Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30129/KPZ4T78bTISVsrYSC0g6BdD87ko.roa
File:                     KPZ4T78bTISVsrYSC0g6BdD87ko.roa (raw, json)
Hash identifier:          Y81k2e+jDHW5C7HDbS8qefezyno4zAc7K261Bt/zhS0=
Subject key identifier:   28:F6:78:4F:BF:1B:4C:84:95:B2:B6:12:0B:48:3A:05:D0:FC:EE:4A
Certificate issuer:       /CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
Certificate serial:       0267
Authority key identifier: 51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/KPZ4T78bTISVsrYSC0g6BdD87ko.roa
Signing time:             Tue 16 Jan 2024 05:40:25 +0000
ROA not before:           Tue 16 Jan 2024 05:40:25 +0000
ROA not after:            Tue 14 Jan 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        240a:61:5c00::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 12:58:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 615 (0x267)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
        Validity
            Not Before: Jan 16 05:40:25 2024 GMT
            Not After : Jan 14 01:30:02 2025 GMT
        Subject: CN=28F6784FBF1B4C8495B2B6120B483A05D0FCEE4A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:39:f0:8d:e1:40:ca:8e:d8:8e:41:45:ab:5a:
                    1e:cd:ff:70:b1:db:e6:99:d7:ac:c2:c0:0a:96:5b:
                    f2:4f:b4:f2:d1:41:5e:55:2e:d8:96:c4:23:57:65:
                    91:4f:3c:61:68:0d:7d:68:04:4f:61:bf:51:04:2d:
                    01:fd:57:9c:9f:64:1b:d9:df:b0:cf:e5:03:f4:fd:
                    7f:ef:65:25:e7:2e:a9:8d:52:2b:b9:7b:5f:6c:8b:
                    44:c9:1d:f0:d7:fa:99:b9:32:72:11:eb:28:bf:1c:
                    96:74:42:19:c4:65:57:35:b6:91:f3:78:88:e1:7a:
                    4d:d9:ba:3f:1e:54:ae:73:05:ee:8b:33:6f:71:b5:
                    ef:91:31:2e:8b:f8:b0:58:0d:3d:2d:e5:f8:9a:f7:
                    b2:de:2a:46:f0:ad:9d:a0:17:58:27:17:39:c9:27:
                    2a:1f:a4:7d:eb:d2:73:5c:27:ef:74:47:d6:3c:cd:
                    d9:dd:e5:8c:03:91:72:57:42:df:87:05:ec:eb:f5:
                    ad:93:23:e6:d2:e9:e5:b4:27:40:0f:77:51:c4:41:
                    1c:91:c7:41:1a:23:bb:77:cc:18:ce:4e:c3:14:01:
                    cb:7f:d2:5d:dd:b4:cf:67:44:d5:e4:bb:08:cb:7f:
                    1d:95:49:b7:98:25:d0:42:a4:5c:cb:8b:a4:46:44:
                    5a:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:F6:78:4F:BF:1B:4C:84:95:B2:B6:12:0B:48:3A:05:D0:FC:EE:4A
            X509v3 Authority Key Identifier:
                keyid:51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/KPZ4T78bTISVsrYSC0g6BdD87ko.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  240a:61:5c00::/40

    Signature Algorithm: sha256WithRSAEncryption
         17:16:bd:bd:97:c8:41:61:71:60:ce:24:d9:83:e0:9c:97:a8:
         70:72:48:31:03:cd:fe:6b:6e:48:4f:6c:48:0f:4a:1f:c2:c7:
         3f:07:b3:3e:dc:40:8a:f8:46:f1:01:ea:a2:48:2b:62:ef:35:
         d9:9f:0b:8d:b3:ac:54:8c:93:2d:c6:4e:f8:1e:90:19:4a:d7:
         e9:90:93:52:99:01:af:75:9b:d3:51:1c:d9:0b:ff:67:b3:8a:
         97:17:ee:0a:ba:a1:23:54:67:b9:18:d1:b1:60:94:f3:af:90:
         54:33:07:67:de:cb:0c:e6:66:4a:9e:55:54:4e:64:5e:98:6d:
         48:ee:a2:49:ba:df:99:bd:6e:fc:59:58:cf:e1:b2:b1:e8:b2:
         0b:8e:8e:23:9d:d1:a3:c3:ae:26:fa:58:b4:8f:88:97:b4:9c:
         e3:a8:68:95:39:0d:45:4f:de:0e:d5:2d:fe:0b:08:d2:e6:07:
         60:2e:0b:aa:3a:41:44:40:c2:3d:c0:c4:8b:d4:a4:2e:b0:57:
         39:ad:55:e9:81:11:32:c5:90:39:ee:de:21:a5:86:b0:3f:63:
         75:df:06:7c:67:06:fe:8a:f5:a2:22:a4:66:24:19:79:1b:47:
         90:15:21:15:6c:f5:80:37:d1:c1:fa:09:cc:e9:fc:f3:5f:c0:
         b0:56:81:1f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgICAmcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTEy
NjE3M0I4RDZCM0ZGMTBFM0YwM0ZCMDU2MEZFNjU1MURFQTJEQjAeFw0yNDAxMTYw
NTQwMjVaFw0yNTAxMTQwMTMwMDJaMDMxMTAvBgNVBAMTKDI4RjY3ODRGQkYxQjRD
ODQ5NUIyQjYxMjBCNDgzQTA1RDBGQ0VFNEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3OfCN4UDKjtiOQUWrWh7N/3Cx2+aZ16zCwAqWW/JPtPLRQV5V
LtiWxCNXZZFPPGFoDX1oBE9hv1EELQH9V5yfZBvZ37DP5QP0/X/vZSXnLqmNUiu5
e19si0TJHfDX+pm5MnIR6yi/HJZ0QhnEZVc1tpHzeIjhek3Zuj8eVK5zBe6LM29x
te+RMS6L+LBYDT0t5fia97LeKkbwrZ2gF1gnFznJJyofpH3r0nNcJ+90R9Y8zdnd
5YwDkXJXQt+HBezr9a2TI+bS6eW0J0APd1HEQRyRx0EaI7t3zBjOTsMUAct/0l3d
tM9nRNXkuwjLfx2VSbeYJdBCpFzLi6RGRForAgMBAAGjggIqMIICJjAdBgNVHQ4E
FgQUKPZ4T78bTISVsrYSC0g6BdD87kowHwYDVR0jBBgwFoAUUSYXO41rP/EOPwP7
BWD+ZVHeotswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBoBgNVHR8EYTBfMF2g
W6BZhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwMTI5L1VTWVhPNDFyUF9FT1B3UDdCV0QtWlZIZW90cy5jcmwwbQYI
KwYBBQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9y
eS5uaWMuYWQuanAvYXAvQTkxQTczODEwMDAwL1VTWVhPNDFyUF9FT1B3UDdCV0Qt
WlZIZW90cy5jZXIwDgYDVR0PAQH/BAQDAgeAMIG9BggrBgEFBQcBCwSBsDCBrTBj
BggrBgEFBQcwC4ZXcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2Fw
L0E5MUE3MzgxMDAwMC8zMDEyOS9LUFo0VDc4YlRJU1ZzcllTQzBnNkJkRDg3a28u
cm9hMEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQu
anAvcnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAoAYVwwDQYJKoZIhvcNAQELBQADggEBABcWvb2XyEFhcWDOJNmD
4JyXqHBySDEDzf5rbkhPbEgPSh/Cxz8Hsz7cQIr4RvEB6qJIK2LvNdmfC42zrFSM
ky3GTvgekBlK1+mQk1KZAa91m9NRHNkL/2ezipcX7gq6oSNUZ7kY0bFglPOvkFQz
B2feywzmZkqeVVROZF6YbUjuokm635m9bvxZWM/hsrHosguOjiOd0aPDrib6WLSP
iJe0nOOoaJU5DUVP3g7VLf4LCNLmB2AuC6o6QURAwj3AxIvUpC6wVzmtVemBETLF
kDnu3iGlhrA/Y3XfBnxnBv6K9aIipGYkGXkbR5AVIRVs9YA30cH6Cczp/PNfwLBW
gR8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:21:16 2024 by rpki-client on console-ams.rpki-client.org