Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/11247/xMRCcPKN6tGmeKoZcy4S0WP7kRw.roa
File:                     xMRCcPKN6tGmeKoZcy4S0WP7kRw.roa (raw, json)
Hash identifier:          bbFBNnMZxuwWVHRQ4z9I4ZVC8IAxq/vEy4fOWYpnksU=
Subject key identifier:   C4:C4:42:70:F2:8D:EA:D1:A6:78:AA:19:73:2E:12:D1:63:FB:91:1C
Certificate issuer:       /CN=FBC46294A5D56437E19A11AEF9FB9B877690143E
Certificate serial:       53
Authority key identifier: FB:C4:62:94:A5:D5:64:37:E1:9A:11:AE:F9:FB:9B:87:76:90:14:3E
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/-8RilKXVZDfhmhGu-fubh3aQFD4.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/11247/xMRCcPKN6tGmeKoZcy4S0WP7kRw.roa
Signing time:             Tue 30 Apr 2024 01:28:59 +0000
ROA not before:           Tue 30 Apr 2024 01:28:59 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     7684
IP address blocks:        157.17.88.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/11247/-8RilKXVZDfhmhGu-fubh3aQFD4.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/11247/-8RilKXVZDfhmhGu-fubh3aQFD4.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/-8RilKXVZDfhmhGu-fubh3aQFD4.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b2g-rjmhc4rmyT_fBB8RSOZTTfI.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 05:23:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 83 (0x53)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FBC46294A5D56437E19A11AEF9FB9B877690143E
        Validity
            Not Before: Apr 30 01:28:59 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=C4C44270F28DEAD1A678AA19732E12D163FB911C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:07:1f:38:b9:ea:7c:7a:c4:c9:ca:ef:9c:6b:
                    b3:f5:b9:7a:5c:21:66:5c:1b:c3:56:c5:92:ce:ae:
                    ce:e6:73:74:c7:ab:f2:35:22:c4:c6:8d:ba:b7:ad:
                    8a:06:00:22:55:53:c4:f0:9f:00:9f:04:47:f3:4d:
                    35:cf:60:1f:99:f8:14:ab:6d:d7:e2:a8:ba:ad:78:
                    87:2e:4b:d3:da:00:eb:66:36:06:98:4c:da:c6:56:
                    de:be:69:10:6e:97:6f:af:ce:3d:a0:02:15:78:46:
                    15:c5:c9:a3:1f:01:ca:26:28:65:21:46:10:d5:fa:
                    44:43:ad:ed:ee:a1:c7:36:b8:48:36:d9:ec:76:26:
                    c7:58:a2:39:7c:df:cd:4d:19:14:49:32:8e:64:a4:
                    84:8f:00:2e:dc:37:29:2a:d7:bc:38:ce:b4:62:eb:
                    c7:b7:79:76:17:b0:9d:41:52:79:ae:d1:f2:a9:e7:
                    ac:f3:5a:70:5d:9d:75:17:c7:8a:8b:70:fa:ee:ed:
                    2d:46:97:c9:06:59:0e:e1:51:da:78:81:ef:6c:92:
                    3f:79:6d:88:69:2b:13:06:82:8e:1b:8b:30:94:ac:
                    aa:84:ce:d4:89:74:4c:9d:50:a7:20:2a:7b:52:a4:
                    00:d0:16:c7:91:18:3a:0d:a1:f2:28:e3:f6:66:1a:
                    e7:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:C4:42:70:F2:8D:EA:D1:A6:78:AA:19:73:2E:12:D1:63:FB:91:1C
            X509v3 Authority Key Identifier:
                keyid:FB:C4:62:94:A5:D5:64:37:E1:9A:11:AE:F9:FB:9B:87:76:90:14:3E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/11247/-8RilKXVZDfhmhGu-fubh3aQFD4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/-8RilKXVZDfhmhGu-fubh3aQFD4.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/11247/xMRCcPKN6tGmeKoZcy4S0WP7kRw.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.17.88.0/21

    Signature Algorithm: sha256WithRSAEncryption
         bc:ce:76:e5:83:36:a2:31:13:2d:59:0a:5d:e2:e1:bc:c0:50:
         6c:72:6e:2b:8b:99:e1:90:32:5a:d4:94:78:a0:79:3d:32:d2:
         58:51:21:05:49:3d:ee:6d:b1:2d:4e:33:2a:98:a3:2d:0b:1b:
         fa:2b:c0:30:34:43:41:a3:09:0a:42:a5:5a:18:43:a8:cd:11:
         78:e0:df:fb:25:64:87:ba:b9:52:72:4e:32:70:64:04:d2:81:
         a9:5b:31:21:35:1b:1c:bc:aa:d6:17:9f:00:28:ea:2e:47:13:
         c0:05:06:87:e7:f6:fe:2f:33:2d:bb:3c:44:52:77:90:fb:b1:
         b5:84:14:1d:fd:5f:b5:95:b9:91:f9:c2:48:02:50:60:2b:14:
         85:3d:ff:f2:d5:ee:75:b8:f0:df:58:53:9c:f0:8b:5f:1f:25:
         cc:f1:b2:c6:0d:01:91:49:9c:5a:cb:ba:4e:06:ba:8a:f7:0c:
         84:66:43:d2:5f:cc:e3:2e:b7:ce:67:24:4d:98:f3:e7:4b:b4:
         63:ec:47:5b:ae:66:f3:ab:cd:0b:a5:d9:a0:cb:4b:5f:20:fd:
         06:5f:9f:f4:ca:9f:36:36:ab:b6:08:c2:c3:2d:b5:c3:8b:93:
         f6:6d:37:d1:17:f8:59:84:68:d2:0e:76:1b:df:1a:2b:50:6a:
         d7:a0:54:48
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIBUzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGQkM0
NjI5NEE1RDU2NDM3RTE5QTExQUVGOUZCOUI4Nzc2OTAxNDNFMB4XDTI0MDQzMDAx
Mjg1OVoXDTI1MDQxNTAxMzAwMlowMzExMC8GA1UEAxMoQzRDNDQyNzBGMjhERUFE
MUE2NzhBQTE5NzMyRTEyRDE2M0ZCOTExQzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAJ8HHzi56nx6xMnK75xrs/W5elwhZlwbw1bFks6uzuZzdMer8jUi
xMaNuretigYAIlVTxPCfAJ8ER/NNNc9gH5n4FKtt1+Kouq14hy5L09oA62Y2BphM
2sZW3r5pEG6Xb6/OPaACFXhGFcXJox8ByiYoZSFGENX6REOt7e6hxza4SDbZ7HYm
x1iiOXzfzU0ZFEkyjmSkhI8ALtw3KSrXvDjOtGLrx7d5dhewnUFSea7R8qnnrPNa
cF2ddRfHiotw+u7tLUaXyQZZDuFR2niB72ySP3ltiGkrEwaCjhuLMJSsqoTO1Il0
TJ1QpyAqe1KkANAWx5EYOg2h8ijj9mYa5zECAwEAAaOCAigwggIkMB0GA1UdDgQW
BBTExEJw8o3q0aZ4qhlzLhLRY/uRHDAfBgNVHSMEGDAWgBT7xGKUpdVkN+GaEa75
+5uHdpAUPjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGgGA1UdHwRhMF8wXaBb
oFmGV3JzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMTEyNDcvLThSaWxLWFZaRGZobWhHdS1mdWJoM2FRRkQ0LmNybDBtBggr
BgEFBQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5
Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvLThSaWxLWFZaRGZobWhHdS1mdWJo
M2FRRkQ0LmNlcjAOBgNVHQ8BAf8EBAMCB4Awgb0GCCsGAQUFBwELBIGwMIGtMGMG
CCsGAQUFBzALhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAv
QTkxQTczODEwMDAwLzExMjQ3L3hNUkNjUEtONnRHbWVLb1pjeTRTMFdQN2tSdy5y
b2EwRgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q
cC9ycmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwE
AgABMAYDBAOdEVgwDQYJKoZIhvcNAQELBQADggEBALzOduWDNqIxEy1ZCl3i4bzA
UGxybiuLmeGQMlrUlHigeT0y0lhRIQVJPe5tsS1OMyqYoy0LG/orwDA0Q0GjCQpC
pVoYQ6jNEXjg3/slZIe6uVJyTjJwZATSgalbMSE1Gxy8qtYXnwAo6i5HE8AFBofn
9v4vMy27PERSd5D7sbWEFB39X7WVuZH5wkgCUGArFIU9//LV7nW48N9YU5zwi18f
JczxssYNAZFJnFrLuk4Guor3DIRmQ9JfzOMut85nJE2Y8+dLtGPsR1uuZvOrzQul
2aDLS18g/QZfn/TKnzY2q7YIwsMttcOLk/ZtN9EX+FmEaNIOdhvfGitQategVEg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:15:55 2024 by rpki-client on console-fra.rpki-client.org