Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/1937/5p36mJ9S-oq0nKGGrWOMjimP6K4.roa
File:                     5p36mJ9S-oq0nKGGrWOMjimP6K4.roa (raw, json)
Hash identifier:          jkf6HWaO5vM1xKjd+4FP6OieQGVPXNMPlWuG03VBP0k=
Subject key identifier:   E6:9D:FA:98:9F:52:FA:8A:B4:9C:A1:86:AD:63:8C:8E:29:8F:E8:AE
Certificate issuer:       /CN=7191CB9F4C422D3B3D675371B18A8DADDAE8798D
Certificate serial:       1D
Authority key identifier: 71:91:CB:9F:4C:42:2D:3B:3D:67:53:71:B1:8A:8D:AD:DA:E8:79:8D
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/cZHLn0xCLTs9Z1NxsYqNrdroeY0.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1937/5p36mJ9S-oq0nKGGrWOMjimP6K4.roa
Signing time:             Tue 02 Apr 2024 00:08:59 +0000
ROA not before:           Tue 02 Apr 2024 00:08:59 +0000
ROA not after:            Sat 15 Mar 2025 01:30:02 +0000
asID:                     2497
IP address blocks:        157.8.72.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1937/cZHLn0xCLTs9Z1NxsYqNrdroeY0.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1937/cZHLn0xCLTs9Z1NxsYqNrdroeY0.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/cZHLn0xCLTs9Z1NxsYqNrdroeY0.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b2g-rjmhc4rmyT_fBB8RSOZTTfI.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:52:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 29 (0x1d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7191CB9F4C422D3B3D675371B18A8DADDAE8798D
        Validity
            Not Before: Apr  2 00:08:59 2024 GMT
            Not After : Mar 15 01:30:02 2025 GMT
        Subject: CN=E69DFA989F52FA8AB49CA186AD638C8E298FE8AE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:98:64:3c:67:5d:e0:c5:67:aa:0e:01:76:02:
                    ce:54:94:2a:9b:f8:4e:46:3d:db:2b:14:a5:42:3b:
                    b4:b1:f8:80:0e:eb:29:5c:e4:39:a1:0a:7e:f8:c4:
                    84:56:16:be:51:b4:89:0e:a8:c4:4e:4a:a1:44:e5:
                    16:2f:13:8d:19:27:ac:95:75:21:13:b0:55:73:53:
                    36:22:bd:c8:06:b6:a5:0e:b7:18:3e:0f:73:55:7a:
                    c8:2c:cf:77:a5:96:d3:81:5b:d8:79:11:81:03:e4:
                    c9:8f:50:31:59:e1:8a:fa:0b:9b:62:b2:1d:bf:be:
                    1e:5a:66:02:36:c2:86:9d:af:12:b7:ff:a3:64:ad:
                    ee:b6:0a:23:4f:e3:7a:53:d6:40:a0:94:65:8c:76:
                    aa:19:9a:33:74:8c:7e:25:71:5a:e3:66:8d:27:67:
                    03:93:18:d8:4f:50:ad:f2:24:6b:1d:b3:a3:08:5b:
                    9a:ea:f8:18:57:c9:4d:4a:8c:1f:de:1d:39:89:dd:
                    52:ec:43:16:27:52:dc:46:b0:7e:22:93:c4:75:46:
                    a6:0d:3a:86:30:b3:b3:1d:cc:f2:4e:78:1c:bd:83:
                    b3:91:92:27:7f:72:ed:95:da:1a:77:55:9b:b2:f6:
                    19:3f:0d:13:a0:6e:e9:d4:12:c8:ad:e8:c9:ae:7c:
                    a2:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:9D:FA:98:9F:52:FA:8A:B4:9C:A1:86:AD:63:8C:8E:29:8F:E8:AE
            X509v3 Authority Key Identifier:
                keyid:71:91:CB:9F:4C:42:2D:3B:3D:67:53:71:B1:8A:8D:AD:DA:E8:79:8D

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1937/cZHLn0xCLTs9Z1NxsYqNrdroeY0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/cZHLn0xCLTs9Z1NxsYqNrdroeY0.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1937/5p36mJ9S-oq0nKGGrWOMjimP6K4.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.8.72.0/21

    Signature Algorithm: sha256WithRSAEncryption
         16:4b:56:71:9f:2e:64:f9:7d:8b:dd:43:af:ca:52:d2:c1:0d:
         3b:92:47:c6:3a:b1:21:f6:19:8a:84:26:5e:ba:b4:b3:41:93:
         88:e8:42:37:42:98:c0:9a:82:90:ad:5d:31:10:11:5d:dd:9f:
         b1:45:aa:e6:2c:a6:88:34:c4:f9:41:d6:01:c8:bb:3a:de:04:
         3a:84:0a:00:9e:4f:0b:22:fe:22:0c:43:cb:13:88:a8:b7:ad:
         a3:0c:12:f3:f9:e3:7c:d8:38:6a:76:6e:6c:6a:f8:70:0f:db:
         af:95:a0:07:7f:86:86:15:17:55:85:5d:cd:c5:9b:b2:78:96:
         69:f6:d1:41:c5:e5:fd:88:80:cd:a4:56:37:ce:1f:cc:1e:fa:
         35:2d:da:a6:6e:54:8e:7a:e6:a9:b0:b5:82:99:d3:8a:66:0a:
         d8:d1:4d:06:62:23:90:93:26:95:e4:7c:cb:48:0e:68:0d:ab:
         1f:14:d4:fe:cb:05:d8:40:22:a2:78:77:b3:b4:c7:f2:1c:19:
         73:ff:ef:7d:2b:c0:5b:f9:4c:66:c8:76:af:0b:59:40:2b:7e:
         e9:8c:e6:44:04:90:25:f1:f1:2f:b2:73:80:0f:fc:fb:de:47:
         5b:1c:af:3f:99:fb:e7:0a:5d:92:e3:d9:26:b4:4d:e4:c2:5f:
         1f:00:67:d2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIBHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MTkx
Q0I5RjRDNDIyRDNCM0Q2NzUzNzFCMThBOERBRERBRTg3OThEMB4XDTI0MDQwMjAw
MDg1OVoXDTI1MDMxNTAxMzAwMlowMzExMC8GA1UEAxMoRTY5REZBOTg5RjUyRkE4
QUI0OUNBMTg2QUQ2MzhDOEUyOThGRThBRTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAOyYZDxnXeDFZ6oOAXYCzlSUKpv4TkY92ysUpUI7tLH4gA7rKVzk
OaEKfvjEhFYWvlG0iQ6oxE5KoUTlFi8TjRknrJV1IROwVXNTNiK9yAa2pQ63GD4P
c1V6yCzPd6WW04Fb2HkRgQPkyY9QMVnhivoLm2KyHb++HlpmAjbChp2vErf/o2St
7rYKI0/jelPWQKCUZYx2qhmaM3SMfiVxWuNmjSdnA5MY2E9QrfIkax2zowhbmur4
GFfJTUqMH94dOYndUuxDFidS3EawfiKTxHVGpg06hjCzsx3M8k54HL2Ds5GSJ39y
7ZXaGndVm7L2GT8NE6Bu6dQSyK3oya58ohECAwEAAaOCAiYwggIiMB0GA1UdDgQW
BBTmnfqYn1L6irScoYatY4yOKY/orjAfBgNVHSMEGDAWgBRxkcufTEItOz1nU3Gx
io2t2uh5jTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGcGA1UdHwRgMF4wXKBa
oFiGVnJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMTkzNy9jWkhMbjB4Q0xUczlaMU54c1lxTnJkcm9lWTAuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9jWkhMbjB4Q0xUczlaMU54c1lxTnJk
cm9lWTAuY2VyMA4GA1UdDwEB/wQEAwIHgDCBvAYIKwYBBQUHAQsEga8wgawwYgYI
KwYBBQUHMAuGVnJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMTkzNy81cDM2bUo5Uy1vcTBuS0dHcldPTWppbVA2SzQucm9h
MEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAv
cnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA
ATAGAwQDnQhIMA0GCSqGSIb3DQEBCwUAA4IBAQAWS1Zxny5k+X2L3UOvylLSwQ07
kkfGOrEh9hmKhCZeurSzQZOI6EI3QpjAmoKQrV0xEBFd3Z+xRarmLKaINMT5QdYB
yLs63gQ6hAoAnk8LIv4iDEPLE4iot62jDBLz+eN82Dhqdm5savhwD9uvlaAHf4aG
FRdVhV3NxZuyeJZp9tFBxeX9iIDNpFY3zh/MHvo1LdqmblSOeuapsLWCmdOKZgrY
0U0GYiOQkyaV5HzLSA5oDasfFNT+ywXYQCKieHeztMfyHBlz/+99K8Bb+UxmyHav
C1lAK37pjOZEBJAl8fEvsnOAD/z73kdbHK8/mfvnCl2S49kmtE3kwl8fAGfS
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:31:43 2024 by rpki-client on console-ams.rpki-client.org