Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/2370/dTHy6XI2nYPyc7IZlKbLyDSsMpg.roa
File:                     dTHy6XI2nYPyc7IZlKbLyDSsMpg.roa (raw, json)
Hash identifier:          jSaaZrRjLRd0bHO4Q0XQ9xRe6dajnzIiz48p4tOSj9c=
Subject key identifier:   75:31:F2:E9:72:36:9D:83:F2:73:B2:19:94:A6:CB:C8:34:AC:32:98
Certificate issuer:       /CN=49D7AAA47057BC50ABDD410A8FA39ABDA1003E10
Certificate serial:       0F
Authority key identifier: 49:D7:AA:A4:70:57:BC:50:AB:DD:41:0A:8F:A3:9A:BD:A1:00:3E:10
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/SdeqpHBXvFCr3UEKj6OavaEAPhA.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/2370/dTHy6XI2nYPyc7IZlKbLyDSsMpg.roa
Signing time:             Sun 01 Oct 2023 01:29:49 +0000
ROA not before:           Sun 01 Oct 2023 01:29:49 +0000
ROA not after:            Sat 14 Sep 2024 01:30:03 +0000
asID:                     9357
IP address blocks:        133.250.128.0/17 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/2370/SdeqpHBXvFCr3UEKj6OavaEAPhA.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/2370/SdeqpHBXvFCr3UEKj6OavaEAPhA.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/SdeqpHBXvFCr3UEKj6OavaEAPhA.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 14:09:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15 (0xf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49D7AAA47057BC50ABDD410A8FA39ABDA1003E10
        Validity
            Not Before: Oct  1 01:29:49 2023 GMT
            Not After : Sep 14 01:30:03 2024 GMT
        Subject: CN=7531F2E972369D83F273B21994A6CBC834AC3298
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:57:0d:4e:c0:56:39:f1:ae:b5:22:21:c3:ac:
                    64:e6:44:98:b0:89:63:15:dc:2a:0e:3f:c2:0a:f1:
                    96:5b:a4:26:f9:79:50:63:3a:f5:5c:ad:fe:0f:b8:
                    ca:bf:d2:f4:26:b9:23:00:af:77:6b:14:a8:a6:40:
                    31:94:d2:02:89:bd:71:1d:50:f5:bc:e8:43:4e:0d:
                    f7:b6:70:64:96:07:9c:68:08:c7:7e:1a:13:5c:70:
                    03:9d:a7:ae:c1:e1:f1:11:ef:a2:6a:a2:e4:43:d4:
                    56:22:da:b9:00:78:e7:8f:52:16:30:a1:ac:26:e1:
                    5f:df:f8:81:5a:58:1a:02:f8:2c:66:ba:5b:22:85:
                    58:ed:41:f0:be:1b:cd:40:1b:af:ec:26:0b:e1:e8:
                    4a:56:17:27:e5:8b:64:49:1b:42:e4:2b:27:e9:be:
                    6a:67:3c:da:a8:fb:10:e4:c3:24:c2:93:13:d0:09:
                    e5:07:a9:a6:63:0a:b9:aa:0a:70:8b:0a:42:b4:6e:
                    fd:72:7a:f6:0b:50:fe:f3:b4:4e:9b:b2:70:5a:40:
                    88:4d:33:ee:9e:66:5e:24:b5:f4:c0:a3:f0:92:a0:
                    e0:f5:fc:1f:b9:0e:02:68:cb:81:31:69:23:e1:4d:
                    4b:7f:20:4f:41:89:fc:74:8e:c3:4a:bb:c5:9e:88:
                    43:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:31:F2:E9:72:36:9D:83:F2:73:B2:19:94:A6:CB:C8:34:AC:32:98
            X509v3 Authority Key Identifier:
                keyid:49:D7:AA:A4:70:57:BC:50:AB:DD:41:0A:8F:A3:9A:BD:A1:00:3E:10

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/2370/SdeqpHBXvFCr3UEKj6OavaEAPhA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/SdeqpHBXvFCr3UEKj6OavaEAPhA.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/2370/dTHy6XI2nYPyc7IZlKbLyDSsMpg.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  133.250.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         40:e9:21:2f:3d:da:a8:b8:75:6e:61:d1:15:cd:7a:35:0d:86:
         b1:f1:5c:df:91:38:c0:71:a9:2d:d5:6b:d3:cb:f3:11:6d:77:
         ff:8d:e2:3a:4a:db:0d:50:82:be:ad:f7:24:44:a9:44:dc:7e:
         43:a0:d7:af:07:30:dc:f9:35:c4:99:94:d5:21:40:d3:dc:d2:
         fe:87:c1:70:42:ed:3d:0d:9e:e4:56:9f:6a:c8:ba:1b:62:f3:
         56:53:dc:b0:e8:8d:09:56:29:58:99:25:35:4f:41:1d:1d:73:
         34:f5:44:9e:59:4c:b6:a0:15:bb:42:5f:5d:d9:8d:75:6d:85:
         f3:b6:1f:b8:39:5b:d8:a9:21:41:c0:65:8d:b3:b2:ff:54:64:
         bf:62:5b:15:00:0f:10:05:68:d5:6e:df:e7:1a:aa:2e:e4:8b:
         62:55:1e:3b:4e:63:a7:18:e0:e8:22:57:65:bf:62:fe:04:5c:
         9d:e6:9c:c3:f1:08:ad:b9:7c:da:88:41:26:69:c4:28:a8:8f:
         e6:46:bf:b3:94:b2:6c:b3:c5:36:f7:b8:13:7b:e7:33:31:25:
         ea:e0:36:5d:78:9f:4b:e4:01:60:69:39:63:1b:5e:82:1b:63:
         bb:93:29:26:b2:25:cd:35:d1:cc:c1:a0:be:22:93:1c:2c:7d:
         d5:75:9f:75
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIBDzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0OUQ3
QUFBNDcwNTdCQzUwQUJERDQxMEE4RkEzOUFCREExMDAzRTEwMB4XDTIzMTAwMTAx
Mjk0OVoXDTI0MDkxNDAxMzAwM1owMzExMC8GA1UEAxMoNzUzMUYyRTk3MjM2OUQ4
M0YyNzNCMjE5OTRBNkNCQzgzNEFDMzI5ODCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKxXDU7AVjnxrrUiIcOsZOZEmLCJYxXcKg4/wgrxllukJvl5UGM6
9Vyt/g+4yr/S9Ca5IwCvd2sUqKZAMZTSAom9cR1Q9bzoQ04N97ZwZJYHnGgIx34a
E1xwA52nrsHh8RHvomqi5EPUViLauQB4549SFjChrCbhX9/4gVpYGgL4LGa6WyKF
WO1B8L4bzUAbr+wmC+HoSlYXJ+WLZEkbQuQrJ+m+amc82qj7EOTDJMKTE9AJ5Qep
pmMKuaoKcIsKQrRu/XJ69gtQ/vO0TpuycFpAiE0z7p5mXiS19MCj8JKg4PX8H7kO
AmjLgTFpI+FNS38gT0GJ/HSOw0q7xZ6IQ7MCAwEAAaOCAiYwggIiMB0GA1UdDgQW
BBR1MfLpcjadg/JzshmUpsvINKwymDAfBgNVHSMEGDAWgBRJ16qkcFe8UKvdQQqP
o5q9oQA+EDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGcGA1UdHwRgMF4wXKBa
oFiGVnJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMjM3MC9TZGVxcEhCWHZGQ3IzVUVLajZPYXZhRUFQaEEuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9TZGVxcEhCWHZGQ3IzVUVLajZPYXZh
RUFQaEEuY2VyMA4GA1UdDwEB/wQEAwIHgDCBvAYIKwYBBQUHAQsEga8wgawwYgYI
KwYBBQUHMAuGVnJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMjM3MC9kVEh5NlhJMm5ZUHljN0labEtiTHlEU3NNcGcucm9h
MEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAv
cnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA
ATAGAwQHhfqAMA0GCSqGSIb3DQEBCwUAA4IBAQBA6SEvPdqouHVuYdEVzXo1DYax
8VzfkTjAcakt1WvTy/MRbXf/jeI6StsNUIK+rfckRKlE3H5DoNevBzDc+TXEmZTV
IUDT3NL+h8FwQu09DZ7kVp9qyLobYvNWU9yw6I0JVilYmSU1T0EdHXM09USeWUy2
oBW7Ql9d2Y11bYXzth+4OVvYqSFBwGWNs7L/VGS/YlsVAA8QBWjVbt/nGqou5Iti
VR47TmOnGODoIldlv2L+BFyd5pzD8QituXzaiEEmacQoqI/mRr+zlLJss8U297gT
e+czMSXq4DZdeJ9L5AFgaTljG16CG2O7kykmsiXNNdHMwaC+IpMcLH3VdZ91
-----END CERTIFICATE-----
Generated at Mon Jun 17 11:39:08 2024 by rpki-client on console-fra.rpki-client.org