Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/8dkobaQ3ZxdqJtRwMEPoYTD4YI0.roa
File:                     8dkobaQ3ZxdqJtRwMEPoYTD4YI0.roa (raw, json)
Hash identifier:          xTs5SG5fSuTZUaCUduJiRYKp4Gf9ZZP19UHzKXW2YCA=
Subject key identifier:   F1:D9:28:6D:A4:37:67:17:6A:26:D4:70:30:43:E8:61:30:F8:60:8D
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       088B
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/8dkobaQ3ZxdqJtRwMEPoYTD4YI0.roa
Signing time:             Tue 30 Apr 2024 02:20:33 +0000
ROA not before:           Tue 30 Apr 2024 02:20:33 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        211.14.94.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2187 (0x88b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 02:20:33 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=F1D9286DA43767176A26D4703043E86130F8608D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:56:6a:83:88:a5:28:71:1a:6c:01:4c:6d:85:
                    78:db:ef:bf:9a:cf:9b:72:89:74:7e:ae:67:5e:4c:
                    5a:5e:c4:c1:d0:0b:41:fb:6a:db:13:ed:08:1a:59:
                    ac:7f:b8:5e:06:1b:4d:8e:f0:ee:03:ee:66:f5:44:
                    66:8e:b4:23:04:ec:10:16:92:aa:4f:bf:28:4a:ed:
                    f7:8a:b1:0d:59:20:30:2f:78:bb:7c:2b:e1:ee:b4:
                    4d:67:dd:0e:f4:17:4a:c8:ff:f0:d2:60:70:5d:e2:
                    7e:b3:97:bb:48:7a:3d:00:e9:77:a0:63:43:19:5a:
                    bb:fc:47:e8:d1:b6:54:b6:cf:32:d5:7a:86:d2:ee:
                    84:9e:ed:0a:3a:c6:bc:1f:b6:47:fa:cd:cf:1c:50:
                    d1:fe:93:e4:b0:ee:0e:dd:fa:db:d2:4d:03:71:db:
                    07:76:90:a4:bf:d1:8b:57:d9:de:c8:6a:22:d9:c0:
                    f0:48:f5:08:8f:12:d3:ff:6c:ed:96:56:95:06:1a:
                    45:03:7e:c7:85:5c:68:de:98:67:e1:01:67:e3:f3:
                    f6:8e:47:20:f6:7c:20:87:2e:af:4f:ea:45:0c:62:
                    97:fb:51:43:83:06:46:48:79:eb:d4:1b:f4:08:9f:
                    62:4c:15:3a:88:ac:8d:c4:33:53:08:6e:9b:0b:f2:
                    89:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:D9:28:6D:A4:37:67:17:6A:26:D4:70:30:43:E8:61:30:F8:60:8D
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/8dkobaQ3ZxdqJtRwMEPoYTD4YI0.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  211.14.94.0/23

    Signature Algorithm: sha256WithRSAEncryption
         e5:c9:53:83:7b:1e:4a:2a:5f:89:5d:cc:cd:42:ff:18:29:e5:
         db:d7:21:cb:3c:2b:de:d8:11:6f:eb:fe:5e:b7:27:a8:3d:90:
         68:fe:31:ad:a2:f7:03:8a:6f:20:77:18:c8:30:0d:be:7b:f1:
         ea:e6:0e:6f:07:1b:91:c7:da:3b:95:87:ad:9b:d0:c8:e1:42:
         07:20:e0:00:a4:b1:3e:01:89:e4:5e:5e:b0:00:74:f0:fd:0f:
         70:c3:7c:9d:f3:90:73:fc:d4:05:88:3a:f3:e4:5a:a9:91:00:
         e6:f7:46:5f:a7:9d:77:7d:0b:69:ab:27:48:30:67:46:49:af:
         5c:35:f6:8a:f3:dc:ff:4d:6b:83:73:df:d6:fb:81:32:a9:be:
         3c:16:ce:e7:af:52:f1:92:b2:9d:fa:4c:62:95:75:f7:08:df:
         4b:56:35:32:87:e4:bb:2e:de:1d:56:b0:72:12:4d:28:fb:62:
         f0:60:57:33:8e:49:b7:04:f2:7e:bd:09:41:24:ab:ed:40:71:
         60:9c:ef:e2:77:ff:ad:a0:9b:58:e4:57:bc:8d:23:81:3b:92:
         98:3f:63:e7:27:0e:bd:47:68:47:20:40:f7:ac:f3:84:34:cc:
         15:21:e0:6b:e1:d9:28:97:85:4c:e0:e7:d2:82:29:2a:73:05:
         75:23:ae:80
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICCIswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MjIwMzNaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKEYxRDkyODZEQTQzNzY3
MTc2QTI2RDQ3MDMwNDNFODYxMzBGODYwOEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDVmqDiKUocRpsAUxthXjb77+az5tyiXR+rmdeTFpexMHQC0H7
atsT7QgaWax/uF4GG02O8O4D7mb1RGaOtCME7BAWkqpPvyhK7feKsQ1ZIDAveLt8
K+HutE1n3Q70F0rI//DSYHBd4n6zl7tIej0A6XegY0MZWrv8R+jRtlS2zzLVeobS
7oSe7Qo6xrwftkf6zc8cUNH+k+Sw7g7d+tvSTQNx2wd2kKS/0YtX2d7IaiLZwPBI
9QiPEtP/bO2WVpUGGkUDfseFXGjemGfhAWfj8/aORyD2fCCHLq9P6kUMYpf7UUOD
BkZIeevUG/QIn2JMFTqIrI3EM1MIbpsL8onNAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQU8dkobaQ3ZxdqJtRwMEPoYTD4YI0wHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5Lzhka29iYVEzWnhkcUp0UndNRVBvWVRENFlJMC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAHTDl4wDQYJKoZIhvcNAQELBQADggEBAOXJU4N7HkoqX4ldzM1C/xgp5dvX
Ics8K97YEW/r/l63J6g9kGj+Ma2i9wOKbyB3GMgwDb578ermDm8HG5HH2juVh62b
0MjhQgcg4ACksT4BieReXrAAdPD9D3DDfJ3zkHP81AWIOvPkWqmRAOb3Rl+nnXd9
C2mrJ0gwZ0ZJr1w19orz3P9Na4Nz39b7gTKpvjwWzuevUvGSsp36TGKVdfcI30tW
NTKH5Lsu3h1WsHISTSj7YvBgVzOOSbcE8n69CUEkq+1AcWCc7+J3/62gm1jkV7yN
I4E7kpg/Y+cnDr1HaEcgQPes84Q0zBUh4Gvh2SiXhUzg59KCKSpzBXUjroA=
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:57:20 2024 by rpki-client on console-fra.rpki-client.org