Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/1611/XKPuC6cOTXc3bX1mUZ3GXL4b-bc.roa
File:                     XKPuC6cOTXc3bX1mUZ3GXL4b-bc.roa (raw, json)
Hash identifier:          J4i1EpoldaGcUUPzSHxUSfclAzYSSALXSESjDUv1eRo=
Subject key identifier:   5C:A3:EE:0B:A7:0E:4D:77:37:6D:7D:66:51:9D:C6:5C:BE:1B:F9:B7
Certificate issuer:       /CN=741CB8DC001400597BBCB21D31E491D7F55A2C80
Certificate serial:       3A
Authority key identifier: 74:1C:B8:DC:00:14:00:59:7B:BC:B2:1D:31:E4:91:D7:F5:5A:2C:80
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/dBy43AAUAFl7vLIdMeSR1_VaLIA.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1611/XKPuC6cOTXc3bX1mUZ3GXL4b-bc.roa
Signing time:             Thu 29 Feb 2024 01:31:14 +0000
ROA not before:           Thu 29 Feb 2024 01:31:14 +0000
ROA not after:            Fri 14 Feb 2025 01:30:03 +0000
asID:                     0
IP address blocks:        160.14.0.0/16 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1611/dBy43AAUAFl7vLIdMeSR1_VaLIA.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1611/dBy43AAUAFl7vLIdMeSR1_VaLIA.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/dBy43AAUAFl7vLIdMeSR1_VaLIA.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b2g-rjmhc4rmyT_fBB8RSOZTTfI.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 20:12:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 58 (0x3a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=741CB8DC001400597BBCB21D31E491D7F55A2C80
        Validity
            Not Before: Feb 29 01:31:14 2024 GMT
            Not After : Feb 14 01:30:03 2025 GMT
        Subject: CN=5CA3EE0BA70E4D77376D7D66519DC65CBE1BF9B7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:ad:64:ff:0f:0f:02:dc:16:0e:5d:a8:68:0c:
                    a1:3a:2d:d2:65:e5:f0:a7:3c:88:d4:6e:a3:62:88:
                    b3:09:7e:82:bd:88:1a:56:ec:28:e0:05:58:17:6f:
                    b9:d3:aa:8b:ec:4e:5c:bf:16:9b:f0:dd:85:82:2f:
                    7a:ae:84:6c:59:5d:e8:9b:66:03:f2:fa:95:b5:45:
                    90:47:2b:cf:69:3c:43:a0:78:3f:49:b5:0d:dc:93:
                    ef:3d:3c:ba:a6:bb:11:72:8e:a9:59:2b:15:7e:bf:
                    1a:51:19:c5:65:24:02:68:7e:46:d1:0f:74:5a:2c:
                    99:8f:fd:42:16:d7:f0:a8:36:c8:d1:8a:a6:7d:98:
                    ef:60:88:96:ad:37:a1:69:aa:08:61:5f:23:fb:79:
                    e3:c4:32:ea:14:4c:15:00:f2:71:89:75:e8:90:19:
                    a2:56:0d:a1:97:dc:4c:5c:ae:4d:77:03:97:c8:49:
                    f5:45:0d:e8:b5:da:4b:dc:0f:1f:35:91:44:be:63:
                    ca:e0:17:4e:da:21:03:d2:d6:56:80:cc:02:15:58:
                    ee:35:37:a8:64:d5:df:67:22:b4:f7:5b:7d:99:61:
                    ab:e0:97:56:08:97:59:97:46:76:58:bc:9a:40:a1:
                    61:6d:bb:5a:49:19:47:b5:b8:43:89:fb:30:8f:88:
                    48:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:A3:EE:0B:A7:0E:4D:77:37:6D:7D:66:51:9D:C6:5C:BE:1B:F9:B7
            X509v3 Authority Key Identifier:
                keyid:74:1C:B8:DC:00:14:00:59:7B:BC:B2:1D:31:E4:91:D7:F5:5A:2C:80

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1611/dBy43AAUAFl7vLIdMeSR1_VaLIA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/dBy43AAUAFl7vLIdMeSR1_VaLIA.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1611/XKPuC6cOTXc3bX1mUZ3GXL4b-bc.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.14.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         dd:6c:bd:87:e0:e7:2f:15:cc:6c:f2:ec:c5:d8:bd:d5:52:97:
         be:41:db:17:98:23:94:6c:bc:f0:35:7d:35:93:da:3f:da:42:
         2e:db:3b:10:bc:6f:55:43:cd:b6:26:7e:40:72:51:da:5b:40:
         30:11:8e:29:eb:bc:4f:64:03:77:2d:81:83:45:a7:50:2a:f3:
         c5:d4:69:3a:4c:40:76:05:76:f9:f1:9f:f2:5d:ee:8d:c2:b9:
         ad:52:d4:eb:47:3f:d4:88:b4:e8:c7:e6:6b:64:60:4c:d9:14:
         43:fb:0e:80:cb:bb:d2:ca:0c:66:30:a5:7c:d7:d4:df:e0:89:
         a7:97:43:5c:c3:22:bc:1d:0d:76:54:30:f6:cc:eb:35:7e:de:
         62:06:19:7c:dc:d8:da:36:72:f6:e2:fa:1b:2f:e7:5c:8e:25:
         cf:8c:6f:b7:ff:ee:ff:f7:37:2a:a2:4b:b9:c1:af:cc:d7:f9:
         2b:5f:72:01:55:18:dc:17:ca:76:2d:ee:5a:db:bd:b8:c9:0a:
         0f:6a:18:9b:4e:b3:e7:36:0e:2a:6a:e3:99:fb:c1:2b:61:54:
         2f:b9:43:ed:23:fc:ff:f1:45:10:f4:c0:2c:f2:d8:9c:82:60:
         48:cb:5f:6a:84:e3:cc:3d:00:99:2d:8e:5f:94:5d:2d:0b:65:
         e6:93:c4:60
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgIBOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3NDFD
QjhEQzAwMTQwMDU5N0JCQ0IyMUQzMUU0OTFEN0Y1NUEyQzgwMB4XDTI0MDIyOTAx
MzExNFoXDTI1MDIxNDAxMzAwM1owMzExMC8GA1UEAxMoNUNBM0VFMEJBNzBFNEQ3
NzM3NkQ3RDY2NTE5REM2NUNCRTFCRjlCNzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKatZP8PDwLcFg5dqGgMoTot0mXl8Kc8iNRuo2KIswl+gr2IGlbs
KOAFWBdvudOqi+xOXL8Wm/DdhYIveq6EbFld6JtmA/L6lbVFkEcrz2k8Q6B4P0m1
DdyT7z08uqa7EXKOqVkrFX6/GlEZxWUkAmh+RtEPdFosmY/9QhbX8Kg2yNGKpn2Y
72CIlq03oWmqCGFfI/t548Qy6hRMFQDycYl16JAZolYNoZfcTFyuTXcDl8hJ9UUN
6LXaS9wPHzWRRL5jyuAXTtohA9LWVoDMAhVY7jU3qGTV32citPdbfZlhq+CXVgiX
WZdGdli8mkChYW27WkkZR7W4Q4n7MI+ISDMCAwEAAaOCAiUwggIhMB0GA1UdDgQW
BBRco+4Lpw5NdzdtfWZRncZcvhv5tzAfBgNVHSMEGDAWgBR0HLjcABQAWXu8sh0x
5JHX9VosgDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGcGA1UdHwRgMF4wXKBa
oFiGVnJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMTYxMS9kQnk0M0FBVUFGbDd2TElkTWVTUjFfVmFMSUEuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9kQnk0M0FBVUFGbDd2TElkTWVTUjFf
VmFMSUEuY2VyMA4GA1UdDwEB/wQEAwIHgDCBvAYIKwYBBQUHAQsEga8wgawwYgYI
KwYBBQUHMAuGVnJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMTYxMS9YS1B1QzZjT1RYYzNiWDFtVVozR1hMNGItYmMucm9h
MEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAv
cnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIA
ATAFAwMAoA4wDQYJKoZIhvcNAQELBQADggEBAN1svYfg5y8VzGzy7MXYvdVSl75B
2xeYI5RsvPA1fTWT2j/aQi7bOxC8b1VDzbYmfkByUdpbQDARjinrvE9kA3ctgYNF
p1Aq88XUaTpMQHYFdvnxn/Jd7o3Cua1S1OtHP9SItOjH5mtkYEzZFEP7DoDLu9LK
DGYwpXzX1N/giaeXQ1zDIrwdDXZUMPbM6zV+3mIGGXzc2No2cvbi+hsv51yOJc+M
b7f/7v/3NyqiS7nBr8zX+StfcgFVGNwXynYt7lrbvbjJCg9qGJtOs+c2Dipq45n7
wSthVC+5Q+0j/P/xRRD0wCzy2JyCYEjLX2qE48w9AJktjl+UXS0LZeaTxGA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:23:10 2024 by rpki-client on console-fra.rpki-client.org