Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/1091/VxW2dGsDSxTbLIKgHIDXUOAkLi0.roa
File:                     VxW2dGsDSxTbLIKgHIDXUOAkLi0.roa (raw, json)
Hash identifier:          DDH6gVdQir1fVPcY9xW0QyELWDpCuu4V2xXCEejuBss=
Subject key identifier:   57:15:B6:74:6B:03:4B:14:DB:2C:82:A0:1C:80:D7:50:E0:24:2E:2D
Certificate issuer:       /CN=8C86E32ECE9A3C850FEBEA69641F3544273D5371
Certificate serial:       04
Authority key identifier: 8C:86:E3:2E:CE:9A:3C:85:0F:EB:EA:69:64:1F:35:44:27:3D:53:71
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/jIbjLs6aPIUP6-ppZB81RCc9U3E.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1091/VxW2dGsDSxTbLIKgHIDXUOAkLi0.roa
Signing time:             Tue 22 Oct 2024 09:05:46 +0000
ROA not before:           Tue 22 Oct 2024 09:05:46 +0000
ROA not after:            Wed 15 Oct 2025 01:30:02 +0000
asID:                     9593
IP address blocks:        138.101.0.0/16 maxlen: 16

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1091/jIbjLs6aPIUP6-ppZB81RCc9U3E.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1091/jIbjLs6aPIUP6-ppZB81RCc9U3E.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/jIbjLs6aPIUP6-ppZB81RCc9U3E.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b2g-rjmhc4rmyT_fBB8RSOZTTfI.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 14:50:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8C86E32ECE9A3C850FEBEA69641F3544273D5371
        Validity
            Not Before: Oct 22 09:05:46 2024 GMT
            Not After : Oct 15 01:30:02 2025 GMT
        Subject: CN=5715B6746B034B14DB2C82A01C80D750E0242E2D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:13:70:f7:7a:58:d2:94:64:c2:33:b3:8e:f0:
                    b6:22:d9:e6:69:ce:c2:0c:c4:fb:f2:61:a9:74:7f:
                    e1:ba:ea:10:d7:5e:b9:7f:39:ff:d3:45:da:c6:42:
                    73:86:9a:5f:a2:6f:05:31:5e:46:09:0c:ef:d9:b1:
                    f2:63:e4:88:51:2b:3e:40:6c:fb:24:d7:72:82:10:
                    80:36:58:6e:3f:16:06:12:23:be:fc:0f:c6:cc:c6:
                    a5:e6:3a:df:1b:11:6b:bf:f9:bb:2b:05:54:09:57:
                    c1:07:b2:7b:c7:67:e5:13:69:6b:68:d2:ba:ad:87:
                    85:e0:a9:06:97:ec:a8:5d:25:b1:d2:e2:77:6a:88:
                    d1:33:a3:a7:d5:8d:2c:a9:fc:9b:b6:1a:66:c8:27:
                    fe:d8:44:2c:c9:02:ff:a0:b8:2b:f3:ec:c7:90:49:
                    97:ee:3a:fe:1a:7e:29:5c:a7:95:6c:a2:fd:c1:09:
                    5c:96:4d:74:af:91:8b:e2:7a:c5:d8:f4:c8:69:f6:
                    3b:c3:aa:d1:75:d5:89:6c:5d:c2:d0:b5:73:d5:5d:
                    a5:23:0d:7d:6e:55:e8:b7:c6:87:ba:f5:d6:64:36:
                    13:d8:3d:5f:d1:20:86:bf:80:19:4f:bd:14:fc:87:
                    9d:0f:85:2c:11:68:20:b0:57:37:ac:63:d9:aa:11:
                    ee:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:15:B6:74:6B:03:4B:14:DB:2C:82:A0:1C:80:D7:50:E0:24:2E:2D
            X509v3 Authority Key Identifier:
                keyid:8C:86:E3:2E:CE:9A:3C:85:0F:EB:EA:69:64:1F:35:44:27:3D:53:71

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1091/jIbjLs6aPIUP6-ppZB81RCc9U3E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/jIbjLs6aPIUP6-ppZB81RCc9U3E.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1091/VxW2dGsDSxTbLIKgHIDXUOAkLi0.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.101.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         79:a4:bf:be:82:6a:53:38:03:2b:2c:d7:44:a8:7d:ce:46:7b:
         63:b3:9d:98:6c:60:9c:a9:80:7b:5d:ea:d3:57:5a:06:5e:d2:
         e7:2a:08:e5:af:6b:2d:1e:10:27:53:fd:96:0f:ec:45:61:ac:
         16:39:04:52:f6:e3:d1:d9:8e:40:3e:c1:16:30:dc:25:5e:6c:
         04:fd:3b:73:78:be:a2:da:cf:92:a4:45:f7:6c:fd:02:8e:59:
         e3:1e:ae:21:af:5b:3d:10:27:02:d0:5b:1e:e8:a4:be:d8:06:
         ef:a5:8b:a7:dd:f0:ba:dd:41:ac:f1:f5:a4:40:2b:b6:ef:c6:
         f3:58:00:4a:f6:81:ac:ca:0a:01:fe:c0:2e:67:8e:25:e0:9d:
         1f:ce:17:b6:ef:be:1c:2a:17:2d:be:6c:2b:6b:4a:f5:73:f8:
         16:07:12:64:9d:a3:45:64:5e:ab:24:67:1a:d2:3d:4e:1c:60:
         36:40:22:ed:21:f8:51:17:f2:b8:6a:ab:0a:3b:a0:47:7e:b1:
         dc:ba:7b:35:8c:d0:7c:8c:96:18:15:e0:5e:b0:d4:ae:84:69:
         a0:bb:b7:eb:e8:6a:b6:3b:83:30:88:9a:b7:e1:6c:f7:19:a6:
         5c:01:f3:37:bd:b5:2f:d5:56:cf:b6:1c:69:aa:4f:bf:b9:0e:
         f2:a4:3a:56
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgIBBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4Qzg2
RTMyRUNFOUEzQzg1MEZFQkVBNjk2NDFGMzU0NDI3M0Q1MzcxMB4XDTI0MTAyMjA5
MDU0NloXDTI1MTAxNTAxMzAwMlowMzExMC8GA1UEAxMoNTcxNUI2NzQ2QjAzNEIx
NERCMkM4MkEwMUM4MEQ3NTBFMDI0MkUyRDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMITcPd6WNKUZMIzs47wtiLZ5mnOwgzE+/JhqXR/4brqENdeuX85
/9NF2sZCc4aaX6JvBTFeRgkM79mx8mPkiFErPkBs+yTXcoIQgDZYbj8WBhIjvvwP
xszGpeY63xsRa7/5uysFVAlXwQeye8dn5RNpa2jSuq2HheCpBpfsqF0lsdLid2qI
0TOjp9WNLKn8m7YaZsgn/thELMkC/6C4K/Psx5BJl+46/hp+KVynlWyi/cEJXJZN
dK+Ri+J6xdj0yGn2O8Oq0XXViWxdwtC1c9VdpSMNfW5V6LfGh7r11mQ2E9g9X9Eg
hr+AGU+9FPyHnQ+FLBFoILBXN6xj2aoR7qsCAwEAAaOCAiUwggIhMB0GA1UdDgQW
BBRXFbZ0awNLFNssgqAcgNdQ4CQuLTAfBgNVHSMEGDAWgBSMhuMuzpo8hQ/r6mlk
HzVEJz1TcTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGcGA1UdHwRgMF4wXKBa
oFiGVnJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMTA5MS9qSWJqTHM2YVBJVVA2LXBwWkI4MVJDYzlVM0UuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9qSWJqTHM2YVBJVVA2LXBwWkI4MVJD
YzlVM0UuY2VyMA4GA1UdDwEB/wQEAwIHgDCBvAYIKwYBBQUHAQsEga8wgawwYgYI
KwYBBQUHMAuGVnJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMTA5MS9WeFcyZEdzRFN4VGJMSUtnSElEWFVPQWtMaTAucm9h
MEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAv
cnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIA
ATAFAwMAimUwDQYJKoZIhvcNAQELBQADggEBAHmkv76CalM4Ayss10Sofc5Ge2Oz
nZhsYJypgHtd6tNXWgZe0ucqCOWvay0eECdT/ZYP7EVhrBY5BFL249HZjkA+wRYw
3CVebAT9O3N4vqLaz5KkRfds/QKOWeMeriGvWz0QJwLQWx7opL7YBu+li6fd8Lrd
Qazx9aRAK7bvxvNYAEr2gazKCgH+wC5njiXgnR/OF7bvvhwqFy2+bCtrSvVz+BYH
EmSdo0VkXqskZxrSPU4cYDZAIu0h+FEX8rhqqwo7oEd+sdy6ezWM0HyMlhgV4F6w
1K6EaaC7t+voarY7gzCImrfhbPcZplwB8ze9tS/VVs+2HGmqT7+5DvKkOlY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:45:25 2024 by rpki-client on console-ams.rpki-client.org