Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/240/lV0PYTuC1UKWZMgHMCF906PdTOE.roa
File:                     lV0PYTuC1UKWZMgHMCF906PdTOE.roa (raw, json)
Hash identifier:          vXp4ba6oRtHeZhDHabc05Bg3cISdqIZPAwbIAVGGl7U=
Subject key identifier:   95:5D:0F:61:3B:82:D5:42:96:64:C8:07:30:21:7D:D3:A3:DD:4C:E1
Certificate issuer:       /CN=B96964A7CE0A58F4AE3673F47D7A1D425BE4A07D
Certificate serial:       46
Authority key identifier: B9:69:64:A7:CE:0A:58:F4:AE:36:73:F4:7D:7A:1D:42:5B:E4:A0:7D
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/uWlkp84KWPSuNnP0fXodQlvkoH0.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/240/lV0PYTuC1UKWZMgHMCF906PdTOE.roa
Signing time:             Tue 01 Jul 2025 01:32:02 +0000
ROA not before:           Tue 01 Jul 2025 01:32:02 +0000
ROA not after:            Mon 15 Jun 2026 01:30:02 +0000
asID:                     9597
IP address blocks:        117.20.96.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/240/uWlkp84KWPSuNnP0fXodQlvkoH0.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/240/uWlkp84KWPSuNnP0fXodQlvkoH0.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/uWlkp84KWPSuNnP0fXodQlvkoH0.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 10 Jul 2025 03:15:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 70 (0x46)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B96964A7CE0A58F4AE3673F47D7A1D425BE4A07D
        Validity
            Not Before: Jul  1 01:32:02 2025 GMT
            Not After : Jun 15 01:30:02 2026 GMT
        Subject: CN=955D0F613B82D5429664C80730217DD3A3DD4CE1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:a9:ee:a3:b5:5f:1e:c4:95:f9:d2:3f:05:19:
                    eb:eb:5c:31:5f:33:97:e1:be:e9:d7:5d:cd:80:91:
                    ce:20:42:80:50:60:af:6c:ba:f4:e1:b9:50:df:43:
                    65:0b:81:32:08:db:27:35:71:91:b8:87:d8:fa:20:
                    ae:0f:45:91:03:74:4c:d1:df:bf:c3:32:54:74:e6:
                    d9:e0:38:54:8e:b7:29:d7:95:78:58:4f:66:8c:06:
                    81:26:e9:c6:59:d3:8f:a5:cc:ba:e1:85:62:cd:bc:
                    94:46:10:6c:7d:16:f6:7e:2b:a7:64:e6:46:58:24:
                    e2:52:3a:34:50:d3:56:1e:df:fd:a8:63:d7:1f:58:
                    80:fb:d7:ff:09:af:6d:42:8d:a9:00:e9:24:6c:92:
                    a7:8f:cb:2e:7f:bb:24:f8:94:cc:a1:df:b2:35:15:
                    5d:65:ad:c7:43:cd:f1:2e:e7:c3:02:0d:44:4f:66:
                    50:ec:97:55:73:1c:a7:84:b1:af:d6:db:8a:d9:d9:
                    ad:26:46:a0:69:87:94:1a:8d:2b:41:45:4c:c8:05:
                    71:e7:f4:85:81:2f:3d:36:29:2f:7f:5b:1d:c8:f2:
                    12:05:29:e6:59:f3:2e:40:46:15:7c:05:e7:28:ec:
                    3e:83:d2:31:d8:c0:56:f8:e6:9b:17:1f:04:67:91:
                    94:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:5D:0F:61:3B:82:D5:42:96:64:C8:07:30:21:7D:D3:A3:DD:4C:E1
            X509v3 Authority Key Identifier:
                keyid:B9:69:64:A7:CE:0A:58:F4:AE:36:73:F4:7D:7A:1D:42:5B:E4:A0:7D

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/240/uWlkp84KWPSuNnP0fXodQlvkoH0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/uWlkp84KWPSuNnP0fXodQlvkoH0.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/240/lV0PYTuC1UKWZMgHMCF906PdTOE.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  117.20.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         68:6a:8e:b7:a3:cf:e6:70:f2:3b:88:5a:69:c4:d6:22:68:2f:
         b0:ca:0c:ac:23:44:b4:20:00:97:0e:f1:9b:36:3e:83:cf:76:
         cd:88:d1:6b:8a:b7:76:d3:2b:7f:4c:2b:1d:3e:91:9c:b0:6f:
         03:81:c5:34:d9:07:89:2e:33:0d:34:26:bf:e2:a6:72:08:6f:
         87:01:87:3c:be:c7:f6:2a:34:67:cb:33:a2:d4:96:93:e1:92:
         15:ed:2c:e7:e5:2e:d8:1e:a0:78:1c:f4:00:d5:c9:81:85:c6:
         02:48:3b:08:03:73:cb:2f:ac:72:7e:9c:db:31:8d:8f:40:ed:
         ee:3f:ae:91:3a:6a:00:d9:a3:70:d7:33:c1:a0:9a:ce:cd:bd:
         11:45:4c:7b:10:5e:41:28:f9:4d:96:8f:05:62:6d:09:82:5d:
         fc:ea:c6:b5:d7:4c:21:f1:41:2a:4a:11:ff:b0:c5:47:0e:bb:
         78:ca:69:94:84:67:b6:53:69:13:d1:37:21:db:1c:65:08:f0:
         e0:b3:5c:7f:63:fb:49:b5:a2:c2:f2:7a:07:b4:68:c9:f9:8c:
         0d:fd:b5:d7:0f:b8:0d:78:dd:50:e4:0f:2a:19:9c:0d:1d:ab:
         6c:d4:c3:31:56:6b:0f:1e:66:73:fd:ff:2f:86:cb:1b:96:97:
         9d:60:c8:24
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBRjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhCOTY5
NjRBN0NFMEE1OEY0QUUzNjczRjQ3RDdBMUQ0MjVCRTRBMDdEMB4XDTI1MDcwMTAx
MzIwMloXDTI2MDYxNTAxMzAwMlowMzExMC8GA1UEAxMoOTU1RDBGNjEzQjgyRDU0
Mjk2NjRDODA3MzAyMTdERDNBM0RENENFMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANqp7qO1Xx7ElfnSPwUZ6+tcMV8zl+G+6dddzYCRziBCgFBgr2y6
9OG5UN9DZQuBMgjbJzVxkbiH2Pogrg9FkQN0TNHfv8MyVHTm2eA4VI63KdeVeFhP
ZowGgSbpxlnTj6XMuuGFYs28lEYQbH0W9n4rp2TmRlgk4lI6NFDTVh7f/ahj1x9Y
gPvX/wmvbUKNqQDpJGySp4/LLn+7JPiUzKHfsjUVXWWtx0PN8S7nwwINRE9mUOyX
VXMcp4Sxr9bbitnZrSZGoGmHlBqNK0FFTMgFcef0hYEvPTYpL39bHcjyEgUp5lnz
LkBGFXwF5yjsPoPSMdjAVvjmmxcfBGeRlOkCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBSVXQ9hO4LVQpZkyAcwIX3To91M4TAfBgNVHSMEGDAWgBS5aWSnzgpY9K42c/R9
eh1CW+SgfTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMjQwL3VXbGtwODRLV1BTdU5uUDBmWG9kUWx2a29IMC5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL3VXbGtwODRLV1BTdU5uUDBmWG9kUWx2
a29IMC5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC8yNDAvbFYwUFlUdUMxVUtXWk1nSE1DRjkwNlBkVE9FLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBHUUYDANBgkqhkiG9w0BAQsFAAOCAQEAaGqOt6PP5nDyO4haacTWImgvsMoM
rCNEtCAAlw7xmzY+g892zYjRa4q3dtMrf0wrHT6RnLBvA4HFNNkHiS4zDTQmv+Km
cghvhwGHPL7H9io0Z8szotSWk+GSFe0s5+Uu2B6geBz0ANXJgYXGAkg7CANzyy+s
cn6c2zGNj0Dt7j+ukTpqANmjcNczwaCazs29EUVMexBeQSj5TZaPBWJtCYJd/OrG
tddMIfFBKkoR/7DFRw67eMpplIRntlNpE9E3IdscZQjw4LNcf2P7SbWiwvJ6B7Ro
yfmMDf211w+4DXjdUOQPKhmcDR2rbNTDMVZrDx5mc/3/L4bLG5aXnWDIJA==
-----END CERTIFICATE-----
Generated at Sat Jul 5 00:34:30 2025 by rpki-client