Route Origin Authorization
$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/20116/N-IW4cQetYtKuwksH3nZfGIQIu4.roa
File: N-IW4cQetYtKuwksH3nZfGIQIu4.roa (raw, json)
Hash identifier: 60nArXxwcwzw0O/+fQh5HP6Q0rBk0GpKr+kMClphffs=
Subject key identifier: 37:E2:16:E1:C4:1E:B5:8B:4A:BB:09:2C:1F:79:D9:7C:62:10:22:EE
Certificate issuer: /CN=C49E64FB7C8C7C6B5CD7C7701882E8597C42838E
Certificate serial: 2F
Authority key identifier: C4:9E:64:FB:7C:8C:7C:6B:5C:D7:C7:70:18:82:E8:59:7C:42:83:8E
Authority info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/xJ5k-3yMfGtc18dwGILoWXxCg44.cer
Subject info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20116/N-IW4cQetYtKuwksH3nZfGIQIu4.roa
Signing time: Thu 01 Sep 2022 01:28:48 +0000
ROA not before: Thu 01 Sep 2022 01:28:48 +0000
ROA not after: Tue 15 Aug 2023 01:30:03 +0000
asID: 23816
IP address blocks: 202.239.20.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47 (0x2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E64FB7C8C7C6B5CD7C7701882E8597C42838E
Validity
Not Before: Sep 1 01:28:48 2022 GMT
Not After : Aug 15 01:30:03 2023 GMT
Subject: CN=37E216E1C41EB58B4ABB092C1F79D97C621022EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ea:c5:a1:c7:49:fe:cd:28:fe:e5:dd:ec:d2:
9f:bc:d3:82:be:6a:ad:50:7e:ea:db:39:e2:4e:47:
37:a1:bf:5d:d1:21:fd:a2:48:a3:5b:84:ec:fc:a3:
52:e1:e5:7c:e8:3c:ea:ab:f9:05:d0:62:eb:95:f5:
f2:e3:67:07:22:13:00:8b:79:49:e6:60:f5:3b:09:
3f:13:49:24:9e:55:4c:00:05:b8:b6:28:5e:c2:8d:
dd:1e:ce:62:5f:83:11:dc:fe:8d:d2:a7:6c:a1:d2:
6e:27:3a:d2:62:c9:42:c9:18:76:a3:25:52:83:9a:
2c:d7:16:b2:0d:41:09:40:71:a1:07:61:24:1f:c6:
3d:68:fd:48:30:50:38:b2:e9:b2:66:70:3c:d4:47:
67:70:2b:0c:c0:78:5a:3e:5a:9c:38:0d:43:ae:47:
db:11:ec:5c:7e:b8:e0:1b:c7:e5:67:88:b4:c8:39:
df:4f:ba:22:f2:92:ce:c3:8f:c0:51:d3:3a:d1:11:
33:81:d1:b5:34:a6:f6:7a:5c:f9:f1:7f:80:ea:28:
89:f9:37:39:4e:4d:81:90:f4:8c:c3:18:22:6a:d2:
df:62:ae:21:b9:65:74:4b:f8:bf:a2:ec:ce:21:f7:
6d:d9:c6:39:fe:84:29:e6:24:8a:c7:3a:2d:30:97:
52:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:E2:16:E1:C4:1E:B5:8B:4A:BB:09:2C:1F:79:D9:7C:62:10:22:EE
X509v3 Authority Key Identifier:
keyid:C4:9E:64:FB:7C:8C:7C:6B:5C:D7:C7:70:18:82:E8:59:7C:42:83:8E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20116/xJ5k-3yMfGtc18dwGILoWXxCg44.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/xJ5k-3yMfGtc18dwGILoWXxCg44.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20116/N-IW4cQetYtKuwksH3nZfGIQIu4.roa
RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.239.20.0/23
Signature Algorithm: sha256WithRSAEncryption
58:00:4d:94:8c:c3:50:fc:6b:fc:f9:f4:93:0b:2c:97:c3:4e:
2a:33:be:13:1f:eb:b8:6f:5c:aa:26:d3:cc:72:bc:cf:b8:0a:
fe:6f:07:5f:9c:f3:c2:35:67:aa:62:a8:d0:ff:da:ee:41:c5:
13:d5:7b:3d:24:18:fe:0e:fd:ff:14:d2:77:a8:ba:d4:a4:3f:
a7:c1:9a:6f:8d:92:91:47:c7:30:ef:03:d3:82:6c:e6:64:0f:
32:ba:55:d1:08:a0:d8:9f:d1:49:f2:cc:74:db:ff:69:c5:69:
2c:61:c1:9d:af:06:e5:a8:20:65:01:77:20:3c:26:3d:c1:9e:
5e:7c:55:76:04:af:56:13:64:2a:28:c3:a6:39:95:8d:c5:f3:
90:76:fc:3d:43:9c:e7:03:eb:e6:56:58:4e:04:95:63:e9:be:
a8:77:54:f3:7c:5a:c4:4a:cd:55:7c:f1:f4:55:48:b5:8f:73:
b6:29:6d:4d:e3:c0:5a:7e:91:83:5e:b6:2c:cc:8b:bb:69:24:
eb:2d:9d:6e:ce:0b:ef:cc:25:49:f3:6e:ae:8a:5b:16:19:d2:
66:3e:77:09:07:e0:51:d3:54:e0:99:3e:b3:a8:c1:fd:61:46:
8d:3c:79:e8:e8:d7:cc:20:93:2f:1e:7d:39:81:f0:f4:f8:61:
58:ed:de:93
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIBLzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhDNDlF
NjRGQjdDOEM3QzZCNUNEN0M3NzAxODgyRTg1OTdDNDI4MzhFMB4XDTIyMDkwMTAx
Mjg0OFoXDTIzMDgxNTAxMzAwM1owMzExMC8GA1UEAxMoMzdFMjE2RTFDNDFFQjU4
QjRBQkIwOTJDMUY3OUQ5N0M2MjEwMjJFRTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKbqxaHHSf7NKP7l3ezSn7zTgr5qrVB+6ts54k5HN6G/XdEh/aJI
o1uE7PyjUuHlfOg86qv5BdBi65X18uNnByITAIt5SeZg9TsJPxNJJJ5VTAAFuLYo
XsKN3R7OYl+DEdz+jdKnbKHSbic60mLJQskYdqMlUoOaLNcWsg1BCUBxoQdhJB/G
PWj9SDBQOLLpsmZwPNRHZ3ArDMB4Wj5anDgNQ65H2xHsXH644BvH5WeItMg530+6
IvKSzsOPwFHTOtERM4HRtTSm9npc+fF/gOooifk3OU5NgZD0jMMYImrS32KuIbll
dEv4v6LsziH3bdnGOf6EKeYkisc6LTCXUh8CAwEAAaOCAigwggIkMB0GA1UdDgQW
BBQ34hbhxB61i0q7CSwfedl8YhAi7jAfBgNVHSMEGDAWgBTEnmT7fIx8a1zXx3AY
guhZfEKDjjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGgGA1UdHwRhMF8wXaBb
oFmGV3JzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMjAxMTYveEo1ay0zeU1mR3RjMThkd0dJTG9XWHhDZzQ0LmNybDBtBggr
BgEFBQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5
Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAveEo1ay0zeU1mR3RjMThkd0dJTG9X
WHhDZzQ0LmNlcjAOBgNVHQ8BAf8EBAMCB4Awgb0GCCsGAQUFBwELBIGwMIGtMGMG
CCsGAQUFBzALhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAv
QTkxQTczODEwMDAwLzIwMTE2L04tSVc0Y1FldFl0S3V3a3NIM25aZkdJUUl1NC5y
b2EwRgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q
cC9ycmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwE
AgABMAYDBAHK7xQwDQYJKoZIhvcNAQELBQADggEBAFgATZSMw1D8a/z59JMLLJfD
TiozvhMf67hvXKom08xyvM+4Cv5vB1+c88I1Z6piqND/2u5BxRPVez0kGP4O/f8U
0neoutSkP6fBmm+NkpFHxzDvA9OCbOZkDzK6VdEIoNif0UnyzHTb/2nFaSxhwZ2v
BuWoIGUBdyA8Jj3Bnl58VXYEr1YTZCoow6Y5lY3F85B2/D1DnOcD6+ZWWE4ElWPp
vqh3VPN8WsRKzVV88fRVSLWPc7YpbU3jwFp+kYNetizMi7tpJOstnW7OC+/MJUnz
bq6KWxYZ0mY+dwkH4FHTVOCZPrOowf1hRo08eejo18wgky8efTmB8PT4YVjt3pM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:45 2024 by rpki-client on console-fra.rpki-client.org