Route Origin Authorization
$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/447/r9GpdTclV077wndp3Le7ZPTj_DQ.roa
File: r9GpdTclV077wndp3Le7ZPTj_DQ.roa (raw, json)
Hash identifier: GQaeCoLIQe1JAKkBNbQ/a8QiNbRZdu9YUNfMZKgi8lQ=
Subject key identifier: AF:D1:A9:75:37:25:57:4E:FB:C2:77:69:DC:B7:BB:64:F4:E3:FC:34
Certificate issuer: /CN=C5034FBBCE0799A0F28683BD3BA339A9BD645BDC
Certificate serial: 18
Authority key identifier: C5:03:4F:BB:CE:07:99:A0:F2:86:83:BD:3B:A3:39:A9:BD:64:5B:DC
Authority info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/xQNPu84HmaDyhoO9O6M5qb1kW9w.cer
Subject info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/447/r9GpdTclV077wndp3Le7ZPTj_DQ.roa
Signing time: Wed 02 Apr 2025 03:55:43 +0000
ROA not before: Wed 02 Apr 2025 03:55:43 +0000
ROA not after: Sun 15 Mar 2026 01:30:03 +0000
asID: 10002
IP address blocks: 61.114.64.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/447/xQNPu84HmaDyhoO9O6M5qb1kW9w.crl
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/447/xQNPu84HmaDyhoO9O6M5qb1kW9w.mft
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/xQNPu84HmaDyhoO9O6M5qb1kW9w.cer
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 22:44:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24 (0x18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C5034FBBCE0799A0F28683BD3BA339A9BD645BDC
Validity
Not Before: Apr 2 03:55:43 2025 GMT
Not After : Mar 15 01:30:03 2026 GMT
Subject: CN=AFD1A9753725574EFBC27769DCB7BB64F4E3FC34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:10:af:9a:7d:d5:c9:c5:6d:21:d2:23:4e:44:
7c:e0:2c:fb:8d:e5:14:24:3d:4b:2c:71:58:1e:fb:
72:7b:74:ea:0d:d9:e3:b6:44:0f:4a:1b:74:8e:4a:
d1:ec:6e:ec:69:75:94:88:11:d8:ab:09:09:b4:32:
bb:55:77:51:de:95:65:6e:d8:16:24:1b:10:dc:a5:
a4:b0:a1:5a:ac:3a:1e:78:87:06:54:52:24:72:6a:
45:d8:b8:05:03:f0:92:e8:cc:e3:2b:1d:46:78:72:
49:3a:3f:f7:16:4e:60:ae:e9:3a:07:8c:53:62:58:
e7:7c:c2:5d:97:8a:32:d3:a0:2b:11:9d:04:74:54:
32:b1:a5:71:07:66:0e:d5:5d:77:c4:8d:53:c0:03:
ee:37:04:78:f5:e6:d7:5e:ca:55:b5:b3:16:4a:2f:
72:ea:c2:d4:20:c1:2d:be:81:e8:45:44:79:60:15:
e0:28:14:91:76:2d:5a:e5:9c:20:1c:fe:98:89:a5:
8a:c8:e7:03:c0:02:f2:1e:06:49:4e:eb:7d:31:18:
00:14:d8:82:a8:50:bc:4d:81:8a:82:d1:fd:32:d8:
6d:ea:72:62:9b:f2:ad:c5:22:10:ba:2c:1f:96:41:
b6:68:8d:be:86:8d:ac:fa:ec:80:9a:9c:9d:c4:b8:
4d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:D1:A9:75:37:25:57:4E:FB:C2:77:69:DC:B7:BB:64:F4:E3:FC:34
X509v3 Authority Key Identifier:
keyid:C5:03:4F:BB:CE:07:99:A0:F2:86:83:BD:3B:A3:39:A9:BD:64:5B:DC
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/447/xQNPu84HmaDyhoO9O6M5qb1kW9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/xQNPu84HmaDyhoO9O6M5qb1kW9w.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/447/r9GpdTclV077wndp3Le7ZPTj_DQ.roa
RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.114.64.0/20
Signature Algorithm: sha256WithRSAEncryption
09:9b:60:f1:dd:63:7a:d7:32:12:82:01:3d:41:61:25:1a:e8:
fe:4b:3f:09:a7:35:76:3a:12:bd:f5:b6:d3:11:7b:af:ce:5b:
d5:7a:7d:d4:82:88:5b:2d:32:8d:56:76:ce:72:ba:b9:44:42:
db:b3:d7:0a:48:f4:17:9f:c3:48:93:71:2e:b0:82:38:29:5a:
ea:c9:0e:ce:69:b8:32:95:60:01:cc:b1:d1:4c:1c:c5:e3:5a:
1d:94:3d:f1:89:7e:7c:fe:af:82:db:ce:42:56:64:6c:50:67:
af:45:90:06:13:53:71:7d:2d:af:91:61:de:4c:e4:62:64:67:
0f:33:5f:da:da:b5:cc:ce:7c:73:10:55:f8:0c:14:2e:da:e4:
b5:78:5f:38:1b:d6:9f:23:21:13:f7:b1:99:25:de:8e:f9:47:
9d:42:e5:23:90:e0:1c:1e:95:26:93:c9:03:c9:cb:f6:fc:1c:
f0:56:b5:4d:e2:fd:8f:3f:f0:3f:6b:61:d5:57:a7:2e:5f:4f:
ee:26:fe:d6:71:aa:62:ff:e3:d6:fb:a6:0b:03:34:1f:f0:e7:
ea:3c:e1:56:f0:87:5f:33:72:d0:1d:72:a0:7b:a8:a5:f1:60:
94:c4:fa:33:72:9b:f1:32:ea:c6:f3:de:cf:05:d8:44:8b:8e:
2c:09:49:5c
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhDNTAz
NEZCQkNFMDc5OUEwRjI4NjgzQkQzQkEzMzlBOUJENjQ1QkRDMB4XDTI1MDQwMjAz
NTU0M1oXDTI2MDMxNTAxMzAwM1owMzExMC8GA1UEAxMoQUZEMUE5NzUzNzI1NTc0
RUZCQzI3NzY5RENCN0JCNjRGNEUzRkMzNDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANAQr5p91cnFbSHSI05EfOAs+43lFCQ9SyxxWB77cnt06g3Z47ZE
D0obdI5K0exu7Gl1lIgR2KsJCbQyu1V3Ud6VZW7YFiQbENylpLChWqw6HniHBlRS
JHJqRdi4BQPwkujM4ysdRnhySTo/9xZOYK7pOgeMU2JY53zCXZeKMtOgKxGdBHRU
MrGlcQdmDtVdd8SNU8AD7jcEePXm117KVbWzFkovcurC1CDBLb6B6EVEeWAV4CgU
kXYtWuWcIBz+mImlisjnA8AC8h4GSU7rfTEYABTYgqhQvE2BioLR/TLYbepyYpvy
rcUiELosH5ZBtmiNvoaNrPrsgJqcncS4TXcCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBSv0al1NyVXTvvCd2nct7tk9OP8NDAfBgNVHSMEGDAWgBTFA0+7zgeZoPKGg707
ozmpvWRb3DAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvNDQ3L3hRTlB1ODRIbWFEeWhvTzlPNk01cWIxa1c5dy5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL3hRTlB1ODRIbWFEeWhvTzlPNk01cWIx
a1c5dy5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC80NDcvcjlHcGRUY2xWMDc3d25kcDNMZTdaUFRqX0RRLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBD1yQDANBgkqhkiG9w0BAQsFAAOCAQEACZtg8d1jetcyEoIBPUFhJRro/ks/
Cac1djoSvfW20xF7r85b1Xp91IKIWy0yjVZ2znK6uURC27PXCkj0F5/DSJNxLrCC
OCla6skOzmm4MpVgAcyx0UwcxeNaHZQ98Yl+fP6vgtvOQlZkbFBnr0WQBhNTcX0t
r5Fh3kzkYmRnDzNf2tq1zM58cxBV+AwULtrktXhfOBvWnyMhE/exmSXejvlHnULl
I5DgHB6VJpPJA8nL9vwc8Fa1TeL9jz/wP2th1VenLl9P7ib+1nGqYv/j1vumCwM0
H/Dn6jzhVvCHXzNy0B1yoHuopfFglMT6M3Kb8TLqxvPezwXYRIuOLAlJXA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 09:39:03 2025 by rpki-client