Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30129/h9j2mbCI90dLr4q4qB81uNIy9M0.roa
File:                     h9j2mbCI90dLr4q4qB81uNIy9M0.roa (raw, json)
Hash identifier:          wdxMm3CHQfH5mijaFyDBYMRWCWazNJgPy+0eA9VD9Po=
Subject key identifier:   87:D8:F6:99:B0:88:F7:47:4B:AF:8A:B8:A8:1F:35:B8:D2:32:F4:CD
Certificate issuer:       /CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
Certificate serial:       0272
Authority key identifier: 51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/h9j2mbCI90dLr4q4qB81uNIy9M0.roa
Signing time:             Tue 30 Apr 2024 01:32:12 +0000
ROA not before:           Tue 30 Apr 2024 01:32:12 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        240a:6b:5400::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 01:30:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 626 (0x272)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
        Validity
            Not Before: Apr 30 01:32:12 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=87D8F699B088F7474BAF8AB8A81F35B8D232F4CD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:c1:73:5b:62:72:07:74:80:e8:9e:6e:d9:03:
                    85:05:d9:5c:a2:e7:31:03:48:38:cd:b3:fb:ff:d3:
                    58:bc:d8:f1:ee:f2:2a:97:4f:0a:5f:3a:6f:14:37:
                    00:ca:cb:46:19:f8:99:b5:e9:fe:ff:52:4a:30:60:
                    27:a9:66:95:5e:cf:75:45:f8:a2:d8:8c:ce:cb:a1:
                    c3:39:f7:99:ce:d3:c9:bf:2a:81:f2:62:3c:44:2c:
                    21:d0:9a:4c:60:7e:39:af:2f:bf:44:d1:bf:3e:c4:
                    ed:3d:55:3c:5c:85:d7:3e:fd:ef:db:df:0c:d2:85:
                    06:fd:68:dc:cd:50:2b:5a:ce:12:31:40:4c:6c:df:
                    ce:9f:fe:14:83:55:1a:db:21:a3:fa:5d:48:82:7d:
                    8d:fe:b5:78:43:86:ff:ec:2a:41:00:d2:d0:50:69:
                    7c:88:a7:24:c4:b3:f6:d9:69:da:45:e9:7f:3c:86:
                    ba:e2:05:67:1c:77:df:df:53:b8:02:dd:1a:0d:c9:
                    d8:3a:95:13:d0:b9:0c:86:f2:7a:ab:0c:6c:26:7b:
                    6d:19:45:1b:fd:e7:1e:1f:b8:e5:ef:df:06:9b:88:
                    6d:33:31:8b:86:81:f1:9a:49:3c:43:7e:1e:3d:6d:
                    6b:b2:60:e8:ab:70:bc:3d:58:fb:c0:a1:3b:0a:cf:
                    ad:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:D8:F6:99:B0:88:F7:47:4B:AF:8A:B8:A8:1F:35:B8:D2:32:F4:CD
            X509v3 Authority Key Identifier:
                keyid:51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/h9j2mbCI90dLr4q4qB81uNIy9M0.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  240a:6b:5400::/40

    Signature Algorithm: sha256WithRSAEncryption
         32:2f:9a:65:73:42:e9:35:85:23:e5:2d:55:c6:bd:16:a7:80:
         de:a5:cd:a3:5f:32:95:14:d1:1e:04:56:2b:34:18:91:5e:f6:
         4f:3d:2b:fe:f5:89:c6:55:0e:97:96:0f:1c:5e:4f:1f:1e:3e:
         9e:f1:e1:a1:f2:c2:74:1a:35:c3:2a:f5:c8:4d:75:a5:24:a2:
         86:72:8f:9c:83:84:83:2a:13:5d:d5:76:d3:1e:2b:d9:89:5a:
         b4:e8:d1:bd:0e:68:c1:dd:b9:45:79:c7:ee:fb:3b:87:51:b9:
         47:4a:ae:67:2c:bf:f0:57:11:17:6c:66:59:6e:55:37:fc:b4:
         be:9c:bf:d0:c2:69:f8:cc:45:54:9b:21:a2:5b:53:30:34:c2:
         cb:91:2e:d7:7e:33:9c:7d:6e:74:a2:a2:cb:35:6e:27:6d:f8:
         d7:d5:34:49:e9:0b:c3:cb:ad:b1:96:38:68:6b:38:b8:93:bd:
         18:40:c7:75:a5:bb:82:f9:d0:b7:67:ab:e3:8a:5d:34:73:e9:
         0d:4f:da:e1:f1:16:f4:41:a9:d6:22:ad:60:56:bf:ae:68:9f:
         46:c8:cf:a9:9a:94:12:84:b2:aa:a6:1a:ac:ec:49:d1:29:ed:
         e9:e8:65:bd:50:c2:3a:3a:17:6d:b0:4b:91:91:06:1d:92:02:
         38:1e:3d:54
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgICAnIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTEy
NjE3M0I4RDZCM0ZGMTBFM0YwM0ZCMDU2MEZFNjU1MURFQTJEQjAeFw0yNDA0MzAw
MTMyMTJaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDg3RDhGNjk5QjA4OEY3
NDc0QkFGOEFCOEE4MUYzNUI4RDIzMkY0Q0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTwXNbYnIHdIDonm7ZA4UF2Vyi5zEDSDjNs/v/01i82PHu8iqX
TwpfOm8UNwDKy0YZ+Jm16f7/UkowYCepZpVez3VF+KLYjM7LocM595nO08m/KoHy
YjxELCHQmkxgfjmvL79E0b8+xO09VTxchdc+/e/b3wzShQb9aNzNUCtazhIxQExs
386f/hSDVRrbIaP6XUiCfY3+tXhDhv/sKkEA0tBQaXyIpyTEs/bZadpF6X88hrri
BWccd9/fU7gC3RoNydg6lRPQuQyG8nqrDGwme20ZRRv95x4fuOXv3wabiG0zMYuG
gfGaSTxDfh49bWuyYOircLw9WPvAoTsKz60xAgMBAAGjggIqMIICJjAdBgNVHQ4E
FgQUh9j2mbCI90dLr4q4qB81uNIy9M0wHwYDVR0jBBgwFoAUUSYXO41rP/EOPwP7
BWD+ZVHeotswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBoBgNVHR8EYTBfMF2g
W6BZhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwMTI5L1VTWVhPNDFyUF9FT1B3UDdCV0QtWlZIZW90cy5jcmwwbQYI
KwYBBQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9y
eS5uaWMuYWQuanAvYXAvQTkxQTczODEwMDAwL1VTWVhPNDFyUF9FT1B3UDdCV0Qt
WlZIZW90cy5jZXIwDgYDVR0PAQH/BAQDAgeAMIG9BggrBgEFBQcBCwSBsDCBrTBj
BggrBgEFBQcwC4ZXcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2Fw
L0E5MUE3MzgxMDAwMC8zMDEyOS9oOWoybWJDSTkwZExyNHE0cUI4MXVOSXk5TTAu
cm9hMEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQu
anAvcnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAoAa1QwDQYJKoZIhvcNAQELBQADggEBADIvmmVzQuk1hSPlLVXG
vRangN6lzaNfMpUU0R4EVis0GJFe9k89K/71icZVDpeWDxxeTx8ePp7x4aHywnQa
NcMq9chNdaUkooZyj5yDhIMqE13VdtMeK9mJWrTo0b0OaMHduUV5x+77O4dRuUdK
rmcsv/BXERdsZlluVTf8tL6cv9DCafjMRVSbIaJbUzA0wsuRLtd+M5x9bnSioss1
bidt+NfVNEnpC8PLrbGWOGhrOLiTvRhAx3Wlu4L50Ldnq+OKXTRz6Q1P2uHxFvRB
qdYirWBWv65on0bIz6malBKEsqqmGqzsSdEp7enoZb1Qwjo6F22wS5GRBh2SAjge
PVQ=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:01:40 2024 by rpki-client on console-fra.rpki-client.org