Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30129/Ki2gYAtm_Wsv6Z2EPKouWAeKHs0.roa
File:                     Ki2gYAtm_Wsv6Z2EPKouWAeKHs0.roa (raw, json)
Hash identifier:          +G2CRi7pGHPB3YnCLI7EWkmSGskfJ0cN5AwbHPU+JZs=
Subject key identifier:   2A:2D:A0:60:0B:66:FD:6B:2F:E9:9D:84:3C:AA:2E:58:07:8A:1E:CD
Certificate issuer:       /CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
Certificate serial:       032D
Authority key identifier: 51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/Ki2gYAtm_Wsv6Z2EPKouWAeKHs0.roa
Signing time:             Tue 30 Apr 2024 01:53:53 +0000
ROA not before:           Tue 30 Apr 2024 01:53:53 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        240a:6b:dd00::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 12:46:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 813 (0x32d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
        Validity
            Not Before: Apr 30 01:53:53 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=2A2DA0600B66FD6B2FE99D843CAA2E58078A1ECD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:14:96:3b:0d:bb:98:28:23:a1:bd:ad:35:c9:
                    f1:22:82:2b:f9:20:f6:7a:67:1c:cf:c9:9f:43:47:
                    c1:3c:70:5e:a4:08:5d:e1:53:09:1f:2b:bb:82:47:
                    f4:65:37:94:3a:5d:37:0d:2f:2f:b5:e9:6f:08:3a:
                    44:48:af:6e:d8:17:05:d7:49:8e:81:91:f7:5f:77:
                    6f:f6:85:56:a3:5b:a4:a4:89:93:26:05:4e:fb:4e:
                    ac:56:07:61:8e:87:cb:1f:da:45:47:63:c5:8b:d3:
                    53:e9:d9:5d:2a:7d:db:d0:9b:4c:0b:5e:ef:57:b3:
                    70:cb:32:49:ec:c6:b9:e6:e6:3c:56:05:0f:c8:10:
                    fd:e8:cf:03:c1:53:cb:0f:b9:28:30:3f:dd:a9:63:
                    f6:a8:76:1a:1d:60:a2:48:4a:cd:1c:34:dc:e9:ac:
                    03:8b:6c:2d:7d:99:ea:6e:42:85:a4:99:8a:00:27:
                    2e:73:a3:4d:04:27:37:19:fc:09:b2:6e:8e:c9:5a:
                    d0:ff:cc:24:7c:26:e0:bf:1f:64:91:f4:58:f9:72:
                    c2:3b:f4:1a:70:1d:c2:a3:97:79:76:25:3f:d3:14:
                    54:dd:1f:20:75:79:37:bb:a7:9a:4c:62:87:64:9c:
                    aa:2e:fe:25:72:c8:50:cb:20:2d:96:b0:b2:d5:dd:
                    cd:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:2D:A0:60:0B:66:FD:6B:2F:E9:9D:84:3C:AA:2E:58:07:8A:1E:CD
            X509v3 Authority Key Identifier:
                keyid:51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/Ki2gYAtm_Wsv6Z2EPKouWAeKHs0.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  240a:6b:dd00::/40

    Signature Algorithm: sha256WithRSAEncryption
         66:02:5e:b4:2d:a3:d0:52:b3:d4:66:22:df:39:56:2a:be:d4:
         ba:c1:39:a2:33:b6:31:0d:8d:bb:bd:32:5c:77:d5:fe:37:b3:
         e8:9d:1e:1c:23:6e:d5:ac:12:9a:09:a9:53:bd:ec:45:43:3a:
         e6:28:20:f5:b9:a2:d8:33:bd:90:2d:60:4c:19:d3:ce:bc:ec:
         16:af:c9:ec:80:98:72:30:32:35:3c:23:ca:74:0b:58:5f:6c:
         77:6f:b6:0d:8d:53:72:67:96:87:4c:87:f5:0d:bf:a6:60:32:
         9e:24:8a:48:0c:d8:7e:a5:ca:6c:dc:b9:d5:e8:5c:49:bc:17:
         fb:81:73:51:26:39:86:cc:d9:30:94:8d:3f:64:a8:f8:9c:96:
         30:cb:7d:f7:d6:b5:71:2e:88:8f:3a:27:a7:ab:6c:bc:fe:27:
         7e:f3:d5:7b:22:a0:36:e7:60:e5:f9:78:ab:37:ba:78:99:c1:
         6d:7a:38:14:cd:58:fd:2d:de:a6:38:ea:81:1f:27:a1:1f:0d:
         60:0e:d6:66:9a:cb:0e:2c:d6:74:7f:49:26:5a:16:29:6d:65:
         1e:8d:31:12:86:0d:19:7a:32:0f:59:5a:32:c2:6e:d9:6e:09:
         87:24:02:6f:eb:a6:f6:8b:43:e5:02:46:49:3e:af:c2:d8:98:
         c6:8f:b2:2f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgICAy0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTEy
NjE3M0I4RDZCM0ZGMTBFM0YwM0ZCMDU2MEZFNjU1MURFQTJEQjAeFw0yNDA0MzAw
MTUzNTNaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDJBMkRBMDYwMEI2NkZE
NkIyRkU5OUQ4NDNDQUEyRTU4MDc4QTFFQ0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2FJY7DbuYKCOhva01yfEigiv5IPZ6ZxzPyZ9DR8E8cF6kCF3h
UwkfK7uCR/RlN5Q6XTcNLy+16W8IOkRIr27YFwXXSY6Bkfdfd2/2hVajW6SkiZMm
BU77TqxWB2GOh8sf2kVHY8WL01Pp2V0qfdvQm0wLXu9Xs3DLMknsxrnm5jxWBQ/I
EP3ozwPBU8sPuSgwP92pY/aodhodYKJISs0cNNzprAOLbC19mepuQoWkmYoAJy5z
o00EJzcZ/Amybo7JWtD/zCR8JuC/H2SR9Fj5csI79BpwHcKjl3l2JT/TFFTdHyB1
eTe7p5pMYodknKou/iVyyFDLIC2WsLLV3c0XAgMBAAGjggIqMIICJjAdBgNVHQ4E
FgQUKi2gYAtm/Wsv6Z2EPKouWAeKHs0wHwYDVR0jBBgwFoAUUSYXO41rP/EOPwP7
BWD+ZVHeotswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBoBgNVHR8EYTBfMF2g
W6BZhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwMTI5L1VTWVhPNDFyUF9FT1B3UDdCV0QtWlZIZW90cy5jcmwwbQYI
KwYBBQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9y
eS5uaWMuYWQuanAvYXAvQTkxQTczODEwMDAwL1VTWVhPNDFyUF9FT1B3UDdCV0Qt
WlZIZW90cy5jZXIwDgYDVR0PAQH/BAQDAgeAMIG9BggrBgEFBQcBCwSBsDCBrTBj
BggrBgEFBQcwC4ZXcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2Fw
L0E5MUE3MzgxMDAwMC8zMDEyOS9LaTJnWUF0bV9Xc3Y2WjJFUEtvdVdBZUtIczAu
cm9hMEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQu
anAvcnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAoAa90wDQYJKoZIhvcNAQELBQADggEBAGYCXrQto9BSs9RmIt85
Viq+1LrBOaIztjENjbu9Mlx31f43s+idHhwjbtWsEpoJqVO97EVDOuYoIPW5otgz
vZAtYEwZ08687BavyeyAmHIwMjU8I8p0C1hfbHdvtg2NU3JnlodMh/UNv6ZgMp4k
ikgM2H6lymzcudXoXEm8F/uBc1EmOYbM2TCUjT9kqPicljDLfffWtXEuiI86J6er
bLz+J37z1XsioDbnYOX5eKs3uniZwW16OBTNWP0t3qY46oEfJ6EfDWAO1maayw4s
1nR/SSZaFiltZR6NMRKGDRl6Mg9ZWjLCbtluCYckAm/rpvaLQ+UCRkk+r8LYmMaP
si8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:33:13 2024 by rpki-client on console-fra.rpki-client.org