Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/597/HQxQ1EEnYO8o9qhVFt7_ULtZdr8.roa
File:                     HQxQ1EEnYO8o9qhVFt7_ULtZdr8.roa (raw, json)
Hash identifier:          5yYmt8PbDfYqkyqN0xTOrFkZ5eynoJYuSpcoETmd+z4=
Subject key identifier:   1D:0C:50:D4:41:27:60:EF:28:F6:A8:55:16:DE:FF:50:BB:59:76:BF
Certificate issuer:       /CN=71F76FA07735F685991FC882C885E21EFBB161BC
Certificate serial:       75
Authority key identifier: 71:F7:6F:A0:77:35:F6:85:99:1F:C8:82:C8:85:E2:1E:FB:B1:61:BC
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/cfdvoHc19oWZH8iCyIXiHvuxYbw.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/597/HQxQ1EEnYO8o9qhVFt7_ULtZdr8.roa
Signing time:             Fri 01 Aug 2025 01:31:54 +0000
ROA not before:           Fri 01 Aug 2025 01:31:54 +0000
ROA not after:            Thu 30 Jul 2026 06:29:08 +0000
asID:                     2915
IP address blocks:        218.231.128.0/20 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/597/cfdvoHc19oWZH8iCyIXiHvuxYbw.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/597/cfdvoHc19oWZH8iCyIXiHvuxYbw.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/cfdvoHc19oWZH8iCyIXiHvuxYbw.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 117 (0x75)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71F76FA07735F685991FC882C885E21EFBB161BC
        Validity
            Not Before: Aug  1 01:31:54 2025 GMT
            Not After : Jul 30 06:29:08 2026 GMT
        Subject: CN=1D0C50D4412760EF28F6A85516DEFF50BB5976BF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:44:d0:88:49:63:9a:73:09:cc:ed:57:f6:bd:
                    39:3a:de:65:b1:50:c1:85:11:c5:b5:01:4d:94:22:
                    6d:4e:00:21:f7:7b:2a:d9:f4:d5:44:f2:fe:db:ac:
                    a5:f0:35:ce:9a:08:ae:17:73:0e:dd:80:a5:32:b9:
                    ea:8d:0f:80:cf:24:ba:c8:d6:dc:af:f2:fa:5f:62:
                    5e:43:47:3b:57:93:bd:81:a9:32:5d:a1:c2:9b:85:
                    07:09:d1:1b:b5:35:61:57:24:ad:66:35:a2:66:85:
                    8b:bd:e2:0c:4f:b0:e0:50:4b:ad:3e:6e:fd:d4:26:
                    d0:d3:de:6e:80:89:12:3a:5b:34:d3:9f:4f:a6:57:
                    6e:b7:31:1f:62:e8:ae:2a:ea:4e:d3:75:f1:e3:c1:
                    bd:01:20:12:b8:8b:49:b9:3a:67:70:69:25:de:a9:
                    e1:df:8a:bb:cb:96:37:61:cd:52:7d:3d:4c:32:c0:
                    70:22:a2:c7:ac:e3:03:0c:0e:10:8e:83:33:63:a4:
                    8a:25:16:6c:97:9d:91:e3:93:ae:be:12:dc:3c:85:
                    f7:20:78:72:63:fe:ff:d6:e6:88:f1:71:2e:47:64:
                    7f:ba:34:1f:84:09:a6:fa:9a:0b:81:d3:13:d0:84:
                    33:26:ab:80:4c:06:a6:90:15:9d:ee:24:c2:1d:a0:
                    d4:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:0C:50:D4:41:27:60:EF:28:F6:A8:55:16:DE:FF:50:BB:59:76:BF
            X509v3 Authority Key Identifier:
                keyid:71:F7:6F:A0:77:35:F6:85:99:1F:C8:82:C8:85:E2:1E:FB:B1:61:BC

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/597/cfdvoHc19oWZH8iCyIXiHvuxYbw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/cfdvoHc19oWZH8iCyIXiHvuxYbw.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/597/HQxQ1EEnYO8o9qhVFt7_ULtZdr8.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  218.231.128.0/20

    Signature Algorithm: sha256WithRSAEncryption
         11:92:a8:24:88:a1:34:e7:44:30:a2:c8:a3:93:b3:84:e7:6f:
         ea:a5:83:26:56:3b:d5:34:0e:d0:f0:e9:a3:32:87:1e:0f:a8:
         67:15:69:bf:aa:0f:28:ee:aa:f5:22:6b:88:5d:27:99:49:69:
         1e:08:3d:f6:39:03:d5:fe:23:ca:3f:5f:a9:2c:da:0c:23:46:
         ac:af:6e:62:45:db:8b:84:f9:a0:56:8b:82:6d:21:9b:24:5a:
         63:fd:e6:cc:9c:d0:b5:64:97:71:38:7a:06:fb:e1:e9:e3:b5:
         99:02:39:e5:5b:d8:17:6a:42:7f:5f:be:f6:f0:be:91:bb:18:
         73:bc:f6:71:ab:65:43:8c:b2:f0:cb:dd:8d:f6:b7:d8:05:10:
         1d:5f:a4:28:ce:2c:14:5b:08:cb:57:36:e3:5a:dd:82:8b:91:
         55:0f:ca:40:0f:3c:b6:ff:f5:32:d1:75:57:c6:03:2e:7f:5f:
         24:43:ac:ab:94:bb:00:9b:d9:b6:d5:b6:96:02:aa:09:6b:23:
         da:37:e8:d3:c2:03:f3:3c:47:a7:2b:ac:91:3e:98:71:92:66:
         1b:97:1c:1b:7b:94:af:3d:25:7a:4e:67:5d:a0:b4:af:5b:90:
         59:67:45:8d:ab:7b:1c:65:a5:de:29:46:55:62:9a:43:65:51:
         80:b7:cd:1a
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBdTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MUY3
NkZBMDc3MzVGNjg1OTkxRkM4ODJDODg1RTIxRUZCQjE2MUJDMB4XDTI1MDgwMTAx
MzE1NFoXDTI2MDczMDA2MjkwOFowMzExMC8GA1UEAxMoMUQwQzUwRDQ0MTI3NjBF
RjI4RjZBODU1MTZERUZGNTBCQjU5NzZCRjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALlE0IhJY5pzCcztV/a9OTreZbFQwYURxbUBTZQibU4AIfd7Ktn0
1UTy/tuspfA1zpoIrhdzDt2ApTK56o0PgM8kusjW3K/y+l9iXkNHO1eTvYGpMl2h
wpuFBwnRG7U1YVckrWY1omaFi73iDE+w4FBLrT5u/dQm0NPeboCJEjpbNNOfT6ZX
brcxH2LorirqTtN18ePBvQEgEriLSbk6Z3BpJd6p4d+Ku8uWN2HNUn09TDLAcCKi
x6zjAwwOEI6DM2OkiiUWbJedkeOTrr4S3DyF9yB4cmP+/9bmiPFxLkdkf7o0H4QJ
pvqaC4HTE9CEMyargEwGppAVne4kwh2g1DMCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBQdDFDUQSdg7yj2qFUW3v9Qu1l2vzAfBgNVHSMEGDAWgBRx92+gdzX2hZkfyILI
heIe+7FhvDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvNTk3L2NmZHZvSGMxOW9XWkg4aUN5SVhpSHZ1eFlidy5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL2NmZHZvSGMxOW9XWkg4aUN5SVhpSHZ1
eFlidy5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC81OTcvSFF4UTFFRW5ZTzhvOXFoVkZ0N19VTHRaZHI4LnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBNrngDANBgkqhkiG9w0BAQsFAAOCAQEAEZKoJIihNOdEMKLIo5OzhOdv6qWD
JlY71TQO0PDpozKHHg+oZxVpv6oPKO6q9SJriF0nmUlpHgg99jkD1f4jyj9fqSza
DCNGrK9uYkXbi4T5oFaLgm0hmyRaY/3mzJzQtWSXcTh6Bvvh6eO1mQI55VvYF2pC
f1++9vC+kbsYc7z2catlQ4yy8Mvdjfa32AUQHV+kKM4sFFsIy1c241rdgouRVQ/K
QA88tv/1MtF1V8YDLn9fJEOsq5S7AJvZttW2lgKqCWsj2jfo08ID8zxHpyuskT6Y
cZJmG5ccG3uUrz0lek5nXaC0r1uQWWdFjat7HGWl3ilGVWKaQ2VRgLfNGg==
-----END CERTIFICATE-----
Generated at Mon Aug 11 10:58:28 2025 by rpki-client