Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/20116/_RChxxbKj0z0siYAmXx2wstecN8.roa
File:                     _RChxxbKj0z0siYAmXx2wstecN8.roa (raw, json)
Hash identifier:          Jsc4gPrdZjv700yruHphzpFleUt1HnqYfGxze8vCNCo=
Subject key identifier:   FD:10:A1:C7:16:CA:8F:4C:F4:B2:26:00:99:7C:76:C2:CB:5E:70:DF
Certificate issuer:       /CN=C49E64FB7C8C7C6B5CD7C7701882E8597C42838E
Certificate serial:       89
Authority key identifier: C4:9E:64:FB:7C:8C:7C:6B:5C:D7:C7:70:18:82:E8:59:7C:42:83:8E
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/xJ5k-3yMfGtc18dwGILoWXxCg44.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20116/_RChxxbKj0z0siYAmXx2wstecN8.roa
Signing time:             Tue 10 Jun 2025 10:50:49 +0000
ROA not before:           Tue 10 Jun 2025 10:50:49 +0000
ROA not after:            Sat 23 May 2026 09:51:00 +0000
asID:                     38631
IP address blocks:        119.235.236.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20116/xJ5k-3yMfGtc18dwGILoWXxCg44.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20116/xJ5k-3yMfGtc18dwGILoWXxCg44.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/xJ5k-3yMfGtc18dwGILoWXxCg44.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 10 Jul 2025 03:15:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 137 (0x89)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E64FB7C8C7C6B5CD7C7701882E8597C42838E
        Validity
            Not Before: Jun 10 10:50:49 2025 GMT
            Not After : May 23 09:51:00 2026 GMT
        Subject: CN=FD10A1C716CA8F4CF4B22600997C76C2CB5E70DF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:59:c3:95:11:6a:87:40:c8:2c:df:32:c5:af:
                    cd:32:0b:ef:13:f0:39:c5:b8:d1:98:38:28:2a:ad:
                    ce:a6:9b:6d:97:7f:62:b7:9c:c5:19:65:a1:f8:c4:
                    fc:ff:ae:0a:f9:c1:98:94:d1:a4:e4:4c:c3:c6:e6:
                    61:1a:50:c5:23:b3:20:2f:0b:ea:6d:6d:e7:bc:ee:
                    70:c6:ba:fa:c2:e5:0e:37:8f:9b:73:aa:61:d5:e2:
                    40:18:3c:57:7a:97:b0:b8:de:32:94:0e:f9:09:f3:
                    b7:8a:7a:1b:40:19:4b:3f:43:85:41:02:d6:4e:99:
                    2f:0d:e2:72:b8:29:b0:2d:dc:91:e2:d4:cd:d5:29:
                    5f:b8:0d:57:e2:1b:00:b5:17:4d:5e:1a:d1:de:5d:
                    30:ab:8d:4a:8c:15:6a:a9:c2:89:5c:c2:0e:4c:de:
                    90:7b:bc:95:c0:e2:b5:62:c5:7b:37:e3:5f:f9:5d:
                    d5:a2:eb:33:ba:2e:c9:20:17:e8:cc:3d:fc:fa:f0:
                    11:80:b3:ad:92:24:a2:95:28:85:55:25:4b:8e:6d:
                    52:e7:21:5d:ad:77:f5:f0:d3:5f:10:b5:54:c6:09:
                    3a:52:e1:59:d5:cc:26:15:63:d0:b2:7f:e6:4d:d1:
                    15:2b:e9:c5:59:9f:87:9c:5c:fc:1d:da:ec:84:7b:
                    6b:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:10:A1:C7:16:CA:8F:4C:F4:B2:26:00:99:7C:76:C2:CB:5E:70:DF
            X509v3 Authority Key Identifier:
                keyid:C4:9E:64:FB:7C:8C:7C:6B:5C:D7:C7:70:18:82:E8:59:7C:42:83:8E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20116/xJ5k-3yMfGtc18dwGILoWXxCg44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/xJ5k-3yMfGtc18dwGILoWXxCg44.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20116/_RChxxbKj0z0siYAmXx2wstecN8.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  119.235.236.0/23

    Signature Algorithm: sha256WithRSAEncryption
         16:a3:0e:bb:79:38:0b:16:49:a0:c6:cd:09:e6:cb:fe:c2:63:
         72:1e:dc:bc:2c:e8:46:f0:56:94:b2:0e:97:fc:43:7d:7f:07:
         4f:d2:d3:5f:75:97:4d:95:e1:c8:c0:c4:47:c4:51:cf:db:5c:
         f0:69:a1:c8:23:5a:27:3b:e9:d3:be:62:20:bc:b1:f4:22:02:
         db:84:fe:0f:81:34:3d:e6:ca:27:6b:d3:21:52:cd:2a:57:cb:
         22:72:f7:c9:6e:1d:a1:f1:06:8b:27:ab:db:7c:ee:18:5d:49:
         cf:1f:f1:3a:21:3c:61:23:90:93:d9:91:6f:42:57:be:18:56:
         9f:e5:23:a2:63:59:b9:e2:0f:e6:00:98:cd:ef:09:a6:dd:59:
         eb:1d:ec:82:ac:90:48:24:c4:62:7e:87:dc:51:7c:ef:dc:4f:
         10:ad:92:5d:a8:b1:9d:d5:43:fb:d0:bd:ce:fc:1c:b6:1c:93:
         e8:7d:83:5a:da:5c:58:71:56:54:85:d6:fb:e0:1f:03:57:07:
         e6:64:55:3e:6e:4e:b7:ad:15:68:9b:2e:dd:16:61:e1:1e:31:
         88:48:7c:80:c9:03:8f:4d:ae:af:b5:df:f3:64:86:fd:73:3a:
         7c:3b:3c:a9:35:af:21:f9:56:c2:c2:23:48:ed:34:c4:8e:e0:
         e6:1c:ad:a8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgICAIkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTY0RkI3QzhDN0M2QjVDRDdDNzcwMTg4MkU4NTk3QzQyODM4RTAeFw0yNTA2MTAx
MDUwNDlaFw0yNjA1MjMwOTUxMDBaMDMxMTAvBgNVBAMTKEZEMTBBMUM3MTZDQThG
NENGNEIyMjYwMDk5N0M3NkMyQ0I1RTcwREYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyWcOVEWqHQMgs3zLFr80yC+8T8DnFuNGYOCgqrc6mm22Xf2K3
nMUZZaH4xPz/rgr5wZiU0aTkTMPG5mEaUMUjsyAvC+ptbee87nDGuvrC5Q43j5tz
qmHV4kAYPFd6l7C43jKUDvkJ87eKehtAGUs/Q4VBAtZOmS8N4nK4KbAt3JHi1M3V
KV+4DVfiGwC1F01eGtHeXTCrjUqMFWqpwolcwg5M3pB7vJXA4rVixXs341/5XdWi
6zO6LskgF+jMPfz68BGAs62SJKKVKIVVJUuObVLnIV2td/Xw018QtVTGCTpS4VnV
zCYVY9Cyf+ZN0RUr6cVZn4ecXPwd2uyEe2uZAgMBAAGjggIoMIICJDAdBgNVHQ4E
FgQU/RChxxbKj0z0siYAmXx2wstecN8wHwYDVR0jBBgwFoAUxJ5k+3yMfGtc18dw
GILoWXxCg44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBoBgNVHR8EYTBfMF2g
W6BZhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzIwMTE2L3hKNWstM3lNZkd0YzE4ZHdHSUxvV1h4Q2c0NC5jcmwwbQYI
KwYBBQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9y
eS5uaWMuYWQuanAvYXAvQTkxQTczODEwMDAwL3hKNWstM3lNZkd0YzE4ZHdHSUxv
V1h4Q2c0NC5jZXIwDgYDVR0PAQH/BAQDAgeAMIG9BggrBgEFBQcBCwSBsDCBrTBj
BggrBgEFBQcwC4ZXcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2Fw
L0E5MUE3MzgxMDAwMC8yMDExNi9fUkNoeHhiS2owejBzaVlBbVh4MndzdGVjTjgu
cm9hMEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQu
anAvcnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQBd+vsMA0GCSqGSIb3DQEBCwUAA4IBAQAWow67eTgLFkmgxs0J5sv+
wmNyHty8LOhG8FaUsg6X/EN9fwdP0tNfdZdNleHIwMRHxFHP21zwaaHII1onO+nT
vmIgvLH0IgLbhP4PgTQ95sona9MhUs0qV8sicvfJbh2h8QaLJ6vbfO4YXUnPH/E6
ITxhI5CT2ZFvQle+GFaf5SOiY1m54g/mAJjN7wmm3VnrHeyCrJBIJMRifofcUXzv
3E8QrZJdqLGd1UP70L3O/By2HJPofYNa2lxYcVZUhdb74B8DVwfmZFU+bk63rRVo
my7dFmHhHjGISHyAyQOPTa6vtd/zZIb9czp8OzypNa8h+VbCwiNI7TTEjuDmHK2o
-----END CERTIFICATE-----
Generated at Sat Jul 5 19:44:20 2025 by rpki-client