$ rpki-client -vvf rpki.apernet.io/repo/APERNET/1/3130332e3135322e33352e302f32342d3234203d3e203338303038.roa File: 3130332e3135322e33352e302f32342d3234203d3e203338303038.roa (raw, json) Hash identifier: 46sPnRy9Irgb4rrQNU7knYnrFtf4t9kVC4FpUVVN5f4= Subject key identifier: 3C:B9:13:9C:0D:36:64:F1:7F:90:2B:10:86:87:DD:E6:5C:57:F3:49 Certificate issuer: /CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7 Certificate serial: E2119019461CC4890A4EECDA55D141B703C3C1 Authority key identifier: FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7 Authority info access: rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer Subject info access: rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33352e302f32342d3234203d3e203338303038.roa Signing time: Sat 21 Mar 2026 01:00:00 +0000 ROA not before: Sat 21 Mar 2026 00:55:00 +0000 ROA not after: Sun 21 Mar 2027 01:00:00 +0000 asID: 38008 IP address blocks: 103.152.35.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.mft rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.crl rsync://sakuya.nat.moe/repo/NATOCA/1/5A179648B3EF2369DCE7BDB58140FF7DC7060ABF.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WheWSLPvI2nc5721gUD_fccGCr8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 26 Mar 2026 23:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: e2:11:90:19:46:1c:c4:89:0a:4e:ec:da:55:d1:41:b7:03:c3:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FCB1805FA7AE22D565E0A502D08D37EB2BD837A7 Validity Not Before: Mar 21 00:55:00 2026 GMT Not After : Mar 21 01:00:00 2027 GMT Subject: CN=3082010A0282010100B5542915F341433AAD2A3450FC33F2A5AE3BBB3FB576E4D2136EFDF602FF51C12F9F53C6A72D4349943EC457A14D31C92C4D202D0979F3F86CD64DDFD4115B2CDE1C8D33A2A6314261F1B781EEB3468E8263EEA1F6BB19B6CEAB10313AD015127A0DCBCBD5FACD957E8E7A0FD64D2DFDF6CD9EA5B8A17C39E85EB4A7598F5C69A56E01533599275A600D6280A8B2A842F30A1FA697B54D9E48C40A3D8C6D43ABB73357923AF3D628A3C132C2DA52292F22B03236148D2DDAAA2B09629F5F5744D5742EBB958E20CFD3A87108D0775A62F66065C5A04083C94114F7837E68739C404C83D7C25C9B22659F582FC750E78B66A72A0929E0C8987EBA5667709F3CEF0203010001 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:54:29:15:f3:41:43:3a:ad:2a:34:50:fc:33: f2:a5:ae:3b:bb:3f:b5:76:e4:d2:13:6e:fd:f6:02: ff:51:c1:2f:9f:53:c6:a7:2d:43:49:94:3e:c4:57: a1:4d:31:c9:2c:4d:20:2d:09:79:f3:f8:6c:d6:4d: df:d4:11:5b:2c:de:1c:8d:33:a2:a6:31:42:61:f1: b7:81:ee:b3:46:8e:82:63:ee:a1:f6:bb:19:b6:ce: ab:10:31:3a:d0:15:12:7a:0d:cb:cb:d5:fa:cd:95: 7e:8e:7a:0f:d6:4d:2d:fd:f6:cd:9e:a5:b8:a1:7c: 39:e8:5e:b4:a7:59:8f:5c:69:a5:6e:01:53:35:99: 27:5a:60:0d:62:80:a8:b2:a8:42:f3:0a:1f:a6:97: b5:4d:9e:48:c4:0a:3d:8c:6d:43:ab:b7:33:57:92: 3a:f3:d6:28:a3:c1:32:c2:da:52:29:2f:22:b0:32: 36:14:8d:2d:da:aa:2b:09:62:9f:5f:57:44:d5:74: 2e:bb:95:8e:20:cf:d3:a8:71:08:d0:77:5a:62:f6: 60:65:c5:a0:40:83:c9:41:14:f7:83:7e:68:73:9c: 40:4c:83:d7:c2:5c:9b:22:65:9f:58:2f:c7:50:e7: 8b:66:a7:2a:09:29:e0:c8:98:7e:ba:56:67:70:9f: 3c:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:B9:13:9C:0D:36:64:F1:7F:90:2B:10:86:87:DD:E6:5C:57:F3:49 X509v3 Authority Key Identifier: keyid:FC:B1:80:5F:A7:AE:22:D5:65:E0:A5:02:D0:8D:37:EB:2B:D8:37:A7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apernet.io/repo/APERNET/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.crl Authority Information Access: CA Issuers - URI:rsync://sakuya.nat.moe/repo/NATOCA/1/FCB1805FA7AE22D565E0A502D08D37EB2BD837A7.cer Subject Information Access: Signed Object - URI:rsync://rpki.apernet.io/repo/APERNET/1/3130332e3135322e33352e302f32342d3234203d3e203338303038.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.152.35.0/24 Signature Algorithm: sha256WithRSAEncryption 7f:9c:d1:5f:c3:fa:5c:1e:eb:f7:42:58:ed:7d:44:07:cb:45: a8:a0:d8:96:1f:d5:0e:72:f7:79:8e:c6:2c:03:95:42:f4:ea: d2:24:16:d3:c0:c9:5a:6b:b3:22:d1:cb:50:54:1a:5d:f6:1d: 6c:5d:d2:5d:97:d1:30:d9:50:ba:1b:fa:c1:9b:cc:fb:b4:4f: 1f:ba:6f:18:9e:4d:47:e5:a7:26:dd:f2:91:92:fc:8a:15:93: 0a:8d:3e:35:68:8b:31:64:60:70:cd:86:46:c9:c3:52:df:0c: cb:3a:4a:b9:d2:11:e3:93:53:61:61:0b:1e:8c:ee:49:ed:e6: 15:21:35:4c:1e:db:fb:3c:3a:4f:3f:e8:f5:92:0a:09:57:18: 64:9b:17:20:24:8b:70:02:aa:58:bd:c2:f2:9f:19:94:98:f0: 8c:0a:7c:9a:04:67:cd:21:0b:87:85:d3:88:4b:4f:38:61:7e: 84:20:95:cb:69:dc:5c:38:3f:7c:c0:77:78:d1:d5:cc:f9:3d: 97:79:32:58:b3:e7:9a:de:89:62:69:7c:53:9d:80:f8:cd:d2: ec:3a:04:6b:89:95:68:0d:a1:f9:e1:8f:32:36:79:4e:14:43: 5d:97:a2:5c:dc:11:c7:f0:b8:86:33:02:6d:45:c5:7c:59:9a: 0c:23:a5:43 -----BEGIN CERTIFICATE----- MIIG1TCCBb2gAwIBAgIUAOIRkBlGHMSJCk7s2lXRQbcDw8EwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRkNCMTgwNUZBN0FFMjJENTY1RTBBNTAyRDA4RDM3RUIy QkQ4MzdBNzAeFw0yNjAzMjEwMDU1MDBaFw0yNzAzMjEwMTAwMDBaMIICLTGCAikw ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQjU1NDI5MTVGMzQxNDMzQUFE MkEzNDUwRkMzM0YyQTVBRTNCQkIzRkI1NzZFNEQyMTM2RUZERjYwMkZGNTFDMTJG OUY1M0M2QTcyRDQzNDk5NDNFQzQ1N0ExNEQzMUM5MkM0RDIwMkQwOTc5RjNGODZD RDY0RERGRDQxMTVCMkNERTFDOEQzM0EyQTYzMTQyNjFGMUI3ODFFRUIzNDY4RTgy NjNFRUExRjZCQjE5QjZDRUFCMTAzMTNBRDAxNTEyN0EwRENCQ0JENUZBQ0Q5NTdF OEU3QTBGRDY0RDJERkRGNkNEOUVBNUI4QTE3QzM5RTg1RUI0QTc1OThGNUM2OUE1 NkUwMTUzMzU5OTI3NUE2MDBENjI4MEE4QjJBODQyRjMwQTFGQTY5N0I1NEQ5RTQ4 QzQwQTNEOEM2RDQzQUJCNzMzNTc5MjNBRjNENjI4QTNDMTMyQzJEQTUyMjkyRjIy QjAzMjM2MTQ4RDJEREFBQTJCMDk2MjlGNUY1NzQ0RDU3NDJFQkI5NThFMjBDRkQz QTg3MTA4RDA3NzVBNjJGNjYwNjVDNUEwNDA4M0M5NDExNEY3ODM3RTY4NzM5QzQw NEM4M0Q3QzI1QzlCMjI2NTlGNTgyRkM3NTBFNzhCNjZBNzJBMDkyOUUwQzg5ODdF QkE1NjY3NzA5RjNDRUYwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEAtVQpFfNBQzqtKjRQ/DPypa47uz+1duTSE2799gL/UcEvn1PGpy1D SZQ+xFehTTHJLE0gLQl58/hs1k3f1BFbLN4cjTOipjFCYfG3ge6zRo6CY+6h9rsZ ts6rEDE60BUSeg3Ly9X6zZV+jnoP1k0t/fbNnqW4oXw56F60p1mPXGmlbgFTNZkn WmANYoCosqhC8wofppe1TZ5IxAo9jG1Dq7czV5I689Yoo8EywtpSKS8isDI2FI0t 2qorCWKfX1dE1XQuu5WOIM/TqHEI0HdaYvZgZcWgQIPJQRT3g35oc5xATIPXwlyb ImWfWC/HUOeLZqcqCSngyJh+ulZncJ887wIDAQABo4IB4zCCAd8wHQYDVR0OBBYE FDy5E5wNNmTxf5ArEIaH3eZcV/NJMB8GA1UdIwQYMBaAFPyxgF+nriLVZeClAtCN N+sr2DenMA4GA1UdDwEB/wQEAwIHgDBkBgNVHR8EXTBbMFmgV6BVhlNyc3luYzov L3Jwa2kuYXBlcm5ldC5pby9yZXBvL0FQRVJORVQvMS9GQ0IxODA1RkE3QUUyMkQ1 NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNybDBtBggrBgEFBQcBAQRhMF8wXQYI KwYBBQUHMAKGUXJzeW5jOi8vc2FrdXlhLm5hdC5tb2UvcmVwby9OQVRPQ0EvMS9G Q0IxODA1RkE3QUUyMkQ1NjVFMEE1MDJEMDhEMzdFQjJCRDgzN0E3LmNlcjB9Bggr BgEFBQcBCwRxMG8wbQYIKwYBBQUHMAuGYXJzeW5jOi8vcnBraS5hcGVybmV0Lmlv L3JlcG8vQVBFUk5FVC8xLzMxMzAzMzJlMzEzNTMyMmUzMzM1MmUzMDJmMzIzNDJk MzIzNDIwM2QzZTIwMzMzODMwMzAzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGeYIzANBgkqhkiG9w0B AQsFAAOCAQEAf5zRX8P6XB7r90JY7X1EB8tFqKDYlh/VDnL3eY7GLAOVQvTq0iQW 08DJWmuzItHLUFQaXfYdbF3SXZfRMNlQuhv6wZvM+7RPH7pvGJ5NR+WnJt3ykZL8 ihWTCo0+NWiLMWRgcM2GRsnDUt8MyzpKudIR45NTYWELHozuSe3mFSE1TB7b+zw6 Tz/o9ZIKCVcYZJsXICSLcAKqWL3C8p8ZlJjwjAp8mgRnzSELh4XTiEtPOGF+hCCV y2ncXDg/fMB3eNHVzPk9l3kyWLPnmt6JYml8U52A+M3S7DoEa4mVaA2h+eGPMjZ5 ThRDXZeiXNwRx/C4hjMCbUXFfFmaDCOlQw== -----END CERTIFICATE-----Generated at Thu Mar 26 15:36:14 2026 by rpki-client