Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30267/P7O8t5wYJL4A3bGpw3FZ3HJT_CI.roa
File:                     P7O8t5wYJL4A3bGpw3FZ3HJT_CI.roa (raw, json)
Hash identifier:          7k4RLFFNo9/mFNQyvZ9n+J2FeYF/Tzk1g9mEFyl5IAY=
Subject key identifier:   3F:B3:BC:B7:9C:18:24:BE:00:DD:B1:A9:C3:71:59:DC:72:53:FC:22
Certificate issuer:       /CN=AB99FE69A832191F847C33B243442E9D68AD1433
Certificate serial:       34
Authority key identifier: AB:99:FE:69:A8:32:19:1F:84:7C:33:B2:43:44:2E:9D:68:AD:14:33
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/q5n-aagyGR-EfDOyQ0QunWitFDM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30267/P7O8t5wYJL4A3bGpw3FZ3HJT_CI.roa
Signing time:             Mon 01 May 2023 01:29:12 +0000
ROA not before:           Mon 01 May 2023 01:29:12 +0000
ROA not after:            Sun 14 Apr 2024 01:30:02 +0000
asID:                     16509
IP address blocks:        2401:af80:9011::/56 maxlen: 56

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30267/q5n-aagyGR-EfDOyQ0QunWitFDM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30267/q5n-aagyGR-EfDOyQ0QunWitFDM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/q5n-aagyGR-EfDOyQ0QunWitFDM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 01 Apr 2024 13:37:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 52 (0x34)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AB99FE69A832191F847C33B243442E9D68AD1433
        Validity
            Not Before: May  1 01:29:12 2023 GMT
            Not After : Apr 14 01:30:02 2024 GMT
        Subject: CN=3FB3BCB79C1824BE00DDB1A9C37159DC7253FC22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:dc:81:41:37:9e:ab:1b:98:79:b3:38:7e:14:
                    db:1a:41:c1:8f:cf:b8:09:5d:12:13:3a:7f:df:56:
                    72:db:c7:cc:0b:a7:f8:7e:95:b1:25:af:91:df:a8:
                    0d:65:e4:2a:6d:99:a2:1a:c6:95:51:bc:9c:d6:ab:
                    14:e4:7e:19:0a:94:57:ac:fb:19:14:02:e9:ff:9f:
                    37:f6:4e:6f:09:e7:71:24:f7:43:6e:a3:43:9b:8a:
                    61:dc:a8:f4:a2:53:cc:2f:c3:17:62:34:b4:6f:80:
                    30:7c:ea:44:21:8a:7e:3b:c9:d0:b2:b5:af:79:d0:
                    5f:23:e7:0e:ac:e5:fa:22:9c:96:91:ce:1d:16:91:
                    ab:98:ba:4c:cf:ee:b5:a3:ae:41:24:64:27:a0:f9:
                    c0:33:6f:a6:a6:32:aa:b0:0f:e4:89:06:ec:99:98:
                    33:4a:7e:41:d7:29:03:24:06:8d:f0:d8:ce:8f:2d:
                    27:68:d1:dc:a4:2a:5b:fc:88:9a:1b:95:f0:b2:7d:
                    51:cf:8a:19:6a:5c:c1:95:76:3d:f4:d0:7d:c3:ba:
                    49:b5:a7:ac:57:a6:34:db:79:66:c6:e1:87:58:05:
                    d8:27:ce:a2:ea:5e:91:82:a7:db:14:ac:10:72:df:
                    64:78:50:e4:49:cd:d4:6b:53:98:a8:24:f9:8e:0e:
                    c3:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:B3:BC:B7:9C:18:24:BE:00:DD:B1:A9:C3:71:59:DC:72:53:FC:22
            X509v3 Authority Key Identifier:
                keyid:AB:99:FE:69:A8:32:19:1F:84:7C:33:B2:43:44:2E:9D:68:AD:14:33

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30267/q5n-aagyGR-EfDOyQ0QunWitFDM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/q5n-aagyGR-EfDOyQ0QunWitFDM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30267/P7O8t5wYJL4A3bGpw3FZ3HJT_CI.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:af80:9011::/56

    Signature Algorithm: sha256WithRSAEncryption
         23:a7:a7:1d:15:73:2f:53:af:94:48:10:c7:37:a7:06:1e:78:
         51:0d:87:7f:e1:d2:ef:4b:f4:80:a9:5e:36:eb:72:fc:48:af:
         a7:42:c0:99:a7:68:c9:08:b9:4a:a8:0c:8c:82:fb:89:00:03:
         d1:48:12:23:0b:5c:c7:08:1f:e6:a3:0c:05:32:98:fe:bf:d2:
         db:6c:55:04:30:a6:e2:96:f7:10:9e:a7:33:66:86:2c:35:d7:
         9c:b0:ca:f8:1d:72:7f:f0:9f:57:50:41:95:e1:be:38:a1:ec:
         d3:63:51:a5:ff:7c:ba:35:ec:68:78:eb:1f:e9:fc:bf:1e:b2:
         1c:f9:fc:8d:40:36:07:a2:aa:93:2c:73:c5:a9:e1:11:28:5d:
         7c:1c:28:e9:57:f3:08:37:09:8b:90:76:74:f5:55:cd:69:39:
         5a:80:73:a2:ca:01:e1:9a:f6:15:c7:98:30:2b:2e:4b:40:c8:
         82:d9:81:cf:2d:1b:d7:3c:3b:fd:75:de:c1:41:3b:d1:8f:71:
         5d:9c:70:45:47:8b:e3:ab:6f:0d:c4:44:32:17:d7:91:65:17:
         de:b0:a0:8d:e0:3f:8d:79:59:64:7f:01:16:f1:26:5e:c5:3e:
         a9:ef:5a:ea:b8:de:6e:db:2d:c4:da:2a:23:4b:cb:35:c9:06:
         a7:4d:7b:af
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIBNDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhBQjk5
RkU2OUE4MzIxOTFGODQ3QzMzQjI0MzQ0MkU5RDY4QUQxNDMzMB4XDTIzMDUwMTAx
MjkxMloXDTI0MDQxNDAxMzAwMlowMzExMC8GA1UEAxMoM0ZCM0JDQjc5QzE4MjRC
RTAwRERCMUE5QzM3MTU5REM3MjUzRkMyMjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMTcgUE3nqsbmHmzOH4U2xpBwY/PuAldEhM6f99WctvHzAun+H6V
sSWvkd+oDWXkKm2ZohrGlVG8nNarFOR+GQqUV6z7GRQC6f+fN/ZObwnncST3Q26j
Q5uKYdyo9KJTzC/DF2I0tG+AMHzqRCGKfjvJ0LK1r3nQXyPnDqzl+iKclpHOHRaR
q5i6TM/utaOuQSRkJ6D5wDNvpqYyqrAP5IkG7JmYM0p+QdcpAyQGjfDYzo8tJ2jR
3KQqW/yImhuV8LJ9Uc+KGWpcwZV2PfTQfcO6SbWnrFemNNt5Zsbhh1gF2CfOoupe
kYKn2xSsEHLfZHhQ5EnN1GtTmKgk+Y4Ow1sCAwEAAaOCAiwwggIoMB0GA1UdDgQW
BBQ/s7y3nBgkvgDdsanDcVncclP8IjAfBgNVHSMEGDAWgBSrmf5pqDIZH4R8M7JD
RC6daK0UMzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGgGA1UdHwRhMF8wXaBb
oFmGV3JzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzAyNjcvcTVuLWFhZ3lHUi1FZkRPeVEwUXVuV2l0RkRNLmNybDBtBggr
BgEFBQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5
Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvcTVuLWFhZ3lHUi1FZkRPeVEwUXVu
V2l0RkRNLmNlcjAOBgNVHQ8BAf8EBAMCB4Awgb0GCCsGAQUFBwELBIGwMIGtMGMG
CCsGAQUFBzALhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAv
QTkxQTczODEwMDAwLzMwMjY3L1A3Tzh0NXdZSkw0QTNiR3B3M0ZaM0hKVF9DSS5y
b2EwRgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q
cC9ycmRwL2FwL25vdGlmaWNhdGlvbi54bWwwIwYIKwYBBQUHAQcBAf8EFDASMBAE
AgACMAoDCAAkAa+AkBEAMA0GCSqGSIb3DQEBCwUAA4IBAQAjp6cdFXMvU6+USBDH
N6cGHnhRDYd/4dLvS/SAqV4263L8SK+nQsCZp2jJCLlKqAyMgvuJAAPRSBIjC1zH
CB/mowwFMpj+v9LbbFUEMKbilvcQnqczZoYsNdecsMr4HXJ/8J9XUEGV4b44oezT
Y1Gl/3y6NexoeOsf6fy/HrIc+fyNQDYHoqqTLHPFqeERKF18HCjpV/MINwmLkHZ0
9VXNaTlagHOiygHhmvYVx5gwKy5LQMiC2YHPLRvXPDv9dd7BQTvRj3FdnHBFR4vj
q28NxEQyF9eRZRfesKCN4D+NeVlkfwEW8SZexT6p71rquN5u2y3E2iojS8s1yQan
TXuv
-----END CERTIFICATE-----
Generated at Wed Mar 27 13:07:04 2024 by rpki-client on console-ams.rpki-client.org