Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30129/K-G-PTW43uOmCPDtySVgJ310upM.roa
File:                     K-G-PTW43uOmCPDtySVgJ310upM.roa (raw, json)
Hash identifier:          HI7l2gPzM2p96kOfCVBQ/oSrcjx9N6mBygZtDvBDsmU=
Subject key identifier:   2B:E1:BE:3D:35:B8:DE:E3:A6:08:F0:ED:C9:25:60:27:7D:74:BA:93
Certificate issuer:       /CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
Certificate serial:       02CB
Authority key identifier: 51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/K-G-PTW43uOmCPDtySVgJ310upM.roa
Signing time:             Tue 30 Apr 2024 01:44:47 +0000
ROA not before:           Tue 30 Apr 2024 01:44:47 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        240a:6b:6b00::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 01:32:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 715 (0x2cb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
        Validity
            Not Before: Apr 30 01:44:47 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=2BE1BE3D35B8DEE3A608F0EDC92560277D74BA93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:c0:b0:4c:82:4e:8c:83:88:2f:bc:7d:38:5e:
                    ad:67:39:29:03:ec:ae:e5:9b:11:74:00:cf:8a:54:
                    01:4e:db:4c:7d:c2:4d:31:9a:ea:8d:33:1c:a9:2b:
                    00:6f:31:18:2a:37:ba:e6:55:ff:b6:f9:38:53:60:
                    a7:fc:04:7b:de:b7:3e:3d:95:fd:47:ed:68:06:f6:
                    b8:4f:38:30:9f:25:bc:78:ba:e8:59:bd:b7:83:bc:
                    39:e3:b3:d8:89:ef:0c:84:e4:ac:82:fe:e9:28:77:
                    6d:04:4b:af:26:e3:a1:29:a5:ef:f7:0b:dc:42:8c:
                    aa:cc:fb:41:fd:5a:c3:21:52:7d:f3:1f:42:a1:04:
                    60:7d:b5:f2:4c:ba:58:cd:01:b5:1c:be:4a:1a:dd:
                    b0:6c:dc:df:88:04:f3:53:3e:be:e2:f8:45:a7:86:
                    1d:4c:d1:53:d0:50:32:de:e1:e0:4c:d9:f0:ae:95:
                    9c:9f:e0:dd:fc:0d:06:e2:2f:64:e8:11:d1:16:4a:
                    d9:1b:66:92:bc:25:64:77:9f:69:a3:fd:80:61:1d:
                    8c:e1:70:7e:c0:fc:89:bb:21:6d:ee:7f:f0:2f:22:
                    71:b8:37:e9:6c:4c:39:8b:be:ac:d3:e2:bc:4a:0f:
                    8d:bd:a5:58:49:19:1d:9a:34:ec:b6:79:2c:7a:f1:
                    1c:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:E1:BE:3D:35:B8:DE:E3:A6:08:F0:ED:C9:25:60:27:7D:74:BA:93
            X509v3 Authority Key Identifier:
                keyid:51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/K-G-PTW43uOmCPDtySVgJ310upM.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  240a:6b:6b00::/40

    Signature Algorithm: sha256WithRSAEncryption
         1f:c2:d4:26:99:cf:08:17:1e:4f:5e:61:b7:20:a4:5b:42:0a:
         25:be:ad:a2:9d:9d:58:d0:1d:02:91:46:81:92:66:92:d2:e1:
         0c:35:5f:28:58:ce:e9:2e:30:37:c4:1b:b5:c4:c6:6e:f3:d2:
         9e:16:6c:87:c6:f8:e9:c9:05:1e:cc:e1:05:12:c5:3b:9e:cb:
         d9:72:ca:99:d5:5b:21:3b:36:d0:e5:1a:cb:2a:d4:65:9b:13:
         ad:b4:98:94:d1:84:62:7b:4d:ae:37:51:98:c1:48:d4:aa:9a:
         19:d6:a5:ec:50:32:e5:8a:18:51:dd:5b:d0:6c:b7:37:dd:7a:
         77:03:77:8c:9d:7f:ff:e2:04:18:4f:11:ad:af:d7:91:b9:55:
         cb:65:14:68:fa:87:e9:ef:cb:99:f5:f3:63:9a:f1:aa:70:95:
         de:0e:3e:6d:55:9f:2d:25:62:42:ee:51:d9:97:6d:66:71:61:
         84:c1:eb:da:06:16:21:8e:f9:76:e1:65:26:41:b6:f8:5e:00:
         7a:16:19:79:24:dd:4a:f8:19:ca:72:7e:cd:ba:1d:6a:15:a4:
         81:8c:0f:da:e7:dd:7f:74:ee:0e:b2:a1:62:b6:d0:39:2a:28:
         9e:22:b7:59:64:e0:e7:f5:08:6d:3c:c3:84:be:b2:5e:f4:7f:
         f9:81:7d:13
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgICAsswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTEy
NjE3M0I4RDZCM0ZGMTBFM0YwM0ZCMDU2MEZFNjU1MURFQTJEQjAeFw0yNDA0MzAw
MTQ0NDdaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDJCRTFCRTNEMzVCOERF
RTNBNjA4RjBFREM5MjU2MDI3N0Q3NEJBOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgwLBMgk6Mg4gvvH04Xq1nOSkD7K7lmxF0AM+KVAFO20x9wk0x
muqNMxypKwBvMRgqN7rmVf+2+ThTYKf8BHvetz49lf1H7WgG9rhPODCfJbx4uuhZ
vbeDvDnjs9iJ7wyE5KyC/ukod20ES68m46Eppe/3C9xCjKrM+0H9WsMhUn3zH0Kh
BGB9tfJMuljNAbUcvkoa3bBs3N+IBPNTPr7i+EWnhh1M0VPQUDLe4eBM2fCulZyf
4N38DQbiL2ToEdEWStkbZpK8JWR3n2mj/YBhHYzhcH7A/Im7IW3uf/AvInG4N+ls
TDmLvqzT4rxKD429pVhJGR2aNOy2eSx68RzNAgMBAAGjggIqMIICJjAdBgNVHQ4E
FgQUK+G+PTW43uOmCPDtySVgJ310upMwHwYDVR0jBBgwFoAUUSYXO41rP/EOPwP7
BWD+ZVHeotswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBoBgNVHR8EYTBfMF2g
W6BZhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwMTI5L1VTWVhPNDFyUF9FT1B3UDdCV0QtWlZIZW90cy5jcmwwbQYI
KwYBBQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9y
eS5uaWMuYWQuanAvYXAvQTkxQTczODEwMDAwL1VTWVhPNDFyUF9FT1B3UDdCV0Qt
WlZIZW90cy5jZXIwDgYDVR0PAQH/BAQDAgeAMIG9BggrBgEFBQcBCwSBsDCBrTBj
BggrBgEFBQcwC4ZXcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2Fw
L0E5MUE3MzgxMDAwMC8zMDEyOS9LLUctUFRXNDN1T21DUER0eVNWZ0ozMTB1cE0u
cm9hMEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQu
anAvcnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAoAa2swDQYJKoZIhvcNAQELBQADggEBAB/C1CaZzwgXHk9eYbcg
pFtCCiW+raKdnVjQHQKRRoGSZpLS4Qw1XyhYzukuMDfEG7XExm7z0p4WbIfG+OnJ
BR7M4QUSxTuey9lyypnVWyE7NtDlGssq1GWbE620mJTRhGJ7Ta43UZjBSNSqmhnW
pexQMuWKGFHdW9BstzfdencDd4ydf//iBBhPEa2v15G5VctlFGj6h+nvy5n182Oa
8apwld4OPm1Vny0lYkLuUdmXbWZxYYTB69oGFiGO+XbhZSZBtvheAHoWGXkk3Ur4
Gcpyfs26HWoVpIGMD9rn3X907g6yoWK20DkqKJ4it1lk4Of1CG08w4S+sl70f/mB
fRM=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:41:50 2024 by rpki-client on console-ams.rpki-client.org