Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/1937/40Max3jiOiX6QsJ6-O4KXtVOVNU.roa
File:                     40Max3jiOiX6QsJ6-O4KXtVOVNU.roa (raw, json)
Hash identifier:          KxrlBZI16YxtCzDC2bi53BNRihljKkQdzyDALZnJfZw=
Subject key identifier:   E3:43:1A:C7:78:E2:3A:25:FA:42:C2:7A:F8:EE:0A:5E:D5:4E:54:D5
Certificate issuer:       /CN=7191CB9F4C422D3B3D675371B18A8DADDAE8798D
Certificate serial:       0F
Authority key identifier: 71:91:CB:9F:4C:42:2D:3B:3D:67:53:71:B1:8A:8D:AD:DA:E8:79:8D
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/cZHLn0xCLTs9Z1NxsYqNrdroeY0.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1937/40Max3jiOiX6QsJ6-O4KXtVOVNU.roa
Signing time:             Mon 01 Apr 2024 23:57:07 +0000
ROA not before:           Mon 01 Apr 2024 23:57:07 +0000
ROA not after:            Sat 15 Mar 2025 01:30:02 +0000
asID:                     18071
IP address blocks:        157.8.0.0/16 maxlen: 16

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1937/cZHLn0xCLTs9Z1NxsYqNrdroeY0.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1937/cZHLn0xCLTs9Z1NxsYqNrdroeY0.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/cZHLn0xCLTs9Z1NxsYqNrdroeY0.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b2g-rjmhc4rmyT_fBB8RSOZTTfI.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:52:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15 (0xf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7191CB9F4C422D3B3D675371B18A8DADDAE8798D
        Validity
            Not Before: Apr  1 23:57:07 2024 GMT
            Not After : Mar 15 01:30:02 2025 GMT
        Subject: CN=E3431AC778E23A25FA42C27AF8EE0A5ED54E54D5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:ef:37:00:c3:22:81:c2:5b:20:30:1b:4b:b9:
                    bb:d3:50:ed:70:1b:12:07:e4:4c:07:d3:c2:2b:ae:
                    62:23:de:f2:37:cd:2e:e9:10:3e:f2:da:69:a2:e4:
                    c0:19:bd:bc:b6:d8:01:27:28:6a:17:4f:f1:8c:3f:
                    81:36:f5:e5:9a:a8:ce:a7:f6:2f:24:4a:fa:c9:e0:
                    e0:b2:69:7c:4d:f2:27:93:5e:06:56:09:8e:e2:55:
                    b7:56:2f:58:29:65:12:99:87:00:0e:61:1d:b4:7c:
                    d8:f3:5d:3e:9d:6c:5f:3f:97:4a:b7:32:23:cc:c4:
                    ba:31:0c:2b:2a:95:89:5b:09:2e:da:1e:22:bd:b9:
                    0e:db:a1:ce:9b:82:85:40:e4:70:16:97:ed:72:1e:
                    1d:17:72:3e:a2:ec:9d:08:d3:92:ea:e6:3b:c4:8b:
                    f2:dd:41:22:bc:e5:c1:57:21:ca:3a:fa:9d:89:c8:
                    26:4e:ee:96:d3:52:43:7f:4a:f9:2c:d4:ba:70:0c:
                    9f:31:37:99:e2:25:08:f0:b8:34:60:60:78:2c:e5:
                    f6:d4:d3:6d:6c:ab:a2:e6:30:8b:15:ce:e1:cc:91:
                    2a:8b:72:90:8c:ab:13:10:90:b5:51:52:e9:2c:f5:
                    f0:80:0a:ed:00:c0:e0:07:a9:5f:33:ab:1a:17:c9:
                    92:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:43:1A:C7:78:E2:3A:25:FA:42:C2:7A:F8:EE:0A:5E:D5:4E:54:D5
            X509v3 Authority Key Identifier:
                keyid:71:91:CB:9F:4C:42:2D:3B:3D:67:53:71:B1:8A:8D:AD:DA:E8:79:8D

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1937/cZHLn0xCLTs9Z1NxsYqNrdroeY0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/cZHLn0xCLTs9Z1NxsYqNrdroeY0.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1937/40Max3jiOiX6QsJ6-O4KXtVOVNU.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.8.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         28:b5:da:66:68:43:dd:a6:b8:77:7f:d7:32:6e:a3:74:51:f2:
         00:af:4f:a1:68:a6:a5:ff:f1:df:00:fc:6a:f5:c5:8a:d6:bb:
         3e:e0:55:cf:24:02:63:de:80:3b:00:35:6f:44:db:43:63:a6:
         22:64:e2:d8:5d:82:ea:61:ba:bf:e3:b9:cf:2d:f6:f5:f0:bb:
         dd:10:ae:c2:9d:b8:18:e2:09:bc:e2:dc:1a:14:d5:5d:af:65:
         7d:11:b5:32:73:d6:78:6e:8c:7e:d4:a5:da:60:97:66:87:03:
         4c:09:95:5c:dd:59:aa:64:ff:7c:90:16:f7:55:b6:88:8f:4a:
         33:b7:0d:03:21:67:61:60:ab:91:10:94:2c:5c:98:08:67:62:
         d8:6a:1d:68:f6:7e:7f:b3:21:5c:4e:42:ce:00:8b:83:71:02:
         ac:e0:52:c3:1d:79:59:a0:37:89:7d:3b:79:0b:ff:ea:91:38:
         28:53:0a:c9:29:19:ab:bb:a3:0b:c3:97:85:07:8a:f1:43:9d:
         43:64:e4:7f:f5:a2:a2:1f:50:13:61:84:b6:e1:9d:d2:f3:cd:
         86:ab:8d:0d:a8:9b:3f:0f:5f:ce:b5:b0:a3:d4:5b:3f:e6:bf:
         da:3e:03:d9:cc:18:a7:48:68:5e:e0:e7:23:27:a2:d7:b7:e1:
         05:81:e5:d6
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgIBDzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MTkx
Q0I5RjRDNDIyRDNCM0Q2NzUzNzFCMThBOERBRERBRTg3OThEMB4XDTI0MDQwMTIz
NTcwN1oXDTI1MDMxNTAxMzAwMlowMzExMC8GA1UEAxMoRTM0MzFBQzc3OEUyM0Ey
NUZBNDJDMjdBRjhFRTBBNUVENTRFNTRENTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAK3vNwDDIoHCWyAwG0u5u9NQ7XAbEgfkTAfTwiuuYiPe8jfNLukQ
PvLaaaLkwBm9vLbYAScoahdP8Yw/gTb15Zqozqf2LyRK+sng4LJpfE3yJ5NeBlYJ
juJVt1YvWCllEpmHAA5hHbR82PNdPp1sXz+XSrcyI8zEujEMKyqViVsJLtoeIr25
DtuhzpuChUDkcBaX7XIeHRdyPqLsnQjTkurmO8SL8t1BIrzlwVchyjr6nYnIJk7u
ltNSQ39K+SzUunAMnzE3meIlCPC4NGBgeCzl9tTTbWyrouYwixXO4cyRKotykIyr
ExCQtVFS6Sz18IAK7QDA4AepXzOrGhfJkuUCAwEAAaOCAiUwggIhMB0GA1UdDgQW
BBTjQxrHeOI6JfpCwnr47gpe1U5U1TAfBgNVHSMEGDAWgBRxkcufTEItOz1nU3Gx
io2t2uh5jTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGcGA1UdHwRgMF4wXKBa
oFiGVnJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMTkzNy9jWkhMbjB4Q0xUczlaMU54c1lxTnJkcm9lWTAuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9jWkhMbjB4Q0xUczlaMU54c1lxTnJk
cm9lWTAuY2VyMA4GA1UdDwEB/wQEAwIHgDCBvAYIKwYBBQUHAQsEga8wgawwYgYI
KwYBBQUHMAuGVnJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMTkzNy80ME1heDNqaU9pWDZRc0o2LU80S1h0Vk9WTlUucm9h
MEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAv
cnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIA
ATAFAwMAnQgwDQYJKoZIhvcNAQELBQADggEBACi12mZoQ92muHd/1zJuo3RR8gCv
T6FopqX/8d8A/Gr1xYrWuz7gVc8kAmPegDsANW9E20NjpiJk4thdguphur/juc8t
9vXwu90QrsKduBjiCbzi3BoU1V2vZX0RtTJz1nhujH7Updpgl2aHA0wJlVzdWapk
/3yQFvdVtoiPSjO3DQMhZ2Fgq5EQlCxcmAhnYthqHWj2fn+zIVxOQs4Ai4NxAqzg
UsMdeVmgN4l9O3kL/+qROChTCskpGau7owvDl4UHivFDnUNk5H/1oqIfUBNhhLbh
ndLzzYarjQ2omz8PX861sKPUWz/mv9o+A9nMGKdIaF7g5yMnote34QWB5dY=
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:31:43 2024 by rpki-client on console-ams.rpki-client.org