Route Origin Authorization
$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/UI6pxwQrA7CzcoPsfm39RXmJFnc.roa
File: UI6pxwQrA7CzcoPsfm39RXmJFnc.roa (raw, json)
Hash identifier: JY153oDQooipIdsfqk+eV6fUEoW36Ez6ICoOBh1WtUE=
Subject key identifier: 50:8E:A9:C7:04:2B:03:B0:B3:72:83:EC:7E:6D:FD:45:79:89:16:77
Certificate issuer: /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial: 0B95
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/UI6pxwQrA7CzcoPsfm39RXmJFnc.roa
Signing time: Tue 01 Apr 2025 01:39:47 +0000
ROA not before: Tue 01 Apr 2025 01:39:47 +0000
ROA not after: Sun 15 Mar 2026 01:30:03 +0000
asID: 9605
IP address blocks: 49.106.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 22:44:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2965 (0xb95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Validity
Not Before: Apr 1 01:39:47 2025 GMT
Not After : Mar 15 01:30:03 2026 GMT
Subject: CN=508EA9C7042B03B0B37283EC7E6DFD4579891677
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:68:9f:5b:51:46:e8:47:ea:77:94:12:10:73:
9e:9e:e0:1e:5e:21:0f:8c:ea:5d:e6:62:b7:ff:55:
a1:31:6a:16:be:43:c8:f5:87:11:34:fe:02:23:ca:
5f:6e:f6:cd:80:1d:8e:c8:58:0f:22:3f:57:83:eb:
ab:22:13:ae:a0:16:51:a0:61:5b:7f:70:75:7d:1a:
a2:89:13:24:fc:a1:6d:fe:bd:f6:9c:9c:cb:ec:87:
ff:06:44:ef:50:10:e6:a3:1b:0d:44:b0:02:28:4c:
65:ed:5a:59:32:54:bb:ac:be:53:8b:d2:ad:2e:88:
84:0f:5a:19:6d:c3:d1:50:ce:b9:c3:58:8a:23:c3:
95:68:e2:46:2b:36:e3:3e:55:37:b9:4d:00:af:2d:
58:57:70:62:3f:fb:f3:9e:9e:6e:a1:ca:e4:cd:73:
e5:fc:bb:84:c7:a8:75:56:16:b2:e0:b1:bb:ea:c2:
f8:68:be:44:2a:21:dc:0e:e0:e6:4a:df:b5:29:3f:
56:a7:9e:98:3b:57:d3:0f:f3:5c:a5:ab:7a:33:e2:
97:d2:ff:5b:a1:74:ed:d7:1e:c6:0f:b4:f6:c8:3d:
4b:77:cb:d1:3e:20:43:31:21:c5:db:8d:23:e9:79:
83:9e:ff:f0:05:32:a8:a2:75:22:ef:12:eb:9a:9f:
75:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:8E:A9:C7:04:2B:03:B0:B3:72:83:EC:7E:6D:FD:45:79:89:16:77
X509v3 Authority Key Identifier:
keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/UI6pxwQrA7CzcoPsfm39RXmJFnc.roa
RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.106.172.0/24
Signature Algorithm: sha256WithRSAEncryption
43:27:e0:8c:e4:cb:30:68:4d:45:7c:74:23:d0:43:d8:ab:cb:
47:16:a4:00:1a:a3:55:22:f9:bd:a1:9e:33:84:50:d6:e4:7c:
e4:4d:2f:91:4a:8f:3e:82:f5:d4:1d:20:01:05:15:8b:a0:ad:
09:0e:7d:34:ab:d7:69:ee:2e:db:9c:d1:16:26:8f:32:4f:ba:
e2:50:b7:a1:0c:80:30:1a:6e:be:18:5e:c8:98:83:9e:77:b9:
a7:8d:e6:63:6e:92:a3:dc:21:d1:85:ef:b6:44:d3:f6:6d:fb:
96:18:9c:ba:57:61:dc:f9:5b:d2:7c:4c:4a:54:c5:db:5e:0f:
89:d4:2c:8b:88:37:e7:75:ef:90:9a:03:2b:dc:d3:6d:5e:d6:
e0:b6:0c:ba:23:66:b1:43:00:5c:32:9f:33:21:1e:00:1d:81:
61:2e:17:ba:ce:16:5e:52:db:9a:0c:7c:21:28:e4:bf:fe:9d:
fb:a2:a3:c0:8e:89:a4:89:53:e3:5d:0c:39:05:6e:2b:7d:9c:
af:35:7c:76:81:78:a4:4d:b4:13:58:f8:2c:58:5a:d8:61:d4:
90:f5:95:fc:e0:cd:ef:ca:9c:23:82:f8:ec:b0:25:10:25:54:
86:1a:52:6b:99:c2:9e:1c:a8:5b:1f:0a:4d:8b:87:f8:e1:38:
0a:8f:d5:21
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICC5UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNTA0MDEw
MTM5NDdaFw0yNjAzMTUwMTMwMDNaMDMxMTAvBgNVBAMTKDUwOEVBOUM3MDQyQjAz
QjBCMzcyODNFQzdFNkRGRDQ1Nzk4OTE2NzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+aJ9bUUboR+p3lBIQc56e4B5eIQ+M6l3mYrf/VaExaha+Q8j1
hxE0/gIjyl9u9s2AHY7IWA8iP1eD66siE66gFlGgYVt/cHV9GqKJEyT8oW3+vfac
nMvsh/8GRO9QEOajGw1EsAIoTGXtWlkyVLusvlOL0q0uiIQPWhltw9FQzrnDWIoj
w5Vo4kYrNuM+VTe5TQCvLVhXcGI/+/Oenm6hyuTNc+X8u4THqHVWFrLgsbvqwvho
vkQqIdwO4OZK37UpP1annpg7V9MP81ylq3oz4pfS/1uhdO3XHsYPtPbIPUt3y9E+
IEMxIcXbjSPpeYOe//AFMqiidSLvEuuan3XrAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUUI6pxwQrA7CzcoPsfm39RXmJFncwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L1VJNnB4d1FyQTdDemNvUHNmbTM5UlhtSkZuYy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAxaqwwDQYJKoZIhvcNAQELBQADggEBAEMn4IzkyzBoTUV8dCPQQ9iry0cW
pAAao1Ui+b2hnjOEUNbkfORNL5FKjz6C9dQdIAEFFYugrQkOfTSr12nuLtuc0RYm
jzJPuuJQt6EMgDAabr4YXsiYg553uaeN5mNukqPcIdGF77ZE0/Zt+5YYnLpXYdz5
W9J8TEpUxdteD4nULIuIN+d175CaAyvc021e1uC2DLojZrFDAFwynzMhHgAdgWEu
F7rOFl5S25oMfCEo5L/+nfuio8COiaSJU+NdDDkFbit9nK81fHaBeKRNtBNY+CxY
Wthh1JD1lfzgze/KnCOC+OywJRAlVIYaUmuZwp4cqFsfCk2Lh/jhOAqP1SE=
-----END CERTIFICATE-----
Generated at Tue Apr 15 00:01:20 2025 by rpki-client