Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/161/D9t0Xv2IXyKn9cCBB5CqB_yN0qY.roa
File:                     D9t0Xv2IXyKn9cCBB5CqB_yN0qY.roa (raw, json)
Hash identifier:          vjtgqOBbly3ygKYvKjWx+kh/rMuHJxg0NNRBLQJr2oY=
Subject key identifier:   0F:DB:74:5E:FD:88:5F:22:A7:F5:C0:81:07:90:AA:07:FC:8D:D2:A6
Certificate issuer:       /CN=15BFA3E53E59149239A168DFD92C75745AB66CB6
Certificate serial:       02F4
Authority key identifier: 15:BF:A3:E5:3E:59:14:92:39:A1:68:DF:D9:2C:75:74:5A:B6:6C:B6
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/D9t0Xv2IXyKn9cCBB5CqB_yN0qY.roa
Signing time:             Sun 31 Mar 2024 01:35:52 +0000
ROA not before:           Sun 31 Mar 2024 01:35:52 +0000
ROA not after:            Sat 15 Mar 2025 01:30:02 +0000
asID:                     2516
IP address blocks:        220.217.0.0/16 maxlen: 16

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 02 Dec 2024 22:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 756 (0x2f4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15BFA3E53E59149239A168DFD92C75745AB66CB6
        Validity
            Not Before: Mar 31 01:35:52 2024 GMT
            Not After : Mar 15 01:30:02 2025 GMT
        Subject: CN=0FDB745EFD885F22A7F5C0810790AA07FC8DD2A6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:5a:d1:79:03:f2:1e:a3:f1:b5:e9:0e:f5:db:
                    f2:d8:76:69:11:0b:40:44:25:64:7b:cf:e2:4a:ed:
                    43:1f:84:09:60:92:4c:8c:42:2b:9a:6e:08:64:59:
                    c6:a7:54:12:8d:aa:53:94:25:81:a6:bb:19:b9:5b:
                    9c:9c:6c:86:f4:85:0c:00:68:5e:5f:b4:d3:63:45:
                    b3:66:1b:10:d0:51:08:73:c0:d4:1d:03:ee:2a:8b:
                    5e:da:da:8f:3c:a7:dc:3f:ce:9f:1c:a3:e8:d1:be:
                    ee:42:bc:a9:8d:d4:48:d5:3c:77:46:33:89:a0:a8:
                    57:11:ab:d9:ac:4e:4d:e0:94:82:6d:0f:29:19:cf:
                    62:cc:b4:56:40:be:3f:5d:3c:3d:b5:3d:67:d4:ad:
                    31:e8:12:e3:d9:7d:96:ff:b6:90:b3:e5:5b:0c:24:
                    5d:23:41:30:90:36:a4:76:6d:7f:d2:2d:2b:30:33:
                    d1:1c:d0:46:9a:03:b5:8b:28:84:45:5f:31:cf:14:
                    63:5c:e0:b7:7d:10:10:1d:0a:64:87:9e:3b:28:95:
                    d3:fd:8e:9b:af:28:2e:13:59:02:c6:99:58:16:7d:
                    e5:cf:3b:07:dc:11:55:f6:d1:d6:25:88:58:95:10:
                    c7:a3:40:bd:bd:c5:ea:cd:42:aa:e7:34:08:41:98:
                    4e:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:DB:74:5E:FD:88:5F:22:A7:F5:C0:81:07:90:AA:07:FC:8D:D2:A6
            X509v3 Authority Key Identifier:
                keyid:15:BF:A3:E5:3E:59:14:92:39:A1:68:DF:D9:2C:75:74:5A:B6:6C:B6

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/D9t0Xv2IXyKn9cCBB5CqB_yN0qY.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  220.217.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         9c:1e:53:e6:52:2a:67:82:77:00:f5:ad:86:52:32:bc:f7:42:
         43:92:d7:e6:0d:f2:6a:bb:ad:dd:1f:aa:17:d1:1b:29:1c:ce:
         98:a2:68:5b:dc:77:19:70:5b:05:dd:18:b5:cd:0c:a6:2f:71:
         1c:2c:ed:ae:b7:f3:f9:b9:cb:31:b6:85:cb:1e:f2:fa:66:4c:
         56:d3:b0:6c:c4:3b:70:28:b4:15:13:6b:3e:8b:72:0f:38:0b:
         1d:ac:68:60:80:47:db:91:1f:0a:30:2b:b3:23:80:a8:7e:e0:
         38:fe:79:7c:86:ee:86:b8:13:d8:1e:02:2c:a4:2d:87:72:73:
         cd:3d:a6:e0:36:09:70:68:4b:74:6b:41:7f:2c:a8:42:3f:e0:
         fa:ef:d7:ac:24:fe:6f:8e:4d:7d:6e:28:b0:9e:3a:33:8a:07:
         a7:bc:d7:b6:9a:11:5f:0a:a5:22:72:3a:a2:52:07:0b:55:35:
         a8:b2:45:14:32:3b:a8:b2:c0:a5:f2:89:17:67:13:a2:28:71:
         45:1a:5a:e2:ee:b8:53:0b:9f:2a:f1:79:b2:84:70:b3:27:43:
         86:57:31:2d:6a:fe:43:7f:03:35:67:42:93:7e:1e:48:b6:45:
         e3:c7:c0:f2:32:2f:6c:4e:cc:e8:63:44:49:ac:a8:4d:04:94:
         b8:05:8a:32
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgICAvQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTVC
RkEzRTUzRTU5MTQ5MjM5QTE2OERGRDkyQzc1NzQ1QUI2NkNCNjAeFw0yNDAzMzEw
MTM1NTJaFw0yNTAzMTUwMTMwMDJaMDMxMTAvBgNVBAMTKDBGREI3NDVFRkQ4ODVG
MjJBN0Y1QzA4MTA3OTBBQTA3RkM4REQyQTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKWtF5A/Ieo/G16Q712/LYdmkRC0BEJWR7z+JK7UMfhAlgkkyM
QiuabghkWcanVBKNqlOUJYGmuxm5W5ycbIb0hQwAaF5ftNNjRbNmGxDQUQhzwNQd
A+4qi17a2o88p9w/zp8co+jRvu5CvKmN1EjVPHdGM4mgqFcRq9msTk3glIJtDykZ
z2LMtFZAvj9dPD21PWfUrTHoEuPZfZb/tpCz5VsMJF0jQTCQNqR2bX/SLSswM9Ec
0EaaA7WLKIRFXzHPFGNc4Ld9EBAdCmSHnjsoldP9jpuvKC4TWQLGmVgWfeXPOwfc
EVX20dYliFiVEMejQL29xerNQqrnNAhBmE7lAgMBAAGjggIjMIICHzAdBgNVHQ4E
FgQUD9t0Xv2IXyKn9cCBB5CqB/yN0qYwHwYDVR0jBBgwFoAUFb+j5T5ZFJI5oWjf
2Sx1dFq2bLYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzE2MS9GYi1qNVQ1WkZKSTVvV2pmMlN4MWRGcTJiTFkuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9GYi1qNVQ1WkZKSTVvV2pmMlN4MWRG
cTJiTFkuY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMTYxL0Q5dDBYdjJJWHlLbjljQ0JCNUNxQl95TjBxWS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwDc2TANBgkqhkiG9w0BAQsFAAOCAQEAnB5T5lIqZ4J3APWthlIyvPdCQ5LX
5g3yarut3R+qF9EbKRzOmKJoW9x3GXBbBd0Ytc0Mpi9xHCztrrfz+bnLMbaFyx7y
+mZMVtOwbMQ7cCi0FRNrPotyDzgLHaxoYIBH25EfCjArsyOAqH7gOP55fIbuhrgT
2B4CLKQth3JzzT2m4DYJcGhLdGtBfyyoQj/g+u/XrCT+b45NfW4osJ46M4oHp7zX
tpoRXwqlInI6olIHC1U1qLJFFDI7qLLApfKJF2cToihxRRpa4u64UwufKvF5soRw
sydDhlcxLWr+Q38DNWdCk34eSLZF48fA8jIvbE7M6GNESayoTQSUuAWKMg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 23:59:02 2024 by rpki-client on console-fra.rpki-client.org