Route Origin Authorization
$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30129/ss2mlHK6H__Oy5_w3Ikq-UDPNLQ.roa
File: ss2mlHK6H__Oy5_w3Ikq-UDPNLQ.roa (raw, json)
Hash identifier: w/yaANTmwZeVPaZ8pBOmr57y8iB4WfkzsYXDnni9eg0=
Subject key identifier: B2:CD:A6:94:72:BA:1F:FF:CE:CB:9F:F0:DC:89:2A:F9:40:CF:34:B4
Certificate issuer: /CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
Certificate serial: 03DF
Authority key identifier: 51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB
Authority info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
Subject info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/ss2mlHK6H__Oy5_w3Ikq-UDPNLQ.roa
Signing time: Tue 01 Apr 2025 01:28:58 +0000
ROA not before: Tue 01 Apr 2025 01:28:58 +0000
ROA not after: Sun 15 Mar 2026 01:30:03 +0000
asID: 9605
IP address blocks: 240a:6b:7100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.mft
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 18:14:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 991 (0x3df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
Validity
Not Before: Apr 1 01:28:58 2025 GMT
Not After : Mar 15 01:30:03 2026 GMT
Subject: CN=B2CDA69472BA1FFFCECB9FF0DC892AF940CF34B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:5e:9f:c8:67:85:b1:18:77:a8:04:e2:6a:5f:
c4:04:41:71:31:6a:0b:f7:0e:6d:d7:b9:e4:8d:d1:
d9:ae:04:60:a0:26:86:ca:f7:4a:d4:f8:1c:00:37:
28:ab:75:a5:80:33:f8:97:0c:9f:68:67:cc:f6:f2:
92:96:1d:be:49:a4:30:0a:07:9e:09:40:2c:87:84:
6a:41:50:3b:d3:f6:ab:c1:eb:e4:0d:5f:63:ad:66:
d4:4e:72:f9:11:5f:be:ab:09:5c:99:be:1b:d2:0b:
9e:14:5e:e3:dd:8d:ee:06:07:18:f2:46:be:2f:e9:
45:69:27:e4:81:1e:80:09:74:a1:15:6b:ec:8d:5e:
6a:ff:22:d2:ea:55:b7:99:e1:1f:81:ea:fa:c8:98:
7b:ee:47:ac:31:e3:32:9d:67:8f:8b:75:d8:0d:7f:
32:ed:a3:b6:a1:dd:9b:04:2c:20:ab:2c:65:29:21:
a7:1d:f3:fa:65:29:ad:ff:32:f2:12:55:5d:e3:d6:
81:c3:c3:8c:c9:14:2b:ec:91:e4:5a:36:ec:58:03:
61:eb:27:28:0b:79:e1:b4:3d:d7:fb:43:5f:4d:cf:
3f:1c:25:fc:ff:70:22:ef:1e:09:a4:92:e3:4e:a0:
90:95:f4:e7:95:4e:61:04:bd:3b:cc:63:35:e7:cc:
6a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:CD:A6:94:72:BA:1F:FF:CE:CB:9F:F0:DC:89:2A:F9:40:CF:34:B4
X509v3 Authority Key Identifier:
keyid:51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/ss2mlHK6H__Oy5_w3Ikq-UDPNLQ.roa
RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
240a:6b:7100::/40
Signature Algorithm: sha256WithRSAEncryption
71:e0:27:4c:4f:b5:a8:2b:8e:8c:4f:1b:df:1c:d6:aa:36:1e:
39:73:22:47:ad:54:19:1f:48:eb:26:f1:6c:2f:de:71:20:4e:
95:0f:25:da:6a:bf:7e:46:01:ee:23:3f:c8:a4:c1:a1:21:85:
b2:08:da:24:15:79:7a:f8:a4:95:78:e3:1e:96:30:ed:16:6c:
5e:e4:d5:75:92:aa:de:e1:53:f6:13:48:77:9d:5c:2c:d0:6a:
54:3e:02:cc:36:2e:e2:76:c8:b3:fe:7c:ed:e5:07:7c:d8:5c:
39:bb:52:9f:7f:d0:07:0d:27:8d:cc:5e:35:f5:6c:1d:c4:87:
55:cc:b5:a4:8c:81:e3:d1:a2:d2:16:6f:f9:5d:13:2f:46:04:
e4:82:1e:cf:60:e9:ed:54:8d:04:15:b8:ba:15:8c:47:a8:a1:
ff:ce:df:5c:67:85:b2:47:bf:ac:b2:36:d4:12:3a:62:7a:d9:
90:e5:a3:ac:e5:91:46:f0:c0:62:e5:58:5d:41:cc:63:37:a1:
c0:8d:fd:ad:4f:e4:4d:b7:a5:e6:24:66:27:e1:c7:10:c9:04:
ae:5c:35:96:a2:90:fe:20:e7:6a:93:7c:09:ff:ad:21:b1:f3:
3e:17:d0:13:0b:95:4b:df:ed:4f:f9:6a:6b:b8:7e:96:8e:f1:
01:16:a4:13
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgICA98wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTEy
NjE3M0I4RDZCM0ZGMTBFM0YwM0ZCMDU2MEZFNjU1MURFQTJEQjAeFw0yNTA0MDEw
MTI4NThaFw0yNjAzMTUwMTMwMDNaMDMxMTAvBgNVBAMTKEIyQ0RBNjk0NzJCQTFG
RkZDRUNCOUZGMERDODkyQUY5NDBDRjM0QjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCbXp/IZ4WxGHeoBOJqX8QEQXExagv3Dm3XueSN0dmuBGCgJobK
90rU+BwANyirdaWAM/iXDJ9oZ8z28pKWHb5JpDAKB54JQCyHhGpBUDvT9qvB6+QN
X2OtZtROcvkRX76rCVyZvhvSC54UXuPdje4GBxjyRr4v6UVpJ+SBHoAJdKEVa+yN
Xmr/ItLqVbeZ4R+B6vrImHvuR6wx4zKdZ4+LddgNfzLto7ah3ZsELCCrLGUpIacd
8/plKa3/MvISVV3j1oHDw4zJFCvskeRaNuxYA2HrJygLeeG0Pdf7Q19Nzz8cJfz/
cCLvHgmkkuNOoJCV9OeVTmEEvTvMYzXnzGorAgMBAAGjggIqMIICJjAdBgNVHQ4E
FgQUss2mlHK6H//Oy5/w3Ikq+UDPNLQwHwYDVR0jBBgwFoAUUSYXO41rP/EOPwP7
BWD+ZVHeotswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBoBgNVHR8EYTBfMF2g
W6BZhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwMTI5L1VTWVhPNDFyUF9FT1B3UDdCV0QtWlZIZW90cy5jcmwwbQYI
KwYBBQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9y
eS5uaWMuYWQuanAvYXAvQTkxQTczODEwMDAwL1VTWVhPNDFyUF9FT1B3UDdCV0Qt
WlZIZW90cy5jZXIwDgYDVR0PAQH/BAQDAgeAMIG9BggrBgEFBQcBCwSBsDCBrTBj
BggrBgEFBQcwC4ZXcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2Fw
L0E5MUE3MzgxMDAwMC8zMDEyOS9zczJtbEhLNkhfX095NV93M0lrcS1VRFBOTFEu
cm9hMEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQu
anAvcnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAoAa3EwDQYJKoZIhvcNAQELBQADggEBAHHgJ0xPtagrjoxPG98c
1qo2HjlzIketVBkfSOsm8Wwv3nEgTpUPJdpqv35GAe4jP8ikwaEhhbII2iQVeXr4
pJV44x6WMO0WbF7k1XWSqt7hU/YTSHedXCzQalQ+Asw2LuJ2yLP+fO3lB3zYXDm7
Up9/0AcNJ43MXjX1bB3Eh1XMtaSMgePRotIWb/ldEy9GBOSCHs9g6e1UjQQVuLoV
jEeoof/O31xnhbJHv6yyNtQSOmJ62ZDlo6zlkUbwwGLlWF1BzGM3ocCN/a1P5E23
peYkZifhxxDJBK5cNZaikP4g52qTfAn/rSGx8z4X0BMLlUvf7U/5amu4fpaO8QEW
pBM=
-----END CERTIFICATE-----
Generated at Sun Apr 13 22:56:11 2025 by rpki-client