Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/3J8gFx85a18ujDZd6r7oJVtI8Yo.roa
File:                     3J8gFx85a18ujDZd6r7oJVtI8Yo.roa (raw, json)
Hash identifier:          xFjgey5UVwab+4iSAquSOsdvRoEnPvJlzMyrGh6A3Js=
Subject key identifier:   DC:9F:20:17:1F:39:6B:5F:2E:8C:36:5D:EA:BE:E8:25:5B:48:F1:8A
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       07B2
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/3J8gFx85a18ujDZd6r7oJVtI8Yo.roa
Signing time:             Tue 30 Apr 2024 02:06:37 +0000
ROA not before:           Tue 30 Apr 2024 02:06:37 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        110.163.64.0/18 maxlen: 18

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 03 Dec 2024 00:11:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1970 (0x7b2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 02:06:37 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=DC9F20171F396B5F2E8C365DEABEE8255B48F18A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:be:c1:bc:cc:e2:3f:c2:9a:e3:59:24:3e:4d:
                    6d:6d:f1:06:ec:4c:a0:24:fe:16:10:95:ef:da:32:
                    1c:f5:fc:6d:8f:91:bd:1a:51:fe:1c:4d:c1:a5:62:
                    bf:71:a5:dd:b7:9d:4b:84:74:67:86:94:4b:56:d3:
                    1a:07:4c:2d:fc:83:bd:43:7f:b9:c0:f2:a9:68:c2:
                    2d:2f:c3:8d:c8:f6:a1:f6:3a:75:c3:fd:f8:ec:e4:
                    23:a7:e9:4d:7c:12:3c:9a:52:07:02:d0:08:d5:11:
                    67:9d:fc:61:53:4e:63:ad:54:a3:79:a4:35:27:f8:
                    9e:02:a1:ee:af:9f:46:02:1b:af:ac:e5:22:5f:f5:
                    ca:b6:cd:42:fd:04:bc:70:37:06:01:9a:5d:61:a5:
                    76:25:81:49:4c:70:24:a9:27:94:19:60:92:0e:70:
                    8a:dc:f5:cd:d6:25:b7:31:c6:d6:82:89:b1:0d:c7:
                    b6:ad:03:f2:73:00:57:64:c4:07:aa:31:fa:cd:e0:
                    7b:2b:d1:70:7c:1f:9e:0a:f4:15:e0:03:7d:06:41:
                    26:ba:9e:b8:1e:8e:a6:45:b8:fd:e3:67:56:ab:63:
                    9c:7b:05:38:5f:35:e3:08:66:66:5b:9c:95:6d:56:
                    5c:ef:15:bb:3d:e5:2c:f2:e0:83:09:96:23:8a:e0:
                    5d:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:9F:20:17:1F:39:6B:5F:2E:8C:36:5D:EA:BE:E8:25:5B:48:F1:8A
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/3J8gFx85a18ujDZd6r7oJVtI8Yo.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  110.163.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         02:13:89:3b:6b:a0:fc:0e:0d:fa:67:60:6a:59:67:2d:9a:e4:
         e8:3c:d7:c4:b5:9c:a4:bb:12:48:dd:ae:a8:1c:5c:4a:51:ac:
         19:4f:25:a5:12:71:7e:1f:a3:a2:56:24:99:06:62:86:73:73:
         a5:c8:67:9e:12:ac:dd:f8:7e:85:42:5d:4c:6d:f4:84:22:35:
         95:1e:79:3b:8e:36:05:ce:f0:e2:88:ee:57:eb:89:0e:6f:4f:
         16:25:b2:f3:99:1c:81:fe:46:a4:ad:c8:b4:1f:e9:35:9f:97:
         e9:35:28:c4:20:e9:29:d4:b0:4a:ea:d2:0c:e8:e3:54:3b:07:
         d8:df:70:ca:e7:1d:a2:9e:4a:04:16:8f:3c:a4:67:69:53:e6:
         35:3b:07:f6:76:d7:65:71:45:25:fe:38:95:8b:22:56:cd:17:
         cf:d8:0a:6b:0d:26:4a:2f:13:fc:b6:3d:71:80:be:97:14:69:
         90:ab:d1:4d:14:61:04:5f:e6:79:81:c2:8f:69:5e:26:a2:5a:
         43:b8:a1:3a:7b:2e:fc:4b:6b:a4:9a:19:30:c0:d2:3b:41:27:
         86:48:57:92:c6:d6:ab:de:e3:2a:f2:36:ff:2d:8f:9a:69:93:
         f8:a3:e9:4f:32:06:e5:76:8d:96:50:26:0f:4d:cb:65:a6:df:
         a9:f8:d7:e1
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICB7IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MjA2MzdaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKERDOUYyMDE3MUYzOTZC
NUYyRThDMzY1REVBQkVFODI1NUI0OEYxOEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9vsG8zOI/wprjWSQ+TW1t8QbsTKAk/hYQle/aMhz1/G2Pkb0a
Uf4cTcGlYr9xpd23nUuEdGeGlEtW0xoHTC38g71Df7nA8qlowi0vw43I9qH2OnXD
/fjs5COn6U18EjyaUgcC0AjVEWed/GFTTmOtVKN5pDUn+J4Coe6vn0YCG6+s5SJf
9cq2zUL9BLxwNwYBml1hpXYlgUlMcCSpJ5QZYJIOcIrc9c3WJbcxxtaCibENx7at
A/JzAFdkxAeqMfrN4Hsr0XB8H54K9BXgA30GQSa6nrgejqZFuP3jZ1arY5x7BThf
NeMIZmZbnJVtVlzvFbs95Szy4IMJliOK4F1nAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQU3J8gFx85a18ujDZd6r7oJVtI8YowHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5LzNKOGdGeDg1YTE4dWpEWmQ2cjdvSlZ0SThZby5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZuo0AwDQYJKoZIhvcNAQELBQADggEBAAITiTtroPwODfpnYGpZZy2a5Og8
18S1nKS7EkjdrqgcXEpRrBlPJaUScX4fo6JWJJkGYoZzc6XIZ54SrN34foVCXUxt
9IQiNZUeeTuONgXO8OKI7lfriQ5vTxYlsvOZHIH+RqStyLQf6TWfl+k1KMQg6SnU
sErq0gzo41Q7B9jfcMrnHaKeSgQWjzykZ2lT5jU7B/Z212VxRSX+OJWLIlbNF8/Y
CmsNJkovE/y2PXGAvpcUaZCr0U0UYQRf5nmBwo9pXiaiWkO4oTp7LvxLa6SaGTDA
0jtBJ4ZIV5LG1qve4yryNv8tj5ppk/ij6U8yBuV2jZZQJg9Ny2Wm36n41+E=
-----END CERTIFICATE-----
Generated at Tue Nov 26 02:27:13 2024 by rpki-client on console-ams.rpki-client.org