Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30129/M7H6ZpDklvK-nZE3xpgMEggAOlA.roa
File:                     M7H6ZpDklvK-nZE3xpgMEggAOlA.roa (raw, json)
Hash identifier:          UwygUT5kKzNsz3wlHwWiSJOklHvDzd+Muf+lhe05xf4=
Subject key identifier:   33:B1:FA:66:90:E4:96:F2:BE:9D:91:37:C6:98:0C:12:08:00:3A:50
Certificate issuer:       /CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
Certificate serial:       0302
Authority key identifier: 51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/M7H6ZpDklvK-nZE3xpgMEggAOlA.roa
Signing time:             Tue 30 Apr 2024 01:48:11 +0000
ROA not before:           Tue 30 Apr 2024 01:48:11 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        240a:6b:4000::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 01:32:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 770 (0x302)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
        Validity
            Not Before: Apr 30 01:48:11 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=33B1FA6690E496F2BE9D9137C6980C1208003A50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:2d:30:d6:8b:15:8e:38:20:c7:76:6c:49:4d:
                    af:62:4f:67:cf:09:06:8d:40:a8:b5:eb:f1:f7:6d:
                    84:e7:8d:28:a9:43:66:b6:10:46:29:65:76:f4:26:
                    b4:a8:23:d6:44:68:6d:dc:a4:3d:c2:db:e3:58:ba:
                    3d:2c:1c:96:4b:f7:f8:78:83:42:fb:9c:07:5b:55:
                    61:d6:e8:58:9d:b2:35:1f:29:98:86:f2:47:7c:a7:
                    9d:e3:fc:30:d4:c6:4c:9f:47:a0:87:61:14:1f:39:
                    66:68:5e:eb:d3:8b:be:72:65:b2:bf:e8:da:2d:8c:
                    86:bc:f6:5b:92:b5:34:ea:15:9f:ae:79:3d:79:2c:
                    a3:53:46:89:8a:0e:40:e7:90:0c:5e:28:8f:6f:50:
                    5c:17:10:0e:7e:e6:dc:02:4e:98:d7:3b:f0:05:af:
                    3d:70:ef:ab:b9:a7:3b:4b:13:45:6c:ba:2d:50:16:
                    42:4e:be:7f:b8:aa:42:b0:ae:3f:68:59:cb:fd:5a:
                    34:73:5c:b0:37:02:f9:a6:5c:3f:41:6b:48:38:e8:
                    7d:90:8d:31:03:1e:2e:45:eb:99:4b:0f:22:94:83:
                    9a:ed:3b:07:c3:35:75:b4:23:73:63:2d:e9:8b:be:
                    e9:b2:a1:42:0b:1b:91:9a:0b:05:03:83:ba:90:9c:
                    7b:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:B1:FA:66:90:E4:96:F2:BE:9D:91:37:C6:98:0C:12:08:00:3A:50
            X509v3 Authority Key Identifier:
                keyid:51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/M7H6ZpDklvK-nZE3xpgMEggAOlA.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  240a:6b:4000::/40

    Signature Algorithm: sha256WithRSAEncryption
         44:70:3a:e3:6e:60:40:8d:0d:d7:35:56:5c:9d:2f:cc:2a:23:
         d7:fe:ef:b8:ab:e7:9f:91:c2:89:57:86:48:41:2b:6f:dd:83:
         d6:eb:02:9e:bd:21:22:ad:18:5e:3a:87:78:bc:91:ec:33:d3:
         17:1d:f1:2e:4c:73:90:5c:1a:8a:3a:70:33:c2:2c:f3:e9:1a:
         6b:29:0f:99:e8:e9:16:59:31:9a:7a:70:39:e4:65:ae:51:76:
         8f:81:fc:c5:ad:21:11:6d:db:09:dd:e6:28:75:42:af:c7:a3:
         e4:be:bd:05:94:9c:62:92:5a:52:27:4b:61:6f:a4:c4:2f:c9:
         4c:d3:78:e4:0a:a4:73:df:d3:20:bd:62:64:5e:af:b7:49:96:
         97:1b:9d:ca:55:df:40:8f:90:84:e8:c8:42:4a:35:be:05:34:
         96:0a:d9:43:3d:34:0b:0c:81:cd:72:7e:dd:48:26:9f:bc:1a:
         f1:9d:b2:97:12:d4:fc:32:6a:7d:7a:f7:d8:c8:91:70:5d:32:
         bd:19:d5:1c:05:f1:a6:6d:f5:06:f5:b6:0d:c7:67:56:3e:4d:
         85:7e:cb:a4:18:fc:56:51:ba:39:23:f9:1f:40:c5:97:a2:fd:
         55:46:97:8d:2a:60:18:af:0c:a2:c9:84:03:a9:43:0a:db:35:
         89:0a:3d:35
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgICAwIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTEy
NjE3M0I4RDZCM0ZGMTBFM0YwM0ZCMDU2MEZFNjU1MURFQTJEQjAeFw0yNDA0MzAw
MTQ4MTFaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDMzQjFGQTY2OTBFNDk2
RjJCRTlEOTEzN0M2OTgwQzEyMDgwMDNBNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDALTDWixWOOCDHdmxJTa9iT2fPCQaNQKi16/H3bYTnjSipQ2a2
EEYpZXb0JrSoI9ZEaG3cpD3C2+NYuj0sHJZL9/h4g0L7nAdbVWHW6FidsjUfKZiG
8kd8p53j/DDUxkyfR6CHYRQfOWZoXuvTi75yZbK/6NotjIa89luStTTqFZ+ueT15
LKNTRomKDkDnkAxeKI9vUFwXEA5+5twCTpjXO/AFrz1w76u5pztLE0Vsui1QFkJO
vn+4qkKwrj9oWcv9WjRzXLA3AvmmXD9Ba0g46H2QjTEDHi5F65lLDyKUg5rtOwfD
NXW0I3NjLemLvumyoUILG5GaCwUDg7qQnHtbAgMBAAGjggIqMIICJjAdBgNVHQ4E
FgQUM7H6ZpDklvK+nZE3xpgMEggAOlAwHwYDVR0jBBgwFoAUUSYXO41rP/EOPwP7
BWD+ZVHeotswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBoBgNVHR8EYTBfMF2g
W6BZhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwMTI5L1VTWVhPNDFyUF9FT1B3UDdCV0QtWlZIZW90cy5jcmwwbQYI
KwYBBQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9y
eS5uaWMuYWQuanAvYXAvQTkxQTczODEwMDAwL1VTWVhPNDFyUF9FT1B3UDdCV0Qt
WlZIZW90cy5jZXIwDgYDVR0PAQH/BAQDAgeAMIG9BggrBgEFBQcBCwSBsDCBrTBj
BggrBgEFBQcwC4ZXcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2Fw
L0E5MUE3MzgxMDAwMC8zMDEyOS9NN0g2WnBEa2x2Sy1uWkUzeHBnTUVnZ0FPbEEu
cm9hMEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQu
anAvcnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAoAa0AwDQYJKoZIhvcNAQELBQADggEBAERwOuNuYECNDdc1Vlyd
L8wqI9f+77ir55+RwolXhkhBK2/dg9brAp69ISKtGF46h3i8kewz0xcd8S5Mc5Bc
Goo6cDPCLPPpGmspD5no6RZZMZp6cDnkZa5Rdo+B/MWtIRFt2wnd5ih1Qq/Ho+S+
vQWUnGKSWlInS2FvpMQvyUzTeOQKpHPf0yC9YmRer7dJlpcbncpV30CPkIToyEJK
Nb4FNJYK2UM9NAsMgc1yft1IJp+8GvGdspcS1Pwyan1699jIkXBdMr0Z1RwF8aZt
9Qb1tg3HZ1Y+TYV+y6QY/FZRujkj+R9AxZei/VVGl40qYBivDKLJhAOpQwrbNYkK
PTU=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:41:50 2024 by rpki-client on console-ams.rpki-client.org