Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30129/BLHsSVxhJuXiEiQFPQwUDP5AeEQ.roa
File:                     BLHsSVxhJuXiEiQFPQwUDP5AeEQ.roa (raw, json)
Hash identifier:          gfwq8g2wV+7FR6PamQcJJ6cYnMdUl76ZC23huv+3DdI=
Subject key identifier:   04:B1:EC:49:5C:61:26:E5:E2:12:24:05:3D:0C:14:0C:FE:40:78:44
Certificate issuer:       /CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
Certificate serial:       037E
Authority key identifier: 51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/BLHsSVxhJuXiEiQFPQwUDP5AeEQ.roa
Signing time:             Tue 30 Apr 2024 02:00:03 +0000
ROA not before:           Tue 30 Apr 2024 02:00:03 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        240a:6b:3000::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 01:32:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 894 (0x37e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
        Validity
            Not Before: Apr 30 02:00:03 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=04B1EC495C6126E5E21224053D0C140CFE407844
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:b6:3c:db:b1:ac:c2:9a:61:df:ee:09:40:bd:
                    35:e7:96:c0:49:27:86:27:b7:5c:8e:bf:93:fc:3e:
                    87:57:d1:0b:77:e1:7f:de:9f:48:c6:64:ea:12:97:
                    0b:3f:eb:61:15:94:e7:f4:66:21:43:ba:3b:f6:0b:
                    82:bc:a9:4c:ee:ef:90:bf:61:89:c8:14:fe:71:98:
                    f7:4d:76:4f:4b:56:9a:00:6e:bb:79:e5:70:85:81:
                    55:99:9e:97:e6:c8:9a:42:06:fe:60:ec:54:88:b2:
                    0b:29:b1:73:ae:28:86:64:9b:e3:9a:96:c4:d7:5d:
                    a4:9f:41:4c:6c:25:c0:2d:c3:ea:b7:0f:81:71:67:
                    44:7e:ec:7f:89:bb:73:dc:d2:16:77:16:63:93:73:
                    79:57:95:2f:26:18:d6:f4:3f:a7:87:f0:68:1d:6e:
                    1c:57:15:2b:57:64:93:8e:57:8e:fd:03:e3:a3:f9:
                    76:46:58:7e:34:40:98:f6:40:ab:ff:e1:2c:13:0a:
                    65:65:fa:47:cb:d9:08:88:95:57:98:1e:60:0e:04:
                    cf:b2:a6:99:26:3d:5e:1c:60:9c:ac:7f:fc:c5:8d:
                    c6:9e:68:90:b6:f1:6b:1a:28:b0:d5:2a:27:43:18:
                    f4:21:b6:1b:68:54:68:40:8e:bd:bc:6b:c4:28:6e:
                    95:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:B1:EC:49:5C:61:26:E5:E2:12:24:05:3D:0C:14:0C:FE:40:78:44
            X509v3 Authority Key Identifier:
                keyid:51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/BLHsSVxhJuXiEiQFPQwUDP5AeEQ.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  240a:6b:3000::/40

    Signature Algorithm: sha256WithRSAEncryption
         63:1c:85:71:0e:56:59:64:8f:60:00:f5:e3:23:13:28:4d:06:
         4f:35:64:f4:0c:a0:6c:2c:1b:97:60:1b:ac:a7:da:54:50:30:
         9d:e3:dc:3a:79:40:59:44:8c:56:79:a9:5c:37:c1:92:92:95:
         48:8a:23:63:48:dd:e0:e9:92:e2:f5:d2:16:15:53:f5:4f:79:
         f8:88:41:40:8c:31:62:65:a9:60:f5:f6:e5:99:cb:1c:2a:eb:
         e8:8c:b6:0e:32:37:16:8d:e5:84:c2:89:b2:30:46:aa:93:41:
         1f:d4:7d:83:f8:89:1a:ad:1a:a1:ae:4b:c8:bc:a0:73:77:c3:
         66:be:3d:e6:7d:d6:87:1f:3e:f6:57:1a:00:39:fe:cd:af:8e:
         7d:eb:c0:a7:45:5c:03:0e:c5:21:22:92:f9:f0:b4:9e:14:52:
         42:34:b0:72:44:e9:4a:50:eb:e3:6e:a5:c8:24:57:b5:db:7f:
         5e:cf:3c:06:af:c9:b2:42:56:d1:9a:3a:56:e0:77:d7:57:7e:
         53:22:c0:a4:22:b8:28:af:14:6d:6c:d0:a2:1f:a6:11:a2:1f:
         65:cd:c6:aa:c1:5a:9e:56:bc:ec:52:b9:22:6c:c5:4b:c1:7a:
         41:92:97:20:a1:aa:cc:4a:eb:3a:77:0a:67:f6:9f:cc:79:f5:
         05:97:ff:d7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgICA34wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTEy
NjE3M0I4RDZCM0ZGMTBFM0YwM0ZCMDU2MEZFNjU1MURFQTJEQjAeFw0yNDA0MzAw
MjAwMDNaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDA0QjFFQzQ5NUM2MTI2
RTVFMjEyMjQwNTNEMEMxNDBDRkU0MDc4NDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+tjzbsazCmmHf7glAvTXnlsBJJ4Ynt1yOv5P8PodX0Qt34X/e
n0jGZOoSlws/62EVlOf0ZiFDujv2C4K8qUzu75C/YYnIFP5xmPdNdk9LVpoAbrt5
5XCFgVWZnpfmyJpCBv5g7FSIsgspsXOuKIZkm+OalsTXXaSfQUxsJcAtw+q3D4Fx
Z0R+7H+Ju3Pc0hZ3FmOTc3lXlS8mGNb0P6eH8GgdbhxXFStXZJOOV479A+Oj+XZG
WH40QJj2QKv/4SwTCmVl+kfL2QiIlVeYHmAOBM+yppkmPV4cYJysf/zFjcaeaJC2
8WsaKLDVKidDGPQhthtoVGhAjr28a8QobpVDAgMBAAGjggIqMIICJjAdBgNVHQ4E
FgQUBLHsSVxhJuXiEiQFPQwUDP5AeEQwHwYDVR0jBBgwFoAUUSYXO41rP/EOPwP7
BWD+ZVHeotswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBoBgNVHR8EYTBfMF2g
W6BZhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwMTI5L1VTWVhPNDFyUF9FT1B3UDdCV0QtWlZIZW90cy5jcmwwbQYI
KwYBBQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9y
eS5uaWMuYWQuanAvYXAvQTkxQTczODEwMDAwL1VTWVhPNDFyUF9FT1B3UDdCV0Qt
WlZIZW90cy5jZXIwDgYDVR0PAQH/BAQDAgeAMIG9BggrBgEFBQcBCwSBsDCBrTBj
BggrBgEFBQcwC4ZXcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2Fw
L0E5MUE3MzgxMDAwMC8zMDEyOS9CTEhzU1Z4aEp1WGlFaVFGUFF3VURQNUFlRVEu
cm9hMEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQu
anAvcnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAoAazAwDQYJKoZIhvcNAQELBQADggEBAGMchXEOVllkj2AA9eMj
EyhNBk81ZPQMoGwsG5dgG6yn2lRQMJ3j3Dp5QFlEjFZ5qVw3wZKSlUiKI2NI3eDp
kuL10hYVU/VPefiIQUCMMWJlqWD19uWZyxwq6+iMtg4yNxaN5YTCibIwRqqTQR/U
fYP4iRqtGqGuS8i8oHN3w2a+PeZ91ocfPvZXGgA5/s2vjn3rwKdFXAMOxSEikvnw
tJ4UUkI0sHJE6UpQ6+NupcgkV7Xbf17PPAavybJCVtGaOlbgd9dXflMiwKQiuCiv
FG1s0KIfphGiH2XNxqrBWp5WvOxSuSJsxUvBekGSlyChqsxK6zp3Cmf2n8x59QWX
/9c=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:41:50 2024 by rpki-client on console-ams.rpki-client.org