Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/29/gkOAgF6F6lDfFBW-ZEG6nkZ1hAs.roa
File:                     gkOAgF6F6lDfFBW-ZEG6nkZ1hAs.roa (raw, json)
Hash identifier:          cJgJWw8fO6jWa9/mHuesI4ZxsuwMIye2sYtiMntPZl0=
Subject key identifier:   82:43:80:80:5E:85:EA:50:DF:14:15:BE:64:41:BA:9E:46:75:84:0B
Certificate issuer:       /CN=D1400AB89B6D72F7DB424F4AAA8CCFF6438D3D4A
Certificate serial:       41
Authority key identifier: D1:40:0A:B8:9B:6D:72:F7:DB:42:4F:4A:AA:8C:CF:F6:43:8D:3D:4A
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/0UAKuJttcvfbQk9KqozP9kONPUo.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/29/gkOAgF6F6lDfFBW-ZEG6nkZ1hAs.roa
Signing time:             Thu 25 Jan 2024 01:06:34 +0000
ROA not before:           Thu 25 Jan 2024 01:06:34 +0000
ROA not after:            Tue 14 Jan 2025 01:30:02 +0000
asID:                     2514
IP address blocks:        160.248.242.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/29/0UAKuJttcvfbQk9KqozP9kONPUo.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/29/0UAKuJttcvfbQk9KqozP9kONPUo.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/0UAKuJttcvfbQk9KqozP9kONPUo.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b2g-rjmhc4rmyT_fBB8RSOZTTfI.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 02 Dec 2024 23:53:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 65 (0x41)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D1400AB89B6D72F7DB424F4AAA8CCFF6438D3D4A
        Validity
            Not Before: Jan 25 01:06:34 2024 GMT
            Not After : Jan 14 01:30:02 2025 GMT
        Subject: CN=824380805E85EA50DF1415BE6441BA9E4675840B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:98:9b:05:d3:ca:31:ce:48:85:36:a2:63:84:
                    a4:0a:24:dd:0c:00:c2:f7:ef:b9:37:fa:d5:9b:8f:
                    7b:f6:2c:2c:10:7c:6a:bf:2c:7a:17:c9:1e:34:75:
                    6a:b2:03:5f:b2:fa:c9:93:1b:69:7c:55:60:da:f6:
                    fa:fe:fd:59:c6:6e:42:5e:c0:61:b7:86:1e:35:ac:
                    86:d7:d4:28:04:bb:40:e1:cf:36:82:f5:2d:8f:33:
                    28:bb:e5:9f:dc:29:ed:3a:c7:a2:89:52:2d:24:08:
                    33:d7:38:ac:69:df:d6:80:e9:62:13:08:dd:54:63:
                    7c:62:f6:e7:80:d8:5a:b7:bd:a6:29:f9:ea:61:1a:
                    64:7f:95:72:f1:30:53:1e:7a:37:f0:51:0b:db:9e:
                    00:ff:5d:37:76:f6:6c:cd:8e:8e:53:7e:d7:2d:6f:
                    79:4d:21:9f:a1:1d:51:33:17:1f:55:a6:9b:84:34:
                    05:6f:4e:94:e6:7b:11:61:ea:a5:f4:c4:d1:50:89:
                    bb:dd:bd:6f:65:7e:3f:41:6f:25:dc:df:b6:6a:56:
                    eb:3a:9d:e5:eb:40:34:4b:5a:91:33:7a:26:8e:42:
                    a0:e9:55:5d:85:ec:67:f0:7f:d8:bd:70:89:79:86:
                    68:f6:ef:00:c1:23:d2:5f:37:42:a6:24:e6:6a:a5:
                    3a:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:43:80:80:5E:85:EA:50:DF:14:15:BE:64:41:BA:9E:46:75:84:0B
            X509v3 Authority Key Identifier:
                keyid:D1:40:0A:B8:9B:6D:72:F7:DB:42:4F:4A:AA:8C:CF:F6:43:8D:3D:4A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/29/0UAKuJttcvfbQk9KqozP9kONPUo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/0UAKuJttcvfbQk9KqozP9kONPUo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/29/gkOAgF6F6lDfFBW-ZEG6nkZ1hAs.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.248.242.0/23

    Signature Algorithm: sha256WithRSAEncryption
         37:fb:01:c4:2a:12:5e:52:58:19:72:9b:2a:e3:e9:0b:bf:ae:
         dd:ac:5b:3d:0d:39:e7:ac:b7:0c:42:ce:db:8d:8f:ca:30:a9:
         f6:ff:79:ac:20:ca:4e:7e:33:72:3c:57:c6:e9:13:7a:da:af:
         42:3c:fc:68:0a:82:be:30:b5:a4:63:66:54:9c:3e:dc:ea:25:
         fc:3c:3f:07:82:7a:40:eb:52:0b:32:1a:49:3e:f7:0c:92:c5:
         39:20:95:df:98:ae:ec:bc:a9:13:99:0b:12:f0:ba:4b:06:4c:
         16:4f:84:c1:17:5f:13:e8:96:aa:20:c3:dc:77:eb:f2:ed:c0:
         33:ae:81:a8:b1:02:a0:d3:f0:6c:89:8c:43:74:6c:41:5e:94:
         f0:24:9d:f7:39:ce:79:95:a1:00:99:93:d0:1c:04:bf:78:00:
         2d:ce:e1:57:02:18:d9:91:e6:ac:ea:7e:87:57:bb:69:ed:2f:
         63:12:f3:4b:9a:25:4a:58:09:b4:5d:1f:04:16:1e:82:38:c6:
         7c:40:04:88:9d:3c:b3:88:f0:84:c0:2c:44:92:ea:4a:52:e7:
         70:f2:5e:70:ed:0f:8c:c8:8e:aa:50:dd:81:d0:b3:66:27:a3:
         42:ab:be:bb:9f:1e:44:bb:18:f2:9a:6c:c0:db:2b:75:bf:1d:
         ef:33:af:a2
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIBQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhEMTQw
MEFCODlCNkQ3MkY3REI0MjRGNEFBQThDQ0ZGNjQzOEQzRDRBMB4XDTI0MDEyNTAx
MDYzNFoXDTI1MDExNDAxMzAwMlowMzExMC8GA1UEAxMoODI0MzgwODA1RTg1RUE1
MERGMTQxNUJFNjQ0MUJBOUU0Njc1ODQwQjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMmYmwXTyjHOSIU2omOEpAok3QwAwvfvuTf61ZuPe/YsLBB8ar8s
ehfJHjR1arIDX7L6yZMbaXxVYNr2+v79WcZuQl7AYbeGHjWshtfUKAS7QOHPNoL1
LY8zKLvln9wp7TrHoolSLSQIM9c4rGnf1oDpYhMI3VRjfGL254DYWre9pin56mEa
ZH+VcvEwUx56N/BRC9ueAP9dN3b2bM2OjlN+1y1veU0hn6EdUTMXH1Wmm4Q0BW9O
lOZ7EWHqpfTE0VCJu929b2V+P0FvJdzftmpW6zqd5etANEtakTN6Jo5CoOlVXYXs
Z/B/2L1wiXmGaPbvAMEj0l83QqYk5mqlOtMCAwEAAaOCAiIwggIeMB0GA1UdDgQW
BBSCQ4CAXoXqUN8UFb5kQbqeRnWECzAfBgNVHSMEGDAWgBTRQAq4m21y99tCT0qq
jM/2Q409SjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGUGA1UdHwReMFwwWqBY
oFaGVHJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMjkvMFVBS3VKdHRjdmZiUWs5S3FvelA5a09OUFVvLmNybDBtBggrBgEF
BQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5p
Yy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvMFVBS3VKdHRjdmZiUWs5S3FvelA5a09O
UFVvLmNlcjAOBgNVHQ8BAf8EBAMCB4AwgboGCCsGAQUFBwELBIGtMIGqMGAGCCsG
AQUFBzALhlRyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkx
QTczODEwMDAwLzI5L2drT0FnRjZGNmxEZkZCVy1aRUc2bmtaMWhBcy5yb2EwRgYI
KwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9ycmRw
L2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAGg+PIwDQYJKoZIhvcNAQELBQADggEBADf7AcQqEl5SWBlymyrj6Qu/rt2sWz0N
OeestwxCztuNj8owqfb/eawgyk5+M3I8V8bpE3rar0I8/GgKgr4wtaRjZlScPtzq
Jfw8PweCekDrUgsyGkk+9wySxTkgld+Yruy8qROZCxLwuksGTBZPhMEXXxPolqog
w9x36/LtwDOugaixAqDT8GyJjEN0bEFelPAknfc5znmVoQCZk9AcBL94AC3O4VcC
GNmR5qzqfodXu2ntL2MS80uaJUpYCbRdHwQWHoI4xnxABIidPLOI8ITALESS6kpS
53DyXnDtD4zIjqpQ3YHQs2Yno0KrvrufHkS7GPKabMDbK3W/He8zr6I=
-----END CERTIFICATE-----
Generated at Tue Nov 26 02:17:06 2024 by rpki-client on console-fra.rpki-client.org