Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/2490/tdSZpHdWJUeA7TBL3E9o5W1_HTg.roa
File:                     tdSZpHdWJUeA7TBL3E9o5W1_HTg.roa (raw, json)
Hash identifier:          lGcCX+BzdM3/ipNclOYwVzXRtRrXnEDRGWFfAyxZWzk=
Subject key identifier:   B5:D4:99:A4:77:56:25:47:80:ED:30:4B:DC:4F:68:E5:6D:7F:1D:38
Certificate issuer:       /CN=B8E53C5244B7F9A76D5F9DF9FBAF61E57B2EA93B
Certificate serial:       49
Authority key identifier: B8:E5:3C:52:44:B7:F9:A7:6D:5F:9D:F9:FB:AF:61:E5:7B:2E:A9:3B
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/uOU8UkS3-adtX535-69h5XsuqTs.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/2490/tdSZpHdWJUeA7TBL3E9o5W1_HTg.roa
Signing time:             Tue 14 May 2024 10:14:38 +0000
ROA not before:           Tue 14 May 2024 10:14:38 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     7687
IP address blocks:        160.246.128.0/18 maxlen: 18

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/2490/uOU8UkS3-adtX535-69h5XsuqTs.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/2490/uOU8UkS3-adtX535-69h5XsuqTs.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/uOU8UkS3-adtX535-69h5XsuqTs.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b2g-rjmhc4rmyT_fBB8RSOZTTfI.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 21 Jun 2024 19:38:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 73 (0x49)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B8E53C5244B7F9A76D5F9DF9FBAF61E57B2EA93B
        Validity
            Not Before: May 14 10:14:38 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=B5D499A47756254780ED304BDC4F68E56D7F1D38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:a3:c1:8a:45:33:95:99:a9:3f:fd:d0:b4:19:
                    5f:7a:69:e2:e7:6b:e3:71:4e:f8:8d:18:f4:3f:89:
                    2e:75:83:96:97:e6:4b:a8:11:a5:c4:e6:68:ed:85:
                    3a:cd:fe:66:d6:ed:35:e4:65:cd:b0:3c:32:89:77:
                    80:97:03:87:27:3d:b5:47:22:3f:1d:53:b2:02:ef:
                    6a:f4:2e:f8:a7:d3:3e:36:86:a3:eb:d0:8d:09:8e:
                    e9:49:63:dc:86:26:de:df:23:80:6b:95:d8:36:55:
                    ba:09:17:35:00:e2:ce:20:fd:de:2a:c5:a9:30:3b:
                    bc:af:d2:14:aa:65:45:37:60:7c:0b:3b:65:61:55:
                    d9:c8:75:fd:3a:22:fd:34:47:88:14:92:c7:5b:15:
                    93:72:b0:ff:0b:11:45:fc:05:3b:5e:e8:d3:65:e5:
                    5b:fe:35:c8:7f:c2:63:b1:83:03:bf:7c:c8:fd:01:
                    ae:d8:c3:41:9d:d6:d9:79:ec:c3:0c:5f:de:ee:93:
                    bc:ac:a7:09:87:d2:ac:97:e0:05:66:23:9c:5b:0c:
                    ef:f9:ab:4c:a4:a1:5c:20:54:f5:c5:6b:79:08:66:
                    da:74:a7:4d:e5:f8:49:8d:cd:b7:04:68:3e:a5:76:
                    f5:92:1e:32:73:b9:cf:8c:03:03:7f:bb:d5:ca:9c:
                    80:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:D4:99:A4:77:56:25:47:80:ED:30:4B:DC:4F:68:E5:6D:7F:1D:38
            X509v3 Authority Key Identifier:
                keyid:B8:E5:3C:52:44:B7:F9:A7:6D:5F:9D:F9:FB:AF:61:E5:7B:2E:A9:3B

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/2490/uOU8UkS3-adtX535-69h5XsuqTs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/uOU8UkS3-adtX535-69h5XsuqTs.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/2490/tdSZpHdWJUeA7TBL3E9o5W1_HTg.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.246.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         31:54:97:cb:17:f2:de:b4:b6:a6:21:53:53:df:d3:d8:da:79:
         15:6a:01:de:af:dc:f6:b6:15:aa:73:93:08:24:7b:db:5a:b1:
         23:dc:e9:a9:dc:2e:7c:2c:80:21:47:29:e7:0f:b2:d2:42:2a:
         6d:8d:92:74:69:26:0f:b5:20:80:8b:1d:62:1a:a1:a1:4c:27:
         26:87:dc:6f:19:c0:26:6b:c3:1f:b7:4e:2a:71:93:b7:86:85:
         0a:9e:a8:b2:93:97:06:3c:3e:ba:b1:e9:26:17:a3:0f:af:e4:
         cc:b4:4d:bd:4b:4c:43:20:f1:c8:93:2a:25:c2:d6:4a:83:0b:
         1b:72:70:95:4c:be:6f:b4:5f:dc:88:71:19:83:5a:99:77:1e:
         99:69:8a:61:ef:68:cf:b8:af:28:ab:5a:6a:63:1c:9f:2c:ff:
         7d:1b:ff:12:e7:bb:0a:8e:af:96:4b:5c:be:c4:45:f1:31:b8:
         65:21:8b:ff:77:42:b1:8e:79:43:2b:a0:d1:04:03:e7:9e:ce:
         02:ce:f5:70:22:55:a3:3b:0b:39:07:07:9b:dc:6f:c7:83:98:
         9a:4d:1a:c7:9b:ca:8a:92:16:ed:23:a6:9d:12:3c:5b:80:79:
         b7:59:b8:42:2c:da:db:05:46:88:69:54:c2:ef:c7:53:5f:24:
         59:09:5c:ef
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIBSTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhCOEU1
M0M1MjQ0QjdGOUE3NkQ1RjlERjlGQkFGNjFFNTdCMkVBOTNCMB4XDTI0MDUxNDEw
MTQzOFoXDTI1MDQxNTAxMzAwMlowMzExMC8GA1UEAxMoQjVENDk5QTQ3NzU2MjU0
NzgwRUQzMDRCREM0RjY4RTU2RDdGMUQzODCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANejwYpFM5WZqT/90LQZX3pp4udr43FO+I0Y9D+JLnWDlpfmS6gR
pcTmaO2FOs3+ZtbtNeRlzbA8Mol3gJcDhyc9tUciPx1TsgLvavQu+KfTPjaGo+vQ
jQmO6Ulj3IYm3t8jgGuV2DZVugkXNQDiziD93irFqTA7vK/SFKplRTdgfAs7ZWFV
2ch1/Toi/TRHiBSSx1sVk3Kw/wsRRfwFO17o02XlW/41yH/CY7GDA798yP0BrtjD
QZ3W2Xnswwxf3u6TvKynCYfSrJfgBWYjnFsM7/mrTKShXCBU9cVreQhm2nSnTeX4
SY3NtwRoPqV29ZIeMnO5z4wDA3+71cqcgDsCAwEAAaOCAiYwggIiMB0GA1UdDgQW
BBS11Jmkd1YlR4DtMEvcT2jlbX8dODAfBgNVHSMEGDAWgBS45TxSRLf5p21fnfn7
r2Hley6pOzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGcGA1UdHwRgMF4wXKBa
oFiGVnJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMjQ5MC91T1U4VWtTMy1hZHRYNTM1LTY5aDVYc3VxVHMuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC91T1U4VWtTMy1hZHRYNTM1LTY5aDVY
c3VxVHMuY2VyMA4GA1UdDwEB/wQEAwIHgDCBvAYIKwYBBQUHAQsEga8wgawwYgYI
KwYBBQUHMAuGVnJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMjQ5MC90ZFNacEhkV0pVZUE3VEJMM0U5bzVXMV9IVGcucm9h
MEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAv
cnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA
ATAGAwQGoPaAMA0GCSqGSIb3DQEBCwUAA4IBAQAxVJfLF/LetLamIVNT39PY2nkV
agHer9z2thWqc5MIJHvbWrEj3Omp3C58LIAhRynnD7LSQiptjZJ0aSYPtSCAix1i
GqGhTCcmh9xvGcAma8Mft04qcZO3hoUKnqiyk5cGPD66sekmF6MPr+TMtE29S0xD
IPHIkyolwtZKgwsbcnCVTL5vtF/ciHEZg1qZdx6ZaYph72jPuK8oq1pqYxyfLP99
G/8S57sKjq+WS1y+xEXxMbhlIYv/d0KxjnlDK6DRBAPnns4CzvVwIlWjOws5Bweb
3G/Hg5iaTRrHm8qKkhbtI6adEjxbgHm3WbhCLNrbBUaIaVTC78dTXyRZCVzv
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:41:49 2024 by rpki-client on console-ams.rpki-client.org