Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/1937/3BUh1mO7d57A-Qe9WNkd_i1nDHM.roa
File:                     3BUh1mO7d57A-Qe9WNkd_i1nDHM.roa (raw, json)
Hash identifier:          kSjSrsONCOpA+MfCtHtVEIp0l0aDQSZR/MTFUMV3BPw=
Subject key identifier:   DC:15:21:D6:63:BB:77:9E:C0:F9:07:BD:58:D9:1D:FE:2D:67:0C:73
Certificate issuer:       /CN=7191CB9F4C422D3B3D675371B18A8DADDAE8798D
Certificate serial:       10
Authority key identifier: 71:91:CB:9F:4C:42:2D:3B:3D:67:53:71:B1:8A:8D:AD:DA:E8:79:8D
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/cZHLn0xCLTs9Z1NxsYqNrdroeY0.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1937/3BUh1mO7d57A-Qe9WNkd_i1nDHM.roa
Signing time:             Tue 02 Apr 2024 00:01:13 +0000
ROA not before:           Tue 02 Apr 2024 00:01:13 +0000
ROA not after:            Sat 15 Mar 2025 01:30:02 +0000
asID:                     2497
IP address blocks:        157.8.0.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1937/cZHLn0xCLTs9Z1NxsYqNrdroeY0.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1937/cZHLn0xCLTs9Z1NxsYqNrdroeY0.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/cZHLn0xCLTs9Z1NxsYqNrdroeY0.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b2g-rjmhc4rmyT_fBB8RSOZTTfI.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:52:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 16 (0x10)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7191CB9F4C422D3B3D675371B18A8DADDAE8798D
        Validity
            Not Before: Apr  2 00:01:13 2024 GMT
            Not After : Mar 15 01:30:02 2025 GMT
        Subject: CN=DC1521D663BB779EC0F907BD58D91DFE2D670C73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:11:70:0e:96:f7:f3:b7:8d:ea:96:c7:6c:74:
                    60:07:f0:c7:0e:b2:e9:b9:f0:c4:0a:9a:10:a8:4d:
                    cc:c8:43:18:3c:df:7f:a6:8e:28:b1:d7:46:bb:3d:
                    c3:d7:21:88:33:7f:6e:a2:ab:d5:f6:f6:0f:e8:9b:
                    c7:53:e4:20:f8:3b:ca:2d:2e:ee:50:ef:96:1d:7c:
                    64:2b:ab:97:d2:1f:fb:93:18:0a:34:fa:39:28:5b:
                    b0:ae:a3:d5:60:f6:de:2d:8e:cb:6e:9c:a0:aa:67:
                    96:f7:8d:98:c9:03:6e:dd:70:62:17:ac:dc:60:b5:
                    f3:8c:0c:8b:58:5a:9b:2d:1d:39:fe:25:c3:67:03:
                    54:bf:7d:81:28:4f:36:95:3a:be:44:23:91:f5:70:
                    07:93:d3:cb:ef:7b:79:09:81:d7:09:9b:30:60:86:
                    55:e2:60:a7:f3:10:aa:2e:94:fd:fb:5d:aa:8d:46:
                    4e:1f:26:59:98:bd:55:7b:3d:06:c2:a3:82:f9:de:
                    e3:4a:b8:75:c4:03:8b:9b:ad:38:1b:5f:63:7d:d5:
                    70:a1:07:4c:55:1c:7d:33:c2:d1:2c:e9:b4:d5:66:
                    b0:f9:ff:1a:d4:38:73:6f:9b:1c:a9:a5:8c:40:c9:
                    30:81:0b:fc:3a:cf:f6:06:b8:75:4f:58:27:1b:e6:
                    0b:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:15:21:D6:63:BB:77:9E:C0:F9:07:BD:58:D9:1D:FE:2D:67:0C:73
            X509v3 Authority Key Identifier:
                keyid:71:91:CB:9F:4C:42:2D:3B:3D:67:53:71:B1:8A:8D:AD:DA:E8:79:8D

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1937/cZHLn0xCLTs9Z1NxsYqNrdroeY0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/cZHLn0xCLTs9Z1NxsYqNrdroeY0.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1937/3BUh1mO7d57A-Qe9WNkd_i1nDHM.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.8.0.0/23

    Signature Algorithm: sha256WithRSAEncryption
         56:df:55:be:20:90:fc:27:b3:80:3a:a3:c1:0e:7d:34:46:89:
         8d:1b:4c:79:5a:18:4c:7d:5f:b4:20:be:5e:bc:14:fe:ad:9d:
         32:da:b3:4c:47:c9:29:8c:8c:94:e2:43:c1:71:57:f7:b0:7b:
         29:de:84:40:c0:8a:2f:ec:5b:04:f6:9a:c6:00:8e:79:11:b3:
         b4:f7:ba:dd:b5:d0:bf:fe:49:75:9e:25:9b:5d:c9:20:ca:86:
         60:5c:54:33:83:a8:a4:86:35:14:a3:28:32:3c:cb:c8:f3:78:
         d9:91:b0:72:f7:08:28:ae:ab:04:ff:d0:66:ed:d0:f9:c7:2b:
         19:06:1c:86:02:9d:dc:a7:e1:10:ac:e0:d9:27:9d:22:24:36:
         6b:cc:09:ab:56:75:c8:05:c5:02:c4:00:99:dd:00:3d:1b:71:
         35:d8:09:95:88:d1:67:82:3a:b4:97:26:ee:60:48:e5:2c:fb:
         15:38:7c:8c:f3:5d:e6:25:2e:7c:b3:90:bf:65:78:6d:1c:53:
         c0:08:94:c4:f7:cc:34:b3:b7:4f:bb:18:d5:47:dd:ad:cb:78:
         a1:f9:1e:ef:52:6c:bb:df:81:c2:13:1a:89:0f:7f:e7:4d:3d:
         00:9f:42:31:38:4a:8c:1d:b6:4f:9d:f3:bf:6b:9e:52:98:d9:
         00:74:06:d9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIBEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MTkx
Q0I5RjRDNDIyRDNCM0Q2NzUzNzFCMThBOERBRERBRTg3OThEMB4XDTI0MDQwMjAw
MDExM1oXDTI1MDMxNTAxMzAwMlowMzExMC8GA1UEAxMoREMxNTIxRDY2M0JCNzc5
RUMwRjkwN0JENThEOTFERkUyRDY3MEM3MzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKwRcA6W9/O3jeqWx2x0YAfwxw6y6bnwxAqaEKhNzMhDGDzff6aO
KLHXRrs9w9chiDN/bqKr1fb2D+ibx1PkIPg7yi0u7lDvlh18ZCurl9If+5MYCjT6
OShbsK6j1WD23i2Oy26coKpnlveNmMkDbt1wYhes3GC184wMi1hamy0dOf4lw2cD
VL99gShPNpU6vkQjkfVwB5PTy+97eQmB1wmbMGCGVeJgp/MQqi6U/ftdqo1GTh8m
WZi9VXs9BsKjgvne40q4dcQDi5utOBtfY33VcKEHTFUcfTPC0SzptNVmsPn/GtQ4
c2+bHKmljEDJMIEL/DrP9ga4dU9YJxvmC+ECAwEAAaOCAiYwggIiMB0GA1UdDgQW
BBTcFSHWY7t3nsD5B71Y2R3+LWcMczAfBgNVHSMEGDAWgBRxkcufTEItOz1nU3Gx
io2t2uh5jTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGcGA1UdHwRgMF4wXKBa
oFiGVnJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMTkzNy9jWkhMbjB4Q0xUczlaMU54c1lxTnJkcm9lWTAuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9jWkhMbjB4Q0xUczlaMU54c1lxTnJk
cm9lWTAuY2VyMA4GA1UdDwEB/wQEAwIHgDCBvAYIKwYBBQUHAQsEga8wgawwYgYI
KwYBBQUHMAuGVnJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMTkzNy8zQlVoMW1PN2Q1N0EtUWU5V05rZF9pMW5ESE0ucm9h
MEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAv
cnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA
ATAGAwQBnQgAMA0GCSqGSIb3DQEBCwUAA4IBAQBW31W+IJD8J7OAOqPBDn00RomN
G0x5WhhMfV+0IL5evBT+rZ0y2rNMR8kpjIyU4kPBcVf3sHsp3oRAwIov7FsE9prG
AI55EbO097rdtdC//kl1niWbXckgyoZgXFQzg6ikhjUUoygyPMvI83jZkbBy9wgo
rqsE/9Bm7dD5xysZBhyGAp3cp+EQrODZJ50iJDZrzAmrVnXIBcUCxACZ3QA9G3E1
2AmViNFngjq0lybuYEjlLPsVOHyM813mJS58s5C/ZXhtHFPACJTE98w0s7dPuxjV
R92ty3ih+R7vUmy734HCExqJD3/nTT0An0IxOEqMHbZPnfO/a55SmNkAdAbZ
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:57:17 2024 by rpki-client on console-fra.rpki-client.org