Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30129/_U6nrOTXb8Hp1wQkB1HhDDYxkuU.roa
File:                     _U6nrOTXb8Hp1wQkB1HhDDYxkuU.roa (raw, json)
Hash identifier:          pYrLO6PPH3J09PrcglDkZPHa/QSFjT8jQuBhdmeAJMo=
Subject key identifier:   FD:4E:A7:AC:E4:D7:6F:C1:E9:D7:04:24:07:51:E1:0C:36:31:92:E5
Certificate issuer:       /CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
Certificate serial:       02F4
Authority key identifier: 51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/_U6nrOTXb8Hp1wQkB1HhDDYxkuU.roa
Signing time:             Tue 30 Apr 2024 01:48:04 +0000
ROA not before:           Tue 30 Apr 2024 01:48:04 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        240a:6b:cf00::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 01:32:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 756 (0x2f4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
        Validity
            Not Before: Apr 30 01:48:04 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=FD4EA7ACE4D76FC1E9D704240751E10C363192E5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:9c:41:4f:ca:da:a2:68:ec:e4:36:09:af:12:
                    5e:e6:84:0f:4e:28:53:d7:bc:75:a0:29:a6:d1:95:
                    0c:cf:4d:08:4d:76:6a:8f:d5:02:9b:aa:e5:d9:f0:
                    27:cf:b7:a2:0a:8a:4f:1d:ba:42:b3:63:69:5e:38:
                    66:28:d6:1f:77:27:c6:4b:2f:e1:ca:55:e3:ed:3a:
                    83:8b:a3:5b:6b:7c:7a:26:5d:27:f4:f0:11:09:05:
                    33:9d:01:b8:7f:92:4c:e5:f8:5f:d4:14:30:46:a3:
                    b9:99:12:21:f1:0a:bb:66:8f:7d:c5:5a:9b:6a:ed:
                    b8:07:2a:dc:b1:49:22:a2:83:01:07:62:dd:0d:54:
                    1a:22:eb:20:91:b1:13:91:07:e0:07:77:01:a2:51:
                    9c:e3:29:4c:dc:53:55:4d:2c:79:f6:6f:f5:bd:81:
                    12:f8:67:f8:e8:18:d1:04:cb:ac:f8:d0:8a:4d:0a:
                    63:c4:6f:d3:9d:f2:58:1b:00:ab:c4:f0:ca:b5:7c:
                    fc:c0:08:d9:60:3d:c3:98:85:08:b7:da:26:17:fc:
                    8b:88:c6:64:fc:c2:fa:29:f4:bb:21:ac:af:db:2e:
                    34:80:7f:38:09:fc:7e:1b:9f:a3:66:cc:80:fe:ff:
                    b3:8b:8e:c7:1c:d4:8e:a2:2b:af:f5:1b:72:5d:b7:
                    b3:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:4E:A7:AC:E4:D7:6F:C1:E9:D7:04:24:07:51:E1:0C:36:31:92:E5
            X509v3 Authority Key Identifier:
                keyid:51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/_U6nrOTXb8Hp1wQkB1HhDDYxkuU.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  240a:6b:cf00::/40

    Signature Algorithm: sha256WithRSAEncryption
         93:36:31:74:53:c8:ba:dd:b5:27:3c:9c:1a:98:b0:9b:e1:dc:
         15:de:da:8e:6f:2e:23:ec:dc:07:6e:a6:3c:46:30:88:54:7b:
         09:c5:bb:64:87:a8:b5:43:dc:d6:0a:a6:4c:79:52:4b:dd:c5:
         f5:70:46:2a:c0:8f:7c:2a:99:13:2b:5f:e6:eb:c4:6c:50:c8:
         91:d9:ad:35:86:32:54:06:c6:8c:bf:d7:08:ee:53:70:de:5d:
         8c:ef:f6:f5:45:b0:b6:e0:88:d3:53:cd:c2:99:35:15:30:80:
         c8:6a:4b:89:54:0e:04:1e:87:97:3b:b4:99:c2:80:71:e0:1e:
         7b:ce:9e:b5:bc:f7:8f:34:ae:3d:5e:60:80:6c:9b:9c:3f:77:
         9f:b7:67:b5:26:0b:04:82:ad:6c:65:ee:dc:ad:06:fe:22:a7:
         b7:2c:9d:bf:46:57:9b:56:8d:f4:24:42:60:1e:ba:88:af:3f:
         ca:1c:6f:0d:12:a8:2a:09:a4:71:0d:a4:38:6a:e9:5c:49:f2:
         aa:4e:b0:ea:af:16:66:39:cc:5e:e0:49:2e:88:48:ee:4c:19:
         b9:ae:26:61:5a:43:c6:c7:30:32:cc:32:34:e4:86:0d:49:bd:
         69:08:c6:60:c3:2e:16:34:51:eb:be:25:b9:cf:25:0c:f3:2e:
         c9:5d:99:de
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgICAvQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTEy
NjE3M0I4RDZCM0ZGMTBFM0YwM0ZCMDU2MEZFNjU1MURFQTJEQjAeFw0yNDA0MzAw
MTQ4MDRaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKEZENEVBN0FDRTRENzZG
QzFFOUQ3MDQyNDA3NTFFMTBDMzYzMTkyRTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2nEFPytqiaOzkNgmvEl7mhA9OKFPXvHWgKabRlQzPTQhNdmqP
1QKbquXZ8CfPt6IKik8dukKzY2leOGYo1h93J8ZLL+HKVePtOoOLo1trfHomXSf0
8BEJBTOdAbh/kkzl+F/UFDBGo7mZEiHxCrtmj33FWptq7bgHKtyxSSKigwEHYt0N
VBoi6yCRsRORB+AHdwGiUZzjKUzcU1VNLHn2b/W9gRL4Z/joGNEEy6z40IpNCmPE
b9Od8lgbAKvE8Mq1fPzACNlgPcOYhQi32iYX/IuIxmT8wvop9LshrK/bLjSAfzgJ
/H4bn6NmzID+/7OLjscc1I6iK6/1G3Jdt7P/AgMBAAGjggIqMIICJjAdBgNVHQ4E
FgQU/U6nrOTXb8Hp1wQkB1HhDDYxkuUwHwYDVR0jBBgwFoAUUSYXO41rP/EOPwP7
BWD+ZVHeotswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBoBgNVHR8EYTBfMF2g
W6BZhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwMTI5L1VTWVhPNDFyUF9FT1B3UDdCV0QtWlZIZW90cy5jcmwwbQYI
KwYBBQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9y
eS5uaWMuYWQuanAvYXAvQTkxQTczODEwMDAwL1VTWVhPNDFyUF9FT1B3UDdCV0Qt
WlZIZW90cy5jZXIwDgYDVR0PAQH/BAQDAgeAMIG9BggrBgEFBQcBCwSBsDCBrTBj
BggrBgEFBQcwC4ZXcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2Fw
L0E5MUE3MzgxMDAwMC8zMDEyOS9fVTZuck9UWGI4SHAxd1FrQjFIaEREWXhrdVUu
cm9hMEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQu
anAvcnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAoAa88wDQYJKoZIhvcNAQELBQADggEBAJM2MXRTyLrdtSc8nBqY
sJvh3BXe2o5vLiPs3AdupjxGMIhUewnFu2SHqLVD3NYKpkx5UkvdxfVwRirAj3wq
mRMrX+brxGxQyJHZrTWGMlQGxoy/1wjuU3DeXYzv9vVFsLbgiNNTzcKZNRUwgMhq
S4lUDgQeh5c7tJnCgHHgHnvOnrW89480rj1eYIBsm5w/d5+3Z7UmCwSCrWxl7tyt
Bv4ip7csnb9GV5tWjfQkQmAeuoivP8ocbw0SqCoJpHENpDhq6VxJ8qpOsOqvFmY5
zF7gSS6ISO5MGbmuJmFaQ8bHMDLMMjTkhg1JvWkIxmDDLhY0Ueu+JbnPJQzzLsld
md4=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:41:50 2024 by rpki-client on console-ams.rpki-client.org