Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/20281/JT1jIZbOORHe7D1W2-K1cgkhv9E.roa
File:                     JT1jIZbOORHe7D1W2-K1cgkhv9E.roa (raw, json)
Hash identifier:          smXuoow/iYqnNnNQAqsOg52GEjWg89CROpEwLFzf63I=
Subject key identifier:   25:3D:63:21:96:CE:39:11:DE:EC:3D:56:DB:E2:B5:72:09:21:BF:D1
Certificate issuer:       /CN=1BFFA60D8A341D616211C38BB9250610836D3B9D
Certificate serial:       04
Authority key identifier: 1B:FF:A6:0D:8A:34:1D:61:62:11:C3:8B:B9:25:06:10:83:6D:3B:9D
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/G_-mDYo0HWFiEcOLuSUGEINtO50.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20281/JT1jIZbOORHe7D1W2-K1cgkhv9E.roa
Signing time:             Wed 15 Oct 2025 08:21:15 +0000
ROA not before:           Wed 15 Oct 2025 08:21:15 +0000
ROA not after:            Thu 15 Oct 2026 01:30:02 +0000
asID:                     152873
IP address blocks:        43.229.16.0/23 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20281/G_-mDYo0HWFiEcOLuSUGEINtO50.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20281/G_-mDYo0HWFiEcOLuSUGEINtO50.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/G_-mDYo0HWFiEcOLuSUGEINtO50.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 27 Oct 2025 21:55:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1BFFA60D8A341D616211C38BB9250610836D3B9D
        Validity
            Not Before: Oct 15 08:21:15 2025 GMT
            Not After : Oct 15 01:30:02 2026 GMT
        Subject: CN=253D632196CE3911DEEC3D56DBE2B5720921BFD1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:8d:d4:8a:d3:af:61:bd:97:dd:92:44:a7:e2:
                    db:b1:92:ec:0b:3d:49:bc:15:58:e9:12:5a:7c:f8:
                    88:9a:01:d7:81:85:cc:06:b6:d0:2c:5c:de:73:77:
                    77:ae:8f:42:ac:31:2d:3c:45:a2:ff:e2:1e:3a:fb:
                    0d:83:e0:14:ea:36:d7:7f:69:f0:e3:1a:84:aa:ab:
                    86:2b:9a:02:c1:fe:b8:9a:00:c2:f0:57:70:26:59:
                    aa:33:58:76:c8:23:db:f5:80:4d:fd:41:83:25:fa:
                    b4:c2:1f:4f:10:95:37:c2:c4:f7:d2:91:2c:9b:a1:
                    68:11:96:3b:bd:86:c8:75:13:a4:dd:bd:82:36:12:
                    49:3f:f1:fe:56:2c:82:46:13:d2:93:ac:ac:de:8c:
                    da:5e:70:a9:53:9a:38:69:5a:4f:04:de:6c:32:2a:
                    d4:b0:dc:5c:a5:8c:4a:64:17:5e:44:cf:bc:26:60:
                    4e:be:68:89:2e:eb:13:1f:45:31:ef:17:66:82:d9:
                    0b:5b:66:c6:7b:8a:ea:95:19:d0:58:bf:50:12:a7:
                    a6:0e:99:0d:15:64:f1:9c:64:e7:10:26:dd:e4:1c:
                    24:b1:08:b5:5d:13:a1:f5:4e:1a:97:d5:a9:6f:81:
                    fe:12:c2:0d:b9:a2:14:af:43:2a:0d:0a:69:d3:a0:
                    a3:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:3D:63:21:96:CE:39:11:DE:EC:3D:56:DB:E2:B5:72:09:21:BF:D1
            X509v3 Authority Key Identifier:
                keyid:1B:FF:A6:0D:8A:34:1D:61:62:11:C3:8B:B9:25:06:10:83:6D:3B:9D

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20281/G_-mDYo0HWFiEcOLuSUGEINtO50.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/G_-mDYo0HWFiEcOLuSUGEINtO50.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20281/JT1jIZbOORHe7D1W2-K1cgkhv9E.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.229.16.0/23

    Signature Algorithm: sha256WithRSAEncryption
         29:09:6b:ca:df:85:32:5b:56:f9:97:80:ca:e8:08:d5:bb:ea:
         2c:2c:dd:8b:b8:9c:c1:39:33:86:bb:41:f5:b6:69:7e:3b:f0:
         ce:d5:14:eb:72:a9:4f:53:e1:f5:62:3c:e7:5e:04:d7:52:aa:
         4b:d4:aa:3e:bc:29:4f:f8:b1:f5:75:3d:8c:28:f1:ae:70:5d:
         f7:c1:88:6d:3f:41:d7:66:12:d8:0d:4e:f1:06:6e:10:d9:ef:
         42:be:63:91:71:f1:70:91:25:1f:e4:78:ed:20:03:1a:ba:28:
         11:6c:9f:83:c9:62:95:71:a8:47:75:b5:a6:e9:4f:20:29:47:
         a9:08:c4:ac:5c:02:7b:81:3c:50:de:7c:5c:29:64:e5:9a:04:
         6f:a7:a9:c5:00:ec:f2:b7:4d:28:3b:51:ee:d9:a5:4e:26:93:
         3e:a8:c6:38:08:fb:c3:72:d9:6e:5b:52:94:dd:39:62:02:7c:
         bf:1c:29:aa:e6:6d:cc:53:9d:de:86:e3:81:40:3b:ff:0c:ec:
         84:a6:30:05:7c:29:21:ca:43:3b:06:50:d9:c8:fc:e9:91:04:
         44:d1:26:b6:b1:b2:24:2e:06:11:75:34:0a:42:a0:9b:c7:75:
         53:7b:80:3f:07:cf:72:c7:28:03:a3:d6:d6:7a:30:69:11:84:
         e7:7e:df:a0
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIBBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygxQkZG
QTYwRDhBMzQxRDYxNjIxMUMzOEJCOTI1MDYxMDgzNkQzQjlEMB4XDTI1MTAxNTA4
MjExNVoXDTI2MTAxNTAxMzAwMlowMzExMC8GA1UEAxMoMjUzRDYzMjE5NkNFMzkx
MURFRUMzRDU2REJFMkI1NzIwOTIxQkZEMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALGN1IrTr2G9l92SRKfi27GS7As9SbwVWOkSWnz4iJoB14GFzAa2
0Cxc3nN3d66PQqwxLTxFov/iHjr7DYPgFOo2139p8OMahKqrhiuaAsH+uJoAwvBX
cCZZqjNYdsgj2/WATf1BgyX6tMIfTxCVN8LE99KRLJuhaBGWO72GyHUTpN29gjYS
ST/x/lYsgkYT0pOsrN6M2l5wqVOaOGlaTwTebDIq1LDcXKWMSmQXXkTPvCZgTr5o
iS7rEx9FMe8XZoLZC1tmxnuK6pUZ0Fi/UBKnpg6ZDRVk8Zxk5xAm3eQcJLEItV0T
ofVOGpfVqW+B/hLCDbmiFK9DKg0KadOgo+0CAwEAAaOCAigwggIkMB0GA1UdDgQW
BBQlPWMhls45Ed7sPVbb4rVyCSG/0TAfBgNVHSMEGDAWgBQb/6YNijQdYWIRw4u5
JQYQg207nTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGgGA1UdHwRhMF8wXaBb
oFmGV3JzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMjAyODEvR18tbURZbzBIV0ZpRWNPTHVTVUdFSU50TzUwLmNybDBtBggr
BgEFBQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5
Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvR18tbURZbzBIV0ZpRWNPTHVTVUdF
SU50TzUwLmNlcjAOBgNVHQ8BAf8EBAMCB4Awgb0GCCsGAQUFBwELBIGwMIGtMGMG
CCsGAQUFBzALhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAv
QTkxQTczODEwMDAwLzIwMjgxL0pUMWpJWmJPT1JIZTdEMVcyLUsxY2draHY5RS5y
b2EwRgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q
cC9ycmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwE
AgABMAYDBAEr5RAwDQYJKoZIhvcNAQELBQADggEBACkJa8rfhTJbVvmXgMroCNW7
6iws3Yu4nME5M4a7QfW2aX478M7VFOtyqU9T4fViPOdeBNdSqkvUqj68KU/4sfV1
PYwo8a5wXffBiG0/QddmEtgNTvEGbhDZ70K+Y5Fx8XCRJR/keO0gAxq6KBFsn4PJ
YpVxqEd1tabpTyApR6kIxKxcAnuBPFDefFwpZOWaBG+nqcUA7PK3TSg7Ue7ZpU4m
kz6oxjgI+8Ny2W5bUpTdOWICfL8cKarmbcxTnd6G44FAO/8M7ISmMAV8KSHKQzsG
UNnI/OmRBETRJraxsiQuBhF1NApCoJvHdVN7gD8Hz3LHKAOj1tZ6MGkRhOd+36A=
-----END CERTIFICATE-----
Generated at Tue Oct 21 03:00:32 2025 by rpki-client