Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/1639/D3VoYfO8IcRa8JFV6StpCvq1AS8.roa
File:                     D3VoYfO8IcRa8JFV6StpCvq1AS8.roa (raw, json)
Hash identifier:          KmWoyH/+NF0iStPqvGXIHZZGRAgUEeG6cwMPCgbbE2I=
Subject key identifier:   0F:75:68:61:F3:BC:21:C4:5A:F0:91:55:E9:2B:69:0A:FA:B5:01:2F
Certificate issuer:       /CN=24505A86B00DCD05BA360BCA66ADFF602BD95AA8
Certificate serial:       63
Authority key identifier: 24:50:5A:86:B0:0D:CD:05:BA:36:0B:CA:66:AD:FF:60:2B:D9:5A:A8
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/JFBahrANzQW6NgvKZq3_YCvZWqg.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1639/D3VoYfO8IcRa8JFV6StpCvq1AS8.roa
Signing time:             Thu 29 Feb 2024 01:29:15 +0000
ROA not before:           Thu 29 Feb 2024 01:29:15 +0000
ROA not after:            Fri 14 Feb 2025 01:30:03 +0000
asID:                     131078
IP address blocks:        202.255.47.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1639/JFBahrANzQW6NgvKZq3_YCvZWqg.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1639/JFBahrANzQW6NgvKZq3_YCvZWqg.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/JFBahrANzQW6NgvKZq3_YCvZWqg.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 21 Jun 2024 02:50:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 99 (0x63)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24505A86B00DCD05BA360BCA66ADFF602BD95AA8
        Validity
            Not Before: Feb 29 01:29:15 2024 GMT
            Not After : Feb 14 01:30:03 2025 GMT
        Subject: CN=0F756861F3BC21C45AF09155E92B690AFAB5012F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:18:d9:ac:8d:53:da:2f:04:42:dc:d5:07:42:
                    72:99:1e:17:bc:bf:aa:97:bc:8f:61:68:33:9a:de:
                    68:f6:5b:64:10:0a:a9:47:af:2b:cf:0c:83:0a:1b:
                    cc:44:a8:99:d3:5e:17:d7:a2:a9:d4:6e:1d:a8:c3:
                    6e:61:b9:31:fe:1a:73:de:21:49:ab:80:5a:97:36:
                    a1:d5:e3:c5:ff:f8:58:fd:d3:e2:51:29:fd:2e:c8:
                    0c:d3:48:16:2e:fa:9d:49:f4:6d:fb:b9:e6:34:1e:
                    e2:0f:c1:6c:cf:01:0e:b3:0e:75:aa:19:a0:42:df:
                    9a:81:fc:29:2e:c9:04:15:5b:b3:b5:f6:70:b8:a0:
                    28:25:a6:07:1d:c5:16:22:ee:a9:eb:96:08:aa:17:
                    99:cb:3e:61:ab:f2:1b:01:8e:aa:91:29:de:8f:81:
                    48:4f:1b:b6:1e:f2:a4:b7:ed:1e:ab:e7:fe:57:8e:
                    fa:f5:5c:6b:51:7a:ce:99:99:2b:d0:73:70:8d:f2:
                    9b:16:75:b2:4c:48:5b:86:93:6b:b5:b2:49:a9:a1:
                    f0:1a:81:95:d6:d2:e2:73:59:02:82:7c:00:e1:8c:
                    9b:a2:e5:a3:ac:82:f9:97:6f:18:9f:ea:12:29:fc:
                    94:8d:6d:57:75:5a:db:79:32:13:2b:38:b8:55:7d:
                    4f:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:75:68:61:F3:BC:21:C4:5A:F0:91:55:E9:2B:69:0A:FA:B5:01:2F
            X509v3 Authority Key Identifier:
                keyid:24:50:5A:86:B0:0D:CD:05:BA:36:0B:CA:66:AD:FF:60:2B:D9:5A:A8

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1639/JFBahrANzQW6NgvKZq3_YCvZWqg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/JFBahrANzQW6NgvKZq3_YCvZWqg.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1639/D3VoYfO8IcRa8JFV6StpCvq1AS8.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.255.47.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:ff:03:53:18:14:6a:53:b4:a1:f4:75:1a:be:26:10:63:8a:
         29:2b:1e:9b:a2:3c:0d:48:ab:7a:5a:f9:d8:9d:2b:24:e4:38:
         f8:21:f0:50:42:73:5f:9e:25:b6:51:af:08:fb:92:3b:f4:ee:
         dc:7a:e6:cf:48:62:b8:70:b4:29:46:fc:af:70:52:a3:07:aa:
         51:a2:ab:c9:be:6e:fd:8f:89:ac:b7:e4:b0:24:8f:9c:5b:62:
         fc:8a:9d:60:14:6a:91:8a:86:30:32:11:19:df:da:d1:11:04:
         3c:0f:62:41:af:a6:f5:18:4e:af:ca:91:ba:37:0d:bb:51:ff:
         c9:1c:d5:c3:15:fd:59:c4:95:2c:62:a0:9c:a2:65:31:c2:9f:
         c0:e8:4f:cb:74:14:f4:e8:93:08:f0:19:19:28:5e:1b:bd:03:
         23:40:0c:c3:18:e3:d8:6e:15:96:be:09:f4:52:80:27:ca:7b:
         ab:2f:16:97:6e:b1:3b:9c:7c:3b:04:c8:72:5a:b6:39:97:b0:
         d3:93:8b:42:40:dc:6e:47:dd:77:b3:e0:9f:a5:38:32:f0:3a:
         05:b5:c5:3d:2c:84:d6:58:1b:e7:8e:a6:e3:c6:9a:91:c9:06:
         33:02:ef:b1:3f:52:b4:4b:88:8c:e7:19:6e:60:90:63:0b:ee:
         01:fa:07:95
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIBYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygyNDUw
NUE4NkIwMERDRDA1QkEzNjBCQ0E2NkFERkY2MDJCRDk1QUE4MB4XDTI0MDIyOTAx
MjkxNVoXDTI1MDIxNDAxMzAwM1owMzExMC8GA1UEAxMoMEY3NTY4NjFGM0JDMjFD
NDVBRjA5MTU1RTkyQjY5MEFGQUI1MDEyRjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMsY2ayNU9ovBELc1QdCcpkeF7y/qpe8j2FoM5reaPZbZBAKqUev
K88MgwobzESomdNeF9eiqdRuHajDbmG5Mf4ac94hSauAWpc2odXjxf/4WP3T4lEp
/S7IDNNIFi76nUn0bfu55jQe4g/BbM8BDrMOdaoZoELfmoH8KS7JBBVbs7X2cLig
KCWmBx3FFiLuqeuWCKoXmcs+YavyGwGOqpEp3o+BSE8bth7ypLftHqvn/leO+vVc
a1F6zpmZK9BzcI3ymxZ1skxIW4aTa7WySamh8BqBldbS4nNZAoJ8AOGMm6Llo6yC
+ZdvGJ/qEin8lI1tV3Va23kyEys4uFV9TwECAwEAAaOCAiYwggIiMB0GA1UdDgQW
BBQPdWhh87whxFrwkVXpK2kK+rUBLzAfBgNVHSMEGDAWgBQkUFqGsA3NBbo2C8pm
rf9gK9laqDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGcGA1UdHwRgMF4wXKBa
oFiGVnJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMTYzOS9KRkJhaHJBTnpRVzZOZ3ZLWnEzX1lDdlpXcWcuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9KRkJhaHJBTnpRVzZOZ3ZLWnEzX1lD
dlpXcWcuY2VyMA4GA1UdDwEB/wQEAwIHgDCBvAYIKwYBBQUHAQsEga8wgawwYgYI
KwYBBQUHMAuGVnJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMTYzOS9EM1ZvWWZPOEljUmE4SkZWNlN0cEN2cTFBUzgucm9h
MEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAv
cnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA
ATAGAwQAyv8vMA0GCSqGSIb3DQEBCwUAA4IBAQBH/wNTGBRqU7Sh9HUaviYQY4op
Kx6bojwNSKt6WvnYnSsk5Dj4IfBQQnNfniW2Ua8I+5I79O7ceubPSGK4cLQpRvyv
cFKjB6pRoqvJvm79j4mst+SwJI+cW2L8ip1gFGqRioYwMhEZ39rREQQ8D2JBr6b1
GE6vypG6Nw27Uf/JHNXDFf1ZxJUsYqCcomUxwp/A6E/LdBT06JMI8BkZKF4bvQMj
QAzDGOPYbhWWvgn0UoAnynurLxaXbrE7nHw7BMhyWrY5l7DTk4tCQNxuR913s+Cf
pTgy8DoFtcU9LITWWBvnjqbjxpqRyQYzAu+xP1K0S4iM5xluYJBjC+4B+geV
-----END CERTIFICATE-----
Generated at Fri Jun 14 04:10:38 2024 by rpki-client on console-fra.rpki-client.org