Route Origin Authorization
$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/131/IEsUBXfamyQbNF4MnQ99QFHOauk.roa
File: IEsUBXfamyQbNF4MnQ99QFHOauk.roa (raw, json)
Hash identifier: J1hGCqZURzuxtC3MVc5dlQmy8MPo6HLH9Rl7L/a7EMQ=
Subject key identifier: 20:4B:14:05:77:DA:9B:24:1B:34:5E:0C:9D:0F:7D:40:51:CE:6A:E9
Certificate issuer: /CN=2FC09923B05A7E8F1ADD9A5984EDC19320DB974B
Certificate serial: 020A
Authority key identifier: 2F:C0:99:23:B0:5A:7E:8F:1A:DD:9A:59:84:ED:C1:93:20:DB:97:4B
Authority info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/L8CZI7Bafo8a3ZpZhO3BkyDbl0s.cer
Subject info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/131/IEsUBXfamyQbNF4MnQ99QFHOauk.roa
Signing time: Sat 01 Mar 2025 01:31:07 +0000
ROA not before: Sat 01 Mar 2025 01:31:07 +0000
ROA not after: Sun 15 Feb 2026 01:30:03 +0000
asID: 4713
IP address blocks: 122.1.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/131/L8CZI7Bafo8a3ZpZhO3BkyDbl0s.crl
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/131/L8CZI7Bafo8a3ZpZhO3BkyDbl0s.mft
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/L8CZI7Bafo8a3ZpZhO3BkyDbl0s.cer
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 22:44:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 522 (0x20a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2FC09923B05A7E8F1ADD9A5984EDC19320DB974B
Validity
Not Before: Mar 1 01:31:07 2025 GMT
Not After : Feb 15 01:30:03 2026 GMT
Subject: CN=204B140577DA9B241B345E0C9D0F7D4051CE6AE9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:09:32:05:22:95:8b:1f:24:3f:ef:fc:65:c5:
dd:85:9e:51:7a:ad:13:85:a4:8b:9e:79:46:f4:06:
a1:38:c8:3c:74:13:a0:e2:46:dd:5d:45:ec:90:e0:
08:48:a8:ca:05:91:84:d3:a6:27:cc:7a:90:cd:24:
52:b2:6d:0e:b3:66:96:be:d5:8a:8f:f9:96:9d:3d:
0b:d4:7f:28:8b:0c:e8:7e:25:76:43:c5:2c:45:27:
e9:02:6c:b5:8a:7a:e9:c4:88:b0:62:08:4c:69:8a:
52:53:de:e5:02:fb:de:e2:1a:5e:71:06:6d:d2:f5:
99:9e:3b:77:33:cf:ec:e0:82:67:f4:59:b1:cb:1a:
dc:17:2b:06:70:f1:d8:bc:89:57:3b:f7:ee:19:ec:
ea:11:71:97:65:9b:7c:3f:2f:a2:d0:9a:35:64:a2:
0b:74:80:e9:ee:41:ff:8f:77:eb:f7:0c:d4:7a:05:
39:e3:67:23:50:21:7e:8b:b9:dd:08:0e:e4:b7:e6:
13:3c:66:64:af:80:bc:28:6e:be:d7:60:da:c1:1d:
f1:3c:f9:03:18:7a:84:5a:8c:f3:48:09:7a:7e:07:
be:19:e5:9a:e1:c0:73:69:10:77:36:02:35:47:9a:
81:6d:d6:70:09:78:ce:a2:2a:f2:10:b1:07:a4:d5:
89:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:4B:14:05:77:DA:9B:24:1B:34:5E:0C:9D:0F:7D:40:51:CE:6A:E9
X509v3 Authority Key Identifier:
keyid:2F:C0:99:23:B0:5A:7E:8F:1A:DD:9A:59:84:ED:C1:93:20:DB:97:4B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/131/L8CZI7Bafo8a3ZpZhO3BkyDbl0s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/L8CZI7Bafo8a3ZpZhO3BkyDbl0s.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/131/IEsUBXfamyQbNF4MnQ99QFHOauk.roa
RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.1.0.0/16
Signature Algorithm: sha256WithRSAEncryption
04:e5:8c:cf:fc:71:0d:5f:99:00:06:cf:51:a2:de:41:00:2e:
e7:69:cd:e8:78:e7:1b:d7:86:86:fa:4a:de:76:52:f5:d6:a6:
d0:22:a6:52:97:39:47:48:c2:b9:88:94:3b:88:5e:70:59:03:
2b:08:45:fc:25:5d:41:87:d1:67:fc:24:70:4c:98:58:df:eb:
c1:ec:8d:de:06:76:85:9d:b3:a9:cd:a2:d5:18:af:d1:db:20:
24:a9:c5:7e:91:4d:06:37:1e:a8:8d:af:e4:d0:e0:bc:00:8e:
01:49:4f:f6:6e:d9:36:58:06:da:36:97:ed:3a:bb:e0:ee:76:
e3:bf:b6:3c:b7:d0:dc:d1:6a:49:f4:4b:8b:8f:d7:a4:6e:8d:
39:18:e7:ad:4e:cb:fc:a0:9f:1e:85:25:f8:9f:54:72:2e:3c:
53:3c:80:de:93:43:84:1e:e9:a0:ee:b2:7a:74:9e:27:ed:59:
2a:d3:b8:fb:23:4f:1e:0a:73:90:95:cb:64:8a:2e:0c:fb:84:
40:cc:78:4b:b2:1a:75:15:30:cd:94:e3:85:5b:88:c1:9d:fe:
92:fa:7f:73:87:73:54:72:c9:0d:70:31:55:98:dc:2a:c5:f2:
e8:25:83:7b:14:0f:e8:b2:6b:05:ff:85:b6:4c:c0:b6:ed:58:
f2:cc:ed:64
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgICAgowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkZD
MDk5MjNCMDVBN0U4RjFBREQ5QTU5ODRFREMxOTMyMERCOTc0QjAeFw0yNTAzMDEw
MTMxMDdaFw0yNjAyMTUwMTMwMDNaMDMxMTAvBgNVBAMTKDIwNEIxNDA1NzdEQTlC
MjQxQjM0NUUwQzlEMEY3RDQwNTFDRTZBRTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVCTIFIpWLHyQ/7/xlxd2FnlF6rROFpIueeUb0BqE4yDx0E6Di
Rt1dReyQ4AhIqMoFkYTTpifMepDNJFKybQ6zZpa+1YqP+ZadPQvUfyiLDOh+JXZD
xSxFJ+kCbLWKeunEiLBiCExpilJT3uUC+97iGl5xBm3S9ZmeO3czz+zggmf0WbHL
GtwXKwZw8di8iVc79+4Z7OoRcZdlm3w/L6LQmjVkogt0gOnuQf+Pd+v3DNR6BTnj
ZyNQIX6Lud0IDuS35hM8ZmSvgLwobr7XYNrBHfE8+QMYeoRajPNICXp+B74Z5Zrh
wHNpEHc2AjVHmoFt1nAJeM6iKvIQsQek1YmRAgMBAAGjggIjMIICHzAdBgNVHQ4E
FgQUIEsUBXfamyQbNF4MnQ99QFHOaukwHwYDVR0jBBgwFoAUL8CZI7Bafo8a3ZpZ
hO3BkyDbl0swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzEzMS9MOENaSTdCYWZvOGEzWnBaaE8zQmt5RGJsMHMuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9MOENaSTdCYWZvOGEzWnBaaE8zQmt5
RGJsMHMuY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMTMxL0lFc1VCWGZhbXlRYk5GNE1uUTk5UUZIT2F1ay5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwB6ATANBgkqhkiG9w0BAQsFAAOCAQEABOWMz/xxDV+ZAAbPUaLeQQAu52nN
6HjnG9eGhvpK3nZS9dam0CKmUpc5R0jCuYiUO4hecFkDKwhF/CVdQYfRZ/wkcEyY
WN/rweyN3gZ2hZ2zqc2i1Riv0dsgJKnFfpFNBjceqI2v5NDgvACOAUlP9m7ZNlgG
2jaX7Tq74O5247+2PLfQ3NFqSfRLi4/XpG6NORjnrU7L/KCfHoUl+J9Uci48UzyA
3pNDhB7poO6yenSeJ+1ZKtO4+yNPHgpzkJXLZIouDPuEQMx4S7IadRUwzZTjhVuI
wZ3+kvp/c4dzVHLJDXAxVZjcKsXy6CWDexQP6LJrBf+FtkzAtu1Y8sztZA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 18:06:17 2025 by rpki-client