Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30129/Hj2S51Z8l7jCToI2X64MT20NdtY.roa
File:                     Hj2S51Z8l7jCToI2X64MT20NdtY.roa (raw, json)
Hash identifier:          zIhAUmZ0fIkH017LtoZkYg5pHpdh9yeqmQPT+dvoLRY=
Subject key identifier:   1E:3D:92:E7:56:7C:97:B8:C2:4E:82:36:5F:AE:0C:4F:6D:0D:76:D6
Certificate issuer:       /CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
Certificate serial:       0328
Authority key identifier: 51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/Hj2S51Z8l7jCToI2X64MT20NdtY.roa
Signing time:             Tue 30 Apr 2024 01:50:57 +0000
ROA not before:           Tue 30 Apr 2024 01:50:57 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        240a:6b:b700::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 03 Dec 2024 00:11:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 808 (0x328)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
        Validity
            Not Before: Apr 30 01:50:57 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=1E3D92E7567C97B8C24E82365FAE0C4F6D0D76D6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:10:4e:78:78:2a:27:86:63:a3:03:cb:bf:0b:
                    07:d5:cd:9d:e7:ff:a0:77:af:72:31:9e:64:46:02:
                    e3:cc:bc:7e:ff:74:6a:bb:ee:4e:c9:85:68:2e:b4:
                    d2:69:2c:3a:ee:40:bb:fa:e1:0d:db:4e:7a:53:c2:
                    5c:d7:a7:55:36:63:da:16:e3:e1:41:f1:88:a2:2f:
                    9d:b9:b8:0e:a8:27:b6:eb:63:09:32:7f:41:4f:9c:
                    cd:27:49:46:42:df:04:e4:20:a8:cb:6d:51:68:d3:
                    83:79:14:ea:fc:4c:44:54:d0:14:83:8b:2c:57:9c:
                    5c:5e:dd:d5:ed:b6:94:af:af:2a:1f:e1:36:29:53:
                    fe:3d:14:0c:0b:83:ea:e4:bc:9c:4a:af:2d:4e:b5:
                    5c:94:0a:3d:db:88:ad:ad:61:91:db:00:a9:f1:5a:
                    6d:53:f4:ea:9c:12:5a:29:47:09:a8:ef:2f:52:ac:
                    60:d4:d8:9c:0d:d7:35:fa:50:e9:e2:a8:b0:af:4a:
                    7d:a9:5e:23:96:bc:38:9b:d6:58:16:e0:a1:37:9f:
                    60:ff:fd:e1:2e:62:e2:9c:59:33:e7:6d:91:15:71:
                    6a:b6:a3:16:11:f5:74:2e:37:25:eb:0f:dc:d5:50:
                    57:8a:fb:d2:3e:c8:40:fc:7f:7d:01:85:b6:1c:e6:
                    94:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:3D:92:E7:56:7C:97:B8:C2:4E:82:36:5F:AE:0C:4F:6D:0D:76:D6
            X509v3 Authority Key Identifier:
                keyid:51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/Hj2S51Z8l7jCToI2X64MT20NdtY.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  240a:6b:b700::/40

    Signature Algorithm: sha256WithRSAEncryption
         5b:10:b4:39:cd:51:bc:20:9a:f8:ee:ad:5a:32:45:b2:cf:a2:
         9c:de:67:08:2b:ab:d1:e5:f9:ba:2f:17:2f:34:72:0b:77:6f:
         01:88:f8:2f:4a:1a:cd:48:cd:75:8c:fd:ae:8f:66:ef:cc:b6:
         ac:c0:92:e3:54:ac:70:b0:85:0b:7b:27:a3:9a:3f:30:db:a7:
         f5:74:d9:2c:c3:d0:5c:9b:10:e7:c2:2f:44:8c:d0:db:37:3c:
         2c:eb:73:be:1e:ce:a1:a7:cd:da:a8:8a:cc:24:0d:4c:1e:ce:
         4f:cf:a5:95:31:31:23:3d:05:0b:c6:d4:8c:06:2c:d6:5d:dc:
         50:03:9c:49:d3:9d:2b:a6:93:bf:e1:5d:e0:0d:4b:12:2b:55:
         3b:95:cb:65:09:32:47:4a:21:84:9d:e7:50:1c:a5:11:98:02:
         e9:76:c2:f7:d6:e7:9e:8c:10:79:0d:98:a3:77:19:ae:e7:b7:
         fc:1d:82:74:b1:16:29:d5:aa:a3:34:20:14:d2:b8:ac:d5:8d:
         b0:5a:3f:72:97:f3:6c:72:27:79:ef:b8:4d:53:9a:04:37:00:
         c8:53:49:29:0a:fb:cb:8c:6b:66:c9:13:b3:0e:e4:2e:ee:2e:
         07:ac:71:b3:21:99:62:cc:f8:d2:33:cf:43:77:ee:96:e2:57:
         3c:a3:cd:53
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgICAygwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTEy
NjE3M0I4RDZCM0ZGMTBFM0YwM0ZCMDU2MEZFNjU1MURFQTJEQjAeFw0yNDA0MzAw
MTUwNTdaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDFFM0Q5MkU3NTY3Qzk3
QjhDMjRFODIzNjVGQUUwQzRGNkQwRDc2RDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2EE54eConhmOjA8u/CwfVzZ3n/6B3r3IxnmRGAuPMvH7/dGq7
7k7JhWgutNJpLDruQLv64Q3bTnpTwlzXp1U2Y9oW4+FB8YiiL525uA6oJ7brYwky
f0FPnM0nSUZC3wTkIKjLbVFo04N5FOr8TERU0BSDiyxXnFxe3dXttpSvryof4TYp
U/49FAwLg+rkvJxKry1OtVyUCj3biK2tYZHbAKnxWm1T9OqcElopRwmo7y9SrGDU
2JwN1zX6UOniqLCvSn2pXiOWvDib1lgW4KE3n2D//eEuYuKcWTPnbZEVcWq2oxYR
9XQuNyXrD9zVUFeK+9I+yED8f30BhbYc5pR5AgMBAAGjggIqMIICJjAdBgNVHQ4E
FgQUHj2S51Z8l7jCToI2X64MT20NdtYwHwYDVR0jBBgwFoAUUSYXO41rP/EOPwP7
BWD+ZVHeotswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBoBgNVHR8EYTBfMF2g
W6BZhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwMTI5L1VTWVhPNDFyUF9FT1B3UDdCV0QtWlZIZW90cy5jcmwwbQYI
KwYBBQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9y
eS5uaWMuYWQuanAvYXAvQTkxQTczODEwMDAwL1VTWVhPNDFyUF9FT1B3UDdCV0Qt
WlZIZW90cy5jZXIwDgYDVR0PAQH/BAQDAgeAMIG9BggrBgEFBQcBCwSBsDCBrTBj
BggrBgEFBQcwC4ZXcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2Fw
L0E5MUE3MzgxMDAwMC8zMDEyOS9IajJTNTFaOGw3akNUb0kyWDY0TVQyME5kdFku
cm9hMEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQu
anAvcnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAoAa7cwDQYJKoZIhvcNAQELBQADggEBAFsQtDnNUbwgmvjurVoy
RbLPopzeZwgrq9Hl+bovFy80cgt3bwGI+C9KGs1IzXWM/a6PZu/MtqzAkuNUrHCw
hQt7J6OaPzDbp/V02SzD0FybEOfCL0SM0Ns3PCzrc74ezqGnzdqoiswkDUwezk/P
pZUxMSM9BQvG1IwGLNZd3FADnEnTnSumk7/hXeANSxIrVTuVy2UJMkdKIYSd51Ac
pRGYAul2wvfW556MEHkNmKN3Ga7nt/wdgnSxFinVqqM0IBTSuKzVjbBaP3KX82xy
J3nvuE1TmgQ3AMhTSSkK+8uMa2bJE7MO5C7uLgescbMhmWLM+NIzz0N37pbiVzyj
zVM=
-----END CERTIFICATE-----
Generated at Tue Nov 26 02:27:04 2024 by rpki-client on console-ams.rpki-client.org