Route Origin Authorization
$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/6/shcaRon1lwsJwBq4yOSy_I_7STg.roa
File: shcaRon1lwsJwBq4yOSy_I_7STg.roa (raw, json)
Hash identifier: BXY9dnOfYqiD7KG7KmpneYkhzR4OrPK0MeJf2q5BN0A=
Subject key identifier: B2:17:1A:46:89:F5:97:0B:09:C0:1A:B8:C8:E4:B2:FC:8F:FB:49:38
Certificate issuer: /CN=296966DD720C30575F62D8FD4149458A90AACAA4
Certificate serial: 78
Authority key identifier: 29:69:66:DD:72:0C:30:57:5F:62:D8:FD:41:49:45:8A:90:AA:CA:A4
Authority info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/KWlm3XIMMFdfYtj9QUlFipCqyqQ.cer
Subject info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/6/shcaRon1lwsJwBq4yOSy_I_7STg.roa
Signing time: Thu 20 Feb 2025 04:22:26 +0000
ROA not before: Thu 20 Feb 2025 04:22:26 +0000
ROA not after: Sun 15 Feb 2026 01:30:03 +0000
asID: 131916
IP address blocks: 157.65.216.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/6/KWlm3XIMMFdfYtj9QUlFipCqyqQ.crl
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/6/KWlm3XIMMFdfYtj9QUlFipCqyqQ.mft
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/KWlm3XIMMFdfYtj9QUlFipCqyqQ.cer
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.crl
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b2g-rjmhc4rmyT_fBB8RSOZTTfI.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 18:14:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120 (0x78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296966DD720C30575F62D8FD4149458A90AACAA4
Validity
Not Before: Feb 20 04:22:26 2025 GMT
Not After : Feb 15 01:30:03 2026 GMT
Subject: CN=B2171A4689F5970B09C01AB8C8E4B2FC8FFB4938
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:a3:76:fa:2b:fb:5c:b8:e7:b7:72:a9:a9:74:
8e:2b:60:ae:df:53:5c:28:42:57:54:14:cb:cd:38:
9c:e6:2e:4b:b8:ab:95:59:3e:51:89:c8:2c:c1:b1:
a2:86:12:fb:07:cc:c0:66:a2:15:21:31:72:1f:65:
a7:c8:76:9a:f6:b0:ea:ba:a3:e4:36:16:15:96:2d:
01:67:14:7c:29:7b:aa:3e:69:19:5a:04:40:60:a4:
d8:07:d7:fb:e8:2e:fe:c9:11:01:91:60:7f:cb:11:
1e:c7:d2:6f:a2:d9:3e:9b:e2:cd:17:5e:5b:9d:e9:
a6:f5:7c:2e:fd:50:18:4e:1a:95:41:74:e6:ee:1e:
71:55:ba:31:4c:58:91:ca:88:60:05:ca:20:de:f1:
73:e8:9e:d8:77:83:e5:1f:69:3e:bc:23:55:2d:b4:
0c:bb:f8:3d:97:62:83:43:33:36:0d:be:0b:d1:8f:
7c:46:0a:73:0d:55:02:87:a0:bc:0d:21:76:56:d3:
fe:2f:90:93:cd:97:06:30:46:82:df:49:52:40:a6:
b2:e1:c6:30:9b:3e:03:69:90:2d:4d:0b:d6:4d:66:
6b:96:4a:12:f6:dc:bc:e3:25:ab:73:13:df:6d:c3:
11:27:c5:9d:fb:b2:18:0a:d6:59:ab:58:54:b0:09:
da:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:17:1A:46:89:F5:97:0B:09:C0:1A:B8:C8:E4:B2:FC:8F:FB:49:38
X509v3 Authority Key Identifier:
keyid:29:69:66:DD:72:0C:30:57:5F:62:D8:FD:41:49:45:8A:90:AA:CA:A4
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/6/KWlm3XIMMFdfYtj9QUlFipCqyqQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/KWlm3XIMMFdfYtj9QUlFipCqyqQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/6/shcaRon1lwsJwBq4yOSy_I_7STg.roa
RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.65.216.0/21
Signature Algorithm: sha256WithRSAEncryption
cb:c1:b8:0c:33:99:b5:21:5c:a1:14:69:ca:aa:9b:2e:68:c0:
1e:c3:30:ba:31:30:be:4f:0f:06:9c:59:70:03:86:80:4f:b9:
e8:eb:05:f1:8c:f1:58:35:d3:54:0f:04:28:55:be:37:d4:70:
38:f7:12:6a:89:cf:5d:47:80:c3:e1:60:47:13:7d:a4:d0:ff:
90:5b:87:d4:7d:2c:85:8a:16:8c:dd:6f:bf:3a:27:e1:b4:5f:
78:62:fa:00:84:74:7c:46:10:b5:46:21:d6:3d:d6:87:64:45:
35:84:1b:0f:59:c9:5b:f2:56:e9:64:83:b4:85:93:da:bf:aa:
d0:74:f2:2f:dd:5e:56:be:47:e3:b3:b6:5a:86:f8:d6:ba:87:
b8:19:9f:10:a6:11:27:b0:c0:f6:16:64:6b:9b:25:e8:1a:3c:
93:76:e5:34:16:57:e5:69:d1:cd:df:16:a4:ea:75:f9:42:2e:
c9:43:76:98:98:41:a9:08:b9:36:c4:09:a4:e9:35:22:fd:05:
93:84:da:82:0e:f7:49:5e:71:2b:d6:bf:78:8c:f5:13:4d:4f:
5c:14:ef:6a:35:d1:57:2e:47:44:96:b6:07:80:c2:b3:75:23:
b7:5c:7d:dd:3f:d7:32:1e:a6:f4:05:67:53:29:52:e3:1b:61:
77:8a:1c:27
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIBeDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygyOTY5
NjZERDcyMEMzMDU3NUY2MkQ4RkQ0MTQ5NDU4QTkwQUFDQUE0MB4XDTI1MDIyMDA0
MjIyNloXDTI2MDIxNTAxMzAwM1owMzExMC8GA1UEAxMoQjIxNzFBNDY4OUY1OTcw
QjA5QzAxQUI4QzhFNEIyRkM4RkZCNDkzODCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANmjdvor+1y457dyqal0jitgrt9TXChCV1QUy804nOYuS7irlVk+
UYnILMGxooYS+wfMwGaiFSExch9lp8h2mvaw6rqj5DYWFZYtAWcUfCl7qj5pGVoE
QGCk2AfX++gu/skRAZFgf8sRHsfSb6LZPpvizRdeW53ppvV8Lv1QGE4alUF05u4e
cVW6MUxYkcqIYAXKIN7xc+ie2HeD5R9pPrwjVS20DLv4PZdig0MzNg2+C9GPfEYK
cw1VAoegvA0hdlbT/i+Qk82XBjBGgt9JUkCmsuHGMJs+A2mQLU0L1k1ma5ZKEvbc
vOMlq3MT323DESfFnfuyGArWWatYVLAJ2lUCAwEAAaOCAiAwggIcMB0GA1UdDgQW
BBSyFxpGifWXCwnAGrjI5LL8j/tJODAfBgNVHSMEGDAWgBQpaWbdcgwwV19i2P1B
SUWKkKrKpDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGQGA1UdHwRdMFswWaBX
oFWGU3JzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvNi9LV2xtM1hJTU1GZGZZdGo5UVVsRmlwQ3F5cVEuY3JsMG0GCCsGAQUF
BwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmlj
LmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9LV2xtM1hJTU1GZGZZdGo5UVVsRmlwQ3F5
cVEuY2VyMA4GA1UdDwEB/wQEAwIHgDCBuQYIKwYBBQUHAQsEgawwgakwXwYIKwYB
BQUHMAuGU3JzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFB
NzM4MTAwMDAvNi9zaGNhUm9uMWx3c0p3QnE0eU9TeV9JXzdTVGcucm9hMEYGCCsG
AQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvcnJkcC9h
cC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
nUHYMA0GCSqGSIb3DQEBCwUAA4IBAQDLwbgMM5m1IVyhFGnKqpsuaMAewzC6MTC+
Tw8GnFlwA4aAT7no6wXxjPFYNdNUDwQoVb431HA49xJqic9dR4DD4WBHE32k0P+Q
W4fUfSyFihaM3W+/OifhtF94YvoAhHR8RhC1RiHWPdaHZEU1hBsPWclb8lbpZIO0
hZPav6rQdPIv3V5Wvkfjs7ZahvjWuoe4GZ8QphEnsMD2FmRrmyXoGjyTduU0Flfl
adHN3xak6nX5Qi7JQ3aYmEGpCLk2xAmk6TUi/QWThNqCDvdJXnEr1r94jPUTTU9c
FO9qNdFXLkdElrYHgMKzdSO3XH3dP9cyHqb0BWdTKVLjG2F3ihwn
-----END CERTIFICATE-----
Generated at Mon Apr 14 03:10:14 2025 by rpki-client