Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/BwBVuwxNNuPATxaGgEpN7gxvA20.roa
File:                     BwBVuwxNNuPATxaGgEpN7gxvA20.roa (raw, json)
Hash identifier:          UuxkPQKDxQG4noIvbS+gnxs+OeY6uZNGLzYYnWPAMcE=
Subject key identifier:   07:00:55:BB:0C:4D:36:E3:C0:4F:16:86:80:4A:4D:EE:0C:6F:03:6D
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       084C
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/BwBVuwxNNuPATxaGgEpN7gxvA20.roa
Signing time:             Tue 30 Apr 2024 02:16:26 +0000
ROA not before:           Tue 30 Apr 2024 02:16:26 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        49.98.200.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2124 (0x84c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 02:16:26 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=070055BB0C4D36E3C04F1686804A4DEE0C6F036D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:3d:da:6f:46:8f:ca:90:62:db:2d:43:f6:9a:
                    33:ef:8e:ea:93:49:80:15:76:12:ec:88:5e:87:80:
                    36:b5:a4:57:a3:a4:d1:85:6a:e9:46:ad:1e:46:4c:
                    d4:08:84:20:9c:37:67:e0:73:01:ac:03:3b:36:06:
                    3c:48:5e:df:b0:d1:66:77:a6:d7:f6:c6:10:68:d3:
                    4c:5f:97:c9:3b:10:a7:8e:6e:2c:be:38:a1:ae:ef:
                    c7:de:01:2f:f4:9f:55:8c:29:78:57:0a:b6:1a:1b:
                    25:5f:61:39:cf:02:c6:fc:e9:b1:82:6f:f6:cc:a4:
                    ab:19:ec:86:d8:9d:a0:77:0c:e6:66:42:29:b5:38:
                    b6:0b:79:f6:59:e3:1d:4d:3a:65:9b:b2:8f:c2:d3:
                    41:66:43:9b:f6:70:e8:1e:7a:33:93:78:91:8e:23:
                    87:e1:53:85:79:46:c3:8e:24:4f:47:50:fd:58:9d:
                    1b:8c:09:80:30:89:2b:d2:5e:03:3e:1d:d7:a8:e4:
                    e2:48:aa:48:3d:38:09:2a:43:4c:bc:e6:8a:93:b9:
                    a2:a3:5d:79:68:96:4f:44:84:02:10:50:79:20:5a:
                    f0:35:8d:d5:45:01:0a:2b:6b:be:44:c9:25:4a:be:
                    22:eb:04:c6:20:8c:34:73:fa:9b:9b:80:0f:3e:4d:
                    4c:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:00:55:BB:0C:4D:36:E3:C0:4F:16:86:80:4A:4D:EE:0C:6F:03:6D
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/BwBVuwxNNuPATxaGgEpN7gxvA20.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.98.200.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b2:dd:b7:ee:2c:75:69:ad:4e:6d:f1:0a:dc:63:8a:32:b2:99:
         e5:5a:a6:5a:b0:db:a3:4a:c9:4b:82:9f:82:d8:65:6c:b0:28:
         cb:16:ee:41:d0:ef:e7:b4:1e:ad:1f:00:10:eb:98:52:d8:b6:
         9c:93:93:a2:c3:4e:82:19:15:8e:1d:92:0f:f9:9a:ee:53:00:
         b1:71:de:71:9b:aa:6b:eb:2a:d5:a0:d4:00:2c:81:e2:ff:75:
         35:11:e5:1c:dd:ec:c4:3f:e3:56:29:12:d5:79:19:e7:d3:b5:
         b5:7b:4b:75:81:2d:49:38:ca:d9:d8:a8:1f:bc:91:23:db:b0:
         f3:9f:68:7b:72:bf:ae:8d:69:26:ff:12:1f:c6:3f:68:38:1e:
         4c:90:08:09:cc:0a:a3:fc:1a:1a:ef:8e:4e:49:bd:7d:50:a2:
         64:12:22:de:43:6e:87:fd:fa:99:82:91:21:20:f0:71:d9:ba:
         75:64:86:2f:29:39:7b:47:7d:ce:90:d6:15:53:d1:73:68:94:
         8d:56:76:ce:32:58:a4:15:bb:42:e6:e4:85:ef:07:38:e4:05:
         49:8a:15:29:ad:c5:98:25:72:ef:12:e7:bc:8a:23:f5:76:78:
         26:8f:5f:af:73:ea:b5:8b:8b:4c:dd:4b:bc:24:30:0f:55:8d:
         49:ec:03:82
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICCEwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MjE2MjZaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDA3MDA1NUJCMEM0RDM2
RTNDMDRGMTY4NjgwNEE0REVFMEM2RjAzNkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzPdpvRo/KkGLbLUP2mjPvjuqTSYAVdhLsiF6HgDa1pFejpNGF
aulGrR5GTNQIhCCcN2fgcwGsAzs2BjxIXt+w0WZ3ptf2xhBo00xfl8k7EKeObiy+
OKGu78feAS/0n1WMKXhXCrYaGyVfYTnPAsb86bGCb/bMpKsZ7IbYnaB3DOZmQim1
OLYLefZZ4x1NOmWbso/C00FmQ5v2cOgeejOTeJGOI4fhU4V5RsOOJE9HUP1YnRuM
CYAwiSvSXgM+Hdeo5OJIqkg9OAkqQ0y85oqTuaKjXXlolk9EhAIQUHkgWvA1jdVF
AQora75EySVKviLrBMYgjDRz+pubgA8+TUxFAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUBwBVuwxNNuPATxaGgEpN7gxvA20wHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L0J3QlZ1d3hOTnVQQVR4YUdnRXBON2d4dkEyMC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIxYsgwDQYJKoZIhvcNAQELBQADggEBALLdt+4sdWmtTm3xCtxjijKymeVa
plqw26NKyUuCn4LYZWywKMsW7kHQ7+e0Hq0fABDrmFLYtpyTk6LDToIZFY4dkg/5
mu5TALFx3nGbqmvrKtWg1AAsgeL/dTUR5Rzd7MQ/41YpEtV5GefTtbV7S3WBLUk4
ytnYqB+8kSPbsPOfaHtyv66NaSb/Eh/GP2g4HkyQCAnMCqP8Ghrvjk5JvX1QomQS
It5Dbof9+pmCkSEg8HHZunVkhi8pOXtHfc6Q1hVT0XNolI1Wds4yWKQVu0Lm5IXv
BzjkBUmKFSmtxZglcu8S57yKI/V2eCaPX69z6rWLi0zdS7wkMA9VjUnsA4I=
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:57:20 2024 by rpki-client on console-fra.rpki-client.org