Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/7V50yCrHMJN7BGh9OhtC7aRJ3jw.roa
File:                     7V50yCrHMJN7BGh9OhtC7aRJ3jw.roa (raw, json)
Hash identifier:          R1WIf29sBjzcgDmMSs89k+ILMFC2HPNfZlN/CmzDTy4=
Subject key identifier:   ED:5E:74:C8:2A:C7:30:93:7B:04:68:7D:3A:1B:42:ED:A4:49:DE:3C
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0550
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/7V50yCrHMJN7BGh9OhtC7aRJ3jw.roa
Signing time:             Thu 27 Jul 2023 16:56:12 +0000
ROA not before:           Thu 27 Jul 2023 16:56:12 +0000
ROA not after:            Sun 14 Jul 2024 01:30:03 +0000
asID:                     9605
IP address blocks:        211.14.100.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1360 (0x550)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jul 27 16:56:12 2023 GMT
            Not After : Jul 14 01:30:03 2024 GMT
        Subject: CN=ED5E74C82AC730937B04687D3A1B42EDA449DE3C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:43:66:68:58:23:9a:c0:e7:66:34:a1:26:38:
                    bf:c5:e3:d7:8e:a7:33:6e:9d:21:7b:b1:cd:a0:e0:
                    cf:b6:62:ea:d8:d9:3b:cc:f5:f5:7e:92:09:e1:8d:
                    3c:e0:ca:09:5b:08:fa:9b:d3:89:6f:34:40:ba:e8:
                    63:c6:46:c9:3f:93:48:d1:c5:f6:5d:11:d8:70:57:
                    1c:19:f6:89:a1:29:ed:0f:42:47:95:02:ea:34:6d:
                    72:18:e6:7c:d3:99:31:ef:2a:01:3a:81:0f:45:22:
                    5c:ef:34:f6:0b:7b:df:ef:02:8f:18:0c:3a:b7:57:
                    fb:47:c1:1d:1e:8a:ca:a0:66:5f:6d:e6:45:fe:ca:
                    94:0a:d7:1c:db:cb:d2:6e:28:79:b2:fc:07:9b:51:
                    70:3b:3d:9d:6c:f0:57:82:70:3a:21:37:be:c5:7b:
                    69:5d:03:5c:c5:88:b4:0b:13:dc:9d:59:f4:76:31:
                    4d:0a:a5:96:be:f6:12:32:3d:d1:b0:e3:3a:a8:1c:
                    4d:b9:04:a3:31:57:fe:4b:c0:b6:48:fe:71:ee:9c:
                    2e:ce:66:96:7d:ad:85:0a:d6:8f:f7:e2:78:90:42:
                    bb:51:18:f3:c4:a3:aa:c2:69:d4:a6:5a:53:e7:c3:
                    44:af:c7:f9:16:a0:67:f4:b4:b7:3b:56:d0:e5:5e:
                    56:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:5E:74:C8:2A:C7:30:93:7B:04:68:7D:3A:1B:42:ED:A4:49:DE:3C
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/7V50yCrHMJN7BGh9OhtC7aRJ3jw.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  211.14.100.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7f:f5:31:3b:77:6b:9b:12:b6:13:ad:67:2d:32:af:32:b0:67:
         cc:84:9a:56:17:74:23:70:2d:e4:90:f4:e2:45:67:15:fc:c1:
         ec:36:c1:c3:b8:0b:1f:4f:c5:bf:45:61:90:68:cf:3b:02:97:
         f6:02:88:ad:5a:f6:1a:41:18:6d:b7:f6:a4:03:10:4d:e0:8e:
         a6:a3:03:92:7d:77:af:de:1c:2c:02:2e:f8:72:2b:b9:60:7c:
         da:1d:16:db:3e:7e:de:25:34:7f:90:05:ea:0b:70:82:7e:55:
         1d:1f:45:52:e9:72:ef:11:47:0b:48:34:9a:00:0e:b2:b5:36:
         f9:e9:9c:86:c6:32:55:a2:1a:d8:f7:0c:10:b6:d5:38:fc:35:
         cf:2e:73:bb:f1:28:7b:6c:65:92:39:65:c8:4a:b4:16:f2:c7:
         83:a3:17:90:74:fd:b2:1c:24:2e:7a:66:44:5f:a8:55:c7:74:
         93:90:bb:b4:26:ce:e0:6a:ac:78:54:50:73:ac:a4:89:f3:88:
         76:62:64:ed:34:dd:d2:48:c7:d3:fb:82:5c:4b:56:59:56:3f:
         0e:12:98:55:2f:18:b8:5f:0f:5d:d3:9a:00:72:a8:07:f3:8b:
         60:1d:f3:4d:43:05:d9:29:e3:b0:65:a9:c3:75:cf:31:71:43:
         74:c5:51:12
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBVAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA3Mjcx
NjU2MTJaFw0yNDA3MTQwMTMwMDNaMDMxMTAvBgNVBAMTKEVENUU3NEM4MkFDNzMw
OTM3QjA0Njg3RDNBMUI0MkVEQTQ0OURFM0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkQ2ZoWCOawOdmNKEmOL/F49eOpzNunSF7sc2g4M+2YurY2TvM
9fV+kgnhjTzgyglbCPqb04lvNEC66GPGRsk/k0jRxfZdEdhwVxwZ9omhKe0PQkeV
Auo0bXIY5nzTmTHvKgE6gQ9FIlzvNPYLe9/vAo8YDDq3V/tHwR0eisqgZl9t5kX+
ypQK1xzby9JuKHmy/AebUXA7PZ1s8FeCcDohN77Fe2ldA1zFiLQLE9ydWfR2MU0K
pZa+9hIyPdGw4zqoHE25BKMxV/5LwLZI/nHunC7OZpZ9rYUK1o/34niQQrtRGPPE
o6rCadSmWlPnw0Svx/kWoGf0tLc7VtDlXlYdAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQU7V50yCrHMJN7BGh9OhtC7aRJ3jwwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5LzdWNTB5Q3JITUpON0JHaDlPaHRDN2FSSjNqdy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALTDmQwDQYJKoZIhvcNAQELBQADggEBAH/1MTt3a5sSthOtZy0yrzKwZ8yE
mlYXdCNwLeSQ9OJFZxX8wew2wcO4Cx9Pxb9FYZBozzsCl/YCiK1a9hpBGG239qQD
EE3gjqajA5J9d6/eHCwCLvhyK7lgfNodFts+ft4lNH+QBeoLcIJ+VR0fRVLpcu8R
RwtINJoADrK1NvnpnIbGMlWiGtj3DBC21Tj8Nc8uc7vxKHtsZZI5ZchKtBbyx4Oj
F5B0/bIcJC56ZkRfqFXHdJOQu7QmzuBqrHhUUHOspInziHZiZO003dJIx9P7glxL
VllWPw4SmFUvGLhfD13TmgByqAfzi2Ad801DBdkp47BlqcN1zzFxQ3TFURI=
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:57:20 2024 by rpki-client on console-fra.rpki-client.org