Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/20116/ePKPcnWyRUM0bGwiG-ecpn8hsJg.roa
File:                     ePKPcnWyRUM0bGwiG-ecpn8hsJg.roa (raw, json)
Hash identifier:          rJSGY96dvFffGd4Zd+FXcaabQs/BxCw76R6DRvYMROQ=
Subject key identifier:   78:F2:8F:72:75:B2:45:43:34:6C:6C:22:1B:E7:9C:A6:7F:21:B0:98
Certificate issuer:       /CN=C49E64FB7C8C7C6B5CD7C7701882E8597C42838E
Certificate serial:       8E
Authority key identifier: C4:9E:64:FB:7C:8C:7C:6B:5C:D7:C7:70:18:82:E8:59:7C:42:83:8E
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/xJ5k-3yMfGtc18dwGILoWXxCg44.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20116/ePKPcnWyRUM0bGwiG-ecpn8hsJg.roa
Signing time:             Tue 10 Jun 2025 10:50:52 +0000
ROA not before:           Tue 10 Jun 2025 10:50:52 +0000
ROA not after:            Sat 23 May 2026 09:51:00 +0000
asID:                     38631
IP address blocks:        203.104.158.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20116/xJ5k-3yMfGtc18dwGILoWXxCg44.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20116/xJ5k-3yMfGtc18dwGILoWXxCg44.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/xJ5k-3yMfGtc18dwGILoWXxCg44.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 10 Jul 2025 03:15:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 142 (0x8e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E64FB7C8C7C6B5CD7C7701882E8597C42838E
        Validity
            Not Before: Jun 10 10:50:52 2025 GMT
            Not After : May 23 09:51:00 2026 GMT
        Subject: CN=78F28F7275B24543346C6C221BE79CA67F21B098
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:4d:96:bd:a2:b8:94:df:db:7a:57:69:ae:75:
                    38:0e:54:35:8d:d5:04:07:50:d0:52:c8:f0:3c:78:
                    60:6d:ad:46:4a:8a:66:2f:90:a2:61:c6:3d:11:54:
                    d7:8c:c7:18:db:1a:ea:bc:e2:41:4e:6f:06:61:c2:
                    a8:01:40:ba:c2:90:af:09:6e:db:ca:c2:97:dd:00:
                    39:f6:42:ab:2a:cf:24:6c:7f:b3:15:74:ab:7a:1c:
                    da:5a:89:1d:d6:e2:21:ff:9b:08:ee:e0:70:3e:84:
                    01:48:8c:87:10:68:ac:5a:4e:c5:d0:72:73:76:39:
                    17:6a:c3:2c:1e:92:12:eb:81:a7:7b:03:6a:f9:da:
                    eb:a2:04:9f:6b:a6:fa:c7:f2:4e:68:65:7a:db:56:
                    29:fa:e1:72:26:5d:0b:c8:ae:c7:34:95:2a:f0:00:
                    dc:da:2e:5c:27:ba:1c:e9:6b:61:c8:7b:8f:56:63:
                    20:5f:ef:02:ef:e5:ba:e5:7c:53:bf:60:3e:d6:97:
                    c0:0b:07:60:b1:22:19:12:8e:d3:a3:18:c7:eb:79:
                    1e:dd:ca:5f:0e:8a:2d:ae:e1:4f:0b:13:e1:31:95:
                    99:46:b2:d9:db:c6:65:a5:24:d1:68:64:e7:45:bf:
                    ea:20:ff:ca:3e:d9:73:ba:39:fc:34:ee:0e:b8:fa:
                    04:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:F2:8F:72:75:B2:45:43:34:6C:6C:22:1B:E7:9C:A6:7F:21:B0:98
            X509v3 Authority Key Identifier:
                keyid:C4:9E:64:FB:7C:8C:7C:6B:5C:D7:C7:70:18:82:E8:59:7C:42:83:8E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20116/xJ5k-3yMfGtc18dwGILoWXxCg44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/xJ5k-3yMfGtc18dwGILoWXxCg44.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20116/ePKPcnWyRUM0bGwiG-ecpn8hsJg.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.104.158.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3a:73:75:31:2f:f7:ba:b7:42:f0:81:bd:e4:c4:88:f1:72:1a:
         83:3e:e5:79:31:35:39:58:cf:16:fa:bc:25:10:04:8b:1a:8a:
         1f:12:61:24:65:a1:4c:ae:25:07:67:b6:f3:69:68:8b:3a:b2:
         72:fe:a0:5d:33:5d:a6:47:fe:2d:4b:f4:bd:47:47:06:1b:54:
         7b:e5:22:46:b1:7a:27:82:65:7a:de:d4:51:21:61:c3:5f:a7:
         28:a5:ac:55:00:0f:4a:e5:ef:02:36:f4:42:06:c9:5d:9e:8a:
         c7:8f:ff:da:63:4f:f9:a3:fe:54:98:7e:33:81:3b:b2:63:71:
         95:49:4a:37:ca:9c:7c:db:9b:34:b7:41:35:5b:33:06:af:a6:
         3c:d5:ed:a9:9d:e1:67:76:73:7f:f2:69:d0:04:c4:23:ef:37:
         06:98:ad:0f:81:4f:b6:49:d3:62:d9:f8:99:a1:c5:38:20:11:
         a8:75:d6:0d:de:68:9e:17:ad:d4:f5:fe:3c:73:d4:81:dd:2a:
         d9:4b:70:e3:bb:87:e6:06:71:af:09:d0:36:7f:47:d6:a3:18:
         e5:54:5e:9b:23:3d:d0:fe:68:07:26:4a:88:7a:63:e0:b6:cf:
         91:c8:57:79:c4:53:b0:a5:f2:43:4b:16:e5:52:8e:f1:11:1e:
         2c:13:37:d3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgICAI4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTY0RkI3QzhDN0M2QjVDRDdDNzcwMTg4MkU4NTk3QzQyODM4RTAeFw0yNTA2MTAx
MDUwNTJaFw0yNjA1MjMwOTUxMDBaMDMxMTAvBgNVBAMTKDc4RjI4RjcyNzVCMjQ1
NDMzNDZDNkMyMjFCRTc5Q0E2N0YyMUIwOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyTZa9oriU39t6V2mudTgOVDWN1QQHUNBSyPA8eGBtrUZKimYv
kKJhxj0RVNeMxxjbGuq84kFObwZhwqgBQLrCkK8JbtvKwpfdADn2QqsqzyRsf7MV
dKt6HNpaiR3W4iH/mwju4HA+hAFIjIcQaKxaTsXQcnN2ORdqwywekhLrgad7A2r5
2uuiBJ9rpvrH8k5oZXrbVin64XImXQvIrsc0lSrwANzaLlwnuhzpa2HIe49WYyBf
7wLv5brlfFO/YD7Wl8ALB2CxIhkSjtOjGMfreR7dyl8Oii2u4U8LE+ExlZlGstnb
xmWlJNFoZOdFv+og/8o+2XO6Ofw07g64+gSVAgMBAAGjggIoMIICJDAdBgNVHQ4E
FgQUePKPcnWyRUM0bGwiG+ecpn8hsJgwHwYDVR0jBBgwFoAUxJ5k+3yMfGtc18dw
GILoWXxCg44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBoBgNVHR8EYTBfMF2g
W6BZhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzIwMTE2L3hKNWstM3lNZkd0YzE4ZHdHSUxvV1h4Q2c0NC5jcmwwbQYI
KwYBBQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9y
eS5uaWMuYWQuanAvYXAvQTkxQTczODEwMDAwL3hKNWstM3lNZkd0YzE4ZHdHSUxv
V1h4Q2c0NC5jZXIwDgYDVR0PAQH/BAQDAgeAMIG9BggrBgEFBQcBCwSBsDCBrTBj
BggrBgEFBQcwC4ZXcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2Fw
L0E5MUE3MzgxMDAwMC8yMDExNi9lUEtQY25XeVJVTTBiR3dpRy1lY3BuOGhzSmcu
cm9hMEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQu
anAvcnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAy2ieMA0GCSqGSIb3DQEBCwUAA4IBAQA6c3UxL/e6t0Lwgb3kxIjx
chqDPuV5MTU5WM8W+rwlEASLGoofEmEkZaFMriUHZ7bzaWiLOrJy/qBdM12mR/4t
S/S9R0cGG1R75SJGsXongmV63tRRIWHDX6copaxVAA9K5e8CNvRCBsldnorHj//a
Y0/5o/5UmH4zgTuyY3GVSUo3ypx825s0t0E1WzMGr6Y81e2pneFndnN/8mnQBMQj
7zcGmK0PgU+2SdNi2fiZocU4IBGoddYN3mieF63U9f48c9SB3SrZS3Dju4fmBnGv
CdA2f0fWoxjlVF6bIz3Q/mgHJkqIemPgts+RyFd5xFOwpfJDSxblUo7xER4sEzfT
-----END CERTIFICATE-----
Generated at Sat Jul 5 19:44:19 2025 by rpki-client