Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30003/RUEYV-GG7SOkz-Zl0yrXCYqIFq8.roa
File:                     RUEYV-GG7SOkz-Zl0yrXCYqIFq8.roa (raw, json)
Hash identifier:          94fF/C+HAAOf9HOc5guPRan9oaFwewN2UV084/W3lYw=
Subject key identifier:   45:41:18:57:E1:86:ED:23:A4:CF:E6:65:D3:2A:D7:09:8A:88:16:AF
Certificate issuer:       /CN=106B1F3D649E5A25AA1340C18BD6A7C24CF36AF6
Certificate serial:       55
Authority key identifier: 10:6B:1F:3D:64:9E:5A:25:AA:13:40:C1:8B:D6:A7:C2:4C:F3:6A:F6
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/EGsfPWSeWiWqE0DBi9anwkzzavY.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30003/RUEYV-GG7SOkz-Zl0yrXCYqIFq8.roa
Signing time:             Fri 01 Sep 2023 01:28:26 +0000
ROA not before:           Fri 01 Sep 2023 01:28:26 +0000
ROA not after:            Wed 14 Aug 2024 01:30:02 +0000
asID:                     131079
IP address blocks:        2001:3a0:f007::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30003/EGsfPWSeWiWqE0DBi9anwkzzavY.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30003/EGsfPWSeWiWqE0DBi9anwkzzavY.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/EGsfPWSeWiWqE0DBi9anwkzzavY.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 01:30:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 85 (0x55)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=106B1F3D649E5A25AA1340C18BD6A7C24CF36AF6
        Validity
            Not Before: Sep  1 01:28:26 2023 GMT
            Not After : Aug 14 01:30:02 2024 GMT
        Subject: CN=45411857E186ED23A4CFE665D32AD7098A8816AF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:a0:74:a5:2a:55:ae:5b:7a:da:20:4a:ec:22:
                    ef:f5:58:2b:20:82:d8:d7:0a:dc:fd:8a:46:e3:37:
                    5c:ac:85:58:ba:ba:9d:88:85:ce:c1:84:46:f2:54:
                    81:b5:ae:6d:6d:8a:e5:24:48:e0:55:e1:22:96:5d:
                    0a:a5:59:48:6e:1a:f4:8b:17:e1:a3:6c:ac:cc:e7:
                    08:de:ff:f6:00:b3:04:64:08:e9:ee:1a:29:7d:54:
                    22:3a:f2:29:e9:cc:03:54:08:b9:49:96:3e:d0:62:
                    8c:61:05:90:01:82:5c:ef:10:0f:1e:f1:ca:52:8a:
                    d6:bf:ca:99:dc:5d:2e:b7:92:83:53:fd:8e:90:66:
                    e2:d0:cd:99:42:c1:b3:4e:d5:03:3c:5d:5e:75:74:
                    3e:b8:e3:c1:b3:92:bc:88:a7:1e:ff:22:51:d8:3a:
                    83:d2:7f:8a:1b:86:65:31:33:16:d6:2b:37:1f:89:
                    48:3a:8b:a3:e1:e1:54:5b:9f:46:5c:1c:b0:75:9d:
                    e7:34:27:20:4d:cf:3b:6b:28:6f:68:a0:0a:38:da:
                    f0:78:78:a4:44:0f:f8:b8:ab:f0:8b:10:a5:c3:23:
                    65:6d:b9:6a:37:f1:a1:0b:10:8e:e6:86:32:97:9e:
                    ac:c9:04:a3:ce:02:cc:86:1b:60:a4:f4:3e:58:b2:
                    77:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:41:18:57:E1:86:ED:23:A4:CF:E6:65:D3:2A:D7:09:8A:88:16:AF
            X509v3 Authority Key Identifier:
                keyid:10:6B:1F:3D:64:9E:5A:25:AA:13:40:C1:8B:D6:A7:C2:4C:F3:6A:F6

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30003/EGsfPWSeWiWqE0DBi9anwkzzavY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/EGsfPWSeWiWqE0DBi9anwkzzavY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30003/RUEYV-GG7SOkz-Zl0yrXCYqIFq8.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:3a0:f007::/48

    Signature Algorithm: sha256WithRSAEncryption
         8b:1d:05:a6:95:42:18:2d:1b:39:81:01:b3:fd:b9:0f:aa:d8:
         86:41:b4:ac:75:19:43:12:cb:83:a9:23:18:e8:72:98:74:62:
         76:51:7e:ce:f0:ff:a8:9f:18:c6:32:64:ca:79:12:40:5e:be:
         bf:a0:ad:a3:a6:42:b2:dd:70:03:1b:90:79:7e:e3:40:1b:25:
         35:c3:f3:48:33:29:9e:ec:03:33:a7:49:34:fe:76:4a:b4:7f:
         fb:64:f3:5c:bd:2e:2c:db:7c:1c:a3:fb:13:b3:7e:d5:4f:18:
         99:a0:99:bc:f0:cc:57:29:db:ba:b3:3e:df:1e:d2:13:24:b8:
         a8:a5:53:6e:6a:ea:d0:05:3e:2d:df:1d:c2:38:93:7a:c7:ba:
         e3:b6:8a:05:46:b5:cd:09:40:7b:5a:7f:0c:4f:9e:bd:6c:ec:
         73:9d:5e:bb:dd:6d:e0:c9:a8:fc:cb:e2:b6:19:b6:4a:76:66:
         52:aa:d4:ee:e9:9f:89:7f:55:f0:9e:5a:d9:12:1f:ef:25:8c:
         1c:c8:a1:d8:4e:29:02:74:ff:7c:b7:2a:07:36:1c:fc:b9:a8:
         bc:12:b6:29:fe:3b:4c:7b:84:5a:e1:90:39:15:d8:9d:bf:4a:
         3a:7c:38:2c:75:33:0f:8b:a0:64:54:b6:0f:1a:27:a9:20:19:
         a9:20:43:9b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIBVTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygxMDZC
MUYzRDY0OUU1QTI1QUExMzQwQzE4QkQ2QTdDMjRDRjM2QUY2MB4XDTIzMDkwMTAx
MjgyNloXDTI0MDgxNDAxMzAwMlowMzExMC8GA1UEAxMoNDU0MTE4NTdFMTg2RUQy
M0E0Q0ZFNjY1RDMyQUQ3MDk4QTg4MTZBRjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAL+gdKUqVa5betogSuwi7/VYKyCC2NcK3P2KRuM3XKyFWLq6nYiF
zsGERvJUgbWubW2K5SRI4FXhIpZdCqVZSG4a9IsX4aNsrMznCN7/9gCzBGQI6e4a
KX1UIjryKenMA1QIuUmWPtBijGEFkAGCXO8QDx7xylKK1r/KmdxdLreSg1P9jpBm
4tDNmULBs07VAzxdXnV0PrjjwbOSvIinHv8iUdg6g9J/ihuGZTEzFtYrNx+JSDqL
o+HhVFufRlwcsHWd5zQnIE3PO2sob2igCjja8Hh4pEQP+Lir8IsQpcMjZW25ajfx
oQsQjuaGMpeerMkEo84CzIYbYKT0Pliyd6ECAwEAAaOCAiswggInMB0GA1UdDgQW
BBRFQRhX4YbtI6TP5mXTKtcJiogWrzAfBgNVHSMEGDAWgBQQax89ZJ5aJaoTQMGL
1qfCTPNq9jAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGgGA1UdHwRhMF8wXaBb
oFmGV3JzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzAwMDMvRUdzZlBXU2VXaVdxRTBEQmk5YW53a3p6YXZZLmNybDBtBggr
BgEFBQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5
Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvRUdzZlBXU2VXaVdxRTBEQmk5YW53
a3p6YXZZLmNlcjAOBgNVHQ8BAf8EBAMCB4Awgb0GCCsGAQUFBwELBIGwMIGtMGMG
CCsGAQUFBzALhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAv
QTkxQTczODEwMDAwLzMwMDAzL1JVRVlWLUdHN1NPa3otWmwweXJYQ1lxSUZxOC5y
b2EwRgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q
cC9ycmRwL2FwL25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAgAQOg8AcwDQYJKoZIhvcNAQELBQADggEBAIsdBaaVQhgtGzmBAbP9
uQ+q2IZBtKx1GUMSy4OpIxjocph0YnZRfs7w/6ifGMYyZMp5EkBevr+graOmQrLd
cAMbkHl+40AbJTXD80gzKZ7sAzOnSTT+dkq0f/tk81y9LizbfByj+xOzftVPGJmg
mbzwzFcp27qzPt8e0hMkuKilU25q6tAFPi3fHcI4k3rHuuO2igVGtc0JQHtafwxP
nr1s7HOdXrvdbeDJqPzL4rYZtkp2ZlKq1O7pn4l/VfCeWtkSH+8ljBzIodhOKQJ0
/3y3Kgc2HPy5qLwStin+O0x7hFrhkDkV2J2/Sjp8OCx1Mw+LoGRUtg8aJ6kgGakg
Q5s=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:01:39 2024 by rpki-client on console-fra.rpki-client.org