Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30129/PkehSh7qgig9A6ckFugMaHMyPnk.roa
File:                     PkehSh7qgig9A6ckFugMaHMyPnk.roa (raw, json)
Hash identifier:          Ob+JDEiorCjii2f5DyB2GQqkwK3a6DWymF2kTgtI6Ng=
Subject key identifier:   3E:47:A1:4A:1E:EA:82:28:3D:03:A7:24:16:E8:0C:68:73:32:3E:79
Certificate issuer:       /CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
Certificate serial:       02B4
Authority key identifier: 51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/PkehSh7qgig9A6ckFugMaHMyPnk.roa
Signing time:             Tue 30 Apr 2024 01:39:29 +0000
ROA not before:           Tue 30 Apr 2024 01:39:29 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        240a:6b:5700::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 12:46:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 692 (0x2b4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
        Validity
            Not Before: Apr 30 01:39:29 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=3E47A14A1EEA82283D03A72416E80C6873323E79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:9b:56:58:a6:2d:af:0e:c4:68:90:c5:52:79:
                    fb:d0:ec:7c:8c:bb:13:35:03:1f:6e:a8:84:0f:8e:
                    e8:e8:c2:fb:82:3a:b4:6e:5e:0c:42:8e:52:73:1f:
                    8f:a5:7a:2b:45:9d:4f:17:f8:74:91:a2:15:ed:c5:
                    73:97:3e:fc:2d:25:e1:34:6a:bd:45:60:e7:ae:af:
                    52:ff:a7:02:4f:b3:1d:a5:75:4f:22:e9:b3:82:7f:
                    02:63:da:ba:e9:fd:a7:6a:0c:a6:61:b8:8c:15:89:
                    82:4b:b9:c0:17:56:20:8e:c2:2e:5b:20:98:39:91:
                    50:39:50:a5:df:f3:04:49:30:0e:d4:29:08:c3:23:
                    6c:b8:9c:ff:db:6d:45:a5:8d:b9:80:66:90:1d:21:
                    77:88:d4:e3:71:a1:28:02:46:40:4e:1f:f6:21:05:
                    76:04:33:5e:a7:fd:9e:43:54:7b:b1:a0:4c:59:ee:
                    14:0c:a3:85:47:27:ff:7d:f9:e4:aa:3e:a2:bb:0f:
                    2e:2a:e8:5b:04:8e:ed:4a:13:ac:54:b2:78:a9:91:
                    95:fd:ac:1f:0d:27:a4:2d:d3:be:fd:6b:27:25:16:
                    b0:d8:e4:5c:f8:28:89:74:9b:d4:a2:69:27:f4:a5:
                    e3:f5:7b:24:fc:93:4d:db:60:ad:d1:ab:2e:af:48:
                    47:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:47:A1:4A:1E:EA:82:28:3D:03:A7:24:16:E8:0C:68:73:32:3E:79
            X509v3 Authority Key Identifier:
                keyid:51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/PkehSh7qgig9A6ckFugMaHMyPnk.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  240a:6b:5700::/40

    Signature Algorithm: sha256WithRSAEncryption
         a3:e0:4f:df:6b:f5:21:97:e2:8b:85:79:d4:53:a0:73:ca:f7:
         64:41:fc:1f:ce:f1:54:4c:5d:a8:bf:e1:12:1e:55:dd:49:65:
         d9:b6:49:b1:3e:58:3b:80:9a:6e:bb:e6:d4:b1:a6:e5:95:ed:
         d7:53:7a:8a:15:0e:d7:80:a3:65:0a:e7:20:fc:90:2e:dc:c3:
         e9:60:18:dd:1a:5e:cf:4f:0a:69:3d:a4:b4:df:00:47:09:1d:
         46:36:1d:41:62:87:d3:f0:06:46:d0:3a:e1:e9:5a:34:de:f2:
         1c:5e:84:82:cb:34:10:ed:1a:73:19:1f:f1:60:fb:78:32:d7:
         36:f6:65:55:d5:4f:69:69:71:3e:b1:a1:fc:9a:75:a3:5c:c3:
         48:3a:0d:e2:c3:e3:6b:f0:40:ac:78:2f:f7:b2:90:48:be:ca:
         25:e5:81:ea:dc:b8:94:ec:41:c8:a4:61:b3:09:86:31:fe:51:
         70:d9:23:dc:32:2a:4c:69:c1:ae:19:40:31:2d:76:a2:2d:2f:
         4d:3e:63:38:32:98:29:66:ea:17:9a:d5:99:bf:ad:fe:9f:d3:
         16:f9:26:73:6b:79:d0:1e:9d:19:35:9a:79:37:47:ee:dd:ec:
         19:f1:6b:97:e1:f2:75:f0:c2:0c:e2:e2:55:3f:5d:cd:0a:09:
         71:4a:b5:1a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgICArQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTEy
NjE3M0I4RDZCM0ZGMTBFM0YwM0ZCMDU2MEZFNjU1MURFQTJEQjAeFw0yNDA0MzAw
MTM5MjlaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDNFNDdBMTRBMUVFQTgy
MjgzRDAzQTcyNDE2RTgwQzY4NzMzMjNFNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPm1ZYpi2vDsRokMVSefvQ7HyMuxM1Ax9uqIQPjujowvuCOrRu
XgxCjlJzH4+leitFnU8X+HSRohXtxXOXPvwtJeE0ar1FYOeur1L/pwJPsx2ldU8i
6bOCfwJj2rrp/adqDKZhuIwViYJLucAXViCOwi5bIJg5kVA5UKXf8wRJMA7UKQjD
I2y4nP/bbUWljbmAZpAdIXeI1ONxoSgCRkBOH/YhBXYEM16n/Z5DVHuxoExZ7hQM
o4VHJ/99+eSqPqK7Dy4q6FsEju1KE6xUsnipkZX9rB8NJ6Qt0779ayclFrDY5Fz4
KIl0m9SiaSf0peP1eyT8k03bYK3Rqy6vSEdvAgMBAAGjggIqMIICJjAdBgNVHQ4E
FgQUPkehSh7qgig9A6ckFugMaHMyPnkwHwYDVR0jBBgwFoAUUSYXO41rP/EOPwP7
BWD+ZVHeotswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBoBgNVHR8EYTBfMF2g
W6BZhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwMTI5L1VTWVhPNDFyUF9FT1B3UDdCV0QtWlZIZW90cy5jcmwwbQYI
KwYBBQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9y
eS5uaWMuYWQuanAvYXAvQTkxQTczODEwMDAwL1VTWVhPNDFyUF9FT1B3UDdCV0Qt
WlZIZW90cy5jZXIwDgYDVR0PAQH/BAQDAgeAMIG9BggrBgEFBQcBCwSBsDCBrTBj
BggrBgEFBQcwC4ZXcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2Fw
L0E5MUE3MzgxMDAwMC8zMDEyOS9Qa2VoU2g3cWdpZzlBNmNrRnVnTWFITXlQbmsu
cm9hMEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQu
anAvcnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAoAa1cwDQYJKoZIhvcNAQELBQADggEBAKPgT99r9SGX4ouFedRT
oHPK92RB/B/O8VRMXai/4RIeVd1JZdm2SbE+WDuAmm675tSxpuWV7ddTeooVDteA
o2UK5yD8kC7cw+lgGN0aXs9PCmk9pLTfAEcJHUY2HUFih9PwBkbQOuHpWjTe8hxe
hILLNBDtGnMZH/Fg+3gy1zb2ZVXVT2lpcT6xofyadaNcw0g6DeLD42vwQKx4L/ey
kEi+yiXlgercuJTsQcikYbMJhjH+UXDZI9wyKkxpwa4ZQDEtdqItL00+YzgymClm
6hea1Zm/rf6f0xb5JnNredAenRk1mnk3R+7d7Bnxa5fh8nXwwgzi4lU/Xc0KCXFK
tRo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:33:13 2024 by rpki-client on console-fra.rpki-client.org