Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/29/-cD77utssEp9yoIwUX0IRuJyw9Y.roa
File:                     -cD77utssEp9yoIwUX0IRuJyw9Y.roa (raw, json)
Hash identifier:          C1C4MeawcODBgFQgkPO2NwTxNzXy2oLtMUIACPHhM9Y=
Subject key identifier:   F9:C0:FB:EE:EB:6C:B0:4A:7D:CA:82:30:51:7D:08:46:E2:72:C3:D6
Certificate issuer:       /CN=D1400AB89B6D72F7DB424F4AAA8CCFF6438D3D4A
Certificate serial:       21
Authority key identifier: D1:40:0A:B8:9B:6D:72:F7:DB:42:4F:4A:AA:8C:CF:F6:43:8D:3D:4A
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/0UAKuJttcvfbQk9KqozP9kONPUo.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/29/-cD77utssEp9yoIwUX0IRuJyw9Y.roa
Signing time:             Wed 10 Jan 2024 01:07:01 +0000
ROA not before:           Wed 10 Jan 2024 01:07:01 +0000
ROA not after:            Sat 14 Dec 2024 01:30:03 +0000
asID:                     2514
IP address blocks:        157.65.160.0/20 maxlen: 20

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/29/0UAKuJttcvfbQk9KqozP9kONPUo.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/29/0UAKuJttcvfbQk9KqozP9kONPUo.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/0UAKuJttcvfbQk9KqozP9kONPUo.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b2g-rjmhc4rmyT_fBB8RSOZTTfI.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 21 Jun 2024 19:38:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 33 (0x21)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D1400AB89B6D72F7DB424F4AAA8CCFF6438D3D4A
        Validity
            Not Before: Jan 10 01:07:01 2024 GMT
            Not After : Dec 14 01:30:03 2024 GMT
        Subject: CN=F9C0FBEEEB6CB04A7DCA8230517D0846E272C3D6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:39:a0:6e:15:1d:5c:83:22:7d:91:d4:99:67:
                    ee:e4:b3:a5:6d:07:d6:f1:51:9d:f6:65:3b:1c:5a:
                    00:4e:10:30:53:95:b3:d8:2c:f3:f5:a0:79:7b:9d:
                    9f:38:a2:12:4d:b2:30:cc:a9:8d:1d:cd:07:b1:ae:
                    46:bc:6f:d2:cc:44:3f:13:5b:70:13:63:07:9a:03:
                    c8:7d:ca:a1:75:0e:d0:b2:3e:27:32:7b:30:f4:11:
                    c5:58:cc:b4:e4:16:3d:33:f3:14:df:03:7c:46:be:
                    c6:87:af:30:0d:c5:b2:fb:87:4e:90:7f:a1:fb:79:
                    c4:91:42:65:8c:e0:dd:34:86:fa:4b:03:0d:b7:33:
                    c7:b9:82:b4:6b:b6:2d:c8:0b:20:4f:a0:bd:45:57:
                    67:f5:1c:c3:55:d9:b4:3b:20:e2:4f:08:d9:13:f8:
                    cc:42:b6:b2:15:02:6c:c8:7a:bb:2e:40:ee:ea:81:
                    ed:ea:0a:50:80:25:a4:fb:04:63:58:bb:bf:b1:72:
                    dd:a0:aa:35:7a:86:75:73:cd:09:8b:4a:d4:c3:26:
                    cf:95:a0:80:0e:f4:fe:0f:3a:28:90:e8:10:82:f9:
                    84:8a:f9:12:19:2b:ee:0b:8c:f4:33:21:4b:cb:b9:
                    b7:e9:d8:89:fb:10:47:05:5e:31:d7:c8:5f:34:8b:
                    9a:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:C0:FB:EE:EB:6C:B0:4A:7D:CA:82:30:51:7D:08:46:E2:72:C3:D6
            X509v3 Authority Key Identifier:
                keyid:D1:40:0A:B8:9B:6D:72:F7:DB:42:4F:4A:AA:8C:CF:F6:43:8D:3D:4A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/29/0UAKuJttcvfbQk9KqozP9kONPUo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/0UAKuJttcvfbQk9KqozP9kONPUo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/29/-cD77utssEp9yoIwUX0IRuJyw9Y.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.65.160.0/20

    Signature Algorithm: sha256WithRSAEncryption
         22:d3:cb:68:05:fe:69:16:04:63:76:59:3d:c7:2f:4a:a1:6e:
         4c:67:9f:cb:cd:13:7f:78:0b:0e:9a:a0:c7:61:ef:bf:a9:f8:
         4e:c7:01:9c:79:0a:93:78:96:ba:b1:ce:fa:8c:ba:fd:2c:b3:
         09:2a:6b:2c:65:72:85:12:b7:28:c1:8f:46:3c:1d:d4:8d:00:
         d7:d0:b1:de:2a:ef:95:48:50:3b:a4:4f:2f:a5:04:ae:ed:9d:
         3c:2a:75:21:75:02:86:39:a4:67:be:76:52:28:86:fa:c5:70:
         b6:0a:4a:4e:48:9d:cc:26:a9:2c:a2:b8:b0:b6:64:b2:53:e5:
         f8:ee:a7:b3:04:4d:d7:9a:e9:bd:b1:cc:9c:ea:e7:ea:ab:f8:
         aa:a8:4b:dd:db:83:76:ae:05:8b:f4:7f:61:4b:1f:9a:73:f1:
         20:67:f0:fb:d9:be:51:b1:6b:60:ae:ae:28:b4:d7:18:45:94:
         c4:94:a7:30:c6:04:25:03:a5:05:a4:82:c5:6b:20:85:f6:6c:
         b8:73:dc:66:58:97:a0:2b:07:47:fb:72:62:17:54:74:0e:18:
         52:35:44:a5:48:2b:08:50:d3:f1:db:f2:48:c0:f4:ae:0e:b8:
         e1:11:dd:7c:29:5a:1f:b2:25:0f:a5:46:99:4d:52:65:ca:6b:
         9a:6b:17:e6
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIBITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhEMTQw
MEFCODlCNkQ3MkY3REI0MjRGNEFBQThDQ0ZGNjQzOEQzRDRBMB4XDTI0MDExMDAx
MDcwMVoXDTI0MTIxNDAxMzAwM1owMzExMC8GA1UEAxMoRjlDMEZCRUVFQjZDQjA0
QTdEQ0E4MjMwNTE3RDA4NDZFMjcyQzNENjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALg5oG4VHVyDIn2R1Jln7uSzpW0H1vFRnfZlOxxaAE4QMFOVs9gs
8/WgeXudnziiEk2yMMypjR3NB7GuRrxv0sxEPxNbcBNjB5oDyH3KoXUO0LI+JzJ7
MPQRxVjMtOQWPTPzFN8DfEa+xoevMA3FsvuHTpB/oft5xJFCZYzg3TSG+ksDDbcz
x7mCtGu2LcgLIE+gvUVXZ/Ucw1XZtDsg4k8I2RP4zEK2shUCbMh6uy5A7uqB7eoK
UIAlpPsEY1i7v7Fy3aCqNXqGdXPNCYtK1MMmz5WggA70/g86KJDoEIL5hIr5Ehkr
7guM9DMhS8u5t+nYifsQRwVeMdfIXzSLmrcCAwEAAaOCAiIwggIeMB0GA1UdDgQW
BBT5wPvu62ywSn3KgjBRfQhG4nLD1jAfBgNVHSMEGDAWgBTRQAq4m21y99tCT0qq
jM/2Q409SjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGUGA1UdHwReMFwwWqBY
oFaGVHJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMjkvMFVBS3VKdHRjdmZiUWs5S3FvelA5a09OUFVvLmNybDBtBggrBgEF
BQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5p
Yy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvMFVBS3VKdHRjdmZiUWs5S3FvelA5a09O
UFVvLmNlcjAOBgNVHQ8BAf8EBAMCB4AwgboGCCsGAQUFBwELBIGtMIGqMGAGCCsG
AQUFBzALhlRyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkx
QTczODEwMDAwLzI5Ly1jRDc3dXRzc0VwOXlvSXdVWDBJUnVKeXc5WS5yb2EwRgYI
KwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9ycmRw
L2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BASdQaAwDQYJKoZIhvcNAQELBQADggEBACLTy2gF/mkWBGN2WT3HL0qhbkxnn8vN
E394Cw6aoMdh77+p+E7HAZx5CpN4lrqxzvqMuv0sswkqayxlcoUStyjBj0Y8HdSN
ANfQsd4q75VIUDukTy+lBK7tnTwqdSF1AoY5pGe+dlIohvrFcLYKSk5IncwmqSyi
uLC2ZLJT5fjup7METdea6b2xzJzq5+qr+KqoS93bg3auBYv0f2FLH5pz8SBn8PvZ
vlGxa2Curii01xhFlMSUpzDGBCUDpQWkgsVrIIX2bLhz3GZYl6ArB0f7cmIXVHQO
GFI1RKVIKwhQ0/Hb8kjA9K4OuOER3XwpWh+yJQ+lRplNUmXKa5prF+Y=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:41:49 2024 by rpki-client on console-ams.rpki-client.org