Route Origin Authorization
$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/ZfphfTrU8SJOCOGD6ytXu1rdj20.roa
File: ZfphfTrU8SJOCOGD6ytXu1rdj20.roa (raw, json)
Hash identifier: Ttt39jrgxjs5GcpF8J8b/W/hoLxXBIlBedc9TeXNuos=
Subject key identifier: 65:FA:61:7D:3A:D4:F1:22:4E:08:E1:83:EB:2B:57:BB:5A:DD:8F:6D
Certificate issuer: /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial: 0B9E
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/ZfphfTrU8SJOCOGD6ytXu1rdj20.roa
Signing time: Tue 01 Apr 2025 01:39:52 +0000
ROA not before: Tue 01 Apr 2025 01:39:52 +0000
ROA not after: Sun 15 Mar 2026 01:30:03 +0000
asID: 9605
IP address blocks: 27.230.112.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 22:44:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2974 (0xb9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Validity
Not Before: Apr 1 01:39:52 2025 GMT
Not After : Mar 15 01:30:03 2026 GMT
Subject: CN=65FA617D3AD4F1224E08E183EB2B57BB5ADD8F6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:77:43:97:25:94:be:c7:c9:34:82:2b:35:31:
76:fa:84:a1:05:cb:13:ca:e3:56:f6:bd:39:c6:10:
b0:99:df:32:21:77:e2:df:1f:ed:34:68:a1:20:c9:
3a:43:3a:23:6e:a5:b2:70:e7:94:c9:55:1b:ee:67:
11:85:b5:1f:4b:26:c2:70:7d:7d:11:91:0b:88:8a:
a7:03:58:0a:e0:8e:0c:39:7f:03:f4:67:0f:60:03:
f3:98:06:65:9e:c7:6e:12:6d:d2:fc:de:fc:bb:eb:
20:3c:eb:a4:c4:3e:61:f8:66:51:cc:d6:15:c9:1d:
a7:ce:a7:55:64:c3:aa:4e:d6:ef:df:b5:ff:9a:51:
3d:48:ba:a1:92:05:6c:b2:4e:61:9e:57:29:6b:f7:
9e:83:dd:e9:20:26:0a:f8:c9:23:f8:ed:3d:1f:9f:
1c:c2:49:6f:c7:94:d8:a3:bc:16:b7:98:2e:26:57:
72:1f:ec:4e:cf:89:f7:5c:a6:17:d3:c1:38:26:b3:
b8:c9:32:af:0e:08:c2:e6:16:c3:b3:51:36:30:ec:
84:f6:c6:e8:b7:ef:78:aa:96:0c:8e:7c:e2:0d:1a:
8a:be:cd:e1:53:c5:f6:48:bc:4b:f5:eb:49:74:46:
2e:82:79:db:ee:f5:56:d5:a8:31:4b:6b:76:57:2f:
41:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:FA:61:7D:3A:D4:F1:22:4E:08:E1:83:EB:2B:57:BB:5A:DD:8F:6D
X509v3 Authority Key Identifier:
keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/ZfphfTrU8SJOCOGD6ytXu1rdj20.roa
RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.230.112.0/20
Signature Algorithm: sha256WithRSAEncryption
cf:1d:d8:33:1a:1a:ce:4a:c8:70:15:d6:d2:c1:66:5d:a4:06:
41:00:0e:ca:e2:1e:61:0f:b9:85:a8:2e:5b:08:ec:a4:d8:f0:
0e:17:3c:29:35:73:b0:a8:3e:10:e3:4e:78:f1:e5:5d:db:29:
b2:07:6f:e8:3d:12:a6:70:10:7b:29:52:07:0f:84:fe:af:ae:
4a:60:8e:f4:b2:22:56:30:e0:50:53:ea:e4:fb:b8:db:99:a2:
3c:65:70:57:83:66:a6:f8:69:e8:8a:7a:9f:aa:42:39:68:9c:
1b:43:04:63:10:88:93:4f:0a:b1:f0:18:14:27:dd:82:de:8e:
b4:cf:b6:78:0b:87:ce:82:f7:84:e7:cd:18:0b:80:cd:9e:2d:
6b:a8:f1:60:8b:23:01:21:2d:65:65:a1:ad:3b:e1:de:99:18:
13:b0:9e:ef:67:6c:21:e5:14:37:8f:c8:d1:6a:7a:aa:79:2f:
0e:4e:f0:33:e4:48:9f:a6:af:0e:ff:3c:ce:d7:28:b0:d3:b2:
e5:3e:cb:34:a9:75:43:e3:f0:3b:02:e2:bc:a4:72:22:5c:2a:
86:15:c8:42:00:e7:ef:4a:39:ed:e5:e2:f8:99:d3:ac:5b:bf:
4f:f3:49:d9:50:de:79:2e:6b:b1:d6:fb:f4:0d:f9:67:ed:e6:
e4:b3:6d:8a
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICC54wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNTA0MDEw
MTM5NTJaFw0yNjAzMTUwMTMwMDNaMDMxMTAvBgNVBAMTKDY1RkE2MTdEM0FENEYx
MjI0RTA4RTE4M0VCMkI1N0JCNUFERDhGNkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOd0OXJZS+x8k0gis1MXb6hKEFyxPK41b2vTnGELCZ3zIhd+Lf
H+00aKEgyTpDOiNupbJw55TJVRvuZxGFtR9LJsJwfX0RkQuIiqcDWArgjgw5fwP0
Zw9gA/OYBmWex24SbdL83vy76yA866TEPmH4ZlHM1hXJHafOp1Vkw6pO1u/ftf+a
UT1IuqGSBWyyTmGeVylr956D3ekgJgr4ySP47T0fnxzCSW/HlNijvBa3mC4mV3If
7E7PifdcphfTwTgms7jJMq8OCMLmFsOzUTYw7IT2xui373iqlgyOfOINGoq+zeFT
xfZIvEv160l0Ri6Cedvu9VbVqDFLa3ZXL0GJAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUZfphfTrU8SJOCOGD6ytXu1rdj20wHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L1pmcGhmVHJVOFNKT0NPR0Q2eXRYdTFyZGoyMC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQb5nAwDQYJKoZIhvcNAQELBQADggEBAM8d2DMaGs5KyHAV1tLBZl2kBkEA
DsriHmEPuYWoLlsI7KTY8A4XPCk1c7CoPhDjTnjx5V3bKbIHb+g9EqZwEHspUgcP
hP6vrkpgjvSyIlYw4FBT6uT7uNuZojxlcFeDZqb4aeiKep+qQjlonBtDBGMQiJNP
CrHwGBQn3YLejrTPtngLh86C94TnzRgLgM2eLWuo8WCLIwEhLWVloa074d6ZGBOw
nu9nbCHlFDePyNFqeqp5Lw5O8DPkSJ+mrw7/PM7XKLDTsuU+yzSpdUPj8DsC4ryk
ciJcKoYVyEIA5+9KOe3l4viZ06xbv0/zSdlQ3nkua7HW+/QN+Wft5uSzbYo=
-----END CERTIFICATE-----
Generated at Mon Apr 14 11:08:59 2025 by rpki-client