Route Origin Authorization
$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/354/PqN9o2opQZtnH61UK-aBOQSRZDw.roa
File: PqN9o2opQZtnH61UK-aBOQSRZDw.roa (raw, json)
Hash identifier: swdLvDfQ1LPDfwj1lhN3MDn/c/P+tuReNxzAWqw+txg=
Subject key identifier: 3E:A3:7D:A3:6A:29:41:9B:67:1F:AD:54:2B:E6:81:39:04:91:64:3C
Certificate issuer: /CN=0A5ACAC2990BD8F8655C0C721BACFF030A59D1FC
Certificate serial: FA
Authority key identifier: 0A:5A:CA:C2:99:0B:D8:F8:65:5C:0C:72:1B:AC:FF:03:0A:59:D1:FC
Authority info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ClrKwpkL2PhlXAxyG6z_AwpZ0fw.cer
Subject info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/354/PqN9o2opQZtnH61UK-aBOQSRZDw.roa
Signing time: Sun 30 Jun 2024 01:28:32 +0000
ROA not before: Sun 30 Jun 2024 01:28:32 +0000
ROA not after: Tue 24 Jun 2025 10:46:45 +0000
asID: 55898
IP address blocks: 211.14.28.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 250 (0xfa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0A5ACAC2990BD8F8655C0C721BACFF030A59D1FC
Validity
Not Before: Jun 30 01:28:32 2024 GMT
Not After : Jun 24 10:46:45 2025 GMT
Subject: CN=3EA37DA36A29419B671FAD542BE681390491643C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:6d:14:d7:85:0c:8c:cc:da:a5:3f:27:af:98:
c9:9d:d2:61:b1:f3:3f:be:57:d7:76:ca:db:c4:94:
56:1e:c5:43:3f:66:c7:46:b4:af:42:72:b7:17:50:
70:9d:f6:92:ef:6b:9f:ec:97:00:32:51:e1:3d:99:
d5:e5:12:84:35:85:ec:89:e5:cf:a9:ba:55:2e:85:
cc:fa:e3:70:be:8b:db:18:90:d3:89:28:e4:fb:4b:
37:10:fd:bc:96:2b:c3:fa:fe:11:55:f4:11:f3:e8:
21:c6:cd:a7:e1:8d:cb:36:d5:c5:20:40:ca:84:ac:
ce:5d:0d:c2:b0:d3:45:1b:7d:ba:56:9c:a6:62:4f:
9f:03:c2:40:96:b5:07:83:9a:bf:60:f2:32:c6:29:
61:d4:aa:c1:14:3a:c4:29:12:23:01:f1:ea:67:ba:
92:d7:f9:08:b1:d7:d2:5a:48:87:19:fe:2b:d3:f2:
90:18:cf:c7:28:c0:26:e7:15:6f:c5:c6:d6:cf:1e:
cf:47:70:65:a3:e3:6a:ea:f3:1f:67:35:d9:bc:a1:
af:f1:08:75:fc:53:c4:c0:3d:ef:16:11:ff:c7:61:
16:a5:48:03:f7:be:cb:82:00:4d:69:5c:1e:f3:ba:
f8:4a:42:74:7e:0a:c3:e7:1f:9e:9f:15:f3:20:ab:
98:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:A3:7D:A3:6A:29:41:9B:67:1F:AD:54:2B:E6:81:39:04:91:64:3C
X509v3 Authority Key Identifier:
keyid:0A:5A:CA:C2:99:0B:D8:F8:65:5C:0C:72:1B:AC:FF:03:0A:59:D1:FC
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/354/ClrKwpkL2PhlXAxyG6z_AwpZ0fw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ClrKwpkL2PhlXAxyG6z_AwpZ0fw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/354/PqN9o2opQZtnH61UK-aBOQSRZDw.roa
RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
211.14.28.0/23
Signature Algorithm: sha256WithRSAEncryption
05:49:f1:46:09:e6:50:b0:bb:74:73:7c:7f:18:e1:74:0f:e5:
29:d9:e6:4b:63:f4:13:68:82:a5:1c:ec:ab:b9:5c:6d:2a:78:
9c:9a:6c:ee:a6:bc:00:61:ca:d0:eb:fc:2d:d6:8a:52:52:48:
3d:d9:fb:3a:ce:b2:3b:e9:34:d2:ca:19:bc:08:a9:f8:7d:26:
44:fb:49:36:ae:c2:dc:d6:3a:b2:3f:b2:dd:77:98:83:bb:54:
47:0b:bc:23:a8:f2:02:79:9a:7b:24:a6:ff:38:b2:2f:4b:92:
5e:81:73:d4:d2:b4:b0:02:fe:c3:33:4b:53:54:4f:ce:12:66:
1e:8b:38:78:b0:35:9d:0e:29:b8:a0:06:c2:60:e5:ac:2e:f5:
b3:af:d8:93:66:19:75:06:4d:57:c9:47:d0:9e:70:2b:e1:bb:
a5:a6:23:61:52:43:69:92:3b:a7:a9:bc:fb:5b:13:bb:02:df:
2d:e1:5d:db:bd:38:01:88:00:35:bb:ad:65:47:5c:f6:ce:4e:
62:dc:c0:52:1f:82:76:63:da:46:90:f9:5c:17:c5:fa:c5:22:
45:6d:e7:6b:3f:25:7d:b4:3e:b4:85:2c:35:68:7d:93:10:ca:
df:f4:eb:6c:3e:51:90:39:4c:b1:3a:f7:b3:9b:1a:26:04:8f:
3e:cb:02:a3
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAPowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEE1
QUNBQzI5OTBCRDhGODY1NUMwQzcyMUJBQ0ZGMDMwQTU5RDFGQzAeFw0yNDA2MzAw
MTI4MzJaFw0yNTA2MjQxMDQ2NDVaMDMxMTAvBgNVBAMTKDNFQTM3REEzNkEyOTQx
OUI2NzFGQUQ1NDJCRTY4MTM5MDQ5MTY0M0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkbRTXhQyMzNqlPyevmMmd0mGx8z++V9d2ytvElFYexUM/ZsdG
tK9CcrcXUHCd9pLva5/slwAyUeE9mdXlEoQ1heyJ5c+pulUuhcz643C+i9sYkNOJ
KOT7SzcQ/byWK8P6/hFV9BHz6CHGzafhjcs21cUgQMqErM5dDcKw00UbfbpWnKZi
T58DwkCWtQeDmr9g8jLGKWHUqsEUOsQpEiMB8epnupLX+Qix19JaSIcZ/ivT8pAY
z8cowCbnFW/FxtbPHs9HcGWj42rq8x9nNdm8oa/xCHX8U8TAPe8WEf/HYRalSAP3
vsuCAE1pXB7zuvhKQnR+CsPnH56fFfMgq5iHAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUPqN9o2opQZtnH61UK+aBOQSRZDwwHwYDVR0jBBgwFoAUClrKwpkL2PhlXAxy
G6z/AwpZ0fwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzM1NC9DbHJLd3BrTDJQaGxYQXh5RzZ6X0F3cFowZncuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9DbHJLd3BrTDJQaGxYQXh5RzZ6X0F3
cFowZncuY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzU0L1BxTjlvMm9wUVp0bkg2MVVLLWFCT1FTUlpEdy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAHTDhwwDQYJKoZIhvcNAQELBQADggEBAAVJ8UYJ5lCwu3RzfH8Y4XQP5SnZ
5ktj9BNogqUc7Ku5XG0qeJyabO6mvABhytDr/C3WilJSSD3Z+zrOsjvpNNLKGbwI
qfh9JkT7STauwtzWOrI/st13mIO7VEcLvCOo8gJ5mnskpv84si9Lkl6Bc9TStLAC
/sMzS1NUT84SZh6LOHiwNZ0OKbigBsJg5awu9bOv2JNmGXUGTVfJR9CecCvhu6Wm
I2FSQ2mSO6epvPtbE7sC3y3hXdu9OAGIADW7rWVHXPbOTmLcwFIfgnZj2kaQ+VwX
xfrFIkVt52s/JX20PrSFLDVofZMQyt/062w+UZA5TLE697ObGiYEjz7LAqM=
-----END CERTIFICATE-----
Generated at Mon Jul 22 09:06:45 2024 by rpki-client on console-fra.rpki-client.org