Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/6/2fwnyyS-xtRHbqVNE-ArwmF1NBs.roa
File:                     2fwnyyS-xtRHbqVNE-ArwmF1NBs.roa (raw, json)
Hash identifier:          Ee3vXKlbzTPAf/9DRXIr1RKt99f502N3O/IbFhiPjlA=
Subject key identifier:   D9:FC:27:CB:24:BE:C6:D4:47:6E:A5:4D:13:E0:2B:C2:61:75:34:1B
Certificate issuer:       /CN=2983CFD5F8CAFA0068D2EBA25ED0F701244B12F9
Certificate serial:       01EE
Authority key identifier: 29:83:CF:D5:F8:CA:FA:00:68:D2:EB:A2:5E:D0:F7:01:24:4B:12:F9
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/KYPP1fjK-gBo0uuiXtD3ASRLEvk.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/6/2fwnyyS-xtRHbqVNE-ArwmF1NBs.roa
Signing time:             Fri 01 Aug 2025 01:33:47 +0000
ROA not before:           Fri 01 Aug 2025 01:33:47 +0000
ROA not after:            Thu 30 Jul 2026 06:29:08 +0000
asID:                     2497
IP address blocks:        133.238.32.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/6/KYPP1fjK-gBo0uuiXtD3ASRLEvk.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/6/KYPP1fjK-gBo0uuiXtD3ASRLEvk.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/KYPP1fjK-gBo0uuiXtD3ASRLEvk.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 494 (0x1ee)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2983CFD5F8CAFA0068D2EBA25ED0F701244B12F9
        Validity
            Not Before: Aug  1 01:33:47 2025 GMT
            Not After : Jul 30 06:29:08 2026 GMT
        Subject: CN=D9FC27CB24BEC6D4476EA54D13E02BC26175341B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:e5:14:f1:c5:0e:45:6e:8d:a7:df:d6:0a:8f:
                    62:99:d4:93:68:eb:81:65:bd:cd:af:c0:62:3d:bd:
                    fd:5a:d6:fa:6e:75:4f:af:55:b0:5e:43:61:5b:19:
                    d7:08:1c:8b:41:62:32:68:34:59:be:9d:1d:d3:0c:
                    14:35:3e:9a:52:a7:b6:ed:90:f3:27:6d:23:09:63:
                    d7:c0:26:b0:4c:98:96:3c:7a:3a:55:e8:0d:a1:d0:
                    cf:c9:f3:36:1e:c5:b6:a8:a4:f3:8b:12:d5:ad:91:
                    40:aa:ca:0f:5e:2e:86:62:63:94:21:f0:be:a5:b2:
                    a4:70:37:ef:8d:44:e6:2e:a0:08:b1:31:ec:cd:e9:
                    83:71:0e:76:5b:84:d5:dc:0f:20:cd:44:ae:07:cc:
                    b1:39:b2:c3:56:6b:d6:a3:72:74:a9:4d:87:09:20:
                    4a:a6:db:0d:17:5c:ec:a7:29:b7:5e:c9:bd:e3:c3:
                    21:a2:a7:5f:21:72:ce:6e:0f:b8:94:11:58:f6:44:
                    3a:51:1f:d1:65:f4:2e:2c:e7:63:56:10:d5:23:61:
                    82:fc:b6:66:41:56:55:08:a8:a5:64:aa:ab:b0:fc:
                    9f:48:e2:a1:c1:77:79:6e:76:4f:b8:d1:95:71:01:
                    06:ff:40:e9:ce:35:06:32:49:6e:e8:5a:78:80:69:
                    21:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:FC:27:CB:24:BE:C6:D4:47:6E:A5:4D:13:E0:2B:C2:61:75:34:1B
            X509v3 Authority Key Identifier:
                keyid:29:83:CF:D5:F8:CA:FA:00:68:D2:EB:A2:5E:D0:F7:01:24:4B:12:F9

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/6/KYPP1fjK-gBo0uuiXtD3ASRLEvk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/KYPP1fjK-gBo0uuiXtD3ASRLEvk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/6/2fwnyyS-xtRHbqVNE-ArwmF1NBs.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  133.238.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         24:94:57:24:9b:f4:a0:1f:01:e6:7c:19:7b:00:12:cd:cc:68:
         d9:73:ed:4d:a9:b2:98:f0:5d:90:7e:a5:2f:c8:20:c4:d0:e4:
         6b:51:53:64:f3:b4:34:9e:73:57:6b:d7:fc:bb:67:4f:7f:b3:
         0b:91:d2:44:4c:30:ee:05:6c:0e:58:32:0f:36:3b:60:b3:5f:
         4a:99:a1:e8:5b:45:db:0e:05:1d:86:ab:63:62:e5:a7:39:e5:
         bf:d0:73:9d:a0:1c:c4:85:c7:52:b5:39:dd:50:4c:e3:56:b7:
         c6:41:dd:8b:a6:f9:5a:73:01:45:c6:f9:d7:a0:bb:98:25:8c:
         a8:b8:95:c7:08:c5:6f:1f:cd:73:bf:e0:7e:51:8d:18:a1:12:
         b6:8d:23:f7:dc:0b:7d:8b:d0:58:12:ae:98:36:67:8e:2a:2b:
         9b:af:59:e9:36:29:cc:d2:eb:68:d1:4f:e8:be:0f:88:3c:34:
         e7:a6:90:d4:68:94:d6:d5:d8:60:6e:f0:88:0a:0f:fe:5a:64:
         55:ed:6d:3c:1a:9e:92:69:c5:a3:5f:a4:45:19:a3:87:c9:bf:
         2f:fa:b5:52:6c:a8:d0:23:8f:70:0a:f7:bd:d6:d4:b6:4f:76:
         50:7e:1c:93:c3:27:a2:24:8a:91:41:b3:f3:f7:6c:a7:5d:93:
         b1:9c:8b:20
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgICAe4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjk4
M0NGRDVGOENBRkEwMDY4RDJFQkEyNUVEMEY3MDEyNDRCMTJGOTAeFw0yNTA4MDEw
MTMzNDdaFw0yNjA3MzAwNjI5MDhaMDMxMTAvBgNVBAMTKEQ5RkMyN0NCMjRCRUM2
RDQ0NzZFQTU0RDEzRTAyQkMyNjE3NTM0MUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC85RTxxQ5Fbo2n39YKj2KZ1JNo64Flvc2vwGI9vf1a1vpudU+v
VbBeQ2FbGdcIHItBYjJoNFm+nR3TDBQ1PppSp7btkPMnbSMJY9fAJrBMmJY8ejpV
6A2h0M/J8zYexbaopPOLEtWtkUCqyg9eLoZiY5Qh8L6lsqRwN++NROYuoAixMezN
6YNxDnZbhNXcDyDNRK4HzLE5ssNWa9ajcnSpTYcJIEqm2w0XXOynKbdeyb3jwyGi
p18hcs5uD7iUEVj2RDpRH9Fl9C4s52NWENUjYYL8tmZBVlUIqKVkqquw/J9I4qHB
d3ludk+40ZVxAQb/QOnONQYySW7oWniAaSHXAgMBAAGjggIgMIICHDAdBgNVHQ4E
FgQU2fwnyyS+xtRHbqVNE+ArwmF1NBswHwYDVR0jBBgwFoAUKYPP1fjK+gBo0uui
XtD3ASRLEvkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBkBgNVHR8EXTBbMFmg
V6BVhlNyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzYvS1lQUDFmakstZ0JvMHV1aVh0RDNBU1JMRXZrLmNybDBtBggrBgEF
BQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5p
Yy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvS1lQUDFmakstZ0JvMHV1aVh0RDNBU1JM
RXZrLmNlcjAOBgNVHQ8BAf8EBAMCB4AwgbkGCCsGAQUFBwELBIGsMIGpMF8GCCsG
AQUFBzALhlNyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkx
QTczODEwMDAwLzYvMmZ3bnl5Uy14dFJIYnFWTkUtQXJ3bUYxTkJzLnJvYTBGBggr
BgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3JyZHAv
YXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
BYXuIDANBgkqhkiG9w0BAQsFAAOCAQEAJJRXJJv0oB8B5nwZewASzcxo2XPtTamy
mPBdkH6lL8ggxNDka1FTZPO0NJ5zV2vX/LtnT3+zC5HSREww7gVsDlgyDzY7YLNf
Spmh6FtF2w4FHYarY2Llpznlv9BznaAcxIXHUrU53VBM41a3xkHdi6b5WnMBRcb5
16C7mCWMqLiVxwjFbx/Nc7/gflGNGKESto0j99wLfYvQWBKumDZnjiorm69Z6TYp
zNLraNFP6L4PiDw056aQ1GiU1tXYYG7wiAoP/lpkVe1tPBqekmnFo1+kRRmjh8m/
L/q1Umyo0COPcAr3vdbUtk92UH4ck8MnoiSKkUGz8/dsp12TsZyLIA==
-----END CERTIFICATE-----
Generated at Mon Aug 11 02:19:53 2025 by rpki-client