Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/161/aLemKK3HXuzNMTnawbkVMt7zcpE.roa
File:                     aLemKK3HXuzNMTnawbkVMt7zcpE.roa (raw, json)
Hash identifier:          XwgGQqAlUCprqwcN62a+W0L0mMLBP86So4Ztk9UkBFI=
Subject key identifier:   68:B7:A6:28:AD:C7:5E:EC:CD:31:39:DA:C1:B9:15:32:DE:F3:72:91
Certificate issuer:       /CN=15BFA3E53E59149239A168DFD92C75745AB66CB6
Certificate serial:       0311
Authority key identifier: 15:BF:A3:E5:3E:59:14:92:39:A1:68:DF:D9:2C:75:74:5A:B6:6C:B6
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/aLemKK3HXuzNMTnawbkVMt7zcpE.roa
Signing time:             Sun 31 Mar 2024 01:38:41 +0000
ROA not before:           Sun 31 Mar 2024 01:38:41 +0000
ROA not after:            Sat 15 Mar 2025 01:30:02 +0000
asID:                     2516
IP address blocks:        211.126.0.0/16 maxlen: 16

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 01:30:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 785 (0x311)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15BFA3E53E59149239A168DFD92C75745AB66CB6
        Validity
            Not Before: Mar 31 01:38:41 2024 GMT
            Not After : Mar 15 01:30:02 2025 GMT
        Subject: CN=68B7A628ADC75EECCD3139DAC1B91532DEF37291
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:a6:88:94:6c:a0:10:6b:b4:7d:8a:fc:6f:9a:
                    3a:47:81:b4:f1:a4:ba:14:76:71:7e:41:af:1b:3f:
                    c7:4d:60:c1:0f:10:b1:28:fd:18:ed:db:21:35:51:
                    45:e5:3c:3d:8a:2f:5c:58:98:29:24:94:15:cc:4d:
                    b4:6c:ba:40:92:a6:38:8d:9c:32:74:10:7a:52:d9:
                    bc:44:4b:f2:fe:40:48:aa:19:ea:8c:4a:b2:70:4b:
                    85:d9:37:7d:2a:56:f0:4c:0c:f0:48:16:b5:eb:df:
                    7f:a7:80:ab:c6:62:d6:e0:2c:e5:9a:5e:a4:d3:c5:
                    bf:93:a6:7a:90:f9:c6:e8:ad:25:5a:e9:f8:46:09:
                    53:97:ed:44:55:ff:ca:8e:ff:6e:91:77:46:59:4a:
                    3c:5b:25:78:c0:06:a8:3f:5c:a4:93:7e:38:73:31:
                    65:ca:38:b6:83:f4:25:d5:68:34:d7:09:df:37:e0:
                    f1:57:4b:40:12:d3:a1:93:c0:00:6f:d1:60:95:b8:
                    02:c3:bf:01:d7:d7:06:9c:bb:95:19:76:18:38:c6:
                    1c:6f:65:94:72:76:df:86:91:19:30:83:6c:bf:5d:
                    af:62:f1:5e:7c:77:82:ba:33:1e:da:17:9a:90:78:
                    a0:e8:94:25:a9:cb:40:e7:91:dd:8f:34:5a:b5:60:
                    82:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:B7:A6:28:AD:C7:5E:EC:CD:31:39:DA:C1:B9:15:32:DE:F3:72:91
            X509v3 Authority Key Identifier:
                keyid:15:BF:A3:E5:3E:59:14:92:39:A1:68:DF:D9:2C:75:74:5A:B6:6C:B6

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/aLemKK3HXuzNMTnawbkVMt7zcpE.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  211.126.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         02:9b:68:57:f3:3f:25:57:bf:53:be:44:33:84:48:f7:ec:16:
         1a:7c:3b:b4:96:53:f3:46:a7:05:1c:1b:ae:f1:67:03:c7:42:
         a7:af:45:a4:ca:75:6b:8f:ca:84:bc:61:f7:c5:15:36:21:f6:
         dd:11:69:39:62:15:33:4e:02:9e:53:b2:ff:d5:ff:47:d8:7c:
         d6:03:da:be:48:2d:79:94:b3:df:9c:b2:d6:f2:a8:65:b0:77:
         7f:84:5c:f1:f7:5b:3e:47:5a:c0:4a:ba:16:05:b7:a9:a3:5d:
         37:33:58:0e:d7:b2:9f:59:1d:19:eb:a9:81:bc:25:a5:45:41:
         02:ab:4e:14:27:74:4a:23:fc:83:49:60:21:66:73:89:68:17:
         15:07:ac:14:08:88:58:1d:57:52:0d:fa:d0:ba:a5:1f:27:1e:
         a4:18:64:ca:7e:8f:fd:20:7e:88:e4:ae:12:83:25:95:4e:cc:
         f1:50:bd:58:99:14:cc:4a:06:ea:9e:aa:a7:d8:f6:93:53:f2:
         58:0a:fc:74:df:d9:d1:4e:59:7d:c1:db:f9:ed:26:7e:08:82:
         44:31:3c:97:15:29:e7:93:be:d8:9d:23:69:0f:5d:9a:7d:9d:
         4d:bc:c6:82:82:db:44:8c:e9:e5:a3:58:20:d1:93:9f:a5:16:
         1c:bd:f6:6a
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgICAxEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTVC
RkEzRTUzRTU5MTQ5MjM5QTE2OERGRDkyQzc1NzQ1QUI2NkNCNjAeFw0yNDAzMzEw
MTM4NDFaFw0yNTAzMTUwMTMwMDJaMDMxMTAvBgNVBAMTKDY4QjdBNjI4QURDNzVF
RUNDRDMxMzlEQUMxQjkxNTMyREVGMzcyOTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdpoiUbKAQa7R9ivxvmjpHgbTxpLoUdnF+Qa8bP8dNYMEPELEo
/Rjt2yE1UUXlPD2KL1xYmCkklBXMTbRsukCSpjiNnDJ0EHpS2bxES/L+QEiqGeqM
SrJwS4XZN30qVvBMDPBIFrXr33+ngKvGYtbgLOWaXqTTxb+TpnqQ+cborSVa6fhG
CVOX7URV/8qO/26Rd0ZZSjxbJXjABqg/XKSTfjhzMWXKOLaD9CXVaDTXCd834PFX
S0AS06GTwABv0WCVuALDvwHX1wacu5UZdhg4xhxvZZRydt+GkRkwg2y/Xa9i8V58
d4K6Mx7aF5qQeKDolCWpy0Dnkd2PNFq1YIIBAgMBAAGjggIjMIICHzAdBgNVHQ4E
FgQUaLemKK3HXuzNMTnawbkVMt7zcpEwHwYDVR0jBBgwFoAUFb+j5T5ZFJI5oWjf
2Sx1dFq2bLYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzE2MS9GYi1qNVQ1WkZKSTVvV2pmMlN4MWRGcTJiTFkuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9GYi1qNVQ1WkZKSTVvV2pmMlN4MWRG
cTJiTFkuY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMTYxL2FMZW1LSzNIWHV6Tk1UbmF3YmtWTXQ3emNwRS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwDTfjANBgkqhkiG9w0BAQsFAAOCAQEAAptoV/M/JVe/U75EM4RI9+wWGnw7
tJZT80anBRwbrvFnA8dCp69FpMp1a4/KhLxh98UVNiH23RFpOWIVM04CnlOy/9X/
R9h81gPavkgteZSz35yy1vKoZbB3f4Rc8fdbPkdawEq6FgW3qaNdNzNYDteyn1kd
GeupgbwlpUVBAqtOFCd0SiP8g0lgIWZziWgXFQesFAiIWB1XUg360LqlHycepBhk
yn6P/SB+iOSuEoMllU7M8VC9WJkUzEoG6p6qp9j2k1PyWAr8dN/Z0U5ZfcHb+e0m
fgiCRDE8lxUp55O+2J0jaQ9dmn2dTbzGgoLbRIzp5aNYINGTn6UWHL32ag==
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:01:37 2024 by rpki-client on console-fra.rpki-client.org