Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/131/grPxfPYGVKNZqZ3bVALyTBQy738.roa
File:                     grPxfPYGVKNZqZ3bVALyTBQy738.roa (raw, json)
Hash identifier:          Q8aISxIWL2K3gvah+IPbDS4D1k8sRVxiJ1RGhkUY8vE=
Subject key identifier:   82:B3:F1:7C:F6:06:54:A3:59:A9:9D:DB:54:02:F2:4C:14:32:EF:7F
Certificate issuer:       /CN=2FC09923B05A7E8F1ADD9A5984EDC19320DB974B
Certificate serial:       01C6
Authority key identifier: 2F:C0:99:23:B0:5A:7E:8F:1A:DD:9A:59:84:ED:C1:93:20:DB:97:4B
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/L8CZI7Bafo8a3ZpZhO3BkyDbl0s.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/131/grPxfPYGVKNZqZ3bVALyTBQy738.roa
Signing time:             Fri 31 May 2024 01:30:46 +0000
ROA not before:           Fri 31 May 2024 01:30:46 +0000
ROA not after:            Thu 15 May 2025 01:30:03 +0000
asID:                     4713
IP address blocks:        202.234.192.0/18 maxlen: 18

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/131/L8CZI7Bafo8a3ZpZhO3BkyDbl0s.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/131/L8CZI7Bafo8a3ZpZhO3BkyDbl0s.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/L8CZI7Bafo8a3ZpZhO3BkyDbl0s.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 14:41:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 454 (0x1c6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2FC09923B05A7E8F1ADD9A5984EDC19320DB974B
        Validity
            Not Before: May 31 01:30:46 2024 GMT
            Not After : May 15 01:30:03 2025 GMT
        Subject: CN=82B3F17CF60654A359A99DDB5402F24C1432EF7F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:c4:1d:a2:2a:54:ae:77:84:57:bb:fb:25:a8:
                    1f:53:76:a1:55:bc:b9:48:66:1a:26:3e:87:8b:5e:
                    cc:b3:fe:ba:05:e9:de:8c:7b:b4:69:6c:a0:34:d9:
                    fe:13:b1:b7:ff:a6:11:bd:ea:51:a0:72:af:f4:c7:
                    b9:a5:2e:4e:27:91:97:7e:5d:03:1c:ab:f9:ad:ac:
                    ee:10:83:3a:07:cd:d9:dd:c2:39:a2:99:5c:3f:aa:
                    b1:6d:cb:c4:79:82:37:0d:00:80:d8:c5:52:ce:a5:
                    76:e5:0e:90:77:43:6f:1b:01:7c:5e:6e:9f:99:9d:
                    27:75:4c:b6:b3:d9:f9:e8:ba:ec:5a:cf:90:cc:ac:
                    ec:cf:d2:10:32:3d:b5:09:34:aa:de:28:8d:03:95:
                    ba:2d:5c:cf:cf:31:f1:4e:b8:92:f6:67:70:23:30:
                    1c:6c:19:4c:a4:19:20:1f:19:36:bb:c6:74:af:ec:
                    aa:fa:48:90:9c:c9:b6:4c:ac:3a:79:bb:da:d5:1c:
                    9c:ac:ea:fb:c2:f1:bf:3e:f8:7c:a5:b7:3e:47:76:
                    ac:b8:ab:f9:9d:80:ab:b3:a5:85:8f:44:ac:50:26:
                    d8:67:a0:26:4a:fd:40:79:88:79:1b:bc:f2:c4:6a:
                    b3:ca:b9:01:5f:89:9d:03:aa:3c:f8:89:aa:69:78:
                    53:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:B3:F1:7C:F6:06:54:A3:59:A9:9D:DB:54:02:F2:4C:14:32:EF:7F
            X509v3 Authority Key Identifier:
                keyid:2F:C0:99:23:B0:5A:7E:8F:1A:DD:9A:59:84:ED:C1:93:20:DB:97:4B

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/131/L8CZI7Bafo8a3ZpZhO3BkyDbl0s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/L8CZI7Bafo8a3ZpZhO3BkyDbl0s.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/131/grPxfPYGVKNZqZ3bVALyTBQy738.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.234.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         13:e9:1e:04:ec:3e:ba:d9:d7:73:d1:ea:dd:f6:79:89:47:c2:
         14:ad:88:04:83:bd:91:5e:dc:3d:27:56:98:9e:74:c6:4d:ad:
         cb:10:1e:6d:e7:48:eb:0f:20:43:fc:b5:4e:2b:28:ce:0c:99:
         a8:45:50:7e:1f:84:1d:2d:46:6c:c8:c3:5c:9d:1a:35:aa:19:
         b0:3f:c6:0f:05:75:0b:d9:24:9c:96:6b:00:10:e6:bb:b0:49:
         d7:51:9e:0a:00:03:08:15:01:f0:c2:81:16:6b:bf:8a:d3:59:
         46:11:11:c2:9c:4d:cb:17:c0:e5:d0:5a:71:68:b7:99:0c:73:
         dd:24:eb:09:f7:bd:67:00:65:c0:75:46:5b:2d:17:d7:c8:b2:
         7a:4d:1b:52:12:17:6e:7e:f6:a0:74:5b:23:c5:79:2e:e5:4f:
         46:2f:aa:b7:4e:24:13:83:a9:c8:9f:79:fe:ce:fc:82:de:36:
         45:12:3d:00:ed:c7:27:82:90:30:9b:a7:d0:57:f3:ac:0b:3e:
         ac:1b:db:50:89:8e:b6:22:2d:16:e2:ed:65:5d:27:42:4d:68:
         7a:15:87:8b:34:df:f4:6e:71:ed:88:46:8f:e7:38:f4:54:25:
         60:e0:df:2d:b5:ce:37:b5:7f:3c:0e:9c:d7:28:86:19:a0:1d:
         4d:db:13:18
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAcYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkZD
MDk5MjNCMDVBN0U4RjFBREQ5QTU5ODRFREMxOTMyMERCOTc0QjAeFw0yNDA1MzEw
MTMwNDZaFw0yNTA1MTUwMTMwMDNaMDMxMTAvBgNVBAMTKDgyQjNGMTdDRjYwNjU0
QTM1OUE5OUREQjU0MDJGMjRDMTQzMkVGN0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPxB2iKlSud4RXu/slqB9TdqFVvLlIZhomPoeLXsyz/roF6d6M
e7RpbKA02f4Tsbf/phG96lGgcq/0x7mlLk4nkZd+XQMcq/mtrO4QgzoHzdndwjmi
mVw/qrFty8R5gjcNAIDYxVLOpXblDpB3Q28bAXxebp+ZnSd1TLaz2fnouuxaz5DM
rOzP0hAyPbUJNKreKI0DlbotXM/PMfFOuJL2Z3AjMBxsGUykGSAfGTa7xnSv7Kr6
SJCcybZMrDp5u9rVHJys6vvC8b8++Hyltz5Hdqy4q/mdgKuzpYWPRKxQJthnoCZK
/UB5iHkbvPLEarPKuQFfiZ0Dqjz4iappeFMrAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUgrPxfPYGVKNZqZ3bVALyTBQy738wHwYDVR0jBBgwFoAUL8CZI7Bafo8a3ZpZ
hO3BkyDbl0swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzEzMS9MOENaSTdCYWZvOGEzWnBaaE8zQmt5RGJsMHMuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9MOENaSTdCYWZvOGEzWnBaaE8zQmt5
RGJsMHMuY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMTMxL2dyUHhmUFlHVktOWnFaM2JWQUx5VEJReTczOC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAbK6sAwDQYJKoZIhvcNAQELBQADggEBABPpHgTsPrrZ13PR6t32eYlHwhSt
iASDvZFe3D0nVpiedMZNrcsQHm3nSOsPIEP8tU4rKM4MmahFUH4fhB0tRmzIw1yd
GjWqGbA/xg8FdQvZJJyWawAQ5ruwSddRngoAAwgVAfDCgRZrv4rTWUYREcKcTcsX
wOXQWnFot5kMc90k6wn3vWcAZcB1RlstF9fIsnpNG1ISF25+9qB0WyPFeS7lT0Yv
qrdOJBODqcifef7O/ILeNkUSPQDtxyeCkDCbp9BX86wLPqwb21CJjrYiLRbi7WVd
J0JNaHoVh4s03/Ruce2IRo/nOPRUJWDg3y21zje1fzwOnNcohhmgHU3bExg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 15:23:55 2024 by rpki-client on console-fra.rpki-client.org