Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/AdFEC3GB2br-1RUVah3S03dzTYI.roa
File:                     AdFEC3GB2br-1RUVah3S03dzTYI.roa (raw, json)
Hash identifier:          rt6AdQTPCG/ELXalmcPf68FVIfHIw809plBORR/+4o8=
Subject key identifier:   01:D1:44:0B:71:81:D9:BA:FE:D5:15:15:6A:1D:D2:D3:77:73:4D:82
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       059A
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/AdFEC3GB2br-1RUVah3S03dzTYI.roa
Signing time:             Thu 27 Jul 2023 17:00:13 +0000
ROA not before:           Thu 27 Jul 2023 17:00:13 +0000
ROA not after:            Sun 14 Jul 2024 01:30:03 +0000
asID:                     9605
IP address blocks:        110.158.168.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1434 (0x59a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jul 27 17:00:13 2023 GMT
            Not After : Jul 14 01:30:03 2024 GMT
        Subject: CN=01D1440B7181D9BAFED515156A1DD2D377734D82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:b9:2b:86:8b:c3:ea:e3:e6:03:87:9a:a0:9a:
                    d4:2b:bc:ec:70:69:84:fa:9c:15:c7:a7:7e:3c:b6:
                    c6:d4:f0:fa:27:e0:8d:a6:49:a0:5b:68:22:0b:a9:
                    df:d6:37:ac:32:cf:c8:47:cf:13:bb:56:a9:0a:ff:
                    0e:79:81:20:f5:a5:18:27:b1:2b:92:c8:cc:36:59:
                    22:0f:d6:a8:b5:66:02:5f:eb:a4:5d:2c:bf:25:fc:
                    84:73:df:aa:37:66:6e:42:5d:63:36:b0:55:33:d7:
                    01:ef:6e:78:37:37:17:1e:b7:81:58:a4:92:fc:6c:
                    ee:02:0c:f0:db:3e:02:c4:64:39:8e:bb:45:f0:b7:
                    ae:99:bd:bd:8a:57:5f:3f:1a:a9:2d:c3:29:e1:ce:
                    48:a0:d7:5e:08:f1:e7:fd:df:3e:8e:3b:24:4b:fe:
                    ca:d5:de:57:e4:79:3b:29:37:d3:b7:90:b0:99:b0:
                    d3:a6:e0:1b:ae:78:19:aa:64:cb:80:7a:78:f1:f7:
                    4d:bf:6c:84:c7:00:3a:8c:4a:4a:ae:a3:67:5e:71:
                    a9:88:41:e9:fa:8a:40:71:16:db:24:42:d8:1a:1e:
                    d7:1a:ce:03:d4:14:33:d4:7a:99:1e:d3:3b:f8:6d:
                    ba:22:70:24:25:20:4f:a5:0c:a7:8f:39:7a:e0:5e:
                    0b:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:D1:44:0B:71:81:D9:BA:FE:D5:15:15:6A:1D:D2:D3:77:73:4D:82
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/AdFEC3GB2br-1RUVah3S03dzTYI.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  110.158.168.0/21

    Signature Algorithm: sha256WithRSAEncryption
         91:f9:43:d1:3b:c5:ec:ad:a6:a6:de:a3:61:8f:9a:bf:5f:73:
         f7:46:c9:0c:07:52:b3:e9:49:4e:37:53:ce:5c:b9:8e:9f:fe:
         52:02:f5:de:b8:5a:1b:f9:cb:d6:ee:22:73:6d:44:3e:ae:f7:
         d2:1f:55:db:62:1a:72:93:7d:11:00:25:90:30:63:da:3e:a6:
         c8:79:8b:e3:52:8c:46:d3:c1:2e:61:3b:4f:9a:fc:56:ee:2d:
         c6:c3:38:a1:4b:a2:cd:2a:80:05:f4:ab:8d:c2:62:d0:46:ef:
         98:d4:ec:54:16:3d:41:ff:4c:08:97:88:56:cf:ec:75:aa:70:
         34:f8:3a:08:b2:92:6d:93:bd:c4:7c:ab:7a:7e:9a:18:27:78:
         ae:24:22:55:b4:bf:e3:5f:bc:aa:69:9a:62:59:31:55:0e:c1:
         d1:94:f6:fb:14:9f:af:4c:9a:16:20:fa:5d:12:f6:c3:82:a6:
         36:8a:a7:b6:02:91:99:35:d7:04:7b:96:39:e7:2b:32:12:52:
         cf:ff:3a:e3:69:a3:81:1a:04:99:77:7a:b2:3e:a9:0d:67:a5:
         cc:19:8d:66:51:e9:96:5f:b9:bd:25:5c:7a:0d:7b:ff:13:fe:
         af:f3:77:74:ac:50:d4:24:93:b1:a2:f4:f0:5c:03:3b:87:ec:
         4f:00:5b:cb
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBZowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA3Mjcx
NzAwMTNaFw0yNDA3MTQwMTMwMDNaMDMxMTAvBgNVBAMTKDAxRDE0NDBCNzE4MUQ5
QkFGRUQ1MTUxNTZBMUREMkQzNzc3MzREODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1uSuGi8Pq4+YDh5qgmtQrvOxwaYT6nBXHp348tsbU8Pon4I2m
SaBbaCILqd/WN6wyz8hHzxO7VqkK/w55gSD1pRgnsSuSyMw2WSIP1qi1ZgJf66Rd
LL8l/IRz36o3Zm5CXWM2sFUz1wHvbng3Nxcet4FYpJL8bO4CDPDbPgLEZDmOu0Xw
t66Zvb2KV18/Gqktwynhzkig114I8ef93z6OOyRL/srV3lfkeTspN9O3kLCZsNOm
4BuueBmqZMuAenjx902/bITHADqMSkquo2decamIQen6ikBxFtskQtgaHtcazgPU
FDPUepke0zv4bboicCQlIE+lDKePOXrgXgu/AgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUAdFEC3GB2br+1RUVah3S03dzTYIwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L0FkRkVDM0dCMmJyLTFSVVZhaDNTMDNkelRZSS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANunqgwDQYJKoZIhvcNAQELBQADggEBAJH5Q9E7xeytpqbeo2GPmr9fc/dG
yQwHUrPpSU43U85cuY6f/lIC9d64Whv5y9buInNtRD6u99IfVdtiGnKTfREAJZAw
Y9o+psh5i+NSjEbTwS5hO0+a/FbuLcbDOKFLos0qgAX0q43CYtBG75jU7FQWPUH/
TAiXiFbP7HWqcDT4Ogiykm2TvcR8q3p+mhgneK4kIlW0v+NfvKppmmJZMVUOwdGU
9vsUn69MmhYg+l0S9sOCpjaKp7YCkZk11wR7ljnnKzISUs//OuNpo4EaBJl3erI+
qQ1npcwZjWZR6ZZfub0lXHoNe/8T/q/zd3SsUNQkk7Gi9PBcAzuH7E8AW8s=
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:31:52 2024 by rpki-client on console-ams.rpki-client.org