Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/29/UlljdU0HjZh3aGEzdfhraM9zsx4.roa
File:                     UlljdU0HjZh3aGEzdfhraM9zsx4.roa (raw, json)
Hash identifier:          MAVhRAQJyHr/62iOB1aD1YxYrjOzVMr/wKLR/uaAsQY=
Subject key identifier:   52:59:63:75:4D:07:8D:98:77:68:61:33:75:F8:6B:68:CF:73:B3:1E
Certificate issuer:       /CN=06FA662194FCF1EB983AB44CC913004180770D18
Certificate serial:       16
Authority key identifier: 06:FA:66:21:94:FC:F1:EB:98:3A:B4:4C:C9:13:00:41:80:77:0D:18
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/BvpmIZT88euYOrRMyRMAQYB3DRg.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/29/UlljdU0HjZh3aGEzdfhraM9zsx4.roa
Signing time:             Wed 15 Nov 2023 01:37:07 +0000
ROA not before:           Wed 15 Nov 2023 01:37:07 +0000
ROA not after:            Thu 14 Nov 2024 01:30:03 +0000
asID:                     2514
IP address blocks:        1.33.0.0/16 maxlen: 16

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/29/BvpmIZT88euYOrRMyRMAQYB3DRg.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/29/BvpmIZT88euYOrRMyRMAQYB3DRg.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/BvpmIZT88euYOrRMyRMAQYB3DRg.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 01:32:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 22 (0x16)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06FA662194FCF1EB983AB44CC913004180770D18
        Validity
            Not Before: Nov 15 01:37:07 2023 GMT
            Not After : Nov 14 01:30:03 2024 GMT
        Subject: CN=525963754D078D987768613375F86B68CF73B31E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:ac:51:91:e9:eb:31:d1:65:80:a4:e8:03:9f:
                    ea:46:ea:39:90:a5:9c:a5:06:6e:30:06:f5:54:e6:
                    81:19:06:ab:a0:75:1f:a2:0a:f9:ee:3e:be:30:23:
                    43:76:7c:0d:41:35:a0:1e:b9:1e:1a:9d:4f:df:34:
                    12:69:73:e8:1a:a2:cb:92:bc:ab:4b:be:10:14:95:
                    dd:25:84:3e:d4:ac:ed:c4:c8:df:e7:71:9d:85:dc:
                    53:1a:1b:5c:a9:5e:9f:b3:50:bc:a4:e1:b8:69:71:
                    c1:5f:24:d8:1a:9c:d7:01:73:27:14:83:5f:47:05:
                    c2:96:60:ba:13:81:4f:52:49:b6:e8:98:ea:53:35:
                    a2:eb:7b:7b:55:4f:76:4d:f5:6e:03:37:72:69:6f:
                    62:b5:d4:68:ce:d8:9d:6f:c5:65:bd:ab:b9:1d:c9:
                    7c:f8:41:53:ad:22:92:01:f8:53:52:ac:3a:e6:35:
                    3b:b3:c7:68:69:e7:8e:92:83:04:f7:04:e6:62:bb:
                    93:7f:ea:92:9d:93:db:ed:ef:1f:24:0d:46:63:8a:
                    10:fa:6b:a5:95:c3:44:03:51:d2:b4:ef:b3:9d:dc:
                    34:15:1c:c8:ac:8f:20:69:a5:2d:1f:06:b9:b5:f0:
                    4e:06:0c:43:cc:4f:bc:3e:8a:cc:db:62:f9:27:9d:
                    1c:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:59:63:75:4D:07:8D:98:77:68:61:33:75:F8:6B:68:CF:73:B3:1E
            X509v3 Authority Key Identifier:
                keyid:06:FA:66:21:94:FC:F1:EB:98:3A:B4:4C:C9:13:00:41:80:77:0D:18

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/29/BvpmIZT88euYOrRMyRMAQYB3DRg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/BvpmIZT88euYOrRMyRMAQYB3DRg.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/29/UlljdU0HjZh3aGEzdfhraM9zsx4.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.33.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         13:2d:29:a1:7e:d4:94:b1:71:f8:31:34:4a:9e:05:81:43:ed:
         64:86:6b:87:e2:c1:6d:ce:42:85:3c:51:a2:4a:95:97:53:60:
         64:60:9d:c7:c2:04:63:ef:79:a2:44:40:38:f7:d5:ca:6c:8f:
         9e:0e:22:64:c4:70:fd:ab:9a:06:95:fe:4a:11:c1:f2:12:76:
         f6:2e:9c:3d:af:eb:8a:33:6a:94:2e:07:0d:95:b0:a7:c6:b8:
         ff:c4:77:fe:61:8c:e3:26:05:ce:40:b4:87:fe:44:3b:30:ad:
         5d:17:87:10:25:bc:d1:88:d4:4a:c5:17:15:f2:50:57:d0:36:
         d0:56:20:6c:f5:ec:ad:ca:e0:eb:d1:88:36:ea:c8:31:a5:44:
         29:1f:7f:92:02:13:b4:e8:b8:53:88:01:89:46:1d:cf:ff:2a:
         1c:47:e7:6f:80:6b:60:30:81:f6:10:94:3c:d6:0f:50:43:4e:
         0f:df:a1:35:0f:e1:de:67:53:be:55:88:6a:92:be:1c:7d:61:
         31:13:88:44:25:31:24:41:ed:bb:d2:02:7d:7e:d7:93:e1:36:
         ae:a1:b2:c1:e5:db:d2:2f:1d:95:8c:66:ae:97:c7:38:c9:39:
         2f:20:ae:fb:44:30:b4:20:f7:d8:94:e2:73:e1:1c:79:aa:87:
         64:e2:e7:15
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIBFjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygwNkZB
NjYyMTk0RkNGMUVCOTgzQUI0NENDOTEzMDA0MTgwNzcwRDE4MB4XDTIzMTExNTAx
MzcwN1oXDTI0MTExNDAxMzAwM1owMzExMC8GA1UEAxMoNTI1OTYzNzU0RDA3OEQ5
ODc3Njg2MTMzNzVGODZCNjhDRjczQjMxRTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAOasUZHp6zHRZYCk6AOf6kbqOZClnKUGbjAG9VTmgRkGq6B1H6IK
+e4+vjAjQ3Z8DUE1oB65HhqdT980Emlz6Bqiy5K8q0u+EBSV3SWEPtSs7cTI3+dx
nYXcUxobXKlen7NQvKThuGlxwV8k2Bqc1wFzJxSDX0cFwpZguhOBT1JJtuiY6lM1
out7e1VPdk31bgM3cmlvYrXUaM7YnW/FZb2ruR3JfPhBU60ikgH4U1KsOuY1O7PH
aGnnjpKDBPcE5mK7k3/qkp2T2+3vHyQNRmOKEPprpZXDRANR0rTvs53cNBUcyKyP
IGmlLR8GubXwTgYMQ8xPvD6KzNti+SedHNUCAwEAAaOCAiEwggIdMB0GA1UdDgQW
BBRSWWN1TQeNmHdoYTN1+Gtoz3OzHjAfBgNVHSMEGDAWgBQG+mYhlPzx65g6tEzJ
EwBBgHcNGDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGUGA1UdHwReMFwwWqBY
oFaGVHJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMjkvQnZwbUlaVDg4ZXVZT3JSTXlSTUFRWUIzRFJnLmNybDBtBggrBgEF
BQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5p
Yy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvQnZwbUlaVDg4ZXVZT3JSTXlSTUFRWUIz
RFJnLmNlcjAOBgNVHQ8BAf8EBAMCB4AwgboGCCsGAQUFBwELBIGtMIGqMGAGCCsG
AQUFBzALhlRyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkx
QTczODEwMDAwLzI5L1VsbGpkVTBIalpoM2FHRXpkZmhyYU05enN4NC5yb2EwRgYI
KwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9ycmRw
L2FwL25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwABITANBgkqhkiG9w0BAQsFAAOCAQEAEy0poX7UlLFx+DE0Sp4FgUPtZIZrh+LB
bc5ChTxRokqVl1NgZGCdx8IEY+95okRAOPfVymyPng4iZMRw/auaBpX+ShHB8hJ2
9i6cPa/rijNqlC4HDZWwp8a4/8R3/mGM4yYFzkC0h/5EOzCtXReHECW80YjUSsUX
FfJQV9A20FYgbPXsrcrg69GINurIMaVEKR9/kgITtOi4U4gBiUYdz/8qHEfnb4Br
YDCB9hCUPNYPUENOD9+hNQ/h3mdTvlWIapK+HH1hMROIRCUxJEHtu9ICfX7Xk+E2
rqGyweXb0i8dlYxmrpfHOMk5LyCu+0QwtCD32JTic+EceaqHZOLnFQ==
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:41:50 2024 by rpki-client on console-ams.rpki-client.org