Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/5ChmZaQNq2PFbGv5rlodDrYlOsA.roa
File:                     5ChmZaQNq2PFbGv5rlodDrYlOsA.roa (raw, json)
Hash identifier:          XZSqwshdqY98PnEF/otJ/Wmx93RSZBjW2InLTgFitSc=
Subject key identifier:   E4:28:66:65:A4:0D:AB:63:C5:6C:6B:F9:AE:5A:1D:0E:B6:25:3A:C0
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       08D5
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/5ChmZaQNq2PFbGv5rlodDrYlOsA.roa
Signing time:             Tue 30 Apr 2024 02:24:42 +0000
ROA not before:           Tue 30 Apr 2024 02:24:42 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        1.79.11.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 15:22:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2261 (0x8d5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 02:24:42 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=E4286665A40DAB63C56C6BF9AE5A1D0EB6253AC0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:59:00:33:02:2f:05:82:88:13:5a:14:7b:6b:
                    ab:fd:8c:53:85:ef:2e:c9:b6:a1:06:6c:87:e5:0b:
                    8a:3b:1e:57:b7:bd:9b:f3:a5:bd:d6:74:5a:19:30:
                    9d:c4:75:d1:75:3b:c1:94:bc:ad:fc:72:cb:e0:ce:
                    1d:27:2f:4e:d7:31:df:08:9c:48:1f:15:a4:09:85:
                    b7:23:e7:d8:be:dd:0e:79:00:29:12:f8:4d:84:a7:
                    1c:a3:13:fa:eb:5d:47:b2:23:34:4a:0a:57:86:61:
                    a5:49:0e:24:82:5b:1d:6c:02:f8:8f:80:fd:77:00:
                    ad:06:d2:19:7c:d5:82:5d:02:83:6c:af:8f:8e:68:
                    f9:58:51:5c:b0:49:82:98:2b:fc:d9:cf:d9:63:44:
                    d1:70:e9:bf:86:d9:65:a2:39:f0:48:56:00:85:02:
                    0f:f1:73:06:94:fe:3b:9f:20:f7:44:73:83:9c:94:
                    e0:d3:01:6b:07:4a:48:72:8e:49:37:54:1b:6c:71:
                    9d:01:db:da:35:00:52:24:cf:e9:36:8b:9d:e2:e6:
                    e5:14:17:c1:93:db:8c:05:1f:39:05:dc:d4:34:ec:
                    53:29:ea:48:f1:d2:bc:24:fe:75:2c:ed:c0:62:52:
                    b9:5b:21:cd:d5:3f:56:a0:c5:81:41:2c:8a:68:0b:
                    12:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:28:66:65:A4:0D:AB:63:C5:6C:6B:F9:AE:5A:1D:0E:B6:25:3A:C0
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/5ChmZaQNq2PFbGv5rlodDrYlOsA.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.79.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:d2:35:6e:ed:c1:c4:2f:47:9b:84:52:3f:5d:e1:74:9f:8c:
         c1:19:49:f4:a9:14:7a:4b:07:45:6d:23:e7:3d:86:8f:55:3c:
         cd:67:d9:08:24:21:bb:14:bf:f0:dc:bb:5b:9a:bd:d9:3c:cd:
         7c:5a:e0:02:26:ff:a0:0a:65:5f:d2:6e:03:57:39:bf:a3:49:
         94:f6:5c:f0:f6:7c:d1:96:19:6c:cc:d9:e2:ff:5d:4a:01:16:
         7b:ce:84:0b:26:b3:bb:2b:8c:3e:c5:d6:97:1a:ee:a9:d7:ff:
         9d:2b:82:11:63:2f:fd:6a:89:9c:90:40:a3:a3:51:64:56:15:
         cd:49:f1:48:6a:17:46:89:a3:7a:ed:d8:b1:93:bf:46:b8:71:
         11:f7:95:7f:90:ab:78:e3:3d:f4:43:04:f3:46:27:51:b7:6f:
         c3:67:b0:21:4a:02:ec:e2:ce:f5:d1:d7:cf:f8:78:7c:d4:2e:
         98:02:e3:6a:53:fd:4e:2d:1e:95:6e:de:af:85:96:35:af:48:
         cd:c8:21:82:9a:08:79:54:25:92:46:98:41:b2:dd:0e:68:3b:
         91:05:2d:6d:cf:a1:0a:2a:28:b7:74:d0:62:05:7b:77:2c:96:
         6c:4f:7f:7c:ee:80:95:f9:79:f0:5b:79:9b:69:58:63:7e:03:
         1a:af:e1:f6
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICCNUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MjI0NDJaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKEU0Mjg2NjY1QTQwREFC
NjNDNTZDNkJGOUFFNUExRDBFQjYyNTNBQzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIWQAzAi8FgogTWhR7a6v9jFOF7y7JtqEGbIflC4o7Hle3vZvz
pb3WdFoZMJ3EddF1O8GUvK38csvgzh0nL07XMd8InEgfFaQJhbcj59i+3Q55ACkS
+E2EpxyjE/rrXUeyIzRKCleGYaVJDiSCWx1sAviPgP13AK0G0hl81YJdAoNsr4+O
aPlYUVywSYKYK/zZz9ljRNFw6b+G2WWiOfBIVgCFAg/xcwaU/jufIPdEc4OclODT
AWsHSkhyjkk3VBtscZ0B29o1AFIkz+k2i53i5uUUF8GT24wFHzkF3NQ07FMp6kjx
0rwk/nUs7cBiUrlbIc3VP1agxYFBLIpoCxK1AgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQU5ChmZaQNq2PFbGv5rlodDrYlOsAwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5LzVDaG1aYVFOcTJQRmJHdjVybG9kRHJZbE9zQS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAABTwswDQYJKoZIhvcNAQELBQADggEBACbSNW7twcQvR5uEUj9d4XSfjMEZ
SfSpFHpLB0VtI+c9ho9VPM1n2QgkIbsUv/Dcu1uavdk8zXxa4AIm/6AKZV/SbgNX
Ob+jSZT2XPD2fNGWGWzM2eL/XUoBFnvOhAsms7srjD7F1pca7qnX/50rghFjL/1q
iZyQQKOjUWRWFc1J8UhqF0aJo3rt2LGTv0a4cRH3lX+Qq3jjPfRDBPNGJ1G3b8Nn
sCFKAuzizvXR18/4eHzULpgC42pT/U4tHpVu3q+FljWvSM3IIYKaCHlUJZJGmEGy
3Q5oO5EFLW3PoQoqKLd00GIFe3cslmxPf3zugJX5efBbeZtpWGN+Axqv4fY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:45:39 2024 by rpki-client on console-ams.rpki-client.org