Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/1937/Cth57aJ-ao3eqpexY84iiTflo5k.roa
File:                     Cth57aJ-ao3eqpexY84iiTflo5k.roa (raw, json)
Hash identifier:          KxriiSthGfn9Ab5HSccAL4Nyrne6mTDHIOzLRnQ5EJE=
Subject key identifier:   0A:D8:79:ED:A2:7E:6A:8D:DE:AA:97:B1:63:CE:22:89:37:E5:A3:99
Certificate issuer:       /CN=7191CB9F4C422D3B3D675371B18A8DADDAE8798D
Certificate serial:       1A
Authority key identifier: 71:91:CB:9F:4C:42:2D:3B:3D:67:53:71:B1:8A:8D:AD:DA:E8:79:8D
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/cZHLn0xCLTs9Z1NxsYqNrdroeY0.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1937/Cth57aJ-ao3eqpexY84iiTflo5k.roa
Signing time:             Tue 02 Apr 2024 00:05:12 +0000
ROA not before:           Tue 02 Apr 2024 00:05:12 +0000
ROA not after:            Sat 15 Mar 2025 01:30:02 +0000
asID:                     2497
IP address blocks:        157.8.60.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1937/cZHLn0xCLTs9Z1NxsYqNrdroeY0.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1937/cZHLn0xCLTs9Z1NxsYqNrdroeY0.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/cZHLn0xCLTs9Z1NxsYqNrdroeY0.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b2g-rjmhc4rmyT_fBB8RSOZTTfI.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:52:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 26 (0x1a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7191CB9F4C422D3B3D675371B18A8DADDAE8798D
        Validity
            Not Before: Apr  2 00:05:12 2024 GMT
            Not After : Mar 15 01:30:02 2025 GMT
        Subject: CN=0AD879EDA27E6A8DDEAA97B163CE228937E5A399
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:03:44:c4:1e:23:7f:da:9c:ba:49:e6:90:41:
                    70:94:29:1f:a1:4b:18:68:b2:7b:a0:77:66:64:44:
                    d1:75:71:90:0c:68:3e:ac:5b:40:bd:bc:29:d3:7b:
                    7f:7a:85:3c:d8:86:02:ab:e6:5b:48:9a:b7:b0:f3:
                    e3:02:d0:09:34:5b:60:15:17:a4:82:f4:0c:fd:26:
                    46:70:0c:76:0a:da:40:e1:f2:d4:42:9f:92:6b:fe:
                    72:a0:85:94:09:3d:d7:90:5b:aa:05:5e:ce:05:4a:
                    3a:c2:1e:6e:0b:a7:46:f5:ba:fd:24:6f:6d:a0:54:
                    e5:31:42:12:f9:4d:77:16:61:4d:7a:38:4a:22:1c:
                    c1:dc:c5:f8:25:92:87:ce:70:a7:c9:e0:97:33:54:
                    55:00:35:69:1a:ea:aa:08:7f:dc:4c:e2:0c:80:de:
                    af:6b:3d:f3:61:7d:e2:ad:13:0b:1d:d2:11:5b:c9:
                    65:bc:3b:c2:64:3a:5d:73:76:34:90:b3:a0:4f:19:
                    e7:b5:65:e4:02:55:e5:0e:d1:06:2e:8b:b0:90:a4:
                    c0:c1:dd:05:cb:36:97:da:21:3e:32:69:4f:c5:fc:
                    d6:c8:c5:d0:69:87:57:56:25:f9:8d:3a:2f:eb:fb:
                    30:a5:10:c4:6c:28:0f:8e:4d:f9:91:dd:2c:13:d4:
                    86:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:D8:79:ED:A2:7E:6A:8D:DE:AA:97:B1:63:CE:22:89:37:E5:A3:99
            X509v3 Authority Key Identifier:
                keyid:71:91:CB:9F:4C:42:2D:3B:3D:67:53:71:B1:8A:8D:AD:DA:E8:79:8D

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1937/cZHLn0xCLTs9Z1NxsYqNrdroeY0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/cZHLn0xCLTs9Z1NxsYqNrdroeY0.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1937/Cth57aJ-ao3eqpexY84iiTflo5k.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.8.60.0/23

    Signature Algorithm: sha256WithRSAEncryption
         85:07:5a:1f:80:6a:fd:b4:4a:24:2f:b5:07:e6:59:72:0a:99:
         aa:66:74:8e:3e:7a:41:bd:a6:46:e5:86:68:c1:13:df:98:bd:
         29:69:b5:80:34:9f:60:ef:97:48:cf:af:c1:cc:61:9b:d0:05:
         05:16:d1:c5:8d:75:33:c0:c9:23:82:d9:9d:93:17:4a:8f:8b:
         86:d4:7e:23:fa:bf:2b:46:28:2c:10:75:7a:6f:ca:c5:40:27:
         49:bf:25:92:aa:d9:ff:6b:dc:4e:ab:f6:4b:53:4e:f3:e8:fe:
         f9:92:8a:7f:cf:f0:8d:db:dc:25:3e:b6:ca:e8:68:94:86:29:
         6f:a1:8c:aa:cc:3d:8d:b1:27:35:bc:25:ef:8a:65:3b:ee:11:
         bd:d8:71:f4:ae:de:c5:0a:4f:0b:6f:43:b8:a2:c0:63:f8:4a:
         e9:ec:a7:34:58:cc:5a:fa:04:bf:c5:db:c6:c6:d7:3b:00:09:
         5d:91:7b:a7:9f:d3:48:de:76:84:f9:1d:df:6a:c3:e6:67:3a:
         fb:77:1b:09:3b:90:5f:10:3a:e4:28:50:70:ff:1f:89:a9:3b:
         3d:65:d7:13:5b:39:0e:25:a8:d1:63:2e:52:2d:40:1d:6a:09:
         83:64:82:7d:bf:2d:e6:67:61:1d:6d:ff:8e:0f:80:c9:6b:7e:
         88:b1:1c:d2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIBGjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MTkx
Q0I5RjRDNDIyRDNCM0Q2NzUzNzFCMThBOERBRERBRTg3OThEMB4XDTI0MDQwMjAw
MDUxMloXDTI1MDMxNTAxMzAwMlowMzExMC8GA1UEAxMoMEFEODc5RURBMjdFNkE4
RERFQUE5N0IxNjNDRTIyODkzN0U1QTM5OTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKADRMQeI3/anLpJ5pBBcJQpH6FLGGiye6B3ZmRE0XVxkAxoPqxb
QL28KdN7f3qFPNiGAqvmW0iat7Dz4wLQCTRbYBUXpIL0DP0mRnAMdgraQOHy1EKf
kmv+cqCFlAk915BbqgVezgVKOsIebgunRvW6/SRvbaBU5TFCEvlNdxZhTXo4SiIc
wdzF+CWSh85wp8nglzNUVQA1aRrqqgh/3EziDIDer2s982F94q0TCx3SEVvJZbw7
wmQ6XXN2NJCzoE8Z57Vl5AJV5Q7RBi6LsJCkwMHdBcs2l9ohPjJpT8X81sjF0GmH
V1Yl+Y06L+v7MKUQxGwoD45N+ZHdLBPUhlECAwEAAaOCAiYwggIiMB0GA1UdDgQW
BBQK2Hnton5qjd6ql7FjziKJN+WjmTAfBgNVHSMEGDAWgBRxkcufTEItOz1nU3Gx
io2t2uh5jTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGcGA1UdHwRgMF4wXKBa
oFiGVnJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMTkzNy9jWkhMbjB4Q0xUczlaMU54c1lxTnJkcm9lWTAuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9jWkhMbjB4Q0xUczlaMU54c1lxTnJk
cm9lWTAuY2VyMA4GA1UdDwEB/wQEAwIHgDCBvAYIKwYBBQUHAQsEga8wgawwYgYI
KwYBBQUHMAuGVnJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMTkzNy9DdGg1N2FKLWFvM2VxcGV4WTg0aWlUZmxvNWsucm9h
MEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAv
cnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA
ATAGAwQBnQg8MA0GCSqGSIb3DQEBCwUAA4IBAQCFB1ofgGr9tEokL7UH5llyCpmq
ZnSOPnpBvaZG5YZowRPfmL0pabWANJ9g75dIz6/BzGGb0AUFFtHFjXUzwMkjgtmd
kxdKj4uG1H4j+r8rRigsEHV6b8rFQCdJvyWSqtn/a9xOq/ZLU07z6P75kop/z/CN
29wlPrbK6GiUhilvoYyqzD2NsSc1vCXvimU77hG92HH0rt7FCk8Lb0O4osBj+Erp
7Kc0WMxa+gS/xdvGxtc7AAldkXunn9NI3naE+R3fasPmZzr7dxsJO5BfEDrkKFBw
/x+JqTs9ZdcTWzkOJajRYy5SLUAdagmDZIJ9vy3mZ2Edbf+OD4DJa36IsRzS
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:31:43 2024 by rpki-client on console-ams.rpki-client.org