Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/20291/3a2H1gtckhd2mV1Q0O6aWwzlZ_g.roa
File:                     3a2H1gtckhd2mV1Q0O6aWwzlZ_g.roa (raw, json)
Hash identifier:          xmlBUkj1WkQ38JrI2CTSMsOGjO+J2bPkB6ORosKc0R8=
Subject key identifier:   DD:AD:87:D6:0B:5C:92:17:76:99:5D:50:D0:EE:9A:5B:0C:E5:67:F8
Certificate issuer:       /CN=853C4F1EF37C750A48339569E5E67C4573FBAE6E
Certificate serial:       02
Authority key identifier: 85:3C:4F:1E:F3:7C:75:0A:48:33:95:69:E5:E6:7C:45:73:FB:AE:6E
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/hTxPHvN8dQpIM5Vp5eZ8RXP7rm4.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20291/3a2H1gtckhd2mV1Q0O6aWwzlZ_g.roa
Signing time:             Thu 25 Jun 2026 02:47:48 +0000
ROA not before:           Thu 25 Jun 2026 02:47:48 +0000
ROA not after:            Thu 24 Jun 2027 01:12:55 +0000
asID:                     151378
IP address blocks:        219.97.104.0/21 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20291/hTxPHvN8dQpIM5Vp5eZ8RXP7rm4.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20291/hTxPHvN8dQpIM5Vp5eZ8RXP7rm4.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/hTxPHvN8dQpIM5Vp5eZ8RXP7rm4.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 08 Jul 2026 06:56:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=853C4F1EF37C750A48339569E5E67C4573FBAE6E
        Validity
            Not Before: Jun 25 02:47:48 2026 GMT
            Not After : Jun 24 01:12:55 2027 GMT
        Subject: CN=DDAD87D60B5C921776995D50D0EE9A5B0CE567F8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:b5:24:33:ff:72:8b:35:ff:8c:f2:4e:2d:0d:
                    41:81:82:2b:9d:70:23:0a:7d:7a:0c:e0:04:9e:3c:
                    ab:ac:2f:2d:4f:7d:22:0a:c8:68:bc:dc:31:72:d9:
                    e9:b9:bf:76:76:77:09:1f:09:ed:82:23:9e:cb:d2:
                    8a:7b:19:99:af:1f:58:58:83:31:f5:1f:8b:92:16:
                    6d:8e:58:7a:0a:8f:af:5d:8f:6d:26:26:3c:cf:d9:
                    76:87:a6:ab:a9:5c:2f:c5:12:65:bc:ce:15:c8:69:
                    1e:81:e1:b6:a3:74:03:e6:0a:1c:f6:8d:60:99:d4:
                    67:61:16:20:b6:e8:15:b1:7b:ef:30:4f:24:b4:f9:
                    41:82:99:e7:6f:b2:f0:49:5e:0e:31:53:52:6d:99:
                    c4:b1:88:13:9d:72:e4:be:50:46:de:0c:b5:e0:7a:
                    b9:43:14:fe:09:2e:b8:92:5a:5c:b8:ef:ba:99:4b:
                    ed:4c:10:55:8d:cf:9d:6f:1f:98:6c:8c:a5:82:5b:
                    e7:39:84:ce:20:3f:1b:5e:a8:62:41:c0:0e:4c:0d:
                    b2:68:a2:dc:70:fb:a7:79:a4:96:1a:e2:db:b5:82:
                    87:33:48:0f:76:46:59:9f:d7:9e:17:d3:43:8f:e9:
                    0f:1b:c2:16:03:ce:ef:b9:ab:e1:27:d4:56:69:aa:
                    32:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:AD:87:D6:0B:5C:92:17:76:99:5D:50:D0:EE:9A:5B:0C:E5:67:F8
            X509v3 Authority Key Identifier:
                keyid:85:3C:4F:1E:F3:7C:75:0A:48:33:95:69:E5:E6:7C:45:73:FB:AE:6E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20291/hTxPHvN8dQpIM5Vp5eZ8RXP7rm4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/hTxPHvN8dQpIM5Vp5eZ8RXP7rm4.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20291/3a2H1gtckhd2mV1Q0O6aWwzlZ_g.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  219.97.104.0/21

    Signature Algorithm: sha256WithRSAEncryption
         47:65:27:bf:8a:28:4e:73:de:d3:de:39:e4:dd:81:73:e8:77:
         aa:c7:56:cf:41:03:0c:cc:90:c8:7f:25:9e:18:d7:9b:17:77:
         c6:69:55:0e:63:c9:0f:01:6a:d1:8c:ad:54:5d:bc:a9:d9:f2:
         09:8f:0b:ed:5c:6f:8f:7e:99:5d:36:84:b8:4d:9a:ce:71:95:
         d1:f7:28:00:40:f9:fa:cb:dc:a2:e7:3f:3b:9a:11:3e:7b:4c:
         4b:a6:a2:43:28:08:e2:ec:9f:6b:fd:d0:4d:89:0a:0c:e4:af:
         2f:9e:7b:00:9b:1c:8d:57:c9:7b:65:03:2d:72:8e:d3:c2:d2:
         c7:9c:cd:da:9a:9c:09:07:e1:f9:32:f3:7f:e0:ad:6a:7f:4e:
         b9:71:c2:a3:b6:10:06:8d:75:47:2d:6a:6f:86:92:92:44:19:
         61:be:50:97:8b:09:a7:2b:ec:03:33:ac:f7:7f:65:d6:30:48:
         11:d1:e8:36:c3:e2:dc:99:47:08:64:e7:6c:86:08:7f:45:e6:
         74:45:76:68:f4:bf:ff:27:e3:eb:52:d6:9a:b9:51:db:4e:7a:
         28:f4:5e:77:82:da:72:f4:37:25:70:a9:89:70:92:bf:ab:1f:
         19:18:8c:78:d1:1b:37:9a:ca:ff:80:ed:86:0d:7e:a6:98:3f:
         c3:9c:94:74
-----BEGIN CERTIFICATE-----
MIIEwDCCA6igAwIBAgIBAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4NTND
NEYxRUYzN0M3NTBBNDgzMzk1NjlFNUU2N0M0NTczRkJBRTZFMB4XDTI2MDYyNTAy
NDc0OFoXDTI3MDYyNDAxMTI1NVowMzExMC8GA1UEAxMoRERBRDg3RDYwQjVDOTIx
Nzc2OTk1RDUwRDBFRTlBNUIwQ0U1NjdGODCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAO+1JDP/cos1/4zyTi0NQYGCK51wIwp9egzgBJ48q6wvLU99IgrI
aLzcMXLZ6bm/dnZ3CR8J7YIjnsvSinsZma8fWFiDMfUfi5IWbY5YegqPr12PbSYm
PM/Zdoemq6lcL8USZbzOFchpHoHhtqN0A+YKHPaNYJnUZ2EWILboFbF77zBPJLT5
QYKZ52+y8EleDjFTUm2ZxLGIE51y5L5QRt4MteB6uUMU/gkuuJJaXLjvuplL7UwQ
VY3PnW8fmGyMpYJb5zmEziA/G16oYkHADkwNsmii3HD7p3mklhri27WChzNID3ZG
WZ/XnhfTQ4/pDxvCFgPO77mr4SfUVmmqMn0CAwEAAaOCAd0wggHZMB0GA1UdDgQW
BBTdrYfWC1ySF3aZXVDQ7ppbDOVn+DAfBgNVHSMEGDAWgBSFPE8e83x1CkgzlWnl
5nxFc/uubjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGgGA1UdHwRhMF8wXaBb
oFmGV3JzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMjAyOTEvaFR4UEh2TjhkUXBJTTVWcDVlWjhSWFA3cm00LmNybDBtBggr
BgEFBQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5
Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvaFR4UEh2TjhkUXBJTTVWcDVlWjhS
WFA3cm00LmNlcjAOBgNVHQ8BAf8EBAMCB4AwcwYIKwYBBQUHAQsEZzBlMGMGCCsG
AQUFBzALhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkx
QTczODEwMDAwLzIwMjkxLzNhMkgxZ3Rja2hkMm1WMVEwTzZhV3d6bFpfZy5yb2Ew
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPbYWgwDQYJKoZIhvcNAQELBQAD
ggEBAEdlJ7+KKE5z3tPeOeTdgXPod6rHVs9BAwzMkMh/JZ4Y15sXd8ZpVQ5jyQ8B
atGMrVRdvKnZ8gmPC+1cb49+mV02hLhNms5xldH3KABA+frL3KLnPzuaET57TEum
okMoCOLsn2v90E2JCgzkry+eewCbHI1XyXtlAy1yjtPC0seczdqanAkH4fky83/g
rWp/TrlxwqO2EAaNdUctam+GkpJEGWG+UJeLCacr7AMzrPd/ZdYwSBHR6DbD4tyZ
Rwhk52yGCH9F5nRFdmj0v/8n4+tS1pq5UdtOeij0XneC2nL0NyVwqYlwkr+rHxkY
jHjRGzeayv+A7YYNfqaYP8OclHQ=
-----END CERTIFICATE-----
Generated at Wed Jul 1 08:20:14 2026 by rpki-client