ac:07:a0:eb:f4:0b:21:0d:f5:03: 4d:ae:71:2c:75:0f:a4:37:0b:43:8e:12:83:db:47:08:e6:b6: 2a:5f:b7:85:4d:5c:86:50:a4:05:b3:f2:51:ad:bc:c2:31:7c: a2:c1:0c:2c:3a:9a:86:6b:d4:52:54:ab:60:53:62:07:95:f3: 46:91:52:b0:28:4d:ac:bd:99:db:94:e9:2e:8e:a9:ef:11:5f: 3d:55:57:e2:d5:b6:a8:72:a5:13:ed:dd:3e:b9:22:f7:4f:90: a4:fc:57:71:10:5f:ee:75:b6:33:cf:ce:3a:40:4c:31:04:92: 7f:db:f4:d4:0d:eb:fb:f3:13:7b:d6:a5:7d:b6:05:ce:dd:06: 59:0f:ed:12:01:67:3f:71:5e:7a:c4:9e:80:8b:ee:d4:dd:96: a7:e8:4f:7a -----BEGIN CERTIFICATE----- MIIG1TCCBb2gAwIBAgIUTlHAoG9PrgeVs2zM5YFpeo54a5kwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRkNCMTgwNUZBN0FFMjJENTY1RTBBNTAyRDA4RDM3RUIy QkQ4MzdBNzAeFw0yNjAzMjAyMzU1MDBaFw0yNzAzMjEwMDAwMDBaMIICLTGCAikw ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQkRENjZDNUE1MTE3MzhGNTRC RTA0NjAxMTBGQkE2MTQwNDA2RjQ3NDRDMDIyQURBQTQwQzAyQzgzN0QyMTE4MEQ0 MTBEMTBEOTk3MzIwQkI0MTJFMzlDRTgxMEIzMjM1NzlGQkE2M0Q5RUYxREEzODFG MkU3OTg5OTc3NjMyMDhDQjkyRTIyNjg0OUY5RjQ4MDQ4OUVCQjVGQkMwRTA1NDUx NjUyOUVDQkE2RTNGMEY1OTUxNEQyNzM0QzFDMUU4RjhFRUIxRkRCMzE4RjBFM0Mw Q0I1MkFCNzZCQzIxOUU2OTEyODkzNDEyNUY5RUNBMEQzRDlEOUE3RENENkQyNENE Q0Q3RTgzNEQyNTc5RUIyOTdFMjkzRjU0MDM3RjVEREZCN0MzN0VBOUNGOTdBNkI2 RDY0NDIzQjY0QkQ2RTA1REQ1NTNCOEI1MEMyMTRCQkZBQzI3MDlCNzhERDQ2QUI3 NjNENDI5QjA0OUIxMkY3OURCNzVEMjU0NzhFNzI4MjVBMkZBNUVBRjk0OUI5N0Ux NkY3NTA1RkNEQzlCOUQzMzZGOTVCMkRFNTQ1NURDOUY4QTQ2RTA4QkRFRUU4RUE5 OTUxNkUwN0VDMzVDQUFEMDNBRUVERDE4NDkyNzJBRTJGOEQzOEMxOTdCQTFCMDdC NzlBNkMxMzc2OUYyRjMwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEAvdZsWlEXOPVL4EYBEPumFAQG9HRMAirapAwCyDfSEYDUENENmXMg u0EuOc6BCzI1efumPZ7x2jgfLnmJl3YyCMuS4iaEn59IBInrtfvA4FRRZSnsum4/ D1lRTSc0wcHo+O6x/bMY8OPAy1KrdrwhnmkSiTQSX57KDT2dmn3NbSTNzX6DTSV5 6yl+KT9UA39d37fDfqnPl6a21kQjtkvW4F3VU7i1DCFLv6wnCbeN1Gq3Y9QpsEmx L3nbddJUeOcoJaL6Xq+Um5fhb3UF/NybnTNvlbLeVFXcn4pG4Ive7o6plRbgfsNc qtA67t0YSScq4vjTjBl7obB7eabBN2ny8wIDAQABo4IB4zCCAd8wHQYDVR0OBBYE FNx69ZSRztWaA9ZbaADgnKFDpf4sMB8GA1UdIwQYMBaAFPyxgF+nriLVZeClAtCN N+sr2DenMA4GA1UdDwEB/wQEAwIHgDBkBgNVHR8EXTBbMFmgV6BVhlNyc3luYzov L3Jwa2kuYXBlcm5ldC5pby9yZXBvL0FQRVJORVQvMS9GQ0IxODA1RkE3QUUyMkQ1 NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNybDBtBggrBgEFBQcBAQRhMF8wXQYI KwYBBQUHMAKGUXJzeW5jOi8vc2FrdXlhLm5hdC5tb2UvcmVwby9OQVRPQ0EvMS9G Q0IxODA1RkE3QUUyMkQ1NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNlcjB9Bggr BgEFBQcBCwRxMG8wbQYIKwYBBQUHMAuGYXJzeW5jOi8vcnBraS5hcGVybmV0Lmlv L3JlcG8vQVBFUk5FVC8xLzMxMzAzMzJlMzEzNTMyMmUzMzM0MmUzMDJmMzIzNDJk MzIzNDIwM2QzZTIwMzMzODMwMzAzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGeYIjANBgkqhkiG9w0B AQsFAAOCAQEAfrFQ6AGQNhxquy65ynDpxXbRklR4AxFxy7g5ErysuuOu7k4auA3W yPToeCrSUo20Y68Hjr4pEXyDZrDuDLOyDAfEar6iymCcsWP3N0ST8cQEL8PhHTAx vmDnsd4WKw4yrzKsB6Dr9AshDfUDTa5xLHUPpDcLQ44Sg9tHCOa2Kl+3hU1chlCk BbPyUa28wjF8osEMLDqahmvUUlSrYFNiB5XzRpFSsChNrL2Z25TpLo6p7xFfPVVX 4tW2qHKlE+3dPrki90+QpPxXcRBf7nW2M8/OOkBMMQSSf9v01A3r+/MTe9alfbYF zt0GWQ/tEgFnP3FeesSegIvu1N2Wp+hPeg== -----END CERTIFICATE-----Generated at Thu Mar 26 15:36:08 2026 by rpki-client