Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/539/PbSTvjIe7d0ej71LfZb8ozJwHiI.roa
File:                     PbSTvjIe7d0ej71LfZb8ozJwHiI.roa (raw, json)
Hash identifier:          WJvTF7R6FD1SFVp/vAVEhF8KGGkJbJBMAzAuKn8OT9g=
Subject key identifier:   3D:B4:93:BE:32:1E:ED:DD:1E:8F:BD:4B:7D:96:FC:A3:32:70:1E:22
Certificate issuer:       /CN=5B0D72F9F430B7D4003375F10D5025B9E5C00437
Certificate serial:       8D
Authority key identifier: 5B:0D:72:F9:F4:30:B7:D4:00:33:75:F1:0D:50:25:B9:E5:C0:04:37
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Ww1y-fQwt9QAM3XxDVAlueXABDc.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/539/PbSTvjIe7d0ej71LfZb8ozJwHiI.roa
Signing time:             Tue 10 Jun 2025 10:47:11 +0000
ROA not before:           Tue 10 Jun 2025 10:47:11 +0000
ROA not after:            Sat 23 May 2026 09:51:00 +0000
asID:                     55900
IP address blocks:        27.0.16.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/539/Ww1y-fQwt9QAM3XxDVAlueXABDc.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/539/Ww1y-fQwt9QAM3XxDVAlueXABDc.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Ww1y-fQwt9QAM3XxDVAlueXABDc.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 10 Jul 2025 03:15:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 141 (0x8d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5B0D72F9F430B7D4003375F10D5025B9E5C00437
        Validity
            Not Before: Jun 10 10:47:11 2025 GMT
            Not After : May 23 09:51:00 2026 GMT
        Subject: CN=3DB493BE321EEDDD1E8FBD4B7D96FCA332701E22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:0f:3b:19:55:ad:1a:15:89:24:43:e4:48:d3:
                    1f:91:0d:d6:0a:85:ef:6f:cc:8f:90:66:e8:30:21:
                    65:01:8f:51:65:d8:66:50:37:53:63:18:3c:52:f3:
                    f1:34:69:d5:29:96:8a:79:a0:e9:97:20:60:b9:a9:
                    e4:d2:1d:71:5b:32:cf:95:8f:59:df:2b:6c:c7:d6:
                    df:3e:47:55:a0:74:76:c2:b3:4e:47:bc:cb:b3:89:
                    27:69:8d:80:e6:2e:45:06:10:11:04:25:62:f3:48:
                    49:b3:03:44:ae:1c:d5:e6:45:bf:be:d9:35:06:ca:
                    4a:7a:5b:73:aa:d1:b1:51:52:cd:81:cc:02:52:dd:
                    6d:7c:07:3d:f9:a8:46:b3:aa:a7:0f:d8:00:27:88:
                    da:14:fb:b8:46:37:bb:ed:45:1c:1e:39:7a:90:ca:
                    80:e6:1e:f8:7b:10:09:2b:82:04:04:b7:fa:78:3e:
                    d6:70:59:a5:6c:fd:75:6c:85:32:df:2c:eb:65:8b:
                    fc:54:8c:2d:94:41:4b:be:22:eb:9b:0a:1c:87:b4:
                    e3:37:86:b8:0b:0e:fa:0d:04:2b:81:f0:f6:24:a2:
                    0e:f9:16:04:8b:e3:47:b8:f0:29:35:4b:04:a6:4b:
                    d9:75:45:81:98:dd:cf:ea:b2:96:99:37:ff:5d:36:
                    bd:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:B4:93:BE:32:1E:ED:DD:1E:8F:BD:4B:7D:96:FC:A3:32:70:1E:22
            X509v3 Authority Key Identifier:
                keyid:5B:0D:72:F9:F4:30:B7:D4:00:33:75:F1:0D:50:25:B9:E5:C0:04:37

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/539/Ww1y-fQwt9QAM3XxDVAlueXABDc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Ww1y-fQwt9QAM3XxDVAlueXABDc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/539/PbSTvjIe7d0ej71LfZb8ozJwHiI.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.0.16.0/20

    Signature Algorithm: sha256WithRSAEncryption
         23:c2:30:ea:10:10:ba:de:08:21:76:2e:73:4f:32:f2:25:d7:
         83:ba:b3:ea:09:63:24:95:9a:30:d4:8f:16:66:6d:cd:b0:4d:
         22:99:92:a5:b7:14:27:42:91:60:88:e1:bd:20:5c:fb:1e:4e:
         66:75:e9:49:a3:bd:ae:51:de:95:9a:ed:8f:24:aa:50:05:b6:
         8f:8a:fb:4a:77:19:46:8d:e1:d3:cf:b0:59:7a:14:0a:0e:a4:
         82:af:97:11:2e:7e:b2:a0:8a:58:aa:fb:29:78:aa:4b:19:45:
         4f:03:31:c6:b6:0d:85:49:ad:a0:48:a4:12:73:10:43:99:2a:
         34:58:1d:7f:7d:57:1b:3b:21:d3:1b:97:a3:40:3b:96:11:bb:
         52:b4:99:87:fa:60:4f:67:7a:0a:d8:c7:95:0d:f7:02:11:6d:
         03:d4:75:42:c4:ee:cd:f8:2a:40:43:79:cd:10:af:d9:36:ea:
         14:47:0d:a9:c1:92:a9:0c:46:26:d3:67:27:d1:8f:39:81:cc:
         37:12:dc:a3:65:c4:7e:7d:98:53:bd:7f:26:61:5c:c4:3c:5d:
         5f:cf:5c:1b:e4:f7:24:fe:e0:c2:33:db:11:ba:89:04:51:fb:
         2c:c6:9f:f7:24:f2:29:4b:b2:c4:32:1e:9d:e0:57:21:df:dd:
         c8:1b:30:80
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAI0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUIw
RDcyRjlGNDMwQjdENDAwMzM3NUYxMEQ1MDI1QjlFNUMwMDQzNzAeFw0yNTA2MTAx
MDQ3MTFaFw0yNjA1MjMwOTUxMDBaMDMxMTAvBgNVBAMTKDNEQjQ5M0JFMzIxRUVE
REQxRThGQkQ0QjdEOTZGQ0EzMzI3MDFFMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRDzsZVa0aFYkkQ+RI0x+RDdYKhe9vzI+QZugwIWUBj1Fl2GZQ
N1NjGDxS8/E0adUplop5oOmXIGC5qeTSHXFbMs+Vj1nfK2zH1t8+R1WgdHbCs05H
vMuziSdpjYDmLkUGEBEEJWLzSEmzA0SuHNXmRb++2TUGykp6W3Oq0bFRUs2BzAJS
3W18Bz35qEazqqcP2AAniNoU+7hGN7vtRRweOXqQyoDmHvh7EAkrggQEt/p4PtZw
WaVs/XVshTLfLOtli/xUjC2UQUu+IuubChyHtOM3hrgLDvoNBCuB8PYkog75FgSL
40e48Ck1SwSmS9l1RYGY3c/qspaZN/9dNr3tAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUPbSTvjIe7d0ej71LfZb8ozJwHiIwHwYDVR0jBBgwFoAUWw1y+fQwt9QAM3Xx
DVAlueXABDcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzUzOS9XdzF5LWZRd3Q5UUFNM1h4RFZBbHVlWEFCRGMuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9XdzF5LWZRd3Q5UUFNM1h4RFZBbHVl
WEFCRGMuY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvNTM5L1BiU1R2akllN2QwZWo3MUxmWmI4b3pKd0hpSS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQbABAwDQYJKoZIhvcNAQELBQADggEBACPCMOoQELreCCF2LnNPMvIl14O6
s+oJYySVmjDUjxZmbc2wTSKZkqW3FCdCkWCI4b0gXPseTmZ16Umjva5R3pWa7Y8k
qlAFto+K+0p3GUaN4dPPsFl6FAoOpIKvlxEufrKgiliq+yl4qksZRU8DMca2DYVJ
raBIpBJzEEOZKjRYHX99Vxs7IdMbl6NAO5YRu1K0mYf6YE9negrYx5UN9wIRbQPU
dULE7s34KkBDec0Qr9k26hRHDanBkqkMRibTZyfRjzmBzDcS3KNlxH59mFO9fyZh
XMQ8XV/PXBvk9yT+4MIz2xG6iQRR+yzGn/ck8ilLssQyHp3gVyHf3cgbMIA=
-----END CERTIFICATE-----
Generated at Sat Jul 5 05:52:12 2025 by rpki-client