Route Origin Authorization
$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/354/2w2TxfBggLVuG52qqbXxFlYAVao.roa
File: 2w2TxfBggLVuG52qqbXxFlYAVao.roa (raw, json)
Hash identifier: OUIp0aQgXMd21fAtU4U+tNIEulBjf9dzAPBXHGNcNkk=
Subject key identifier: DB:0D:93:C5:F0:60:80:B5:6E:1B:9D:AA:A9:B5:F1:16:56:00:55:AA
Certificate issuer: /CN=0A5ACAC2990BD8F8655C0C721BACFF030A59D1FC
Certificate serial: D1
Authority key identifier: 0A:5A:CA:C2:99:0B:D8:F8:65:5C:0C:72:1B:AC:FF:03:0A:59:D1:FC
Authority info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ClrKwpkL2PhlXAxyG6z_AwpZ0fw.cer
Subject info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/354/2w2TxfBggLVuG52qqbXxFlYAVao.roa
Signing time: Tue 01 Aug 2023 01:30:40 +0000
ROA not before: Tue 01 Aug 2023 01:30:40 +0000
ROA not after: Sun 14 Jul 2024 01:30:03 +0000
asID: 55898
IP address blocks: 211.14.8.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 209 (0xd1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0A5ACAC2990BD8F8655C0C721BACFF030A59D1FC
Validity
Not Before: Aug 1 01:30:40 2023 GMT
Not After : Jul 14 01:30:03 2024 GMT
Subject: CN=DB0D93C5F06080B56E1B9DAAA9B5F116560055AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:63:23:1a:ba:f4:0e:9d:36:93:53:84:da:b0:
fb:4c:77:60:e5:a5:8b:65:24:22:fb:a5:43:af:9d:
d9:68:e5:8d:07:90:2c:9f:bd:e4:37:b7:ac:06:ad:
0c:17:1a:d7:6d:e3:b3:71:09:55:10:12:2d:39:cc:
93:70:40:69:ee:f4:00:8f:82:62:63:25:0d:9a:15:
d9:11:eb:70:eb:fa:bd:03:95:e7:d2:a2:bb:d6:ef:
7b:0f:f7:09:c3:19:f2:2e:7d:37:9b:e4:3d:d4:46:
2d:c6:33:1a:33:35:dc:90:d7:04:3b:01:0c:ba:15:
37:4a:d2:4e:99:f5:15:24:96:09:22:aa:a6:47:14:
ab:a1:6c:20:ed:11:f9:bd:63:e9:9a:a2:07:05:dd:
91:51:f2:1d:8c:1a:ae:ce:4e:1b:d0:23:c2:f5:cd:
0e:5d:c6:9a:75:09:cd:6d:39:f2:9e:92:72:a5:61:
2f:c7:83:d4:11:53:5e:61:4f:75:66:31:bb:75:46:
18:e2:f5:39:55:69:1f:df:78:1e:d1:55:d6:0f:ce:
b4:42:74:26:92:36:38:86:70:02:d0:1a:50:9f:37:
24:ef:72:5a:c7:0a:41:b2:8d:b8:a5:63:72:02:f2:
61:e4:e9:29:c8:fc:0c:94:de:ce:13:01:26:2a:42:
3c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:0D:93:C5:F0:60:80:B5:6E:1B:9D:AA:A9:B5:F1:16:56:00:55:AA
X509v3 Authority Key Identifier:
keyid:0A:5A:CA:C2:99:0B:D8:F8:65:5C:0C:72:1B:AC:FF:03:0A:59:D1:FC
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/354/ClrKwpkL2PhlXAxyG6z_AwpZ0fw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ClrKwpkL2PhlXAxyG6z_AwpZ0fw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/354/2w2TxfBggLVuG52qqbXxFlYAVao.roa
RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
211.14.8.0/24
Signature Algorithm: sha256WithRSAEncryption
76:68:4e:04:35:cb:78:1e:d6:ca:2c:2b:a0:67:f7:e4:4e:d1:
67:68:be:aa:fe:8a:6d:5d:71:ac:b2:7b:26:d0:6a:ce:92:12:
dc:f2:04:dd:30:27:f3:45:c1:db:86:78:d6:b1:9c:1d:f6:1d:
90:a4:82:5d:3d:50:05:84:43:41:4f:01:81:33:82:40:71:8c:
2a:d1:ab:28:b5:44:a6:d8:7f:56:b2:78:5d:c3:ae:b5:0e:99:
c4:b1:9e:73:c2:76:12:65:34:0f:a8:5a:55:11:bc:ab:7e:ed:
a3:90:d9:18:c3:60:50:98:5e:60:2d:1f:e3:99:ca:da:86:cc:
d5:a7:09:44:c1:a6:a6:96:f7:51:5b:47:6a:9d:50:c4:5b:b7:
74:fb:15:26:1d:97:53:10:7d:02:7f:ac:6b:fa:73:31:46:1f:
5e:f9:09:fb:44:99:d5:e2:2c:61:d5:19:fa:4f:53:5c:e6:87:
56:a7:9d:98:73:20:09:9b:71:ee:72:4f:ae:41:3f:e7:c7:b4:
b5:d0:b7:bf:b8:0b:59:a3:94:9e:1e:db:a0:ff:6d:9c:09:33:
e8:19:71:d6:0b:38:de:b7:99:1f:74:f1:c5:62:67:b2:db:3e:
c4:79:c0:47:4c:0d:e6:47:ee:5b:c0:fb:6d:66:ab:1c:e5:50:
83:91:18:9b
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICANEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEE1
QUNBQzI5OTBCRDhGODY1NUMwQzcyMUJBQ0ZGMDMwQTU5RDFGQzAeFw0yMzA4MDEw
MTMwNDBaFw0yNDA3MTQwMTMwMDNaMDMxMTAvBgNVBAMTKERCMEQ5M0M1RjA2MDgw
QjU2RTFCOURBQUE5QjVGMTE2NTYwMDU1QUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9YyMauvQOnTaTU4TasPtMd2DlpYtlJCL7pUOvndlo5Y0HkCyf
veQ3t6wGrQwXGtdt47NxCVUQEi05zJNwQGnu9ACPgmJjJQ2aFdkR63Dr+r0DlefS
orvW73sP9wnDGfIufTeb5D3URi3GMxozNdyQ1wQ7AQy6FTdK0k6Z9RUklgkiqqZH
FKuhbCDtEfm9Y+maogcF3ZFR8h2MGq7OThvQI8L1zQ5dxpp1Cc1tOfKeknKlYS/H
g9QRU15hT3VmMbt1Rhji9TlVaR/feB7RVdYPzrRCdCaSNjiGcALQGlCfNyTvclrH
CkGyjbilY3IC8mHk6SnI/AyU3s4TASYqQjwBAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQU2w2TxfBggLVuG52qqbXxFlYAVaowHwYDVR0jBBgwFoAUClrKwpkL2PhlXAxy
G6z/AwpZ0fwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzM1NC9DbHJLd3BrTDJQaGxYQXh5RzZ6X0F3cFowZncuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9DbHJLd3BrTDJQaGxYQXh5RzZ6X0F3
cFowZncuY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzU0LzJ3MlR4ZkJnZ0xWdUc1MnFxYlh4RmxZQVZhby5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADTDggwDQYJKoZIhvcNAQELBQADggEBAHZoTgQ1y3ge1sosK6Bn9+RO0Wdo
vqr+im1dcayyeybQas6SEtzyBN0wJ/NFwduGeNaxnB32HZCkgl09UAWEQ0FPAYEz
gkBxjCrRqyi1RKbYf1ayeF3DrrUOmcSxnnPCdhJlNA+oWlURvKt+7aOQ2RjDYFCY
XmAtH+OZytqGzNWnCUTBpqaW91FbR2qdUMRbt3T7FSYdl1MQfQJ/rGv6czFGH175
CftEmdXiLGHVGfpPU1zmh1annZhzIAmbce5yT65BP+fHtLXQt7+4C1mjlJ4e26D/
bZwJM+gZcdYLON63mR908cViZ7LbPsR5wEdMDeZH7lvA+21mqxzlUIORGJs=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:05:19 2025 by rpki-client