Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30304/H7CekSfSB01l6HI2PbxmsPVhxYc.roa
File:                     H7CekSfSB01l6HI2PbxmsPVhxYc.roa (raw, json)
Hash identifier:          vWpM74Ya6rGKG6ogtvRV0tfMVaKJ4zQcn2xe1uziTHY=
Subject key identifier:   1F:B0:9E:91:27:D2:07:4D:65:E8:72:36:3D:BC:66:B0:F5:61:C5:87
Certificate issuer:       /CN=6A513AF7BF5D2DD629FD1826885C1002929305CD
Certificate serial:       2A
Authority key identifier: 6A:51:3A:F7:BF:5D:2D:D6:29:FD:18:26:88:5C:10:02:92:93:05:CD
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/alE6979dLdYp_RgmiFwQApKTBc0.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30304/H7CekSfSB01l6HI2PbxmsPVhxYc.roa
Signing time:             Fri 26 Apr 2024 08:17:51 +0000
ROA not before:           Fri 26 Apr 2024 08:17:51 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     59127
IP address blocks:        2401:7ec0:c000::/36 maxlen: 36

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30304/alE6979dLdYp_RgmiFwQApKTBc0.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30304/alE6979dLdYp_RgmiFwQApKTBc0.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/alE6979dLdYp_RgmiFwQApKTBc0.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 15:22:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 42 (0x2a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6A513AF7BF5D2DD629FD1826885C1002929305CD
        Validity
            Not Before: Apr 26 08:17:51 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=1FB09E9127D2074D65E872363DBC66B0F561C587
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:a1:04:b1:5c:f8:d2:3d:9c:fd:a7:f7:09:aa:
                    fe:28:54:a2:4c:2a:dc:cc:15:42:0c:2d:85:bf:2c:
                    77:fd:d0:e2:3f:f9:b5:6c:ae:b5:b7:8c:ef:d7:b9:
                    d2:91:9d:c1:32:53:18:bb:03:70:fb:19:8b:cd:32:
                    d8:e1:ba:51:6f:50:72:4b:31:4a:44:ed:27:63:58:
                    a8:87:a7:09:2d:3e:77:9a:5f:3a:e6:87:32:ae:83:
                    35:a4:09:67:ac:a1:ba:df:b5:4c:3c:9c:2d:11:50:
                    dc:db:9e:50:3a:c5:35:f0:f5:bf:99:b8:04:6c:0c:
                    a7:45:6b:e0:9b:d2:fc:16:79:ca:f1:b7:81:24:fd:
                    44:45:48:01:e8:4e:5d:67:a6:f7:ed:22:8d:fc:e5:
                    fd:1f:56:9d:2b:9b:26:fb:83:0a:41:aa:1d:a2:96:
                    5d:3a:e4:83:7a:d5:57:ff:dc:b6:9c:b5:90:7b:ce:
                    cf:2b:44:76:54:40:4a:a2:d9:4a:ed:65:51:21:85:
                    7d:fb:14:4b:9a:89:a0:c4:1a:46:36:a2:8e:f5:da:
                    87:34:c0:b7:1b:aa:7c:0a:d9:37:19:69:24:81:6e:
                    dc:2a:3a:ed:75:76:53:0e:d5:2c:89:11:dd:b0:3d:
                    81:c7:10:a5:b4:ce:44:bf:7e:19:fb:e1:67:0c:5a:
                    f3:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:B0:9E:91:27:D2:07:4D:65:E8:72:36:3D:BC:66:B0:F5:61:C5:87
            X509v3 Authority Key Identifier:
                keyid:6A:51:3A:F7:BF:5D:2D:D6:29:FD:18:26:88:5C:10:02:92:93:05:CD

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30304/alE6979dLdYp_RgmiFwQApKTBc0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/alE6979dLdYp_RgmiFwQApKTBc0.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30304/H7CekSfSB01l6HI2PbxmsPVhxYc.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:7ec0:c000::/36

    Signature Algorithm: sha256WithRSAEncryption
         17:df:66:3c:7d:a0:38:b4:50:7b:2d:3a:d5:f3:e0:e2:b4:29:
         4d:3e:3c:b7:76:31:00:c2:40:3f:f0:bf:a0:96:7c:38:42:f9:
         9f:d4:e2:46:48:f4:a8:dd:93:af:3b:38:c3:5f:bd:25:e3:00:
         c6:68:ed:11:2c:c3:25:a1:f5:b4:01:1a:a2:46:6d:6e:61:5f:
         90:18:18:bb:c6:5e:55:07:ce:43:a5:0b:f2:d8:66:3a:43:9c:
         94:4b:4f:2f:f6:c5:fc:84:7c:90:2b:42:f0:60:42:46:15:64:
         48:30:e0:79:c7:fd:f4:0a:d1:f4:6c:22:01:50:ad:97:bc:20:
         8b:6f:54:71:d2:21:c5:68:10:b9:2b:6b:18:76:ac:fc:67:85:
         33:40:fd:c9:bf:8c:ec:12:69:01:64:2d:1d:38:f6:0a:cc:3c:
         28:b3:d8:57:2c:fb:56:db:20:ed:ca:83:ba:a1:c3:de:75:7d:
         64:81:8e:8f:10:6d:2e:d3:6d:78:da:6a:e4:00:b8:da:2e:2d:
         b0:be:a2:92:f3:52:50:a3:b5:18:4b:3b:f4:c1:c1:cf:52:db:
         96:3c:96:36:50:5a:aa:0a:37:b4:99:e5:e9:32:53:bf:3a:14:
         23:51:bf:63:aa:8e:e2:d6:70:84:e4:a4:77:02:82:09:dd:f5:
         df:e6:fa:9a
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIBKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2QTUx
M0FGN0JGNUQyREQ2MjlGRDE4MjY4ODVDMTAwMjkyOTMwNUNEMB4XDTI0MDQyNjA4
MTc1MVoXDTI1MDQxNTAxMzAwMlowMzExMC8GA1UEAxMoMUZCMDlFOTEyN0QyMDc0
RDY1RTg3MjM2M0RCQzY2QjBGNTYxQzU4NzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALChBLFc+NI9nP2n9wmq/ihUokwq3MwVQgwthb8sd/3Q4j/5tWyu
tbeM79e50pGdwTJTGLsDcPsZi80y2OG6UW9QcksxSkTtJ2NYqIenCS0+d5pfOuaH
Mq6DNaQJZ6yhut+1TDycLRFQ3NueUDrFNfD1v5m4BGwMp0Vr4JvS/BZ5yvG3gST9
REVIAehOXWem9+0ijfzl/R9WnSubJvuDCkGqHaKWXTrkg3rVV//ctpy1kHvOzytE
dlRASqLZSu1lUSGFffsUS5qJoMQaRjaijvXahzTAtxuqfArZNxlpJIFu3Co67XV2
Uw7VLIkR3bA9gccQpbTORL9+GfvhZwxa85MCAwEAAaOCAiowggImMB0GA1UdDgQW
BBQfsJ6RJ9IHTWXocjY9vGaw9WHFhzAfBgNVHSMEGDAWgBRqUTr3v10t1in9GCaI
XBACkpMFzTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGgGA1UdHwRhMF8wXaBb
oFmGV3JzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzAzMDQvYWxFNjk3OWRMZFlwX1JnbWlGd1FBcEtUQmMwLmNybDBtBggr
BgEFBQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5
Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvYWxFNjk3OWRMZFlwX1JnbWlGd1FB
cEtUQmMwLmNlcjAOBgNVHQ8BAf8EBAMCB4Awgb0GCCsGAQUFBwELBIGwMIGtMGMG
CCsGAQUFBzALhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAv
QTkxQTczODEwMDAwLzMwMzA0L0g3Q2VrU2ZTQjAxbDZISTJQYnhtc1BWaHhZYy5y
b2EwRgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q
cC9ycmRwL2FwL25vdGlmaWNhdGlvbi54bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgQkAX7AwDANBgkqhkiG9w0BAQsFAAOCAQEAF99mPH2gOLRQey061fPg
4rQpTT48t3YxAMJAP/C/oJZ8OEL5n9TiRkj0qN2Trzs4w1+9JeMAxmjtESzDJaH1
tAEaokZtbmFfkBgYu8ZeVQfOQ6UL8thmOkOclEtPL/bF/IR8kCtC8GBCRhVkSDDg
ecf99ArR9GwiAVCtl7wgi29UcdIhxWgQuStrGHas/GeFM0D9yb+M7BJpAWQtHTj2
Csw8KLPYVyz7Vtsg7cqDuqHD3nV9ZIGOjxBtLtNteNpq5AC42i4tsL6ikvNSUKO1
GEs79MHBz1LbljyWNlBaqgo3tJnl6TJTvzoUI1G/Y6qO4tZwhOSkdwKCCd313+b6
mg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:45:32 2024 by rpki-client on console-ams.rpki-client.org