Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30129/KC_FCYanRaMc6iVIGAiMYPHLxMY.roa
File:                     KC_FCYanRaMc6iVIGAiMYPHLxMY.roa (raw, json)
Hash identifier:          iOEu50nt2PcSwequH2l5XJ8LQA+Gfsw2voOkMxtfD1E=
Subject key identifier:   28:2F:C5:09:86:A7:45:A3:1C:EA:25:48:18:08:8C:60:F1:CB:C4:C6
Certificate issuer:       /CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
Certificate serial:       02EB
Authority key identifier: 51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/KC_FCYanRaMc6iVIGAiMYPHLxMY.roa
Signing time:             Tue 30 Apr 2024 01:48:00 +0000
ROA not before:           Tue 30 Apr 2024 01:48:00 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        240a:6b:a200::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 03 Dec 2024 00:11:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 747 (0x2eb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
        Validity
            Not Before: Apr 30 01:48:00 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=282FC50986A745A31CEA254818088C60F1CBC4C6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:0d:3d:2c:a7:ee:66:9d:fd:d0:22:4c:9e:a5:
                    fe:37:26:a0:8e:21:70:d0:3e:1c:db:5c:57:2c:e0:
                    76:20:b5:2b:77:7c:84:14:cd:fd:33:d8:6c:c5:9f:
                    ec:fe:b3:1e:91:a7:e0:e3:12:44:75:97:7f:1b:bf:
                    d3:6a:d5:cd:1f:a2:76:a0:06:f8:d1:ae:c9:c4:0d:
                    3b:19:40:1b:87:ff:0b:cf:7d:30:ec:19:84:29:9b:
                    5b:82:af:80:82:9f:00:f2:1b:a2:3a:3f:aa:7d:06:
                    c6:fa:ff:5b:e2:e7:7e:b1:95:f6:9e:98:a1:cf:ae:
                    61:60:4d:e7:07:15:ec:90:a9:65:45:30:94:7a:ec:
                    f1:56:85:57:1f:57:59:92:68:74:9d:40:6b:9e:23:
                    bf:00:b4:5a:93:e4:a8:d1:c3:31:05:ee:da:33:26:
                    b9:dc:2a:87:25:96:c8:2a:0b:ae:2c:12:dc:bb:7c:
                    b4:e6:35:70:94:19:fa:c5:38:5f:87:80:c7:fd:db:
                    4b:e5:12:c6:00:7f:07:c1:21:9a:bd:e2:a6:11:6c:
                    09:0b:d8:08:81:ad:70:86:85:03:2c:8f:c0:b5:f4:
                    39:ca:f8:29:ae:6b:36:32:df:b5:11:81:59:fb:b1:
                    66:4a:50:e8:4f:73:e3:06:a5:bf:3c:55:e9:a0:7b:
                    d2:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:2F:C5:09:86:A7:45:A3:1C:EA:25:48:18:08:8C:60:F1:CB:C4:C6
            X509v3 Authority Key Identifier:
                keyid:51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/KC_FCYanRaMc6iVIGAiMYPHLxMY.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  240a:6b:a200::/40

    Signature Algorithm: sha256WithRSAEncryption
         a8:dc:f1:69:8b:9c:1d:47:b3:9c:92:9b:e1:40:4d:b3:7f:88:
         30:b6:04:b9:c9:09:8a:be:c7:0a:24:16:79:9b:30:7a:3b:38:
         2e:94:4a:76:46:45:9f:62:ae:3b:55:32:2a:89:13:24:fe:ff:
         85:33:d9:5f:7f:26:03:df:9c:13:ec:0e:a8:d4:33:e8:fe:0d:
         81:60:f6:86:39:fd:26:a6:ec:09:98:c3:c1:3d:8e:51:2e:d2:
         35:31:72:91:2e:52:34:e6:23:c8:20:4d:e9:50:35:0f:08:dc:
         c8:94:aa:2e:9a:ef:cd:fc:a4:df:49:bb:62:4c:e3:b1:9a:13:
         49:c4:e9:a3:99:9f:b7:2b:0f:d6:02:a3:16:9c:e9:58:dc:8f:
         dc:66:47:67:d2:09:41:ba:27:b3:9d:ff:58:68:16:b2:a3:f4:
         ee:c7:ed:a2:fc:28:1e:b9:85:64:66:97:97:b3:eb:75:42:c9:
         3e:74:64:7b:08:78:a3:de:a2:ae:28:51:03:08:79:f4:a9:c9:
         83:06:24:d4:a1:d1:53:20:9f:a8:40:6a:e0:7b:9a:dc:59:49:
         da:91:bf:77:7f:17:72:36:ef:44:de:de:86:ad:68:dc:ee:65:
         2a:ed:b7:ab:62:bf:2b:bc:9d:e0:9c:38:4e:81:1b:2c:0f:af:
         e7:0c:ee:11
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgICAuswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTEy
NjE3M0I4RDZCM0ZGMTBFM0YwM0ZCMDU2MEZFNjU1MURFQTJEQjAeFw0yNDA0MzAw
MTQ4MDBaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDI4MkZDNTA5ODZBNzQ1
QTMxQ0VBMjU0ODE4MDg4QzYwRjFDQkM0QzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvDT0sp+5mnf3QIkyepf43JqCOIXDQPhzbXFcs4HYgtSt3fIQU
zf0z2GzFn+z+sx6Rp+DjEkR1l38bv9Nq1c0fonagBvjRrsnEDTsZQBuH/wvPfTDs
GYQpm1uCr4CCnwDyG6I6P6p9Bsb6/1vi536xlfaemKHPrmFgTecHFeyQqWVFMJR6
7PFWhVcfV1mSaHSdQGueI78AtFqT5KjRwzEF7tozJrncKocllsgqC64sEty7fLTm
NXCUGfrFOF+HgMf920vlEsYAfwfBIZq94qYRbAkL2AiBrXCGhQMsj8C19DnK+Cmu
azYy37URgVn7sWZKUOhPc+MGpb88Vemge9JVAgMBAAGjggIqMIICJjAdBgNVHQ4E
FgQUKC/FCYanRaMc6iVIGAiMYPHLxMYwHwYDVR0jBBgwFoAUUSYXO41rP/EOPwP7
BWD+ZVHeotswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBoBgNVHR8EYTBfMF2g
W6BZhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwMTI5L1VTWVhPNDFyUF9FT1B3UDdCV0QtWlZIZW90cy5jcmwwbQYI
KwYBBQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9y
eS5uaWMuYWQuanAvYXAvQTkxQTczODEwMDAwL1VTWVhPNDFyUF9FT1B3UDdCV0Qt
WlZIZW90cy5jZXIwDgYDVR0PAQH/BAQDAgeAMIG9BggrBgEFBQcBCwSBsDCBrTBj
BggrBgEFBQcwC4ZXcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2Fw
L0E5MUE3MzgxMDAwMC8zMDEyOS9LQ19GQ1lhblJhTWM2aVZJR0FpTVlQSEx4TVku
cm9hMEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQu
anAvcnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAoAa6IwDQYJKoZIhvcNAQELBQADggEBAKjc8WmLnB1Hs5ySm+FA
TbN/iDC2BLnJCYq+xwokFnmbMHo7OC6USnZGRZ9irjtVMiqJEyT+/4Uz2V9/JgPf
nBPsDqjUM+j+DYFg9oY5/Sam7AmYw8E9jlEu0jUxcpEuUjTmI8ggTelQNQ8I3MiU
qi6a7838pN9Ju2JM47GaE0nE6aOZn7crD9YCoxac6Vjcj9xmR2fSCUG6J7Od/1ho
FrKj9O7H7aL8KB65hWRml5ez63VCyT50ZHsIeKPeoq4oUQMIefSpyYMGJNSh0VMg
n6hAauB7mtxZSdqRv3d/F3I270Te3oataNzuZSrtt6tivyu8neCcOE6BGywPr+cM
7hE=
-----END CERTIFICATE-----
Generated at Tue Nov 26 02:27:04 2024 by rpki-client on console-ams.rpki-client.org