Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/8k_NpLn-06V15Most-xHXQ5n2eU.roa
File:                     8k_NpLn-06V15Most-xHXQ5n2eU.roa (raw, json)
Hash identifier:          dw9yecVk38ImLiy258+mUVGzCnNLhB2YeFgTYkNmKEA=
Subject key identifier:   F2:4F:CD:A4:B9:FE:D3:A5:75:E4:CA:2C:B7:EC:47:5D:0E:67:D9:E5
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       06BC
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/8k_NpLn-06V15Most-xHXQ5n2eU.roa
Signing time:             Tue 30 Apr 2024 01:46:53 +0000
ROA not before:           Tue 30 Apr 2024 01:46:53 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        49.96.220.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1724 (0x6bc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 01:46:53 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=F24FCDA4B9FED3A575E4CA2CB7EC475D0E67D9E5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:91:77:62:53:23:11:6b:12:62:5b:10:7b:fd:
                    11:15:d1:d8:80:30:ee:70:8e:da:98:fe:f8:48:f5:
                    2c:cd:f2:ca:8a:ec:14:6f:86:e4:11:61:37:7a:dd:
                    de:22:d9:7c:75:91:d3:05:27:d2:a2:23:e1:bf:ec:
                    92:0d:66:b5:16:b8:73:33:70:a8:76:53:9b:f6:8d:
                    df:c1:62:ff:99:78:26:06:19:36:01:6d:a6:2b:a5:
                    d6:da:00:39:1f:fa:0f:70:1a:99:89:48:6d:52:4d:
                    30:ec:4d:4a:d0:07:36:5e:bf:8f:b6:52:2d:4a:4f:
                    3f:34:67:df:6b:d8:69:4e:64:4d:40:6b:7b:7d:b4:
                    b2:de:54:fb:19:21:da:ed:e6:fb:58:9f:7f:36:25:
                    c4:10:6d:ce:ec:3e:24:1d:70:fe:c4:52:a0:f7:24:
                    27:4a:8a:aa:7c:27:5f:4e:9a:37:6c:3e:40:ee:26:
                    db:c5:78:c5:a9:8f:0a:5f:18:e3:34:9f:82:1a:19:
                    d4:9f:f0:a2:4e:79:1f:6c:b2:13:cf:08:c3:67:e1:
                    51:ce:4e:12:a8:26:f1:75:d1:25:06:4a:ed:22:60:
                    8e:dc:79:70:91:cc:f2:6c:23:c3:bd:e7:33:08:8f:
                    24:1e:5b:8e:01:04:8a:89:eb:68:82:5f:a1:e0:5d:
                    0d:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:4F:CD:A4:B9:FE:D3:A5:75:E4:CA:2C:B7:EC:47:5D:0E:67:D9:E5
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/8k_NpLn-06V15Most-xHXQ5n2eU.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.96.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         45:cd:e0:1e:c1:f7:9c:70:38:eb:4d:16:c9:58:a8:e9:e9:78:
         e6:e5:c8:d5:b6:4c:f9:ea:08:0d:49:e3:a9:04:18:27:6b:d3:
         0e:98:40:c5:2b:56:a5:5e:ff:f5:76:ea:94:c6:3a:e8:20:41:
         43:18:78:c3:93:9c:73:00:6e:ad:12:55:6e:26:f9:6d:19:19:
         28:ed:9d:f0:27:7c:18:7d:b6:e6:aa:5f:4d:2b:e3:d4:ef:6d:
         dc:7c:e3:56:43:84:a4:14:82:aa:6e:97:99:ce:f1:1a:be:6c:
         ab:a8:1b:88:f3:96:42:55:98:de:4a:43:fa:d9:f7:3b:2f:82:
         81:83:3f:e7:24:c3:23:86:87:5c:2d:d6:19:41:42:91:33:f2:
         65:fd:99:52:6b:b0:51:39:48:ce:f2:72:4f:d0:8c:61:cf:41:
         fb:d6:ad:ef:f4:aa:a0:a1:e8:66:59:5f:67:70:fa:a4:0c:3f:
         59:4c:cd:d1:bd:65:3f:91:67:57:54:1f:f5:d8:4a:b5:fd:ee:
         57:e4:d7:e8:7c:20:0f:f2:d8:4a:ae:f0:ec:83:e8:3b:78:42:
         42:9b:68:86:5b:01:e6:db:0e:cd:9d:74:d6:44:4f:69:a9:7c:
         79:3e:39:9b:c7:00:ae:81:2e:31:44:9d:2c:75:b6:bc:ea:af:
         4f:a8:71:f9
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBrwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MTQ2NTNaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKEYyNEZDREE0QjlGRUQz
QTU3NUU0Q0EyQ0I3RUM0NzVEMEU2N0Q5RTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3kXdiUyMRaxJiWxB7/REV0diAMO5wjtqY/vhI9SzN8sqK7BRv
huQRYTd63d4i2Xx1kdMFJ9KiI+G/7JINZrUWuHMzcKh2U5v2jd/BYv+ZeCYGGTYB
baYrpdbaADkf+g9wGpmJSG1STTDsTUrQBzZev4+2Ui1KTz80Z99r2GlOZE1Aa3t9
tLLeVPsZIdrt5vtYn382JcQQbc7sPiQdcP7EUqD3JCdKiqp8J19OmjdsPkDuJtvF
eMWpjwpfGOM0n4IaGdSf8KJOeR9sshPPCMNn4VHOThKoJvF10SUGSu0iYI7ceXCR
zPJsI8O95zMIjyQeW44BBIqJ62iCX6HgXQ1FAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQU8k/NpLn+06V15Most+xHXQ5n2eUwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5LzhrX05wTG4tMDZWMTVNb3N0LXhIWFE1bjJlVS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIxYNwwDQYJKoZIhvcNAQELBQADggEBAEXN4B7B95xwOOtNFslYqOnpeObl
yNW2TPnqCA1J46kEGCdr0w6YQMUrVqVe//V26pTGOuggQUMYeMOTnHMAbq0SVW4m
+W0ZGSjtnfAnfBh9tuaqX00r49Tvbdx841ZDhKQUgqpul5nO8Rq+bKuoG4jzlkJV
mN5KQ/rZ9zsvgoGDP+ckwyOGh1wt1hlBQpEz8mX9mVJrsFE5SM7yck/QjGHPQfvW
re/0qqCh6GZZX2dw+qQMP1lMzdG9ZT+RZ1dUH/XYSrX97lfk1+h8IA/y2Equ8OyD
6Dt4QkKbaIZbAebbDs2ddNZET2mpfHk+OZvHAK6BLjFEnSx1trzqr0+ocfk=
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:57:20 2024 by rpki-client on console-fra.rpki-client.org