Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30129/qhqXUOyiNft8JTRKGFeZPMLLyow.roa
File:                     qhqXUOyiNft8JTRKGFeZPMLLyow.roa (raw, json)
Hash identifier:          wTdNB8tC4d+26nLW4Cp3f/WhASmSvm7B5ST23PvWsXM=
Subject key identifier:   AA:1A:97:50:EC:A2:35:FB:7C:25:34:4A:18:57:99:3C:C2:CB:CA:8C
Certificate issuer:       /CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
Certificate serial:       0374
Authority key identifier: 51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/qhqXUOyiNft8JTRKGFeZPMLLyow.roa
Signing time:             Tue 30 Apr 2024 01:59:58 +0000
ROA not before:           Tue 30 Apr 2024 01:59:58 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        240a:60:f000::/45 maxlen: 45

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 12:46:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 884 (0x374)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
        Validity
            Not Before: Apr 30 01:59:58 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=AA1A9750ECA235FB7C25344A1857993CC2CBCA8C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:cb:a3:7f:77:08:67:9a:29:54:65:bc:83:b8:
                    37:01:dd:5a:05:3f:df:fb:52:88:38:58:2c:1f:20:
                    90:aa:49:ce:7d:5a:a6:a8:28:07:5f:7b:cf:6e:42:
                    75:85:dd:69:31:99:6b:a8:8a:bd:0b:11:d1:74:96:
                    b1:3b:dd:0c:f8:2a:fe:0c:19:88:5b:c3:99:86:6d:
                    a5:c6:33:0e:46:14:ff:88:9e:9d:46:12:cf:50:4b:
                    1f:5c:c9:42:b3:5a:fd:9d:de:42:60:b7:2d:a8:7d:
                    2a:8a:3c:48:78:48:68:a1:78:35:80:cc:71:1c:8d:
                    fb:c4:b4:86:ba:fa:54:eb:bb:07:73:19:4c:39:6c:
                    96:46:ed:4d:31:cf:87:67:cc:65:24:f2:0d:bb:cf:
                    10:4d:3f:7c:0c:75:7f:65:2b:a9:eb:46:fa:25:a8:
                    0c:b4:6f:67:d4:73:d4:98:00:03:86:a0:49:f4:5f:
                    22:33:82:aa:80:b1:04:f0:37:ac:45:a0:42:69:e5:
                    08:0a:e7:74:28:78:e7:3c:21:58:93:f5:c0:77:21:
                    bd:b9:d6:84:34:f3:8f:b6:2a:a0:5b:ba:f3:22:c3:
                    ae:bb:fd:5d:f6:de:5b:bc:2a:83:7d:82:b6:ba:22:
                    2a:dd:71:fb:a3:7f:37:b8:b9:cd:f8:7f:81:53:76:
                    53:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:1A:97:50:EC:A2:35:FB:7C:25:34:4A:18:57:99:3C:C2:CB:CA:8C
            X509v3 Authority Key Identifier:
                keyid:51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/qhqXUOyiNft8JTRKGFeZPMLLyow.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  240a:60:f000::/45

    Signature Algorithm: sha256WithRSAEncryption
         63:00:85:58:d9:e1:ba:a7:e3:37:5d:24:2b:ab:5c:ab:38:cf:
         8e:ef:a8:99:32:ff:f2:85:95:20:d0:ce:69:85:ed:b3:af:73:
         b6:26:42:8b:04:66:97:55:08:82:37:90:1d:f9:63:f8:5d:64:
         b9:df:8d:92:b8:2e:49:c2:63:c5:1f:52:43:5d:b0:7e:cc:aa:
         2d:16:7a:31:f1:7e:18:ae:22:9b:e8:0b:6f:7b:3e:38:47:a9:
         67:d5:a9:0d:59:31:f6:05:e8:5e:58:e4:ea:5a:38:fb:5d:49:
         51:6c:2e:cb:74:1b:c5:37:dd:14:3f:5b:f8:05:6f:7b:08:ff:
         08:1e:4b:12:12:c6:bb:b7:3c:91:b2:bd:72:f7:5d:e3:3d:55:
         ae:8c:85:2e:aa:66:4f:60:1c:0a:d3:13:32:b8:98:5d:4e:f4:
         b5:56:2d:23:0e:af:b8:78:a3:b0:b1:e9:8c:27:cd:40:13:56:
         3f:56:77:ba:e6:14:a5:29:17:53:fa:1d:a5:a6:b2:8e:5e:d5:
         7c:12:64:65:69:30:7a:59:2b:8b:0c:ac:28:5d:ea:9e:68:a2:
         bb:93:27:bd:47:c2:80:fc:15:01:ca:f0:8e:7f:d7:51:b6:eb:
         43:cb:3a:29:9f:77:dc:ba:eb:70:43:8c:5d:e6:ed:a2:d7:66:
         82:e1:ef:d8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgICA3QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTEy
NjE3M0I4RDZCM0ZGMTBFM0YwM0ZCMDU2MEZFNjU1MURFQTJEQjAeFw0yNDA0MzAw
MTU5NThaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKEFBMUE5NzUwRUNBMjM1
RkI3QzI1MzQ0QTE4NTc5OTNDQzJDQkNBOEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIy6N/dwhnmilUZbyDuDcB3VoFP9/7Uog4WCwfIJCqSc59Wqao
KAdfe89uQnWF3WkxmWuoir0LEdF0lrE73Qz4Kv4MGYhbw5mGbaXGMw5GFP+Inp1G
Es9QSx9cyUKzWv2d3kJgty2ofSqKPEh4SGiheDWAzHEcjfvEtIa6+lTruwdzGUw5
bJZG7U0xz4dnzGUk8g27zxBNP3wMdX9lK6nrRvolqAy0b2fUc9SYAAOGoEn0XyIz
gqqAsQTwN6xFoEJp5QgK53QoeOc8IViT9cB3Ib251oQ084+2KqBbuvMiw667/V32
3lu8KoN9gra6Iirdcfujfze4uc34f4FTdlMVAgMBAAGjggIrMIICJzAdBgNVHQ4E
FgQUqhqXUOyiNft8JTRKGFeZPMLLyowwHwYDVR0jBBgwFoAUUSYXO41rP/EOPwP7
BWD+ZVHeotswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBoBgNVHR8EYTBfMF2g
W6BZhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwMTI5L1VTWVhPNDFyUF9FT1B3UDdCV0QtWlZIZW90cy5jcmwwbQYI
KwYBBQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9y
eS5uaWMuYWQuanAvYXAvQTkxQTczODEwMDAwL1VTWVhPNDFyUF9FT1B3UDdCV0Qt
WlZIZW90cy5jZXIwDgYDVR0PAQH/BAQDAgeAMIG9BggrBgEFBQcBCwSBsDCBrTBj
BggrBgEFBQcwC4ZXcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2Fw
L0E5MUE3MzgxMDAwMC8zMDEyOS9xaHFYVU95aU5mdDhKVFJLR0ZlWlBNTEx5b3cu
cm9hMEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQu
anAvcnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcDJAoAYPAAMA0GCSqGSIb3DQEBCwUAA4IBAQBjAIVY2eG6p+M3XSQr
q1yrOM+O76iZMv/yhZUg0M5phe2zr3O2JkKLBGaXVQiCN5Ad+WP4XWS5342SuC5J
wmPFH1JDXbB+zKotFnox8X4YriKb6Atvez44R6ln1akNWTH2BeheWOTqWjj7XUlR
bC7LdBvFN90UP1v4BW97CP8IHksSEsa7tzyRsr1y913jPVWujIUuqmZPYBwK0xMy
uJhdTvS1Vi0jDq+4eKOwsemMJ81AE1Y/Vne65hSlKRdT+h2lprKOXtV8EmRlaTB6
WSuLDKwoXeqeaKK7kye9R8KA/BUByvCOf9dRtutDyzopn3fcuutwQ4xd5u2i12aC
4e/Y
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:33:14 2024 by rpki-client on console-fra.rpki-client.org