Route Origin Authorization

$ rpki-client -vvf akane.maru.co.jp/repo/1073c6/8/326130363a34313a3a2f34302d3438203d3e20323133343731.roa
File:                     326130363a34313a3a2f34302d3438203d3e20323133343731.roa (raw, json)
Hash identifier:          BWNIhyuAZLwiWhWPo7e2MJiP1x6sqgM7LOqRiXJDyb0=
Subject key identifier:   43:DA:F1:45:EB:7B:06:AC:40:0E:B7:96:F3:12:6E:A6:14:FB:11:75
Certificate issuer:       /CN=bb6ecaf29f33d987ebaddceb29eda7691aa6709f
Certificate serial:       40FD59769B472A40B60620D0BE120AD6B211F867
Authority key identifier: BB:6E:CA:F2:9F:33:D9:87:EB:AD:DC:EB:29:ED:A7:69:1A:A6:70:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u27K8p8z2YfrrdzrKe2naRqmcJ8.cer
Subject info access:      rsync://akane.maru.co.jp/repo/1073c6/8/326130363a34313a3a2f34302d3438203d3e20323133343731.roa
Signing time:             Tue 04 Nov 2025 22:35:24 +0000
ROA not before:           Tue 04 Nov 2025 22:30:24 +0000
ROA not after:            Tue 03 Nov 2026 22:35:24 +0000
asID:                     213471
IP address blocks:        2a06:41::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://akane.maru.co.jp/repo/1073c6/8/BB6ECAF29F33D987EBADDCEB29EDA7691AA6709F.crl
                          rsync://akane.maru.co.jp/repo/1073c6/8/BB6ECAF29F33D987EBADDCEB29EDA7691AA6709F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/u27K8p8z2YfrrdzrKe2naRqmcJ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:fd:59:76:9b:47:2a:40:b6:06:20:d0:be:12:0a:d6:b2:11:f8:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb6ecaf29f33d987ebaddceb29eda7691aa6709f
        Validity
            Not Before: Nov  4 22:30:24 2025 GMT
            Not After : Nov  3 22:35:24 2026 GMT
        Subject: CN=43DAF145EB7B06AC400EB796F3126EA614FB1175
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:88:3a:ad:05:dc:80:6c:38:a1:28:81:f3:47:
                    55:c9:fe:9b:29:f5:6d:60:9a:f7:04:86:b2:d5:41:
                    68:a0:5a:b2:59:11:88:c7:7a:ab:70:19:ab:88:8f:
                    7f:00:ec:4b:64:4e:55:bc:52:40:1f:fe:f5:4e:57:
                    99:81:8a:02:10:83:68:9f:5f:6a:a0:99:7c:62:65:
                    93:70:a8:06:34:ed:4a:8e:37:fc:28:49:d4:9f:0b:
                    70:30:d4:7a:04:c9:4d:e2:0d:f8:38:ed:e4:f1:86:
                    41:0f:b7:0c:a2:6f:d7:fb:ee:7d:a9:85:5c:aa:67:
                    2a:27:96:b2:31:4a:68:0d:1c:fc:82:58:3c:71:cf:
                    db:54:df:e5:8b:d7:51:1d:0e:98:59:ad:d2:6d:9b:
                    39:78:31:38:98:8d:a4:77:91:b7:62:e4:f0:a7:81:
                    2e:1f:6b:6f:e0:74:54:f9:a6:8d:1c:99:f8:0a:92:
                    e6:48:d4:ac:21:59:f9:cc:0c:71:05:1d:7d:4f:d8:
                    0b:68:05:6a:a0:1d:8f:75:aa:5e:38:6f:e0:b7:5c:
                    1b:eb:cc:c2:c1:c1:7b:6c:2c:97:e8:9c:f8:0f:95:
                    19:74:72:fb:5b:48:18:47:e4:d7:70:0a:4e:f1:ed:
                    37:5c:61:65:99:7e:92:b0:d7:de:d8:22:a6:d6:56:
                    75:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:DA:F1:45:EB:7B:06:AC:40:0E:B7:96:F3:12:6E:A6:14:FB:11:75
            X509v3 Authority Key Identifier:
                keyid:BB:6E:CA:F2:9F:33:D9:87:EB:AD:DC:EB:29:ED:A7:69:1A:A6:70:9F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://akane.maru.co.jp/repo/1073c6/8/BB6ECAF29F33D987EBADDCEB29EDA7691AA6709F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u27K8p8z2YfrrdzrKe2naRqmcJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://akane.maru.co.jp/repo/1073c6/8/326130363a34313a3a2f34302d3438203d3e20323133343731.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:41::/40

    Signature Algorithm: sha256WithRSAEncryption
         01:85:1f:78:a8:cd:93:a9:89:b5:45:03:05:20:a7:ef:2d:8c:
         94:d9:66:d4:89:b4:89:7b:3a:9c:4f:f7:81:f7:30:fb:6c:41:
         cf:8a:f8:59:f2:ed:f2:68:bc:7f:7b:e9:8f:be:ae:9d:5d:f8:
         77:17:3b:06:fe:78:6e:75:63:26:b7:ed:f5:7e:12:f9:c4:58:
         fb:01:0f:7d:15:45:d1:d5:39:6e:90:72:a1:d0:23:70:34:2b:
         53:28:46:e9:cc:78:4e:94:99:83:3e:6f:4a:f4:9b:26:3d:0b:
         9d:18:1f:9b:71:df:1e:ff:03:bb:e9:49:6b:59:ec:56:92:af:
         28:3b:68:0f:c3:b7:d1:d1:1b:b2:2a:b0:9e:d4:8c:35:fa:a3:
         7e:66:e1:7d:56:df:cb:38:d4:56:ae:a0:24:18:ae:ec:bd:93:
         7c:69:8c:62:83:17:e7:3b:b1:2a:8c:a7:90:e3:b9:02:60:f1:
         bf:f1:68:0d:d1:34:5f:4a:f4:20:15:05:18:00:bb:9d:f2:0e:
         ab:01:1a:9a:c8:f1:61:7b:20:47:81:ea:80:14:57:d4:ca:9b:
         30:f5:d4:ed:43:fe:4c:f9:27:b0:8d:9f:f0:e4:42:37:99:b0:
         a3:09:c8:0e:db:c6:3a:0f:97:4a:07:ee:4a:3c:78:a2:00:bc:
         a0:26:9b:26
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgIUQP1ZdptHKkC2BiDQvhIK1rIR+GcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYmI2ZWNhZjI5ZjMzZDk4N2ViYWRkY2ViMjllZGE3Njkx
YWE2NzA5ZjAeFw0yNTExMDQyMjMwMjRaFw0yNjExMDMyMjM1MjRaMDMxMTAvBgNV
BAMTKDQzREFGMTQ1RUI3QjA2QUM0MDBFQjc5NkYzMTI2RUE2MTRGQjExNzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8iDqtBdyAbDihKIHzR1XJ/psp
9W1gmvcEhrLVQWigWrJZEYjHeqtwGauIj38A7EtkTlW8UkAf/vVOV5mBigIQg2if
X2qgmXxiZZNwqAY07UqON/woSdSfC3Aw1HoEyU3iDfg47eTxhkEPtwyib9f77n2p
hVyqZyonlrIxSmgNHPyCWDxxz9tU3+WL11EdDphZrdJtmzl4MTiYjaR3kbdi5PCn
gS4fa2/gdFT5po0cmfgKkuZI1KwhWfnMDHEFHX1P2AtoBWqgHY91ql44b+C3XBvr
zMLBwXtsLJfonPgPlRl0cvtbSBhH5NdwCk7x7TdcYWWZfpKw197YIqbWVnUFAgMB
AAGjggHYMIIB1DAdBgNVHQ4EFgQUQ9rxRet7BqxADreW8xJuphT7EXUwHwYDVR0j
BBgwFoAUu27K8p8z2YfrrdzrKe2naRqmcJ8wDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8vYWthbmUubWFydS5jby5qcC9yZXBvLzEwNzNj
Ni84L0JCNkVDQUYyOUYzM0Q5ODdFQkFERENFQjI5RURBNzY5MUFBNjcwOUYuY3Js
MGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC91MjdLOHA4ejJZZnJyZHpyS2UybmFScW1j
SjguY2VyMHkGCCsGAQUFBwELBG0wazBpBggrBgEFBQcwC4ZdcnN5bmM6Ly9ha2Fu
ZS5tYXJ1LmNvLmpwL3JlcG8vMTA3M2M2LzgvMzI2MTMwMzYzYTM0MzEzYTNhMmYz
NDMwMmQzNDM4MjAzZDNlMjAzMjMxMzMzNDM3MzEucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqBgBBADAN
BgkqhkiG9w0BAQsFAAOCAQEAAYUfeKjNk6mJtUUDBSCn7y2MlNlm1Im0iXs6nE/3
gfcw+2xBz4r4WfLt8mi8f3vpj76unV34dxc7Bv54bnVjJrft9X4S+cRY+wEPfRVF
0dU5bpByodAjcDQrUyhG6cx4TpSZgz5vSvSbJj0LnRgfm3HfHv8Du+lJa1nsVpKv
KDtoD8O30dEbsiqwntSMNfqjfmbhfVbfyzjUVq6gJBiu7L2TfGmMYoMX5zuxKoyn
kOO5AmDxv/FoDdE0X0r0IBUFGAC7nfIOqwEamsjxYXsgR4HqgBRX1MqbMPXU7UP+
TPknsI2f8ORCN5mwownIDtvGOg+XSgfuSjx4ogC8oCabJg==
-----END CERTIFICATE-----