Route Origin Authorization
$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30209/HIwObf-21LxINUe37ksnj5B7mWY.roa
File: HIwObf-21LxINUe37ksnj5B7mWY.roa (raw, json)
Hash identifier: EA4J5esnQmj+l9/4BMwaS/4c7yNIMrwaCgQgMIxx5os=
Subject key identifier: 1C:8C:0E:6D:FF:B6:D4:BC:48:35:47:B7:EE:4B:27:8F:90:7B:99:66
Certificate issuer: /CN=E8AA602E736E188CCAE42462762C3776F85B7937
Certificate serial: 13
Authority key identifier: E8:AA:60:2E:73:6E:18:8C:CA:E4:24:62:76:2C:37:76:F8:5B:79:37
Authority info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/6KpgLnNuGIzK5CRidiw3dvhbeTc.cer
Subject info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30209/HIwObf-21LxINUe37ksnj5B7mWY.roa
Signing time: Tue 01 Apr 2025 01:31:20 +0000
ROA not before: Tue 01 Apr 2025 01:31:20 +0000
ROA not after: Sun 15 Mar 2026 01:30:03 +0000
asID: 9997
IP address blocks: 2402:700::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30209/6KpgLnNuGIzK5CRidiw3dvhbeTc.crl
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30209/6KpgLnNuGIzK5CRidiw3dvhbeTc.mft
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/6KpgLnNuGIzK5CRidiw3dvhbeTc.cer
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 22:44:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19 (0x13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E8AA602E736E188CCAE42462762C3776F85B7937
Validity
Not Before: Apr 1 01:31:20 2025 GMT
Not After : Mar 15 01:30:03 2026 GMT
Subject: CN=1C8C0E6DFFB6D4BC483547B7EE4B278F907B9966
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:e4:ad:bb:a1:c1:d4:de:43:59:5b:37:f8:13:
a2:40:db:4c:46:a5:cb:55:ac:0b:80:c6:7a:b3:62:
6f:c1:c1:04:3e:0f:53:fc:b7:20:b9:30:75:d5:0b:
b4:13:86:68:b5:18:86:80:67:59:db:2a:6d:9c:85:
d8:7e:8b:c3:19:c3:f7:2d:8f:92:37:92:26:c0:b9:
9e:f1:c9:df:7f:ba:e1:d1:cc:28:32:fb:7e:5e:e8:
5e:f8:36:0c:4c:93:d6:58:a5:a0:6c:e6:fb:c7:2d:
36:ab:d6:c0:4d:ac:8d:74:3f:1d:30:c8:b3:83:cc:
c0:8d:d9:aa:34:09:6c:fa:61:bd:1d:f4:5e:6d:c7:
68:45:43:f4:97:dc:4f:4f:a9:2d:a5:d4:79:59:b0:
e9:30:9b:3e:96:e3:e8:ab:dd:3c:aa:1f:dd:a1:ca:
96:91:8f:35:f2:c1:08:a4:c1:7d:3e:fe:0c:8c:26:
6c:16:17:48:78:9d:1a:df:5e:5e:89:a8:34:0c:6f:
80:be:b0:98:c3:a6:2c:c1:6a:e7:97:1a:ec:1c:00:
b5:31:ae:f5:49:1d:98:55:75:e0:24:af:6d:65:38:
f2:90:a8:d3:1d:37:59:1c:9b:76:b0:f1:43:ef:e3:
c4:08:75:45:d5:49:b2:8f:6a:a9:4c:21:91:5d:69:
9e:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:8C:0E:6D:FF:B6:D4:BC:48:35:47:B7:EE:4B:27:8F:90:7B:99:66
X509v3 Authority Key Identifier:
keyid:E8:AA:60:2E:73:6E:18:8C:CA:E4:24:62:76:2C:37:76:F8:5B:79:37
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30209/6KpgLnNuGIzK5CRidiw3dvhbeTc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/6KpgLnNuGIzK5CRidiw3dvhbeTc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30209/HIwObf-21LxINUe37ksnj5B7mWY.roa
RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:700::/32
Signature Algorithm: sha256WithRSAEncryption
50:f1:13:14:cc:ec:ce:07:c9:09:40:33:46:8a:ec:b5:fc:82:
d9:77:99:b7:5e:9e:be:ca:ab:3b:7d:86:2c:6e:18:5f:dc:4e:
97:9f:fa:67:13:c5:07:59:98:f5:18:e8:2b:7e:25:5c:5b:33:
2b:bd:12:0b:9f:ee:19:e5:65:cc:df:47:e0:e6:79:e3:19:c9:
02:91:75:dd:2a:56:55:38:a6:ce:f4:0e:ca:16:2c:9e:39:70:
8a:dc:63:1d:01:24:a2:ea:02:68:01:b4:de:48:49:c9:23:e2:
11:a0:9d:69:41:24:4f:17:d4:e6:87:7d:ca:36:aa:01:73:39:
ce:2c:bf:20:e0:38:09:75:e4:52:93:ee:7c:45:d5:24:8f:84:
57:47:d7:5c:ec:19:58:86:6c:e3:1a:2d:2d:65:70:49:b6:3a:
07:4a:2a:ec:10:ae:af:3a:e1:28:45:3f:b9:90:ae:39:ee:3d:
d9:be:70:87:b0:dc:8c:97:68:a5:18:83:4f:71:68:9d:fd:db:
9e:ee:88:57:5d:c4:15:d5:b2:4e:63:ed:f4:02:4e:2f:d2:09:
6c:03:13:87:95:39:6f:bd:6c:b4:c8:02:e4:c9:6d:26:d6:cb:
31:c8:94:e4:df:d5:fa:ac:ae:16:1f:ff:cf:b2:8d:d3:43:5e:
c5:aa:51:83
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIBEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhFOEFB
NjAyRTczNkUxODhDQ0FFNDI0NjI3NjJDMzc3NkY4NUI3OTM3MB4XDTI1MDQwMTAx
MzEyMFoXDTI2MDMxNTAxMzAwM1owMzExMC8GA1UEAxMoMUM4QzBFNkRGRkI2RDRC
QzQ4MzU0N0I3RUU0QjI3OEY5MDdCOTk2NjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAOLkrbuhwdTeQ1lbN/gTokDbTEaly1WsC4DGerNib8HBBD4PU/y3
ILkwddULtBOGaLUYhoBnWdsqbZyF2H6LwxnD9y2PkjeSJsC5nvHJ33+64dHMKDL7
fl7oXvg2DEyT1liloGzm+8ctNqvWwE2sjXQ/HTDIs4PMwI3ZqjQJbPphvR30Xm3H
aEVD9JfcT0+pLaXUeVmw6TCbPpbj6KvdPKof3aHKlpGPNfLBCKTBfT7+DIwmbBYX
SHidGt9eXomoNAxvgL6wmMOmLMFq55ca7BwAtTGu9UkdmFV14CSvbWU48pCo0x03
WRybdrDxQ+/jxAh1RdVJso9qqUwhkV1pnlUCAwEAAaOCAikwggIlMB0GA1UdDgQW
BBQcjA5t/7bUvEg1R7fuSyePkHuZZjAfBgNVHSMEGDAWgBToqmAuc24YjMrkJGJ2
LDd2+Ft5NzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGgGA1UdHwRhMF8wXaBb
oFmGV3JzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzAyMDkvNktwZ0xuTnVHSXpLNUNSaWRpdzNkdmhiZVRjLmNybDBtBggr
BgEFBQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5
Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvNktwZ0xuTnVHSXpLNUNSaWRpdzNk
dmhiZVRjLmNlcjAOBgNVHQ8BAf8EBAMCB4Awgb0GCCsGAQUFBwELBIGwMIGtMGMG
CCsGAQUFBzALhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAv
QTkxQTczODEwMDAwLzMwMjA5L0hJd09iZi0yMUx4SU5VZTM3a3NuajVCN21XWS5y
b2EwRgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q
cC9ycmRwL2FwL25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0E
AgACMAcDBQAkAgcAMA0GCSqGSIb3DQEBCwUAA4IBAQBQ8RMUzOzOB8kJQDNGiuy1
/ILZd5m3Xp6+yqs7fYYsbhhf3E6Xn/pnE8UHWZj1GOgrfiVcWzMrvRILn+4Z5WXM
30fg5nnjGckCkXXdKlZVOKbO9A7KFiyeOXCK3GMdASSi6gJoAbTeSEnJI+IRoJ1p
QSRPF9Tmh33KNqoBcznOLL8g4DgJdeRSk+58RdUkj4RXR9dc7BlYhmzjGi0tZXBJ
tjoHSirsEK6vOuEoRT+5kK457j3ZvnCHsNyMl2ilGINPcWid/due7ohXXcQV1bJO
Y+30Ak4v0glsAxOHlTlvvWy0yALkyW0m1ssxyJTk39X6rK4WH//Pso3TQ17FqlGD
-----END CERTIFICATE-----
Generated at Mon Apr 14 23:01:07 2025 by rpki-client