Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/44BBvaJJ5jJZMrLrZ5Tu3L4X8Tg.roa
File:                     44BBvaJJ5jJZMrLrZ5Tu3L4X8Tg.roa (raw, json)
Hash identifier:          3jdnsFpFD//QkLjfs100kB/teYo9u2UVvEBdSyIx50s=
Subject key identifier:   E3:80:41:BD:A2:49:E6:32:59:32:B2:EB:67:94:EE:DC:BE:17:F1:38
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0627
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/44BBvaJJ5jJZMrLrZ5Tu3L4X8Tg.roa
Signing time:             Thu 29 Feb 2024 01:38:37 +0000
ROA not before:           Thu 29 Feb 2024 01:38:37 +0000
ROA not after:            Fri 14 Feb 2025 01:30:03 +0000
asID:                     9605
IP address blocks:        49.97.124.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1575 (0x627)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Feb 29 01:38:37 2024 GMT
            Not After : Feb 14 01:30:03 2025 GMT
        Subject: CN=E38041BDA249E6325932B2EB6794EEDCBE17F138
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:70:23:47:cb:0c:fb:63:e3:fc:d5:b1:63:17:
                    44:af:5c:53:8b:f2:d6:2e:3b:18:62:87:56:ae:ba:
                    22:da:a7:dd:eb:77:8c:d0:37:91:fb:63:55:d2:78:
                    b6:ba:80:d5:f0:35:fa:fe:fc:11:c9:9a:e9:70:22:
                    aa:9a:88:a9:7f:6e:a6:12:43:8e:77:22:b2:c4:71:
                    15:6e:81:b8:0e:2f:88:cb:f0:96:da:f7:70:e0:a9:
                    69:7b:62:c5:57:b8:8a:6a:bf:44:e9:6b:a0:3e:7e:
                    a6:fb:70:c5:48:8e:19:7f:01:b6:05:2a:ff:0a:0d:
                    aa:00:68:12:e4:35:a3:85:4d:a5:2c:32:1c:75:eb:
                    d5:7c:ac:c8:1a:f3:72:b6:1e:23:a8:4d:d3:59:60:
                    49:2b:5b:59:ca:14:b0:35:b8:af:fc:3e:ad:2b:dd:
                    8f:f7:2a:fb:7a:9c:3f:d6:b1:66:80:ad:e3:00:e0:
                    e7:61:4e:10:f5:a9:72:b8:74:cc:49:7b:cb:51:a1:
                    7f:44:aa:d9:42:e3:74:64:4b:33:43:92:73:b3:65:
                    14:df:4a:e3:72:cd:bc:30:54:4f:28:c0:c1:fc:c4:
                    da:cc:38:be:96:fe:45:7a:97:6d:95:7e:f3:18:dc:
                    8c:6c:1b:f1:de:d5:75:2b:95:53:6d:99:46:1b:59:
                    a4:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:80:41:BD:A2:49:E6:32:59:32:B2:EB:67:94:EE:DC:BE:17:F1:38
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/44BBvaJJ5jJZMrLrZ5Tu3L4X8Tg.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.97.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5d:cb:a0:76:ab:48:41:e2:78:f4:39:05:e5:d6:ae:47:5d:6b:
         e6:4c:d0:d3:fa:50:ad:09:93:38:09:32:95:c9:b6:87:5b:51:
         6d:aa:36:bf:8d:44:3d:96:50:a4:bc:2b:26:4f:ed:fa:03:d2:
         8e:34:ed:69:c4:49:c9:91:fb:19:19:15:f9:eb:a3:f9:99:10:
         5a:8a:e7:00:55:04:fb:f0:fd:ba:a8:b8:a1:da:9b:21:01:d0:
         e7:c2:2f:5c:05:ee:a8:5a:d5:9d:1b:69:93:4e:c9:a8:5d:d1:
         a1:8c:e4:3b:37:eb:07:4e:88:f2:e8:82:84:f6:d6:1f:0e:24:
         45:82:6e:ba:c6:d9:29:ea:8f:12:8c:69:d2:49:ef:ba:53:b7:
         2b:2a:18:76:91:d6:30:f1:3c:d9:a9:c5:8b:50:e2:22:02:b6:
         0e:94:fc:6b:f9:9a:aa:b1:fe:07:db:38:9e:b7:7e:38:af:e7:
         ee:f9:33:b5:7e:12:f8:6c:89:a3:35:b9:02:f8:4c:55:2b:99:
         7c:89:50:91:cb:31:ba:1e:fd:5d:53:66:8b:63:d1:f6:b7:6b:
         83:f9:3b:e5:71:f5:54:44:a6:7e:1b:96:0b:4e:e9:1f:bd:56:
         d7:d4:52:96:76:ac:b9:99:8c:2b:3e:b2:72:f3:5c:da:40:ac:
         8d:4e:d5:9f
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBicwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDAyMjkw
MTM4MzdaFw0yNTAyMTQwMTMwMDNaMDMxMTAvBgNVBAMTKEUzODA0MUJEQTI0OUU2
MzI1OTMyQjJFQjY3OTRFRURDQkUxN0YxMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8cCNHywz7Y+P81bFjF0SvXFOL8tYuOxhih1auuiLap93rd4zQ
N5H7Y1XSeLa6gNXwNfr+/BHJmulwIqqaiKl/bqYSQ453IrLEcRVugbgOL4jL8Jba
93DgqWl7YsVXuIpqv0Tpa6A+fqb7cMVIjhl/AbYFKv8KDaoAaBLkNaOFTaUsMhx1
69V8rMga83K2HiOoTdNZYEkrW1nKFLA1uK/8Pq0r3Y/3Kvt6nD/WsWaAreMA4Odh
ThD1qXK4dMxJe8tRoX9EqtlC43RkSzNDknOzZRTfSuNyzbwwVE8owMH8xNrMOL6W
/kV6l22VfvMY3IxsG/He1XUrlVNtmUYbWaSNAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQU44BBvaJJ5jJZMrLrZ5Tu3L4X8TgwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5LzQ0QkJ2YUpKNWpKWk1yTHJaNVR1M0w0WDhUZy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIxYXwwDQYJKoZIhvcNAQELBQADggEBAF3LoHarSEHiePQ5BeXWrkdda+ZM
0NP6UK0JkzgJMpXJtodbUW2qNr+NRD2WUKS8KyZP7foD0o407WnEScmR+xkZFfnr
o/mZEFqK5wBVBPvw/bqouKHamyEB0OfCL1wF7qha1Z0baZNOyahd0aGM5Ds36wdO
iPLogoT21h8OJEWCbrrG2SnqjxKMadJJ77pTtysqGHaR1jDxPNmpxYtQ4iICtg6U
/Gv5mqqx/gfbOJ63fjiv5+75M7V+EvhsiaM1uQL4TFUrmXyJUJHLMboe/V1TZotj
0fa3a4P5O+Vx9VREpn4blgtO6R+9VtfUUpZ2rLmZjCs+snLzXNpArI1O1Z8=
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:31:51 2024 by rpki-client on console-ams.rpki-client.org