Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30191/UZ4BRv9Ze9ORqfX8PS69Zk60o0Q.roa
File:                     UZ4BRv9Ze9ORqfX8PS69Zk60o0Q.roa (raw, json)
Hash identifier:          l2Ctfcfu8oeNFIoWV7QsjblmLWqkUtELKAmdjer7Yv0=
Subject key identifier:   51:9E:01:46:FF:59:7B:D3:91:A9:F5:FC:3D:2E:BD:66:4E:B4:A3:44
Certificate issuer:       /CN=4F28372369E482E49424ED39E244330E34EB40B0
Certificate serial:       3C
Authority key identifier: 4F:28:37:23:69:E4:82:E4:94:24:ED:39:E2:44:33:0E:34:EB:40:B0
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Tyg3I2nkguSUJO054kQzDjTrQLA.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30191/UZ4BRv9Ze9ORqfX8PS69Zk60o0Q.roa
Signing time:             Thu 29 Feb 2024 01:31:02 +0000
ROA not before:           Thu 29 Feb 2024 01:31:02 +0000
ROA not after:            Fri 14 Feb 2025 01:30:03 +0000
asID:                     7684
IP address blocks:        2401:2500::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30191/Tyg3I2nkguSUJO054kQzDjTrQLA.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30191/Tyg3I2nkguSUJO054kQzDjTrQLA.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Tyg3I2nkguSUJO054kQzDjTrQLA.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 14:41:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 60 (0x3c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4F28372369E482E49424ED39E244330E34EB40B0
        Validity
            Not Before: Feb 29 01:31:02 2024 GMT
            Not After : Feb 14 01:30:03 2025 GMT
        Subject: CN=519E0146FF597BD391A9F5FC3D2EBD664EB4A344
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:26:7a:e8:3d:08:76:f4:1b:39:c0:43:7a:e9:
                    0d:df:66:13:7e:60:fe:aa:29:74:f9:ed:39:d3:ad:
                    00:d5:02:89:0f:af:39:03:5e:b0:cc:46:f0:f8:fd:
                    5c:29:c0:b0:01:0d:d2:b7:e7:06:b1:1f:d8:02:85:
                    4b:9b:6e:47:57:60:8c:a1:19:9e:82:75:56:49:7c:
                    bc:18:a8:4d:9d:d9:30:8e:d4:c7:d4:1c:c7:a3:c9:
                    91:0c:d9:9c:b7:8e:aa:b3:13:72:86:eb:d4:93:e0:
                    5f:eb:9b:71:49:66:26:b6:2d:e8:3f:ce:45:22:53:
                    60:ba:28:64:5d:16:e4:94:3f:c9:4c:d4:f6:47:67:
                    51:fc:31:fe:fd:82:2b:04:b7:fa:72:0a:9d:33:62:
                    01:9c:96:f7:5c:51:a8:34:62:02:fc:7a:8c:4e:71:
                    3c:a5:80:e4:85:c0:68:26:9d:19:eb:a2:64:76:5b:
                    c9:a7:0c:b2:61:0f:e1:70:73:e3:9b:38:2c:1d:0d:
                    55:9b:24:ac:61:62:fd:64:cb:16:23:af:0c:9f:66:
                    c7:5d:4b:55:46:23:e4:f3:73:8b:82:85:97:3d:e5:
                    c9:15:08:dd:36:cb:0d:a0:35:b0:38:96:c7:36:94:
                    84:b4:0c:1f:ff:6b:28:e8:22:8b:5d:85:37:d8:44:
                    d4:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:9E:01:46:FF:59:7B:D3:91:A9:F5:FC:3D:2E:BD:66:4E:B4:A3:44
            X509v3 Authority Key Identifier:
                keyid:4F:28:37:23:69:E4:82:E4:94:24:ED:39:E2:44:33:0E:34:EB:40:B0

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30191/Tyg3I2nkguSUJO054kQzDjTrQLA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Tyg3I2nkguSUJO054kQzDjTrQLA.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30191/UZ4BRv9Ze9ORqfX8PS69Zk60o0Q.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:2500::/32

    Signature Algorithm: sha256WithRSAEncryption
         6b:10:2b:c3:2a:71:0b:60:22:8c:f6:aa:20:26:4c:bf:27:03:
         7a:b6:26:d7:7f:a8:9f:2e:e6:0b:e3:7f:4d:a0:5b:9d:b2:34:
         0b:bf:63:fb:9f:19:31:a7:e8:30:92:55:2a:16:b5:d4:86:80:
         a7:e4:05:b8:32:a6:1e:23:31:93:43:2a:98:02:1c:97:a4:bb:
         92:b0:a4:da:e9:e8:3d:0c:01:98:54:ef:61:11:b6:5d:0b:f6:
         b5:9c:ac:b4:ed:ba:ee:80:cd:4b:ae:cc:7e:5a:19:99:c6:3f:
         52:b9:95:2a:48:ec:0f:20:f9:41:96:bf:e1:6e:c2:cf:fa:13:
         da:34:b9:30:f6:3b:f5:aa:9c:7c:05:a9:b6:76:6c:39:86:a2:
         e7:21:60:0f:2f:9d:30:c2:ef:1d:82:49:fb:f2:fa:06:e8:4a:
         a6:e6:8c:65:6d:d2:56:58:d9:c4:87:4c:44:a9:9b:ef:8f:0f:
         04:ec:40:b4:d8:f8:2b:7c:25:11:cf:1f:80:2b:37:f0:29:9e:
         76:76:e6:96:70:cd:38:f4:57:d0:d9:ff:b9:23:8e:99:ab:59:
         59:bd:43:be:aa:53:03:d3:df:97:5d:a5:da:bb:0a:a2:04:6a:
         51:3b:28:54:d2:22:f0:02:8a:60:bf:3f:d0:7a:73:f7:1c:ae:
         b1:c2:03:9d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIBPDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0RjI4
MzcyMzY5RTQ4MkU0OTQyNEVEMzlFMjQ0MzMwRTM0RUI0MEIwMB4XDTI0MDIyOTAx
MzEwMloXDTI1MDIxNDAxMzAwM1owMzExMC8GA1UEAxMoNTE5RTAxNDZGRjU5N0JE
MzkxQTlGNUZDM0QyRUJENjY0RUI0QTM0NDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAK0meug9CHb0GznAQ3rpDd9mE35g/qopdPntOdOtANUCiQ+vOQNe
sMxG8Pj9XCnAsAEN0rfnBrEf2AKFS5tuR1dgjKEZnoJ1Vkl8vBioTZ3ZMI7Ux9Qc
x6PJkQzZnLeOqrMTcobr1JPgX+ubcUlmJrYt6D/ORSJTYLooZF0W5JQ/yUzU9kdn
Ufwx/v2CKwS3+nIKnTNiAZyW91xRqDRiAvx6jE5xPKWA5IXAaCadGeuiZHZbyacM
smEP4XBz45s4LB0NVZskrGFi/WTLFiOvDJ9mx11LVUYj5PNzi4KFlz3lyRUI3TbL
DaA1sDiWxzaUhLQMH/9rKOgii12FN9hE1J8CAwEAAaOCAikwggIlMB0GA1UdDgQW
BBRRngFG/1l705Gp9fw9Lr1mTrSjRDAfBgNVHSMEGDAWgBRPKDcjaeSC5JQk7Tni
RDMONOtAsDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGgGA1UdHwRhMF8wXaBb
oFmGV3JzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzAxOTEvVHlnM0kybmtndVNVSk8wNTRrUXpEalRyUUxBLmNybDBtBggr
BgEFBQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5
Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvVHlnM0kybmtndVNVSk8wNTRrUXpE
alRyUUxBLmNlcjAOBgNVHQ8BAf8EBAMCB4Awgb0GCCsGAQUFBwELBIGwMIGtMGMG
CCsGAQUFBzALhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAv
QTkxQTczODEwMDAwLzMwMTkxL1VaNEJSdjlaZTlPUnFmWDhQUzY5Wms2MG8wUS5y
b2EwRgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q
cC9ycmRwL2FwL25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0E
AgACMAcDBQAkASUAMA0GCSqGSIb3DQEBCwUAA4IBAQBrECvDKnELYCKM9qogJky/
JwN6tibXf6ifLuYL439NoFudsjQLv2P7nxkxp+gwklUqFrXUhoCn5AW4MqYeIzGT
QyqYAhyXpLuSsKTa6eg9DAGYVO9hEbZdC/a1nKy07brugM1Lrsx+WhmZxj9SuZUq
SOwPIPlBlr/hbsLP+hPaNLkw9jv1qpx8Bam2dmw5hqLnIWAPL50wwu8dgkn78voG
6Eqm5oxlbdJWWNnEh0xEqZvvjw8E7EC02PgrfCURzx+AKzfwKZ52duaWcM049FfQ
2f+5I46Zq1lZvUO+qlMD09+XXaXauwqiBGpROyhU0iLwAopgvz/QenP3HK6xwgOd
-----END CERTIFICATE-----
Generated at Fri Nov 22 15:23:57 2024 by rpki-client on console-fra.rpki-client.org