Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/452/9I8Qcx3sKCZscuj6xeTjKINDnK8.roa
File:                     9I8Qcx3sKCZscuj6xeTjKINDnK8.roa (raw, json)
Hash identifier:          qXuMMjbwJg9OBa7OhYDkSBLGpBSQLVUH8o6YokWeYt8=
Subject key identifier:   F4:8F:10:73:1D:EC:28:26:6C:72:E8:FA:C5:E4:E3:28:83:43:9C:AF
Certificate issuer:       /CN=D67891B94ED9E557E779746BFA23E03D1ED234EE
Certificate serial:       6F
Authority key identifier: D6:78:91:B9:4E:D9:E5:57:E7:79:74:6B:FA:23:E0:3D:1E:D2:34:EE
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1niRuU7Z5VfneXRr-iPgPR7SNO4.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/452/9I8Qcx3sKCZscuj6xeTjKINDnK8.roa
Signing time:             Mon 29 Jun 2026 04:36:53 +0000
ROA not before:           Mon 29 Jun 2026 04:36:53 +0000
ROA not after:            Tue 15 Jun 2027 01:30:02 +0000
asID:                     2519
IP address blocks:        1.21.112.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/452/1niRuU7Z5VfneXRr-iPgPR7SNO4.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/452/1niRuU7Z5VfneXRr-iPgPR7SNO4.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1niRuU7Z5VfneXRr-iPgPR7SNO4.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 12 Jul 2026 09:28:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 111 (0x6f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D67891B94ED9E557E779746BFA23E03D1ED234EE
        Validity
            Not Before: Jun 29 04:36:53 2026 GMT
            Not After : Jun 15 01:30:02 2027 GMT
        Subject: CN=F48F10731DEC28266C72E8FAC5E4E32883439CAF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:3c:7d:75:e6:07:cf:20:c2:29:32:f7:b0:bb:
                    84:9a:d4:a9:04:73:2e:ca:98:8b:98:e4:02:21:cd:
                    33:da:19:3a:96:ac:6f:00:d5:53:6a:61:8a:56:34:
                    9c:ec:29:31:0e:81:cc:34:f8:79:5b:1b:3d:5e:1c:
                    29:1d:7f:db:0f:cf:56:03:1c:99:74:29:56:31:68:
                    90:6f:bc:b2:ed:9d:09:c7:74:60:1f:fa:fa:78:d3:
                    fb:d8:58:60:98:e8:a2:d6:30:45:40:e3:19:ea:86:
                    16:6a:7a:d8:88:a5:27:8f:93:ae:5d:38:ba:3c:8b:
                    59:eb:55:3d:a3:9a:ef:0d:32:c0:3d:59:56:02:ce:
                    dc:ac:c5:c5:75:a3:fe:92:c4:d9:0a:b7:fd:7a:77:
                    8e:b2:b2:e5:40:4a:56:fb:3b:49:15:77:b7:a1:17:
                    89:7d:f6:64:1a:99:b8:d5:51:5a:c5:73:69:45:98:
                    83:f8:9b:4d:66:33:12:8a:83:73:6e:9c:1b:51:e7:
                    b5:01:61:7b:5c:34:51:90:1b:e6:20:60:58:a1:5d:
                    d8:d3:03:c1:2c:6d:f6:9e:ba:6d:84:98:02:5e:3e:
                    5f:11:43:2c:b4:b1:61:e5:f3:22:e2:b1:52:b9:5c:
                    b6:0f:5b:9f:06:5f:f4:36:6a:49:21:34:53:24:40:
                    b7:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:8F:10:73:1D:EC:28:26:6C:72:E8:FA:C5:E4:E3:28:83:43:9C:AF
            X509v3 Authority Key Identifier:
                keyid:D6:78:91:B9:4E:D9:E5:57:E7:79:74:6B:FA:23:E0:3D:1E:D2:34:EE

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/452/1niRuU7Z5VfneXRr-iPgPR7SNO4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1niRuU7Z5VfneXRr-iPgPR7SNO4.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/452/9I8Qcx3sKCZscuj6xeTjKINDnK8.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.21.112.0/20

    Signature Algorithm: sha256WithRSAEncryption
         1b:c6:16:04:94:23:90:85:ce:17:9c:39:4e:13:5c:60:42:86:
         6c:89:d2:89:8a:95:05:64:41:f5:d6:cd:6a:79:74:0d:97:1f:
         08:41:bc:fc:bd:e4:5c:3e:f1:62:0f:64:8c:f1:20:65:84:f5:
         01:ac:de:9d:80:25:cd:57:33:88:d7:49:ac:6f:80:3f:b5:a1:
         f5:d9:25:21:ae:6f:d0:e4:bc:3e:82:47:ec:7c:c0:e4:7c:56:
         a6:18:e4:96:d0:44:63:e0:ae:64:14:fe:4e:ea:26:d3:0a:1a:
         55:09:69:fa:58:a0:4e:42:b9:46:7a:2c:ea:eb:fa:fa:d6:b1:
         47:42:72:ee:15:62:27:a6:03:b6:8e:dd:11:8d:00:38:a3:c0:
         c3:4d:15:2c:21:20:82:e5:25:f0:84:c9:39:da:5c:f3:1a:12:
         6b:b6:1f:35:4b:dd:7f:4f:87:f7:db:13:98:89:48:fc:46:6f:
         ba:46:96:57:d9:f1:b0:28:fa:d6:70:bc:53:fe:1d:b4:28:4d:
         ee:a6:50:63:ed:db:7c:eb:8f:a9:b2:4a:72:6e:8e:03:87:aa:
         f4:a0:97:ff:46:2e:99:9f:4b:dc:5e:0c:2c:8c:b6:23:87:56:
         76:91:46:b0:07:dd:ea:1d:91:e2:5f:25:01:e0:8a:bf:ea:e0:
         f0:ef:15:b0
-----BEGIN CERTIFICATE-----
MIIEvDCCA6SgAwIBAgIBbzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhENjc4
OTFCOTRFRDlFNTU3RTc3OTc0NkJGQTIzRTAzRDFFRDIzNEVFMB4XDTI2MDYyOTA0
MzY1M1oXDTI3MDYxNTAxMzAwMlowMzExMC8GA1UEAxMoRjQ4RjEwNzMxREVDMjgy
NjZDNzJFOEZBQzVFNEUzMjg4MzQzOUNBRjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANU8fXXmB88gwiky97C7hJrUqQRzLsqYi5jkAiHNM9oZOpasbwDV
U2philY0nOwpMQ6BzDT4eVsbPV4cKR1/2w/PVgMcmXQpVjFokG+8su2dCcd0YB/6
+njT+9hYYJjootYwRUDjGeqGFmp62IilJ4+Trl04ujyLWetVPaOa7w0ywD1ZVgLO
3KzFxXWj/pLE2Qq3/Xp3jrKy5UBKVvs7SRV3t6EXiX32ZBqZuNVRWsVzaUWYg/ib
TWYzEoqDc26cG1HntQFhe1w0UZAb5iBgWKFd2NMDwSxt9p66bYSYAl4+XxFDLLSx
YeXzIuKxUrlctg9bnwZf9DZqSSE0UyRAtz8CAwEAAaOCAdkwggHVMB0GA1UdDgQW
BBT0jxBzHewoJmxy6PrF5OMog0OcrzAfBgNVHSMEGDAWgBTWeJG5TtnlV+d5dGv6
I+A9HtI07jAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvNDUyLzFuaVJ1VTdaNVZmbmVYUnItaVBnUFI3U05PNC5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwLzFuaVJ1VTdaNVZmbmVYUnItaVBnUFI3
U05PNC5jZXIwDgYDVR0PAQH/BAQDAgeAMHEGCCsGAQUFBwELBGUwYzBhBggrBgEF
BQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5MUE3
MzgxMDAwMC80NTIvOUk4UWN4M3NLQ1pzY3VqNnhlVGpLSU5Ebks4LnJvYTAfBggr
BgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBAEVcDANBgkqhkiG9w0BAQsFAAOCAQEA
G8YWBJQjkIXOF5w5ThNcYEKGbInSiYqVBWRB9dbNanl0DZcfCEG8/L3kXD7xYg9k
jPEgZYT1AazenYAlzVcziNdJrG+AP7Wh9dklIa5v0OS8PoJH7HzA5HxWphjkltBE
Y+CuZBT+Tuom0woaVQlp+ligTkK5Rnos6uv6+taxR0Jy7hViJ6YDto7dEY0AOKPA
w00VLCEgguUl8ITJOdpc8xoSa7YfNUvdf0+H99sTmIlI/EZvukaWV9nxsCj61nC8
U/4dtChN7qZQY+3bfOuPqbJKcm6OA4eq9KCX/0YumZ9L3F4MLIy2I4dWdpFGsAfd
6h2R4l8lAeCKv+rg8O8VsA==
-----END CERTIFICATE-----
Generated at Sun Jul 5 11:14:15 2026 by rpki-client