Route Origin Authorization
$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/891/8CGhTJ49s7CajjFtjwI-UH8qHkE.roa
File: 8CGhTJ49s7CajjFtjwI-UH8qHkE.roa (raw, json)
Hash identifier: pam2aO+x0a3Xzifa8EoTUxTHvmccbYYaRuq9TWaIjzM=
Subject key identifier: F0:21:A1:4C:9E:3D:B3:B0:9A:8E:31:6D:8F:02:3E:50:7F:2A:1E:41
Certificate issuer: /CN=DD829D646D53ECF298950B687532DE926EC7EBC0
Certificate serial: 17
Authority key identifier: DD:82:9D:64:6D:53:EC:F2:98:95:0B:68:75:32:DE:92:6E:C7:EB:C0
Authority info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/3YKdZG1T7PKYlQtodTLekm7H68A.cer
Subject info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/891/8CGhTJ49s7CajjFtjwI-UH8qHkE.roa
Signing time: Tue 25 Mar 2025 06:18:59 +0000
ROA not before: Tue 25 Mar 2025 06:18:59 +0000
ROA not after: Sun 15 Mar 2026 01:30:03 +0000
asID: 23827
IP address blocks: 202.84.48.0/20 maxlen: 32
Validation: OK
Signature path: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/891/3YKdZG1T7PKYlQtodTLekm7H68A.crl
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/891/3YKdZG1T7PKYlQtodTLekm7H68A.mft
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/3YKdZG1T7PKYlQtodTLekm7H68A.cer
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 22:44:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23 (0x17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DD829D646D53ECF298950B687532DE926EC7EBC0
Validity
Not Before: Mar 25 06:18:59 2025 GMT
Not After : Mar 15 01:30:03 2026 GMT
Subject: CN=F021A14C9E3DB3B09A8E316D8F023E507F2A1E41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3b:66:9a:c9:3c:7c:9b:7d:df:81:21:39:13:
3c:e7:e7:29:db:07:57:92:c8:50:dc:41:37:20:aa:
3e:60:cb:3b:d0:1e:a6:5c:b7:f4:bd:ed:f8:60:af:
2c:a3:d4:d0:47:e8:3d:ce:f1:de:d4:53:9d:5d:ce:
3c:c8:5c:50:9f:20:6b:38:a9:6f:6d:39:a5:a5:f2:
2e:aa:60:94:1c:e3:3b:d3:6d:8f:56:57:19:a9:82:
1b:09:f9:e1:fc:07:08:7c:1e:cc:6a:32:ee:51:31:
1e:50:79:22:35:82:eb:f8:1d:6e:66:dc:ea:d5:5c:
c8:a0:7f:cb:6b:e6:dc:13:71:2d:a9:a5:01:ac:67:
dc:6c:6d:c6:07:af:99:10:3d:57:f7:60:51:94:71:
5f:c6:7b:ca:64:e7:b6:59:46:d9:6a:e7:78:74:35:
8e:ed:66:0b:d6:31:fa:84:66:15:bc:d5:9a:44:72:
0f:ea:c8:fd:c5:44:38:79:14:66:79:72:2c:62:93:
57:2e:09:24:0a:fe:01:36:47:b7:16:c4:60:88:04:
28:3b:4c:30:4d:57:ed:da:88:0c:78:f4:2f:f7:c1:
a1:11:e1:83:0d:43:1b:9c:cf:47:4d:d5:a2:05:d0:
f6:e8:5e:fe:64:43:fe:66:e6:04:b4:5d:a2:68:66:
98:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:21:A1:4C:9E:3D:B3:B0:9A:8E:31:6D:8F:02:3E:50:7F:2A:1E:41
X509v3 Authority Key Identifier:
keyid:DD:82:9D:64:6D:53:EC:F2:98:95:0B:68:75:32:DE:92:6E:C7:EB:C0
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/891/3YKdZG1T7PKYlQtodTLekm7H68A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/3YKdZG1T7PKYlQtodTLekm7H68A.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/891/8CGhTJ49s7CajjFtjwI-UH8qHkE.roa
RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.84.48.0/20
Signature Algorithm: sha256WithRSAEncryption
13:a9:78:05:04:74:27:1d:87:b6:3d:2d:e3:d0:e2:d6:77:27:
d5:9d:14:20:97:7c:11:6f:b6:a4:3d:2b:db:e5:9e:c2:79:b5:
68:96:c4:63:21:00:36:8d:0b:94:46:e8:c7:b3:56:fe:dc:e7:
8d:f5:11:0d:55:22:75:5f:47:b9:27:f0:b4:7e:2a:c9:20:81:
fc:c1:d9:5a:c1:7b:9b:8f:ea:ef:3b:4a:c8:53:90:c4:c8:64:
b8:ec:ce:6d:33:40:08:fc:91:26:75:91:d5:ae:e6:02:26:6a:
9d:95:63:3f:d9:a0:67:d7:7b:78:9c:1b:1c:91:f9:10:09:48:
db:67:14:d4:ce:33:b7:c1:c5:a1:9f:73:e9:8e:d0:20:cb:49:
d3:be:02:63:24:09:97:15:d4:27:50:03:a4:26:0f:9c:27:bb:
a9:8a:c7:4d:1d:33:09:27:fe:7f:29:26:46:6a:1a:b2:ff:17:
99:e2:e6:88:87:33:18:a2:c0:72:43:4b:77:41:f6:f3:dc:11:
d1:42:ae:de:2e:56:95:1d:8e:c4:fb:a4:eb:b7:4b:5b:7e:cf:
02:e4:7f:85:a3:67:00:12:6e:b8:a9:55:8c:62:ff:2b:af:11:
06:b8:de:78:e5:9f:93:f8:00:03:46:c4:91:7a:0e:9a:46:88:
1a:7f:23:ba
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBFzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhERDgy
OUQ2NDZENTNFQ0YyOTg5NTBCNjg3NTMyREU5MjZFQzdFQkMwMB4XDTI1MDMyNTA2
MTg1OVoXDTI2MDMxNTAxMzAwM1owMzExMC8GA1UEAxMoRjAyMUExNEM5RTNEQjNC
MDlBOEUzMTZEOEYwMjNFNTA3RjJBMUU0MTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALU7ZprJPHybfd+BITkTPOfnKdsHV5LIUNxBNyCqPmDLO9Aeply3
9L3t+GCvLKPU0EfoPc7x3tRTnV3OPMhcUJ8gazipb205paXyLqpglBzjO9Ntj1ZX
GamCGwn54fwHCHwezGoy7lExHlB5IjWC6/gdbmbc6tVcyKB/y2vm3BNxLamlAaxn
3GxtxgevmRA9V/dgUZRxX8Z7ymTntllG2WrneHQ1ju1mC9Yx+oRmFbzVmkRyD+rI
/cVEOHkUZnlyLGKTVy4JJAr+ATZHtxbEYIgEKDtMME1X7dqIDHj0L/fBoRHhgw1D
G5zPR03VogXQ9uhe/mRD/mbmBLRdomhmmK0CAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBTwIaFMnj2zsJqOMW2PAj5QfyoeQTAfBgNVHSMEGDAWgBTdgp1kbVPs8piVC2h1
Mt6SbsfrwDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvODkxLzNZS2RaRzFUN1BLWWxRdG9kVExla203SDY4QS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwLzNZS2RaRzFUN1BLWWxRdG9kVExla203
SDY4QS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC84OTEvOENHaFRKNDlzN0NhampGdGp3SS1VSDhxSGtFLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBMpUMDANBgkqhkiG9w0BAQsFAAOCAQEAE6l4BQR0Jx2Htj0t49Di1ncn1Z0U
IJd8EW+2pD0r2+Wewnm1aJbEYyEANo0LlEbox7NW/tznjfURDVUidV9HuSfwtH4q
ySCB/MHZWsF7m4/q7ztKyFOQxMhkuOzObTNACPyRJnWR1a7mAiZqnZVjP9mgZ9d7
eJwbHJH5EAlI22cU1M4zt8HFoZ9z6Y7QIMtJ074CYyQJlxXUJ1ADpCYPnCe7qYrH
TR0zCSf+fykmRmoasv8XmeLmiIczGKLAckNLd0H289wR0UKu3i5WlR2OxPuk67dL
W37PAuR/haNnABJuuKlVjGL/K68RBrjeeOWfk/gAA0bEkXoOmkaIGn8jug==
-----END CERTIFICATE-----
Generated at Mon Apr 14 22:35:44 2025 by rpki-client