Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/221/X71WQIXgMNmpA0P18uM_YTyUcjw.roa
File:                     X71WQIXgMNmpA0P18uM_YTyUcjw.roa (raw, json)
Hash identifier:          lA98E9nvfWxKHEJmlnH1r4hoz/84/XUiaEo/UCHcrR4=
Subject key identifier:   5F:BD:56:40:85:E0:30:D9:A9:03:43:F5:F2:E3:3F:61:3C:94:72:3C
Certificate issuer:       /CN=1BCFB4FAB945CDD148473ECB75B11E3AD169E71D
Certificate serial:       07
Authority key identifier: 1B:CF:B4:FA:B9:45:CD:D1:48:47:3E:CB:75:B1:1E:3A:D1:69:E7:1D
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/G8-0-rlFzdFIRz7LdbEeOtFp5x0.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/221/X71WQIXgMNmpA0P18uM_YTyUcjw.roa
Signing time:             Wed 27 Nov 2024 04:56:30 +0000
ROA not before:           Wed 27 Nov 2024 04:56:30 +0000
ROA not after:            Sat 15 Nov 2025 01:30:03 +0000
asID:                     7677
IP address blocks:        157.101.254.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/221/G8-0-rlFzdFIRz7LdbEeOtFp5x0.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/221/G8-0-rlFzdFIRz7LdbEeOtFp5x0.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/G8-0-rlFzdFIRz7LdbEeOtFp5x0.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b2g-rjmhc4rmyT_fBB8RSOZTTfI.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 21 Feb 2025 05:15:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7 (0x7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1BCFB4FAB945CDD148473ECB75B11E3AD169E71D
        Validity
            Not Before: Nov 27 04:56:30 2024 GMT
            Not After : Nov 15 01:30:03 2025 GMT
        Subject: CN=5FBD564085E030D9A90343F5F2E33F613C94723C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:59:49:4e:8d:be:c2:a2:d6:f1:6b:be:df:3b:
                    72:ca:87:f8:58:58:48:2c:d2:f6:f8:10:b0:ab:91:
                    b8:55:28:68:40:8a:95:6a:fa:1e:a1:9b:74:e5:c6:
                    fd:69:27:47:3e:9a:8c:75:ff:b9:9b:2c:8e:9f:c4:
                    8e:05:c9:21:77:60:18:7c:01:f2:ba:99:94:da:8e:
                    b3:a5:78:5b:fd:9a:8c:5c:8e:3f:5d:94:98:d3:14:
                    f7:07:98:ea:0d:4a:a4:cd:3c:b8:fc:42:b9:a8:b8:
                    db:a7:ae:fd:58:7e:a8:6f:3b:f2:a8:90:52:9f:1a:
                    38:61:ea:a8:8c:d7:aa:d6:d0:a3:3c:39:5c:cb:29:
                    ea:91:b2:b5:8e:b9:02:31:c5:0f:e4:8f:33:89:94:
                    d6:88:f4:8f:47:40:92:2d:e0:c7:9d:40:dd:a2:5f:
                    eb:f0:9e:c4:20:88:b6:38:cb:9c:77:69:85:be:f2:
                    e0:11:65:e3:4c:4f:d9:ac:33:25:f4:b1:58:d2:de:
                    1c:bb:ba:8c:68:90:0c:84:6b:08:69:a5:ec:6e:1b:
                    9c:7e:1d:5e:e3:19:66:fc:81:e1:d1:f7:66:d3:ac:
                    17:39:2f:ef:06:e6:7f:d4:e7:78:fc:7b:4b:f9:bd:
                    cd:93:6f:d5:2b:a6:86:0e:7f:53:b1:2e:7d:68:d3:
                    92:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:BD:56:40:85:E0:30:D9:A9:03:43:F5:F2:E3:3F:61:3C:94:72:3C
            X509v3 Authority Key Identifier:
                keyid:1B:CF:B4:FA:B9:45:CD:D1:48:47:3E:CB:75:B1:1E:3A:D1:69:E7:1D

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/221/G8-0-rlFzdFIRz7LdbEeOtFp5x0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/G8-0-rlFzdFIRz7LdbEeOtFp5x0.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/221/X71WQIXgMNmpA0P18uM_YTyUcjw.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.101.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:70:e1:7b:c5:0b:f6:30:9c:6e:dc:e7:8e:30:d8:ad:88:2b:
         97:5d:f2:a1:36:99:6d:00:b8:69:bb:1b:45:b8:bc:27:98:14:
         6d:25:15:9c:82:16:c3:94:8c:f7:bd:27:65:a0:24:b0:b1:66:
         17:f3:71:1b:eb:68:1c:42:0a:05:af:34:42:14:c8:16:b1:99:
         11:a5:62:4b:7b:72:0b:a3:bc:c5:9b:c1:fb:6d:dc:21:89:ee:
         8d:ac:54:2b:78:12:40:87:c4:69:45:28:6d:0f:2b:ee:25:df:
         a3:11:7b:7a:06:b2:e2:c7:62:90:82:e0:e5:61:f8:b7:fd:5c:
         9c:9a:4f:ae:06:fe:2c:b2:09:20:df:60:36:07:70:06:77:fe:
         dc:44:96:9d:77:93:44:50:6a:22:ef:1f:32:96:fc:4c:1a:f3:
         dc:ff:3f:6b:24:f8:3b:63:60:fe:23:3a:0b:86:66:e3:32:29:
         19:d2:e2:87:97:b4:e1:ff:d3:65:b3:31:59:04:26:0c:db:24:
         d3:26:1e:64:f3:b3:0d:9f:41:5a:59:7d:8d:59:cf:ca:f2:c7:
         7d:b6:4f:67:cc:e3:a6:f0:27:c7:0d:00:20:7a:cb:c0:fa:41:
         86:b7:29:f7:dd:b2:b8:7f:d4:31:41:f1:76:aa:bb:7a:9e:2d:
         e9:14:22:e8
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygxQkNG
QjRGQUI5NDVDREQxNDg0NzNFQ0I3NUIxMUUzQUQxNjlFNzFEMB4XDTI0MTEyNzA0
NTYzMFoXDTI1MTExNTAxMzAwM1owMzExMC8GA1UEAxMoNUZCRDU2NDA4NUUwMzBE
OUE5MDM0M0Y1RjJFMzNGNjEzQzk0NzIzQzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMhZSU6NvsKi1vFrvt87csqH+FhYSCzS9vgQsKuRuFUoaECKlWr6
HqGbdOXG/WknRz6ajHX/uZssjp/EjgXJIXdgGHwB8rqZlNqOs6V4W/2ajFyOP12U
mNMU9weY6g1KpM08uPxCuai426eu/Vh+qG878qiQUp8aOGHqqIzXqtbQozw5XMsp
6pGytY65AjHFD+SPM4mU1oj0j0dAki3gx51A3aJf6/CexCCItjjLnHdphb7y4BFl
40xP2awzJfSxWNLeHLu6jGiQDIRrCGml7G4bnH4dXuMZZvyB4dH3ZtOsFzkv7wbm
f9TnePx7S/m9zZNv1Sumhg5/U7EufWjTkt0CAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBRfvVZAheAw2akDQ/Xy4z9hPJRyPDAfBgNVHSMEGDAWgBQbz7T6uUXN0UhHPst1
sR460WnnHTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMjIxL0c4LTAtcmxGemRGSVJ6N0xkYkVlT3RGcDV4MC5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL0c4LTAtcmxGemRGSVJ6N0xkYkVlT3RG
cDV4MC5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC8yMjEvWDcxV1FJWGdNTm1wQTBQMTh1TV9ZVHlVY2p3LnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJ1l/jANBgkqhkiG9w0BAQsFAAOCAQEAenDhe8UL9jCcbtznjjDYrYgrl13y
oTaZbQC4absbRbi8J5gUbSUVnIIWw5SM970nZaAksLFmF/NxG+toHEIKBa80QhTI
FrGZEaViS3tyC6O8xZvB+23cIYnujaxUK3gSQIfEaUUobQ8r7iXfoxF7egay4sdi
kILg5WH4t/1cnJpPrgb+LLIJIN9gNgdwBnf+3ESWnXeTRFBqIu8fMpb8TBrz3P8/
ayT4O2Ng/iM6C4Zm4zIpGdLih5e04f/TZbMxWQQmDNsk0yYeZPOzDZ9BWll9jVnP
yvLHfbZPZ8zjpvAnxw0AIHrLwPpBhrcp992yuH/UMUHxdqq7ep4t6RQi6A==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:35 2025 by rpki-client