Route Origin Authorization
$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/354/2iighLB0bg9gW-MdeW6n2IwfYz0.roa
File: 2iighLB0bg9gW-MdeW6n2IwfYz0.roa (raw, json)
Hash identifier: 10n5jfbCRrQUemiyOsOUeteq2GBGKqp61U5VJvmQoHY=
Subject key identifier: DA:28:A0:84:B0:74:6E:0F:60:5B:E3:1D:79:6E:A7:D8:8C:1F:63:3D
Certificate issuer: /CN=0A5ACAC2990BD8F8655C0C721BACFF030A59D1FC
Certificate serial: FB
Authority key identifier: 0A:5A:CA:C2:99:0B:D8:F8:65:5C:0C:72:1B:AC:FF:03:0A:59:D1:FC
Authority info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ClrKwpkL2PhlXAxyG6z_AwpZ0fw.cer
Subject info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/354/2iighLB0bg9gW-MdeW6n2IwfYz0.roa
Signing time: Sun 30 Jun 2024 01:28:33 +0000
ROA not before: Sun 30 Jun 2024 01:28:33 +0000
ROA not after: Tue 24 Jun 2025 10:46:45 +0000
asID: 23816
IP address blocks: 202.93.64.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 251 (0xfb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0A5ACAC2990BD8F8655C0C721BACFF030A59D1FC
Validity
Not Before: Jun 30 01:28:33 2024 GMT
Not After : Jun 24 10:46:45 2025 GMT
Subject: CN=DA28A084B0746E0F605BE31D796EA7D88C1F633D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ce:33:c1:14:d2:72:e4:f0:7e:cd:1c:2b:86:
37:5c:77:3b:b0:7e:da:67:87:81:cf:29:6e:7b:cc:
ce:d1:08:ee:44:97:1e:b3:7b:e7:8c:4b:71:57:66:
df:9a:e1:68:44:ab:7d:89:09:d4:2d:cd:1f:23:bc:
28:d9:a5:94:3e:e8:f6:41:ad:8c:77:14:0d:65:4a:
e2:01:e5:ed:9f:94:17:18:cd:a1:6e:6f:bd:a5:92:
79:a8:a6:22:8e:d5:46:7c:98:dd:ca:46:4f:59:ba:
b3:bf:3e:cf:ea:ad:d0:1f:62:f7:c1:56:05:55:3d:
d8:c3:da:18:34:ab:07:d3:0a:db:78:74:ad:a7:36:
b3:4b:97:69:bb:99:4e:e3:13:ef:4f:fd:70:ea:89:
5d:b8:f1:07:ec:17:fb:74:ae:b4:d4:87:6f:85:bd:
fb:22:72:0c:bf:82:16:b1:ec:12:5e:03:ab:91:2b:
68:fc:52:6c:e5:34:10:b6:7b:b8:48:c4:79:18:e5:
d3:7d:ad:d3:41:16:d8:9a:fc:39:ca:61:2f:8b:9d:
e7:38:c0:9a:b5:75:e1:a5:75:8d:2b:3f:c8:1f:91:
d8:53:f1:58:ff:de:f7:2f:c1:a2:aa:b4:67:64:f5:
da:b5:8c:49:4e:35:9e:d1:3c:a1:ee:a2:f8:64:f8:
c5:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:28:A0:84:B0:74:6E:0F:60:5B:E3:1D:79:6E:A7:D8:8C:1F:63:3D
X509v3 Authority Key Identifier:
keyid:0A:5A:CA:C2:99:0B:D8:F8:65:5C:0C:72:1B:AC:FF:03:0A:59:D1:FC
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/354/ClrKwpkL2PhlXAxyG6z_AwpZ0fw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ClrKwpkL2PhlXAxyG6z_AwpZ0fw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/354/2iighLB0bg9gW-MdeW6n2IwfYz0.roa
RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.93.64.0/19
Signature Algorithm: sha256WithRSAEncryption
68:29:e4:e2:ce:cf:68:67:2c:e0:22:a2:51:40:bf:4b:b7:9b:
23:fa:7a:45:0d:01:06:c6:df:f2:b3:5c:75:21:9b:4f:9a:ba:
10:00:d2:a3:b4:47:91:5f:a8:87:a9:c7:d3:79:4f:87:78:c8:
6c:61:c6:f5:4d:b4:f7:6c:61:f7:c5:c6:8f:4f:bd:bf:00:8b:
5c:a1:12:ba:5b:d9:13:9a:ee:cf:45:aa:5a:e8:68:52:15:56:
1c:d1:3c:34:18:86:68:87:f5:2a:22:66:2a:a3:54:e2:7a:fe:
b0:25:2c:bf:bf:e6:ec:c9:9a:3c:e3:9d:48:a1:52:7e:e2:cb:
2b:6c:60:ef:dd:bb:48:a5:5c:ce:8b:d8:22:c9:4f:8b:fc:1d:
17:10:30:41:33:bb:dc:fb:75:d6:db:88:2b:df:27:e1:c0:53:
2d:22:54:e8:29:2c:95:d3:46:0a:f9:85:40:ec:5c:dd:2f:08:
c8:bd:48:f9:98:a0:94:a4:9f:a5:a0:95:b9:82:ac:19:77:a4:
11:06:94:37:89:69:d8:ef:b3:36:fb:86:ac:2b:2d:ad:46:86:
df:18:b3:c6:82:01:03:f4:90:7b:0f:15:b6:d0:1f:7f:c2:7a:
d6:de:1e:ab:2b:53:c8:7a:56:2a:99:db:a4:97:7f:45:91:11:
08:ee:bc:6e
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAPswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEE1
QUNBQzI5OTBCRDhGODY1NUMwQzcyMUJBQ0ZGMDMwQTU5RDFGQzAeFw0yNDA2MzAw
MTI4MzNaFw0yNTA2MjQxMDQ2NDVaMDMxMTAvBgNVBAMTKERBMjhBMDg0QjA3NDZF
MEY2MDVCRTMxRDc5NkVBN0Q4OEMxRjYzM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXzjPBFNJy5PB+zRwrhjdcdzuwftpnh4HPKW57zM7RCO5Elx6z
e+eMS3FXZt+a4WhEq32JCdQtzR8jvCjZpZQ+6PZBrYx3FA1lSuIB5e2flBcYzaFu
b72lknmopiKO1UZ8mN3KRk9ZurO/Ps/qrdAfYvfBVgVVPdjD2hg0qwfTCtt4dK2n
NrNLl2m7mU7jE+9P/XDqiV248QfsF/t0rrTUh2+Fvfsicgy/ghax7BJeA6uRK2j8
UmzlNBC2e7hIxHkY5dN9rdNBFtia/DnKYS+Lnec4wJq1deGldY0rP8gfkdhT8Vj/
3vcvwaKqtGdk9dq1jElONZ7RPKHuovhk+MXtAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQU2iighLB0bg9gW+MdeW6n2IwfYz0wHwYDVR0jBBgwFoAUClrKwpkL2PhlXAxy
G6z/AwpZ0fwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzM1NC9DbHJLd3BrTDJQaGxYQXh5RzZ6X0F3cFowZncuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9DbHJLd3BrTDJQaGxYQXh5RzZ6X0F3
cFowZncuY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzU0LzJpaWdoTEIwYmc5Z1ctTWRlVzZuMkl3Zll6MC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXKXUAwDQYJKoZIhvcNAQELBQADggEBAGgp5OLOz2hnLOAiolFAv0u3myP6
ekUNAQbG3/KzXHUhm0+auhAA0qO0R5FfqIepx9N5T4d4yGxhxvVNtPdsYffFxo9P
vb8Ai1yhErpb2ROa7s9FqlroaFIVVhzRPDQYhmiH9SoiZiqjVOJ6/rAlLL+/5uzJ
mjzjnUihUn7iyytsYO/du0ilXM6L2CLJT4v8HRcQMEEzu9z7ddbbiCvfJ+HAUy0i
VOgpLJXTRgr5hUDsXN0vCMi9SPmYoJSkn6WglbmCrBl3pBEGlDeJadjvszb7hqwr
La1Ght8Ys8aCAQP0kHsPFbbQH3/CetbeHqsrU8h6ViqZ26SXf0WREQjuvG4=
-----END CERTIFICATE-----
Generated at Mon Jul 22 09:06:45 2024 by rpki-client on console-fra.rpki-client.org