Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30129/8yPaz6QXf7ynx3DbqmLJV2fMzeU.roa
File:                     8yPaz6QXf7ynx3DbqmLJV2fMzeU.roa (raw, json)
Hash identifier:          tL4mZhhvhKN6PPhX2eeV6yA7ta7VQgQpOJYah9iU4mQ=
Subject key identifier:   F3:23:DA:CF:A4:17:7F:BC:A7:C7:70:DB:AA:62:C9:57:67:CC:CD:E5
Certificate issuer:       /CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
Certificate serial:       0366
Authority key identifier: 51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/8yPaz6QXf7ynx3DbqmLJV2fMzeU.roa
Signing time:             Tue 30 Apr 2024 01:56:58 +0000
ROA not before:           Tue 30 Apr 2024 01:56:58 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        240a:6b:2d00::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 12:46:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 870 (0x366)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
        Validity
            Not Before: Apr 30 01:56:58 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=F323DACFA4177FBCA7C770DBAA62C95767CCCDE5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:1b:88:d1:7e:3c:51:0f:44:8a:23:b4:ff:70:
                    a5:f7:df:5b:65:0e:f9:d5:04:3b:fe:10:e3:7c:0b:
                    ef:9e:86:ca:6c:35:d7:4a:d2:59:fa:c6:68:6e:b9:
                    d1:4c:32:a2:ac:9c:9a:c5:e1:f4:00:c8:60:e8:da:
                    64:d0:11:c3:59:9c:f6:d8:92:c7:07:37:b2:a1:82:
                    b4:90:4e:01:63:ae:99:b3:ac:9d:83:41:fb:e0:fc:
                    97:0e:f2:6e:7a:21:fa:73:f3:ee:61:22:5c:4e:74:
                    28:cb:f3:92:eb:61:18:95:b0:00:06:e9:1c:46:02:
                    71:c9:ae:6c:33:2f:b6:df:9b:60:e9:5c:a6:8c:fd:
                    d0:7a:f4:34:d7:69:86:69:8e:b0:4d:25:fb:ad:13:
                    77:c8:00:27:bc:4d:f4:25:40:15:d0:9b:17:97:e2:
                    bf:c0:d3:34:22:1a:7d:0d:7e:f5:af:b8:8a:4c:aa:
                    59:df:8b:82:b1:14:96:40:cf:00:64:21:92:7a:34:
                    84:a9:0e:c1:34:4c:8a:7e:4f:9e:da:5b:83:fc:23:
                    b0:ed:5d:8b:28:dd:5e:ee:97:4e:30:05:24:a2:05:
                    78:06:48:83:30:d0:a2:a7:ae:e9:91:a7:30:aa:a3:
                    ab:e8:fe:23:5a:4f:b7:d3:5f:21:91:8b:d7:45:de:
                    61:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:23:DA:CF:A4:17:7F:BC:A7:C7:70:DB:AA:62:C9:57:67:CC:CD:E5
            X509v3 Authority Key Identifier:
                keyid:51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/8yPaz6QXf7ynx3DbqmLJV2fMzeU.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  240a:6b:2d00::/40

    Signature Algorithm: sha256WithRSAEncryption
         93:44:ec:2c:90:12:73:17:20:21:08:58:32:7b:93:7f:1c:81:
         32:25:91:c7:4e:71:a0:b9:62:3c:0e:75:ae:0a:bc:c5:13:cb:
         c6:20:5a:0f:16:19:e4:ac:9e:3b:81:08:10:1a:51:b2:5c:32:
         ee:48:c6:2f:84:35:ea:10:f5:71:52:6d:49:02:fe:bd:3d:80:
         29:24:01:15:b8:7f:9b:14:93:e5:00:ac:d5:e7:7c:d3:05:d5:
         dc:2d:d6:0e:1d:4e:46:53:35:67:ad:ef:89:54:b2:26:19:77:
         47:ac:82:b0:de:03:05:08:bb:74:fb:69:81:12:0e:76:e0:ce:
         c7:19:e5:4b:ae:c1:de:b7:e4:44:6d:37:c1:d8:21:34:48:12:
         c7:cb:00:53:bb:1d:b8:23:42:02:b6:f7:78:63:c3:54:0c:45:
         22:7b:04:83:16:ab:4e:a1:75:89:59:d4:19:20:57:ba:e7:0d:
         cd:be:9f:7f:6a:fe:23:90:c9:78:ce:09:23:1c:8f:23:55:16:
         87:87:a1:f4:46:69:f5:ea:7a:6d:ea:e7:5a:61:34:88:dc:d0:
         ff:fc:22:ef:8a:c2:a2:d5:fe:d0:99:5b:ae:ad:35:a1:65:b6:
         f0:1c:ce:bc:26:7a:cf:a8:cf:37:8e:28:01:2f:75:29:19:4f:
         d9:2f:3d:87
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgICA2YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTEy
NjE3M0I4RDZCM0ZGMTBFM0YwM0ZCMDU2MEZFNjU1MURFQTJEQjAeFw0yNDA0MzAw
MTU2NThaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKEYzMjNEQUNGQTQxNzdG
QkNBN0M3NzBEQkFBNjJDOTU3NjdDQ0NERTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKG4jRfjxRD0SKI7T/cKX331tlDvnVBDv+EON8C++ehspsNddK
0ln6xmhuudFMMqKsnJrF4fQAyGDo2mTQEcNZnPbYkscHN7KhgrSQTgFjrpmzrJ2D
Qfvg/JcO8m56Ifpz8+5hIlxOdCjL85LrYRiVsAAG6RxGAnHJrmwzL7bfm2DpXKaM
/dB69DTXaYZpjrBNJfutE3fIACe8TfQlQBXQmxeX4r/A0zQiGn0NfvWvuIpMqlnf
i4KxFJZAzwBkIZJ6NISpDsE0TIp+T57aW4P8I7DtXYso3V7ul04wBSSiBXgGSIMw
0KKnrumRpzCqo6vo/iNaT7fTXyGRi9dF3mGnAgMBAAGjggIqMIICJjAdBgNVHQ4E
FgQU8yPaz6QXf7ynx3DbqmLJV2fMzeUwHwYDVR0jBBgwFoAUUSYXO41rP/EOPwP7
BWD+ZVHeotswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBoBgNVHR8EYTBfMF2g
W6BZhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwMTI5L1VTWVhPNDFyUF9FT1B3UDdCV0QtWlZIZW90cy5jcmwwbQYI
KwYBBQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9y
eS5uaWMuYWQuanAvYXAvQTkxQTczODEwMDAwL1VTWVhPNDFyUF9FT1B3UDdCV0Qt
WlZIZW90cy5jZXIwDgYDVR0PAQH/BAQDAgeAMIG9BggrBgEFBQcBCwSBsDCBrTBj
BggrBgEFBQcwC4ZXcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2Fw
L0E5MUE3MzgxMDAwMC8zMDEyOS84eVBhejZRWGY3eW54M0RicW1MSlYyZk16ZVUu
cm9hMEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQu
anAvcnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAoAay0wDQYJKoZIhvcNAQELBQADggEBAJNE7CyQEnMXICEIWDJ7
k38cgTIlkcdOcaC5YjwOda4KvMUTy8YgWg8WGeSsnjuBCBAaUbJcMu5Ixi+ENeoQ
9XFSbUkC/r09gCkkARW4f5sUk+UArNXnfNMF1dwt1g4dTkZTNWet74lUsiYZd0es
grDeAwUIu3T7aYESDnbgzscZ5Uuuwd635ERtN8HYITRIEsfLAFO7HbgjQgK293hj
w1QMRSJ7BIMWq06hdYlZ1BkgV7rnDc2+n39q/iOQyXjOCSMcjyNVFoeHofRGafXq
em3q51phNIjc0P/8Iu+KwqLV/tCZW66tNaFltvAczrwmes+ozzeOKAEvdSkZT9kv
PYc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:33:13 2024 by rpki-client on console-fra.rpki-client.org