Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/802/VrVa1ozT-6ftOXwXbBcMjY3rTR0.roa
File:                     VrVa1ozT-6ftOXwXbBcMjY3rTR0.roa (raw, json)
Hash identifier:          LZxFIY9z3Wr1bi89t9+EB7iyfHZdkwx+geiC7w77aPo=
Subject key identifier:   56:B5:5A:D6:8C:D3:FB:A7:ED:39:7C:17:6C:17:0C:8D:8D:EB:4D:1D
Certificate issuer:       /CN=2362B2E3E478DCBAD6F42A4511290CFC373C24C6
Certificate serial:       2E
Authority key identifier: 23:62:B2:E3:E4:78:DC:BA:D6:F4:2A:45:11:29:0C:FC:37:3C:24:C6
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/I2Ky4-R43LrW9CpFESkM_Dc8JMY.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/802/VrVa1ozT-6ftOXwXbBcMjY3rTR0.roa
Signing time:             Tue 01 Jul 2025 01:31:37 +0000
ROA not before:           Tue 01 Jul 2025 01:31:37 +0000
ROA not after:            Mon 15 Jun 2026 01:30:02 +0000
asID:                     23791
IP address blocks:        118.102.40.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/802/I2Ky4-R43LrW9CpFESkM_Dc8JMY.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/802/I2Ky4-R43LrW9CpFESkM_Dc8JMY.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/I2Ky4-R43LrW9CpFESkM_Dc8JMY.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 10 Jul 2025 03:15:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 46 (0x2e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2362B2E3E478DCBAD6F42A4511290CFC373C24C6
        Validity
            Not Before: Jul  1 01:31:37 2025 GMT
            Not After : Jun 15 01:30:02 2026 GMT
        Subject: CN=56B55AD68CD3FBA7ED397C176C170C8D8DEB4D1D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:5a:f1:6d:9e:82:8f:ac:b2:cb:ee:95:f1:0c:
                    1c:ac:17:b1:23:7e:fc:55:af:43:05:ff:84:11:e1:
                    f8:78:d3:66:27:eb:42:29:c9:d7:0c:28:b2:34:40:
                    78:75:db:ae:1e:0a:cc:b7:80:06:93:4f:a6:1f:ec:
                    60:fd:54:9d:5e:55:15:de:85:d2:46:8c:11:18:93:
                    19:09:6a:31:05:62:d2:04:9b:2a:fc:8e:e4:bf:f9:
                    94:05:f2:06:2d:94:a5:1e:da:cf:56:e8:8b:3b:dc:
                    46:ff:13:78:3d:19:57:90:80:2a:49:4e:4b:c3:d9:
                    f2:12:77:61:25:df:42:f6:01:03:f4:64:55:55:94:
                    e9:e0:d8:f7:fc:32:ad:fe:8b:8c:cb:9f:e0:fb:1e:
                    5b:4c:5f:e1:c5:0a:95:75:e0:23:3c:bf:e2:fd:b4:
                    79:82:80:86:bb:9e:64:b4:2f:db:8d:a1:d8:b3:83:
                    d1:02:6a:9e:29:37:97:a1:39:03:b5:60:22:19:40:
                    c6:c4:cb:94:bc:b9:4c:10:92:e5:91:15:29:18:8a:
                    0e:5e:95:9d:66:66:65:17:ff:98:04:3d:43:df:7c:
                    7c:54:c8:2d:12:b7:5d:57:a0:58:04:aa:dd:43:25:
                    a3:3a:e0:e2:02:ca:f8:b1:0e:cb:7d:5e:cd:1c:4a:
                    95:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:B5:5A:D6:8C:D3:FB:A7:ED:39:7C:17:6C:17:0C:8D:8D:EB:4D:1D
            X509v3 Authority Key Identifier:
                keyid:23:62:B2:E3:E4:78:DC:BA:D6:F4:2A:45:11:29:0C:FC:37:3C:24:C6

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/802/I2Ky4-R43LrW9CpFESkM_Dc8JMY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/I2Ky4-R43LrW9CpFESkM_Dc8JMY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/802/VrVa1ozT-6ftOXwXbBcMjY3rTR0.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  118.102.40.0/21

    Signature Algorithm: sha256WithRSAEncryption
         d0:20:78:b6:7a:64:1f:b3:2d:80:a5:bd:f9:5f:c7:18:80:dd:
         f2:0c:a5:82:b9:34:47:27:25:a1:ae:6a:96:25:c7:8a:a3:7c:
         3e:f2:ba:a4:a6:b4:17:22:5a:99:c8:96:39:9f:67:f2:93:99:
         72:b6:0e:16:bb:66:3f:05:aa:69:fc:1e:cd:75:b5:c8:a0:46:
         a9:df:3d:d3:1d:5d:d0:4f:8b:21:a3:a1:2e:b4:d8:45:88:f3:
         68:83:a3:98:e3:1a:c7:ee:b3:95:f5:c4:9e:ec:6f:d3:b6:f2:
         50:5d:e1:ec:e9:9a:6a:e4:5e:e9:5e:76:bc:02:f4:f5:37:94:
         38:a0:62:38:33:6d:d9:4a:78:3c:a3:ce:fe:bf:ff:26:3c:6a:
         a8:68:25:a3:7f:37:a7:e7:39:95:e6:88:04:7f:d5:33:da:f0:
         b0:d3:17:20:67:9e:ec:c4:05:b9:b3:d2:a7:d0:4f:70:32:34:
         b3:f8:6d:95:79:23:21:74:62:8f:03:f1:e0:09:14:30:d7:1c:
         61:2d:5e:e4:42:85:91:91:e7:51:7f:d0:87:52:c4:5b:3f:28:
         f8:d3:72:f1:37:0e:f8:2c:64:c6:4e:44:9d:4f:f6:6f:d5:6c:
         9d:f6:78:c0:ee:12:fe:4d:ca:51:bc:f2:65:4b:07:36:34:83:
         f5:66:53:23
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBLjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygyMzYy
QjJFM0U0NzhEQ0JBRDZGNDJBNDUxMTI5MENGQzM3M0MyNEM2MB4XDTI1MDcwMTAx
MzEzN1oXDTI2MDYxNTAxMzAwMlowMzExMC8GA1UEAxMoNTZCNTVBRDY4Q0QzRkJB
N0VEMzk3QzE3NkMxNzBDOEQ4REVCNEQxRDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALta8W2ego+sssvulfEMHKwXsSN+/FWvQwX/hBHh+HjTZifrQinJ
1wwosjRAeHXbrh4KzLeABpNPph/sYP1UnV5VFd6F0kaMERiTGQlqMQVi0gSbKvyO
5L/5lAXyBi2UpR7az1boizvcRv8TeD0ZV5CAKklOS8PZ8hJ3YSXfQvYBA/RkVVWU
6eDY9/wyrf6LjMuf4PseW0xf4cUKlXXgIzy/4v20eYKAhrueZLQv242h2LOD0QJq
nik3l6E5A7VgIhlAxsTLlLy5TBCS5ZEVKRiKDl6VnWZmZRf/mAQ9Q998fFTILRK3
XVegWASq3UMlozrg4gLK+LEOy31ezRxKlYkCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBRWtVrWjNP7p+05fBdsFwyNjetNHTAfBgNVHSMEGDAWgBQjYrLj5Hjcutb0KkUR
KQz8NzwkxjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvODAyL0kyS3k0LVI0M0xyVzlDcEZFU2tNX0RjOEpNWS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL0kyS3k0LVI0M0xyVzlDcEZFU2tNX0Rj
OEpNWS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC84MDIvVnJWYTFvelQtNmZ0T1h3WGJCY01qWTNyVFIwLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEA3ZmKDANBgkqhkiG9w0BAQsFAAOCAQEA0CB4tnpkH7MtgKW9+V/HGIDd8gyl
grk0Rycloa5qliXHiqN8PvK6pKa0FyJamciWOZ9n8pOZcrYOFrtmPwWqafwezXW1
yKBGqd890x1d0E+LIaOhLrTYRYjzaIOjmOMax+6zlfXEnuxv07byUF3h7OmaauRe
6V52vAL09TeUOKBiODNt2Up4PKPO/r//JjxqqGglo383p+c5leaIBH/VM9rwsNMX
IGee7MQFubPSp9BPcDI0s/htlXkjIXRijwPx4AkUMNccYS1e5EKFkZHnUX/Qh1LE
Wz8o+NNy8TcO+Cxkxk5EnU/2b9VsnfZ4wO4S/k3KUbzyZUsHNjSD9WZTIw==
-----END CERTIFICATE-----
Generated at Sat Jul 5 03:25:50 2025 by rpki-client