Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/10602/UhUJZOP6z5fiIJjWD6T1UIEjTiY.roa
File:                     UhUJZOP6z5fiIJjWD6T1UIEjTiY.roa (raw, json)
Hash identifier:          alsPorJByUJdefLgiwErl6tbK0FZrGD6EhKymNxg2pI=
Subject key identifier:   52:15:09:64:E3:FA:CF:97:E2:20:98:D6:0F:A4:F5:50:81:23:4E:26
Certificate issuer:       /CN=28995D6B0DDC205B35959332D1CB1D9D8CF02283
Certificate serial:       4A
Authority key identifier: 28:99:5D:6B:0D:DC:20:5B:35:95:93:32:D1:CB:1D:9D:8C:F0:22:83
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/KJldaw3cIFs1lZMy0csdnYzwIoM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/10602/UhUJZOP6z5fiIJjWD6T1UIEjTiY.roa
Signing time:             Fri 31 May 2024 01:31:35 +0000
ROA not before:           Fri 31 May 2024 01:31:35 +0000
ROA not after:            Thu 15 May 2025 01:30:03 +0000
asID:                     24295
IP address blocks:        122.255.76.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/10602/KJldaw3cIFs1lZMy0csdnYzwIoM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/10602/KJldaw3cIFs1lZMy0csdnYzwIoM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/KJldaw3cIFs1lZMy0csdnYzwIoM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 12:58:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 74 (0x4a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28995D6B0DDC205B35959332D1CB1D9D8CF02283
        Validity
            Not Before: May 31 01:31:35 2024 GMT
            Not After : May 15 01:30:03 2025 GMT
        Subject: CN=52150964E3FACF97E22098D60FA4F55081234E26
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:1e:f0:75:06:ad:5e:b1:45:7c:b7:25:1d:06:
                    0f:9f:31:4c:b1:cf:97:67:15:e2:24:62:bd:1c:5f:
                    15:61:02:43:66:01:ac:d1:cf:b7:c2:50:e1:3f:b8:
                    40:65:d3:54:ce:20:86:df:e2:80:2c:3e:83:c8:34:
                    3d:39:6f:7b:f5:9f:16:e1:d1:da:af:b5:da:c9:f9:
                    60:40:6b:5a:be:72:a4:89:76:f8:35:a3:b6:08:5c:
                    1f:01:0b:0f:54:a5:7e:77:2f:03:72:0d:a5:bd:bc:
                    38:aa:81:7d:10:71:7e:99:b6:f1:78:3c:3b:43:3f:
                    4c:73:8c:99:68:e0:68:71:53:b8:ba:94:d5:ce:12:
                    6d:29:6e:bc:08:81:2e:bf:a6:09:28:57:ac:ab:7e:
                    12:e0:18:0b:19:0d:f0:9d:b5:aa:d2:e5:bb:9a:c2:
                    59:12:bb:0e:fc:f5:ca:be:66:df:6d:61:9a:4c:6b:
                    f4:66:5e:c2:4f:df:39:9d:50:58:b7:8a:15:d9:1a:
                    71:08:d4:17:cc:f7:58:16:a8:65:9a:a6:15:de:9b:
                    80:d3:6b:db:b7:bf:c6:50:5d:74:e6:81:47:92:26:
                    f7:95:6d:e3:1d:cf:47:ff:4f:64:94:18:cd:03:87:
                    35:a4:ee:30:eb:fa:e0:61:74:7a:36:c3:7b:49:0e:
                    f6:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:15:09:64:E3:FA:CF:97:E2:20:98:D6:0F:A4:F5:50:81:23:4E:26
            X509v3 Authority Key Identifier:
                keyid:28:99:5D:6B:0D:DC:20:5B:35:95:93:32:D1:CB:1D:9D:8C:F0:22:83

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/10602/KJldaw3cIFs1lZMy0csdnYzwIoM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/KJldaw3cIFs1lZMy0csdnYzwIoM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/10602/UhUJZOP6z5fiIJjWD6T1UIEjTiY.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  122.255.76.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4f:89:f6:65:07:00:c8:c0:7f:50:27:87:bb:fc:1b:2a:76:bf:
         f2:6a:21:3a:48:6f:c1:ce:28:ad:7f:41:ea:e0:27:d7:11:79:
         ac:92:2f:e7:dc:2e:a0:e2:df:1f:5a:3e:22:47:ca:1c:12:cf:
         f7:dd:bd:ed:6c:7c:57:7c:37:0f:d5:92:c7:08:18:30:7c:d2:
         b9:30:d2:2d:e6:67:80:b7:f9:5d:5e:0d:bc:b1:63:02:20:42:
         8f:bf:6c:3e:75:00:f5:7f:73:37:5a:1d:52:cf:3a:cf:83:6d:
         9f:87:7c:ee:07:77:f0:06:ac:f8:61:87:c8:77:2f:42:4d:fe:
         e0:38:88:e5:56:06:bd:4d:75:cf:d2:3a:4b:0e:a0:a5:59:54:
         3f:14:47:57:38:96:08:df:75:b0:a8:a1:09:92:bc:94:f1:7e:
         c4:71:b6:fc:a6:8a:49:82:7a:02:30:ad:e2:b8:99:35:96:3a:
         85:1f:92:dc:ad:80:bd:b8:f2:94:68:da:a1:4c:8a:87:b0:2f:
         00:19:11:06:5f:33:f7:6c:d9:79:1f:71:ef:a9:8c:52:dc:4b:
         03:ef:75:16:65:0a:ff:26:66:d1:14:74:1a:47:97:61:41:83:
         30:a4:e3:c2:31:eb:36:53:e0:0a:30:74:4c:7d:de:d5:c0:f0:
         0a:e6:94:56
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIBSjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygyODk5
NUQ2QjBEREMyMDVCMzU5NTkzMzJEMUNCMUQ5RDhDRjAyMjgzMB4XDTI0MDUzMTAx
MzEzNVoXDTI1MDUxNTAxMzAwM1owMzExMC8GA1UEAxMoNTIxNTA5NjRFM0ZBQ0Y5
N0UyMjA5OEQ2MEZBNEY1NTA4MTIzNEUyNjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALUe8HUGrV6xRXy3JR0GD58xTLHPl2cV4iRivRxfFWECQ2YBrNHP
t8JQ4T+4QGXTVM4ght/igCw+g8g0PTlve/WfFuHR2q+12sn5YEBrWr5ypIl2+DWj
tghcHwELD1SlfncvA3INpb28OKqBfRBxfpm28Xg8O0M/THOMmWjgaHFTuLqU1c4S
bSluvAiBLr+mCShXrKt+EuAYCxkN8J21qtLlu5rCWRK7Dvz1yr5m321hmkxr9GZe
wk/fOZ1QWLeKFdkacQjUF8z3WBaoZZqmFd6bgNNr27e/xlBddOaBR5Im95Vt4x3P
R/9PZJQYzQOHNaTuMOv64GF0ejbDe0kO9hsCAwEAAaOCAigwggIkMB0GA1UdDgQW
BBRSFQlk4/rPl+IgmNYPpPVQgSNOJjAfBgNVHSMEGDAWgBQomV1rDdwgWzWVkzLR
yx2djPAigzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGgGA1UdHwRhMF8wXaBb
oFmGV3JzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMTA2MDIvS0psZGF3M2NJRnMxbFpNeTBjc2RuWXp3SW9NLmNybDBtBggr
BgEFBQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5
Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvS0psZGF3M2NJRnMxbFpNeTBjc2Ru
WXp3SW9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Awgb0GCCsGAQUFBwELBIGwMIGtMGMG
CCsGAQUFBzALhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAv
QTkxQTczODEwMDAwLzEwNjAyL1VoVUpaT1A2ejVmaUlKaldENlQxVUlFalRpWS5y
b2EwRgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q
cC9ycmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwE
AgABMAYDBAJ6/0wwDQYJKoZIhvcNAQELBQADggEBAE+J9mUHAMjAf1Anh7v8Gyp2
v/JqITpIb8HOKK1/QergJ9cReaySL+fcLqDi3x9aPiJHyhwSz/fdve1sfFd8Nw/V
kscIGDB80rkw0i3mZ4C3+V1eDbyxYwIgQo+/bD51APV/czdaHVLPOs+DbZ+HfO4H
d/AGrPhhh8h3L0JN/uA4iOVWBr1Ndc/SOksOoKVZVD8UR1c4lgjfdbCooQmSvJTx
fsRxtvymikmCegIwreK4mTWWOoUfktytgL248pRo2qFMioewLwAZEQZfM/ds2Xkf
ce+pjFLcSwPvdRZlCv8mZtEUdBpHl2FBgzCk48Ix6zZT4AowdEx93tXA8ArmlFY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:21:08 2024 by rpki-client on console-ams.rpki-client.org