Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/9zd2m8oTe3xsIP_DJhxQLz7mT1o.roa
File:                     9zd2m8oTe3xsIP_DJhxQLz7mT1o.roa (raw, json)
Hash identifier:          IByV3ubJglbL9rZ7vsR8249e5u8QouKKJ5/SBT0kIqQ=
Subject key identifier:   F7:37:76:9B:CA:13:7B:7C:6C:20:FF:C3:26:1C:50:2F:3E:E6:4F:5A
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0717
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/9zd2m8oTe3xsIP_DJhxQLz7mT1o.roa
Signing time:             Tue 30 Apr 2024 01:53:01 +0000
ROA not before:           Tue 30 Apr 2024 01:53:01 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        1.78.10.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1815 (0x717)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 01:53:01 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=F737769BCA137B7C6C20FFC3261C502F3EE64F5A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:9f:6a:8e:11:23:25:7d:b5:10:36:21:1c:5b:
                    5b:35:7d:86:10:ff:a1:35:01:fe:b3:08:6a:4a:6c:
                    29:1c:d3:0d:66:f5:30:d3:ba:c5:da:b0:49:fc:b5:
                    f8:9b:a6:37:53:39:97:b1:95:05:d1:df:f6:76:55:
                    94:01:56:f6:8a:36:89:5d:26:30:81:25:2d:2e:d2:
                    3c:01:17:89:db:bd:18:1e:78:19:16:5a:33:11:0b:
                    01:cc:67:6a:64:22:9d:18:0b:62:01:3b:65:aa:dc:
                    40:34:ef:b0:a3:1d:49:4a:39:70:29:5d:22:22:c0:
                    a3:02:4a:07:16:a8:f5:e9:db:f2:53:bd:7f:dd:62:
                    15:cd:2c:b2:d9:8e:c0:47:65:bd:fe:16:58:89:17:
                    d5:73:b4:47:79:3c:55:e9:e4:16:0b:68:fd:4d:9c:
                    2d:c1:f4:a4:f3:65:90:ff:53:aa:be:f4:8b:33:fe:
                    95:dd:73:6a:30:e6:86:b7:ac:ed:b7:70:54:2e:d6:
                    fe:3a:f1:72:28:08:f0:2b:f3:08:a9:63:59:f7:cf:
                    f0:84:89:2b:e6:eb:91:fe:6b:12:7b:6e:11:9e:7d:
                    3a:0a:4b:ad:03:a2:46:31:0d:15:41:5a:49:28:ed:
                    ee:c1:b9:63:94:76:37:81:0c:e4:39:ee:87:2c:4f:
                    1e:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:37:76:9B:CA:13:7B:7C:6C:20:FF:C3:26:1C:50:2F:3E:E6:4F:5A
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/9zd2m8oTe3xsIP_DJhxQLz7mT1o.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.78.10.0/23

    Signature Algorithm: sha256WithRSAEncryption
         45:74:87:95:36:c4:9c:71:26:69:53:67:b6:1f:79:e7:1e:e7:
         66:f3:68:e0:05:8f:c4:06:a2:67:dc:1b:cc:6e:9c:ff:79:7e:
         09:f3:6a:d6:c0:c9:5b:60:00:52:9d:54:81:a6:32:11:55:21:
         da:bf:2f:95:6a:7d:87:4a:00:04:bb:59:80:e6:7d:d8:55:c3:
         a8:ec:b6:f5:3d:44:7f:0f:f3:79:c9:6d:69:00:3a:ee:d9:fb:
         1c:88:88:a9:d9:eb:01:7d:f5:d3:05:43:77:81:55:eb:b7:b6:
         6b:4e:eb:04:6e:88:d8:91:32:47:8b:86:9f:c9:ac:e5:5b:ca:
         23:f1:bb:99:db:33:9b:54:ae:c3:12:88:03:64:1e:c7:ca:5e:
         f9:03:3f:ed:23:13:87:ea:21:1a:37:b1:d3:0a:d3:7d:d8:b5:
         ba:1a:31:db:71:5f:48:92:4c:18:1b:dc:4a:31:67:d6:77:06:
         64:8e:45:a6:14:a8:3f:76:63:a5:ae:68:a5:c8:3c:f7:7f:2e:
         6f:91:ba:3f:b7:16:5f:e3:3c:84:f5:5f:ce:2f:dc:a5:91:ab:
         67:b4:4c:34:83:0f:62:ec:53:af:b0:a5:8d:0e:7d:4b:c9:63:
         d0:86:96:fe:3a:22:97:42:37:75:74:3b:45:98:2c:db:38:ed:
         e3:88:14:8a
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBxcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MTUzMDFaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKEY3Mzc3NjlCQ0ExMzdC
N0M2QzIwRkZDMzI2MUM1MDJGM0VFNjRGNUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/n2qOESMlfbUQNiEcW1s1fYYQ/6E1Af6zCGpKbCkc0w1m9TDT
usXasEn8tfibpjdTOZexlQXR3/Z2VZQBVvaKNoldJjCBJS0u0jwBF4nbvRgeeBkW
WjMRCwHMZ2pkIp0YC2IBO2Wq3EA077CjHUlKOXApXSIiwKMCSgcWqPXp2/JTvX/d
YhXNLLLZjsBHZb3+FliJF9VztEd5PFXp5BYLaP1NnC3B9KTzZZD/U6q+9Isz/pXd
c2ow5oa3rO23cFQu1v468XIoCPAr8wipY1n3z/CEiSvm65H+axJ7bhGefToKS60D
okYxDRVBWkko7e7BuWOUdjeBDOQ57ocsTx4BAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQU9zd2m8oTe3xsIP/DJhxQLz7mT1owHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5Lzl6ZDJtOG9UZTN4c0lQX0RKaHhRTHo3bVQxby5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEBTgowDQYJKoZIhvcNAQELBQADggEBAEV0h5U2xJxxJmlTZ7Yfeece52bz
aOAFj8QGomfcG8xunP95fgnzatbAyVtgAFKdVIGmMhFVIdq/L5VqfYdKAAS7WYDm
fdhVw6jstvU9RH8P83nJbWkAOu7Z+xyIiKnZ6wF99dMFQ3eBVeu3tmtO6wRuiNiR
MkeLhp/JrOVbyiPxu5nbM5tUrsMSiANkHsfKXvkDP+0jE4fqIRo3sdMK033Ytboa
MdtxX0iSTBgb3EoxZ9Z3BmSORaYUqD92Y6WuaKXIPPd/Lm+Ruj+3Fl/jPIT1X84v
3KWRq2e0TDSDD2LsU6+wpY0OfUvJY9CGlv46IpdCN3V0O0WYLNs47eOIFIo=
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:57:20 2024 by rpki-client on console-fra.rpki-client.org