Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/39PoeoCYv03WHu-TAdZcQzuoDmc.roa
File:                     39PoeoCYv03WHu-TAdZcQzuoDmc.roa (raw, json)
Hash identifier:          zasYoaTTf5bC6nZeYrxw5uoT/Y3VR9PAj9AN1J4HmZk=
Subject key identifier:   DF:D3:E8:7A:80:98:BF:4D:D6:1E:EF:93:01:D6:5C:43:3B:A8:0E:67
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       064B
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/39PoeoCYv03WHu-TAdZcQzuoDmc.roa
Signing time:             Tue 30 Apr 2024 01:31:32 +0000
ROA not before:           Tue 30 Apr 2024 01:31:32 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        49.96.56.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 14:09:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1611 (0x64b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 01:31:32 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=DFD3E87A8098BF4DD61EEF9301D65C433BA80E67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:fd:c7:f8:5a:92:9f:c5:a0:d2:17:bc:b9:64:
                    37:c2:88:68:9d:af:82:b4:14:87:97:f9:73:24:d2:
                    ba:50:c6:94:17:6c:24:aa:3b:03:31:8c:60:36:33:
                    cc:5f:91:13:49:f6:38:03:6c:18:30:a6:2c:b7:6e:
                    1b:00:cc:1f:7a:25:9f:c6:6c:4c:b3:3b:b0:6e:99:
                    2c:91:bd:c1:91:fd:ea:18:7a:50:f8:c4:78:f5:7f:
                    f0:08:55:88:42:93:dd:72:de:0f:13:90:ba:be:c9:
                    b9:fd:a6:27:dc:ab:29:8c:bd:25:85:48:71:74:d0:
                    52:9a:af:18:b6:8d:a6:e7:4a:dd:5a:57:a4:a5:14:
                    6e:c9:11:a4:3b:a8:bc:be:75:9e:3b:6a:ff:f1:10:
                    7b:b4:b9:2b:7c:de:e6:86:c3:7b:9c:be:de:2d:fe:
                    76:67:37:aa:55:f9:c2:e2:f0:d8:d5:f4:56:2f:3d:
                    98:5a:43:06:5f:fc:0d:43:62:2f:2a:ee:da:d5:05:
                    8a:dc:0c:0c:b2:25:17:ae:ec:1a:29:47:73:59:67:
                    30:61:ad:a9:53:dc:71:20:74:b3:7b:b1:79:9c:c9:
                    da:96:27:4f:cd:80:02:9c:27:26:76:ea:b9:e3:3c:
                    77:12:36:0f:87:0c:8c:58:0f:a6:5a:08:dc:d7:f2:
                    10:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:D3:E8:7A:80:98:BF:4D:D6:1E:EF:93:01:D6:5C:43:3B:A8:0E:67
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/39PoeoCYv03WHu-TAdZcQzuoDmc.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.96.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         75:8e:2e:f8:5c:55:57:35:0c:e7:c7:6e:06:9f:a9:65:1b:04:
         50:0b:d4:1a:fb:60:37:2a:b7:c7:c0:70:15:96:27:19:fc:9c:
         0b:f1:6b:d5:fa:c2:47:e3:68:82:2f:a4:37:20:b3:ca:b7:21:
         5e:b5:cf:82:3a:b7:d4:52:bb:a6:6c:72:03:ba:c8:a2:5b:cf:
         27:83:fa:7f:5b:87:b0:75:67:5d:ed:79:a7:0c:a9:b0:11:d1:
         b9:af:ac:36:f5:6c:a8:3d:9a:93:5f:7e:37:d4:36:64:d8:ca:
         9d:01:75:df:29:d3:be:a3:81:6d:16:c8:1b:06:3f:40:ff:14:
         17:03:01:d6:ea:3f:13:56:bc:75:2e:9e:42:f6:7a:29:13:32:
         f3:0d:cd:f1:b8:80:6c:73:e6:72:bd:02:05:89:57:af:31:23:
         fe:28:10:8c:d1:81:3f:74:18:e7:d0:05:0a:c5:4a:8d:bd:95:
         37:b8:e3:48:10:b8:43:91:86:db:d2:60:b4:45:5a:2b:a0:34:
         1c:f6:6f:59:87:fd:27:a4:f2:1b:2f:8f:d4:f3:fb:9e:15:cc:
         77:5a:93:a4:e1:59:8b:d4:88:67:e7:fe:26:41:db:73:1f:4c:
         58:d9:fe:ef:72:f7:f6:d5:cb:c0:89:ba:5f:fc:a2:36:eb:28:
         9d:eb:e3:81
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBkswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MTMxMzJaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKERGRDNFODdBODA5OEJG
NERENjFFRUY5MzAxRDY1QzQzM0JBODBFNjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDI/cf4WpKfxaDSF7y5ZDfCiGidr4K0FIeX+XMk0rpQxpQXbCSq
OwMxjGA2M8xfkRNJ9jgDbBgwpiy3bhsAzB96JZ/GbEyzO7BumSyRvcGR/eoYelD4
xHj1f/AIVYhCk91y3g8TkLq+ybn9pifcqymMvSWFSHF00FKarxi2jabnSt1aV6Sl
FG7JEaQ7qLy+dZ47av/xEHu0uSt83uaGw3ucvt4t/nZnN6pV+cLi8NjV9FYvPZha
QwZf/A1DYi8q7trVBYrcDAyyJReu7BopR3NZZzBhralT3HEgdLN7sXmcydqWJ0/N
gAKcJyZ26rnjPHcSNg+HDIxYD6ZaCNzX8hA5AgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQU39PoeoCYv03WHu+TAdZcQzuoDmcwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5LzM5UG9lb0NZdjAzV0h1LVRBZFpjUXp1b0RtYy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIxYDgwDQYJKoZIhvcNAQELBQADggEBAHWOLvhcVVc1DOfHbgafqWUbBFAL
1Br7YDcqt8fAcBWWJxn8nAvxa9X6wkfjaIIvpDcgs8q3IV61z4I6t9RSu6ZscgO6
yKJbzyeD+n9bh7B1Z13teacMqbAR0bmvrDb1bKg9mpNffjfUNmTYyp0Bdd8p076j
gW0WyBsGP0D/FBcDAdbqPxNWvHUunkL2eikTMvMNzfG4gGxz5nK9AgWJV68xI/4o
EIzRgT90GOfQBQrFSo29lTe440gQuEORhtvSYLRFWiugNBz2b1mH/Sek8hsvj9Tz
+54VzHdak6ThWYvUiGfn/iZB23MfTFjZ/u9y9/bVy8CJul/8ojbrKJ3r44E=
-----END CERTIFICATE-----
Generated at Mon Jun 17 11:41:34 2024 by rpki-client on console-ams.rpki-client.org