Route Origin Authorization
$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/161/XT-4zpa77td5MirrqaoZiq0ORpo.roa
File: XT-4zpa77td5MirrqaoZiq0ORpo.roa (raw, json)
Hash identifier: 9ZvkNpJDuQPPHj2h2qUortmXmFvH1QfooP+ohZMSIU4=
Subject key identifier: 5D:3F:B8:CE:96:BB:EE:D7:79:32:2A:EB:A9:AA:19:8A:AD:0E:46:9A
Certificate issuer: /CN=15BFA3E53E59149239A168DFD92C75745AB66CB6
Certificate serial: 044E
Authority key identifier: 15:BF:A3:E5:3E:59:14:92:39:A1:68:DF:D9:2C:75:74:5A:B6:6C:B6
Authority info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.cer
Subject info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/XT-4zpa77td5MirrqaoZiq0ORpo.roa
Signing time: Wed 18 Dec 2024 02:24:05 +0000
ROA not before: Wed 18 Dec 2024 02:24:05 +0000
ROA not after: Mon 15 Dec 2025 01:30:03 +0000
asID: 2516
IP address blocks: 222.12.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.crl
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.mft
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.cer
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 22:44:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1102 (0x44e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15BFA3E53E59149239A168DFD92C75745AB66CB6
Validity
Not Before: Dec 18 02:24:05 2024 GMT
Not After : Dec 15 01:30:03 2025 GMT
Subject: CN=5D3FB8CE96BBEED779322AEBA9AA198AAD0E469A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f8:28:7d:ea:44:ac:79:ea:a7:62:74:c4:f5:
01:35:31:12:ff:3c:6f:fa:f6:98:fe:5d:42:e1:09:
08:ba:ca:5c:fc:f6:ca:67:95:28:45:bf:48:86:6c:
68:71:04:b3:cf:e9:45:f3:69:66:cc:c0:ee:ee:37:
91:26:5f:3c:ee:a1:6e:08:dc:a5:7c:a4:3c:4b:85:
1a:ca:35:26:71:c9:2a:f9:c4:9b:f5:7d:e3:97:2a:
83:f8:63:56:49:56:73:ce:c5:86:45:c6:72:66:f8:
88:1b:aa:30:e2:2e:62:dc:00:52:2d:b4:d5:ac:82:
0e:97:d7:59:3b:bc:19:80:8f:3d:13:62:ac:4c:5d:
2e:d5:76:0e:95:e6:da:29:b6:61:48:ff:dd:0f:36:
60:ca:63:1e:b3:93:22:e1:14:13:c9:9b:71:54:c2:
4a:b8:1a:91:3d:ee:f0:09:b2:25:f0:6d:34:61:61:
74:7f:68:4b:fc:9d:2a:0c:31:ca:df:57:08:07:5f:
8a:bd:3b:a2:1f:f6:a0:20:5a:1d:e7:43:7b:1a:68:
38:ac:b9:d0:3a:5a:22:ad:99:ae:9b:5c:d5:5e:ec:
f4:8b:ce:34:9e:31:77:05:aa:a8:ce:43:ce:9a:7e:
d3:a3:a7:09:c1:b5:9b:78:ea:6b:ef:03:e2:de:4d:
9a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:3F:B8:CE:96:BB:EE:D7:79:32:2A:EB:A9:AA:19:8A:AD:0E:46:9A
X509v3 Authority Key Identifier:
keyid:15:BF:A3:E5:3E:59:14:92:39:A1:68:DF:D9:2C:75:74:5A:B6:6C:B6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/XT-4zpa77td5MirrqaoZiq0ORpo.roa
RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
222.12.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5a:85:78:c5:08:09:e8:0c:4a:f5:ed:3d:e0:27:16:42:eb:01:
0a:7e:ca:e0:5d:76:c3:2f:b8:e1:58:50:4a:9c:a1:93:6e:bc:
3c:43:62:6f:44:03:2e:d4:0e:ce:59:2c:a9:ba:c1:4e:9f:82:
c0:79:8c:11:d2:70:21:f4:1d:d4:08:c3:31:e6:8e:c8:3a:89:
c0:1e:aa:78:0a:42:05:40:d1:88:70:f7:49:39:cb:fa:5c:ef:
08:e3:06:12:15:6e:22:58:58:07:8d:e2:4a:a6:41:70:a8:84:
1e:f0:c3:8b:26:14:b8:88:2e:f7:66:e0:8a:51:ee:d9:f6:5a:
b3:3c:45:d7:ea:11:bf:bd:32:cd:10:4c:a2:b9:04:47:08:6f:
87:73:a8:eb:74:d6:8e:12:52:9e:0d:1d:ba:87:dd:7c:27:d4:
38:67:7f:e7:51:9c:aa:bd:3c:4d:9f:d2:a8:a7:99:26:88:f2:
2b:ca:b6:c0:bd:dc:ca:e0:31:7d:27:b4:72:5a:6b:50:18:b3:
da:c1:1e:4a:ee:de:45:e3:54:38:6e:c9:a9:66:d0:a0:fb:8c:
b0:d1:a9:0e:3a:fe:c1:27:0d:3f:6f:23:18:c2:54:29:3c:cb:
b3:a3:5f:e0:b5:9c:ef:65:0b:67:51:42:b5:9f:ab:2e:4b:2a:
44:a3:57:1f
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgICBE4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTVC
RkEzRTUzRTU5MTQ5MjM5QTE2OERGRDkyQzc1NzQ1QUI2NkNCNjAeFw0yNDEyMTgw
MjI0MDVaFw0yNTEyMTUwMTMwMDNaMDMxMTAvBgNVBAMTKDVEM0ZCOENFOTZCQkVF
RDc3OTMyMkFFQkE5QUExOThBQUQwRTQ2OUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCm+Ch96kSseeqnYnTE9QE1MRL/PG/69pj+XULhCQi6ylz89spn
lShFv0iGbGhxBLPP6UXzaWbMwO7uN5EmXzzuoW4I3KV8pDxLhRrKNSZxySr5xJv1
feOXKoP4Y1ZJVnPOxYZFxnJm+IgbqjDiLmLcAFIttNWsgg6X11k7vBmAjz0TYqxM
XS7Vdg6V5toptmFI/90PNmDKYx6zkyLhFBPJm3FUwkq4GpE97vAJsiXwbTRhYXR/
aEv8nSoMMcrfVwgHX4q9O6If9qAgWh3nQ3saaDisudA6WiKtma6bXNVe7PSLzjSe
MXcFqqjOQ86aftOjpwnBtZt46mvvA+LeTZqBAgMBAAGjggIjMIICHzAdBgNVHQ4E
FgQUXT+4zpa77td5MirrqaoZiq0ORpowHwYDVR0jBBgwFoAUFb+j5T5ZFJI5oWjf
2Sx1dFq2bLYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzE2MS9GYi1qNVQ1WkZKSTVvV2pmMlN4MWRGcTJiTFkuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9GYi1qNVQ1WkZKSTVvV2pmMlN4MWRG
cTJiTFkuY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMTYxL1hULTR6cGE3N3RkNU1pcnJxYW9aaXEwT1Jwby5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwDeDDANBgkqhkiG9w0BAQsFAAOCAQEAWoV4xQgJ6AxK9e094CcWQusBCn7K
4F12wy+44VhQSpyhk268PENib0QDLtQOzlksqbrBTp+CwHmMEdJwIfQd1AjDMeaO
yDqJwB6qeApCBUDRiHD3STnL+lzvCOMGEhVuIlhYB43iSqZBcKiEHvDDiyYUuIgu
92bgilHu2fZaszxF1+oRv70yzRBMorkERwhvh3Oo63TWjhJSng0duofdfCfUOGd/
51Gcqr08TZ/SqKeZJojyK8q2wL3cyuAxfSe0clprUBiz2sEeSu7eReNUOG7JqWbQ
oPuMsNGpDjr+wScNP28jGMJUKTzLs6Nf4LWc72ULZ1FCtZ+rLksqRKNXHw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 14:45:24 2025 by rpki-client