Route Origin Authorization
$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/354/RhCyLhmVx9srh9SlOdCHEMgrbb0.roa
File: RhCyLhmVx9srh9SlOdCHEMgrbb0.roa (raw, json)
Hash identifier: OlUi52meJz27iODJVNfeyZmeqaSwlvaeu3sX1+ofpwE=
Subject key identifier: 46:10:B2:2E:19:95:C7:DB:2B:87:D4:A5:39:D0:87:10:C8:2B:6D:BD
Certificate issuer: /CN=0A5ACAC2990BD8F8655C0C721BACFF030A59D1FC
Certificate serial: D3
Authority key identifier: 0A:5A:CA:C2:99:0B:D8:F8:65:5C:0C:72:1B:AC:FF:03:0A:59:D1:FC
Authority info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ClrKwpkL2PhlXAxyG6z_AwpZ0fw.cer
Subject info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/354/RhCyLhmVx9srh9SlOdCHEMgrbb0.roa
Signing time: Tue 01 Aug 2023 01:30:41 +0000
ROA not before: Tue 01 Aug 2023 01:30:41 +0000
ROA not after: Sun 14 Jul 2024 01:30:03 +0000
asID: 23816
IP address blocks: 211.14.12.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 211 (0xd3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0A5ACAC2990BD8F8655C0C721BACFF030A59D1FC
Validity
Not Before: Aug 1 01:30:41 2023 GMT
Not After : Jul 14 01:30:03 2024 GMT
Subject: CN=4610B22E1995C7DB2B87D4A539D08710C82B6DBD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:45:07:12:77:c5:1b:56:6d:40:d3:3a:1b:1a:
e1:8b:df:c2:57:b7:d5:eb:68:6f:21:a8:3c:53:e8:
18:db:8e:13:d5:9c:20:e3:1e:ad:1d:c1:f5:de:99:
87:77:f0:33:76:79:3b:0b:80:a2:cc:0e:4e:c3:31:
27:a5:b8:ac:93:ba:c4:23:8f:6a:4d:11:67:9d:d3:
b4:35:37:a4:d8:f4:a2:1f:5d:b0:ba:0d:76:23:ec:
05:10:ea:00:12:d0:5f:a2:e5:05:ac:3a:36:11:d7:
14:3c:04:9d:48:da:ac:a9:56:17:d1:e0:cc:d7:0a:
f6:bb:fe:b6:1d:17:b8:5d:43:7d:de:85:3d:9c:5c:
bd:e7:da:1c:23:27:e2:3f:da:d7:aa:59:de:23:17:
aa:78:0a:53:cf:bd:50:17:21:68:d8:96:df:8e:68:
7a:4b:8e:d7:58:29:c8:58:82:e7:9c:a3:dc:23:f7:
d7:a4:3e:2f:d8:cf:0d:b2:86:4c:b5:e5:ae:a2:7f:
7c:84:35:14:38:2d:44:7d:80:11:f3:27:f9:67:c0:
3b:86:46:f8:bb:a3:f0:c6:18:5d:83:b6:e9:c7:bf:
f7:9c:e7:2e:ec:53:54:d4:fa:8d:d5:cc:fc:a7:0b:
a9:f1:be:42:b2:07:23:c7:3a:a9:4e:fd:be:6d:2c:
79:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:10:B2:2E:19:95:C7:DB:2B:87:D4:A5:39:D0:87:10:C8:2B:6D:BD
X509v3 Authority Key Identifier:
keyid:0A:5A:CA:C2:99:0B:D8:F8:65:5C:0C:72:1B:AC:FF:03:0A:59:D1:FC
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/354/ClrKwpkL2PhlXAxyG6z_AwpZ0fw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ClrKwpkL2PhlXAxyG6z_AwpZ0fw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/354/RhCyLhmVx9srh9SlOdCHEMgrbb0.roa
RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
211.14.12.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:eb:ba:7d:ce:20:88:6d:06:7d:97:92:eb:54:1c:8f:ed:e7:
61:b8:b0:9b:37:eb:56:ec:e8:6b:f7:c7:6f:ad:74:68:19:b9:
37:4d:bd:b4:c8:33:4e:df:23:53:c1:b7:00:3d:89:47:5d:6b:
9b:6b:bd:dc:60:98:5c:2c:60:4f:1b:04:64:0f:95:88:c7:bd:
19:db:23:1b:db:ed:3f:c2:ba:0a:d6:47:03:f3:f6:4e:31:e8:
50:70:db:be:3e:fd:55:16:6a:e5:76:64:84:d2:f4:ba:fe:12:
99:75:4d:0c:eb:e6:ec:e2:e0:99:98:ea:b3:9f:d0:61:c2:38:
30:28:30:98:eb:6d:f5:21:84:4e:d9:97:ad:3a:16:61:6a:42:
af:66:53:5a:cb:f1:79:7d:86:54:20:fd:2d:50:76:49:b4:fb:
e0:91:0f:13:7d:2c:7c:01:58:90:7c:91:02:07:0c:89:c3:66:
2b:eb:e6:00:7c:2c:90:4a:ff:db:25:45:83:d4:9a:22:7f:5d:
d7:0d:dc:7a:1b:84:5d:aa:dd:67:a0:b1:71:52:59:14:ff:2c:
15:0b:33:04:54:aa:91:62:93:ed:f2:f1:59:72:04:2f:fd:70:
bb:41:99:2e:d0:ad:32:d2:fa:db:b0:fe:8c:ec:ba:55:85:e6:
d6:01:0c:d9
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICANMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEE1
QUNBQzI5OTBCRDhGODY1NUMwQzcyMUJBQ0ZGMDMwQTU5RDFGQzAeFw0yMzA4MDEw
MTMwNDFaFw0yNDA3MTQwMTMwMDNaMDMxMTAvBgNVBAMTKDQ2MTBCMjJFMTk5NUM3
REIyQjg3RDRBNTM5RDA4NzEwQzgyQjZEQkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDRQcSd8UbVm1A0zobGuGL38JXt9XraG8hqDxT6BjbjhPVnCDj
Hq0dwfXemYd38DN2eTsLgKLMDk7DMSeluKyTusQjj2pNEWed07Q1N6TY9KIfXbC6
DXYj7AUQ6gAS0F+i5QWsOjYR1xQ8BJ1I2qypVhfR4MzXCva7/rYdF7hdQ33ehT2c
XL3n2hwjJ+I/2teqWd4jF6p4ClPPvVAXIWjYlt+OaHpLjtdYKchYgueco9wj99ek
Pi/Yzw2yhky15a6if3yENRQ4LUR9gBHzJ/lnwDuGRvi7o/DGGF2DtunHv/ec5y7s
U1TU+o3VzPynC6nxvkKyByPHOqlO/b5tLHkPAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQURhCyLhmVx9srh9SlOdCHEMgrbb0wHwYDVR0jBBgwFoAUClrKwpkL2PhlXAxy
G6z/AwpZ0fwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzM1NC9DbHJLd3BrTDJQaGxYQXh5RzZ6X0F3cFowZncuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9DbHJLd3BrTDJQaGxYQXh5RzZ6X0F3
cFowZncuY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzU0L1JoQ3lMaG1WeDlzcmg5U2xPZENIRU1ncmJiMC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALTDgwwDQYJKoZIhvcNAQELBQADggEBAK7run3OIIhtBn2XkutUHI/t52G4
sJs361bs6Gv3x2+tdGgZuTdNvbTIM07fI1PBtwA9iUdda5trvdxgmFwsYE8bBGQP
lYjHvRnbIxvb7T/CugrWRwPz9k4x6FBw274+/VUWauV2ZITS9Lr+Epl1TQzr5uzi
4JmY6rOf0GHCODAoMJjrbfUhhE7Zl606FmFqQq9mU1rL8Xl9hlQg/S1Qdkm0++CR
DxN9LHwBWJB8kQIHDInDZivr5gB8LJBK/9slRYPUmiJ/XdcN3HobhF2q3WegsXFS
WRT/LBULMwRUqpFik+3y8VlyBC/9cLtBmS7QrTLS+tuw/ozsulWF5tYBDNk=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:15:38 2025 by rpki-client