Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/439Lh_s7RPXzPgmOX37EiyGT0no.roa
File:                     439Lh_s7RPXzPgmOX37EiyGT0no.roa (raw, json)
Hash identifier:          odMMs53RtCKDoFfTXF74MO3wCwdvsy8wZQeBXQTU/N4=
Subject key identifier:   E3:7F:4B:87:FB:3B:44:F5:F3:3E:09:8E:5F:7E:C4:8B:21:93:D2:7A
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0865
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/439Lh_s7RPXzPgmOX37EiyGT0no.roa
Signing time:             Tue 30 Apr 2024 02:18:25 +0000
ROA not before:           Tue 30 Apr 2024 02:18:25 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        211.14.112.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 14:09:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2149 (0x865)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 02:18:25 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=E37F4B87FB3B44F5F33E098E5F7EC48B2193D27A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:b5:f4:3d:3c:03:82:c7:47:fc:b2:2a:1f:63:
                    18:0a:2c:65:f2:89:04:44:bb:e2:40:be:b8:72:b3:
                    63:a5:d9:22:5f:92:e1:09:fc:8a:62:7f:5e:26:51:
                    27:33:34:c1:34:57:12:71:62:57:4b:90:d7:ce:37:
                    ba:3b:6d:62:6c:c7:4e:79:c4:f0:11:bc:4f:2e:96:
                    5b:16:18:58:91:b4:47:91:d9:5f:d6:4f:44:e4:f2:
                    c0:b6:a6:71:60:c3:8e:2f:44:be:fe:aa:81:16:41:
                    8c:2f:3e:aa:b8:82:c8:9c:2a:5f:aa:30:e9:64:dd:
                    d6:70:07:85:96:5f:16:2a:2f:f2:80:fe:2f:4c:06:
                    7d:d2:c6:98:60:af:51:0e:d3:bf:f6:0a:fa:55:df:
                    69:5d:6b:3e:3d:e4:52:00:3c:d1:37:5f:cd:3c:59:
                    0b:a7:93:8e:4c:da:02:79:01:54:0a:06:25:6e:23:
                    c3:35:26:cd:49:84:48:e1:7d:cc:94:88:cb:f4:af:
                    cd:82:d0:81:d3:93:d3:61:5a:24:fa:51:d1:25:34:
                    e9:c0:e0:df:9d:63:f8:6c:14:1e:23:66:d7:23:49:
                    8e:38:76:1c:fe:c3:4f:8d:fa:06:ef:39:40:be:a2:
                    d3:ef:e6:1b:7f:d6:a1:d0:cb:df:1b:db:6b:f4:d1:
                    d2:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:7F:4B:87:FB:3B:44:F5:F3:3E:09:8E:5F:7E:C4:8B:21:93:D2:7A
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/439Lh_s7RPXzPgmOX37EiyGT0no.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  211.14.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         42:e0:40:f4:74:a7:21:33:ef:78:92:ba:de:ca:4f:54:d2:e4:
         09:a5:3d:24:5f:57:6d:52:47:10:eb:f4:fc:09:45:2e:3f:e4:
         7e:6d:d6:48:24:6b:fd:6c:24:a4:84:06:09:c4:04:0c:1f:25:
         11:7b:f9:cf:e1:ac:47:67:87:c1:3d:76:c3:d3:fa:37:07:c8:
         b5:11:0a:ee:b3:0d:f6:34:58:aa:e4:ee:33:af:8c:08:83:5e:
         0f:19:d0:0a:87:88:32:ad:e7:6e:52:00:36:a8:bb:ea:b2:f1:
         e9:af:5f:6c:40:52:28:43:8d:6d:21:59:05:78:75:91:5a:ef:
         18:d1:d4:ab:2e:64:0e:ca:98:82:17:3e:c8:bd:0c:de:fd:2c:
         ac:1d:cc:bc:12:1c:9d:01:20:e0:f5:a6:84:db:af:bd:d7:e0:
         9c:00:a7:4a:6e:d0:2f:9c:35:f5:2e:f7:11:b3:92:e8:b4:cd:
         02:e9:c3:40:a9:35:b8:a6:db:63:00:ca:b7:4a:9a:e2:86:e7:
         8f:08:96:54:c3:ad:a3:45:f5:81:3c:bd:d5:c2:a1:14:16:84:
         d3:1f:5b:04:81:4b:82:8a:27:a7:0f:e2:f6:80:0e:1d:7e:e1:
         1b:7c:ec:79:3d:75:a5:c9:6f:5c:02:40:6e:e4:81:cf:d6:b5:
         f3:18:98:f4
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICCGUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MjE4MjVaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKEUzN0Y0Qjg3RkIzQjQ0
RjVGMzNFMDk4RTVGN0VDNDhCMjE5M0QyN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+tfQ9PAOCx0f8siofYxgKLGXyiQREu+JAvrhys2Ol2SJfkuEJ
/Ipif14mUSczNME0VxJxYldLkNfON7o7bWJsx055xPARvE8ullsWGFiRtEeR2V/W
T0Tk8sC2pnFgw44vRL7+qoEWQYwvPqq4gsicKl+qMOlk3dZwB4WWXxYqL/KA/i9M
Bn3Sxphgr1EO07/2CvpV32ldaz495FIAPNE3X808WQunk45M2gJ5AVQKBiVuI8M1
Js1JhEjhfcyUiMv0r82C0IHTk9NhWiT6UdElNOnA4N+dY/hsFB4jZtcjSY44dhz+
w0+N+gbvOUC+otPv5ht/1qHQy98b22v00dLzAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQU439Lh/s7RPXzPgmOX37EiyGT0nowHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5LzQzOUxoX3M3UlBYelBnbU9YMzdFaXlHVDBuby5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALTDnAwDQYJKoZIhvcNAQELBQADggEBAELgQPR0pyEz73iSut7KT1TS5Aml
PSRfV21SRxDr9PwJRS4/5H5t1kgka/1sJKSEBgnEBAwfJRF7+c/hrEdnh8E9dsPT
+jcHyLURCu6zDfY0WKrk7jOvjAiDXg8Z0AqHiDKt525SADaou+qy8emvX2xAUihD
jW0hWQV4dZFa7xjR1KsuZA7KmIIXPsi9DN79LKwdzLwSHJ0BIOD1poTbr73X4JwA
p0pu0C+cNfUu9xGzkui0zQLpw0CpNbim22MAyrdKmuKG548IllTDraNF9YE8vdXC
oRQWhNMfWwSBS4KKJ6cP4vaADh1+4Rt87Hk9daXJb1wCQG7kgc/WtfMYmPQ=
-----END CERTIFICATE-----
Generated at Mon Jun 17 11:39:11 2024 by rpki-client on console-fra.rpki-client.org