Route Origin Authorization
$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/161/aH3YU76XmiSykCJgQc3r4y9GBII.roa
File: aH3YU76XmiSykCJgQc3r4y9GBII.roa (raw, json)
Hash identifier: D2TvHMJnN7eLQwtq8JSBFFeJECRtF8AFIHfU58U/Cig=
Subject key identifier: 68:7D:D8:53:BE:97:9A:24:B2:90:22:60:41:CD:EB:E3:2F:46:04:82
Certificate issuer: /CN=15BFA3E53E59149239A168DFD92C75745AB66CB6
Certificate serial: 049B
Authority key identifier: 15:BF:A3:E5:3E:59:14:92:39:A1:68:DF:D9:2C:75:74:5A:B6:6C:B6
Authority info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.cer
Subject info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/aH3YU76XmiSykCJgQc3r4y9GBII.roa
Signing time: Wed 18 Dec 2024 02:28:55 +0000
ROA not before: Wed 18 Dec 2024 02:28:55 +0000
ROA not after: Mon 15 Dec 2025 01:30:03 +0000
asID: 2516
IP address blocks: 222.13.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.crl
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.mft
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.cer
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 22:44:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1179 (0x49b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15BFA3E53E59149239A168DFD92C75745AB66CB6
Validity
Not Before: Dec 18 02:28:55 2024 GMT
Not After : Dec 15 01:30:03 2025 GMT
Subject: CN=687DD853BE979A24B290226041CDEBE32F460482
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:16:6d:9c:bd:d2:5f:ad:6f:bd:4f:c7:32:81:
a6:6b:05:24:e7:ae:ee:49:1d:ad:41:c1:67:21:de:
8e:80:5b:62:32:93:8a:5b:19:8e:30:20:b7:25:8d:
41:27:d5:cb:c7:cd:84:f0:d4:7f:d3:b6:f1:58:40:
f2:9e:34:74:5f:2d:e3:08:2c:6d:af:32:78:a8:0b:
f3:71:36:4a:7f:e0:b1:4b:ff:6c:e8:5a:f1:ff:a1:
95:5c:53:5e:3f:06:5f:87:98:49:27:f3:35:c1:0b:
0c:88:26:1f:84:ee:2b:94:e2:a3:93:66:58:4d:30:
d7:25:2c:a6:c4:48:89:ae:a3:17:77:de:fb:f7:00:
9c:00:b9:fd:3f:55:13:53:3a:2c:31:cb:c7:a1:fb:
2c:68:67:9f:16:43:47:93:8d:b2:b7:7e:1f:43:cf:
07:2f:54:7a:9c:96:77:83:a1:e2:d0:3e:f8:da:21:
03:34:9f:2b:6a:7b:99:52:7d:25:f8:b5:ef:17:a8:
0b:e9:6e:fc:5f:3a:90:6e:b8:3f:fd:78:80:5e:be:
02:ae:14:a8:98:51:14:7c:ce:90:88:cd:f2:10:42:
c9:20:73:81:11:db:2d:b3:aa:b5:7b:47:52:88:4a:
7c:3a:10:0f:65:17:97:24:0b:d7:da:94:f9:02:46:
8f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:7D:D8:53:BE:97:9A:24:B2:90:22:60:41:CD:EB:E3:2F:46:04:82
X509v3 Authority Key Identifier:
keyid:15:BF:A3:E5:3E:59:14:92:39:A1:68:DF:D9:2C:75:74:5A:B6:6C:B6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/aH3YU76XmiSykCJgQc3r4y9GBII.roa
RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
222.13.0.0/16
Signature Algorithm: sha256WithRSAEncryption
89:32:42:11:ed:ab:2b:52:7d:ab:6e:6d:e3:8a:2b:4c:e5:cc:
d2:92:16:bb:a0:05:d1:29:54:38:12:1f:1d:d3:c0:83:35:6b:
9b:38:be:43:a2:56:4b:b2:43:a4:56:11:cd:b8:49:da:cd:09:
0d:ae:95:1b:21:38:ec:ce:87:ee:53:bf:05:d7:ca:65:a0:5a:
e5:8b:17:89:cd:7f:46:3a:12:e7:c4:27:13:f7:95:58:c2:70:
e6:0c:39:60:b3:ce:07:46:db:95:73:1e:38:9d:80:5f:44:94:
a8:c9:6e:e1:a7:31:be:16:0e:be:4e:c7:f4:3e:6b:36:16:f3:
f1:0e:3f:ed:b0:a9:a0:23:93:e5:80:30:46:a1:bb:44:91:d6:
07:65:a5:f0:0b:14:3d:ea:0c:f4:de:bb:df:10:52:20:33:d4:
95:15:57:47:28:92:58:4c:7e:6d:a1:7b:fc:4c:b5:5e:2f:c6:
67:47:55:1d:df:22:c8:0f:49:5a:28:63:11:15:df:ba:68:60:
9d:4d:34:b9:57:de:9d:2f:a5:ad:ec:30:40:8e:96:ea:0b:80:
55:a6:0d:92:ba:1f:da:d9:ed:db:45:6c:60:52:3e:5e:d8:76:
1a:76:af:65:ab:1c:ba:b2:00:2d:c0:15:0f:70:ac:f2:83:53:
93:33:19:53
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgICBJswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTVC
RkEzRTUzRTU5MTQ5MjM5QTE2OERGRDkyQzc1NzQ1QUI2NkNCNjAeFw0yNDEyMTgw
MjI4NTVaFw0yNTEyMTUwMTMwMDNaMDMxMTAvBgNVBAMTKDY4N0REODUzQkU5NzlB
MjRCMjkwMjI2MDQxQ0RFQkUzMkY0NjA0ODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEFm2cvdJfrW+9T8cygaZrBSTnru5JHa1BwWch3o6AW2Iyk4pb
GY4wILcljUEn1cvHzYTw1H/TtvFYQPKeNHRfLeMILG2vMnioC/NxNkp/4LFL/2zo
WvH/oZVcU14/Bl+HmEkn8zXBCwyIJh+E7iuU4qOTZlhNMNclLKbESImuoxd33vv3
AJwAuf0/VRNTOiwxy8eh+yxoZ58WQ0eTjbK3fh9DzwcvVHqclneDoeLQPvjaIQM0
nytqe5lSfSX4te8XqAvpbvxfOpBuuD/9eIBevgKuFKiYURR8zpCIzfIQQskgc4ER
2y2zqrV7R1KISnw6EA9lF5ckC9falPkCRo9RAgMBAAGjggIjMIICHzAdBgNVHQ4E
FgQUaH3YU76XmiSykCJgQc3r4y9GBIIwHwYDVR0jBBgwFoAUFb+j5T5ZFJI5oWjf
2Sx1dFq2bLYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzE2MS9GYi1qNVQ1WkZKSTVvV2pmMlN4MWRGcTJiTFkuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9GYi1qNVQ1WkZKSTVvV2pmMlN4MWRG
cTJiTFkuY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMTYxL2FIM1lVNzZYbWlTeWtDSmdRYzNyNHk5R0JJSS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwDeDTANBgkqhkiG9w0BAQsFAAOCAQEAiTJCEe2rK1J9q25t44orTOXM0pIW
u6AF0SlUOBIfHdPAgzVrmzi+Q6JWS7JDpFYRzbhJ2s0JDa6VGyE47M6H7lO/BdfK
ZaBa5YsXic1/RjoS58QnE/eVWMJw5gw5YLPOB0bblXMeOJ2AX0SUqMlu4acxvhYO
vk7H9D5rNhbz8Q4/7bCpoCOT5YAwRqG7RJHWB2Wl8AsUPeoM9N673xBSIDPUlRVX
RyiSWEx+baF7/Ey1Xi/GZ0dVHd8iyA9JWihjERXfumhgnU00uVfenS+lrewwQI6W
6guAVaYNkrof2tnt20VsYFI+Xth2GnavZascurIALcAVD3Cs8oNTkzMZUw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 06:35:08 2025 by rpki-client