Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/DVnxyQpEBSKvf0rTK7zSbGnbBE8.roa
File:                     DVnxyQpEBSKvf0rTK7zSbGnbBE8.roa (raw, json)
Hash identifier:          hLc3KxbHtVll9gWUrXrF1dnhCfGLydtOkoUuZwsdwGs=
Subject key identifier:   0D:59:F1:C9:0A:44:05:22:AF:7F:4A:D3:2B:BC:D2:6C:69:DB:04:4F
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       07F8
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/DVnxyQpEBSKvf0rTK7zSbGnbBE8.roa
Signing time:             Tue 30 Apr 2024 02:10:40 +0000
ROA not before:           Tue 30 Apr 2024 02:10:40 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        183.74.240.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 14:09:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2040 (0x7f8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 02:10:40 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=0D59F1C90A440522AF7F4AD32BBCD26C69DB044F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:5e:03:96:03:53:6e:d8:9b:22:e5:14:d9:cb:
                    8a:7f:79:34:f7:08:a0:c5:3a:9f:98:79:81:09:59:
                    42:dc:a0:13:5c:b8:10:d3:81:cd:e3:5c:af:e4:4a:
                    b3:13:f7:8c:e5:c2:00:bd:34:04:11:d1:c4:2f:13:
                    5b:6b:14:75:83:aa:79:b4:2e:57:f7:cf:9d:6c:68:
                    cd:e6:96:66:f5:dd:5d:fb:2c:28:6d:c5:01:1b:bf:
                    9f:c2:00:49:df:73:8d:f3:65:5c:58:ab:1c:8f:e0:
                    fe:7a:3b:98:29:51:16:ee:3a:30:58:bc:06:0b:63:
                    f8:aa:e3:d6:ba:9e:6c:ef:b1:d5:cb:f6:c4:9b:cd:
                    f8:23:d9:ca:02:ca:55:72:7a:39:85:e9:d0:6b:b6:
                    79:ff:c5:af:76:32:fe:88:b2:7f:8e:9c:91:55:99:
                    0a:ac:48:c3:ea:b4:50:19:de:8d:27:cc:6f:71:5e:
                    75:08:94:6e:e2:84:e9:00:f5:5d:38:19:1f:9c:2d:
                    a5:2f:a4:5f:56:74:fb:a8:0c:03:21:1e:06:15:09:
                    6d:5f:5e:a3:b1:e1:5e:9a:28:bd:77:49:62:4b:ad:
                    9f:f5:b9:4e:e2:0a:dd:7c:f6:03:80:ea:fa:fb:3b:
                    c9:9f:48:7c:aa:79:3f:05:7d:11:2a:d5:83:5f:b3:
                    3f:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:59:F1:C9:0A:44:05:22:AF:7F:4A:D3:2B:BC:D2:6C:69:DB:04:4F
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/DVnxyQpEBSKvf0rTK7zSbGnbBE8.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  183.74.240.0/21

    Signature Algorithm: sha256WithRSAEncryption
         0d:54:17:6c:38:87:6f:e2:fb:8a:1c:19:60:8d:57:b7:42:19:
         34:28:5a:68:a6:93:d9:59:86:ca:fd:44:d2:14:52:50:0f:97:
         8a:2a:d0:b0:f1:4f:7f:f0:44:e4:83:7e:b0:70:6e:e6:5a:79:
         66:0c:b0:22:cf:9e:5d:45:d6:56:2f:e4:3f:28:59:d5:09:30:
         5a:1c:2d:2d:bb:46:0e:e0:6f:b3:bb:40:e1:b8:63:e1:55:00:
         fd:f3:9a:9d:06:aa:2c:0b:5a:6c:c3:19:09:5b:f3:67:5f:f7:
         2c:c8:4d:5b:87:df:85:15:5f:f5:2b:2f:4d:9e:21:de:41:1f:
         51:69:4c:e2:a3:ab:e0:0e:f1:23:48:72:d2:11:0d:6a:09:51:
         a7:77:95:0e:5d:56:ba:43:61:de:ac:2c:b3:17:fb:be:52:d0:
         e8:01:0d:78:cc:01:22:fc:d5:ef:07:cb:84:19:ec:c3:ea:05:
         08:8b:34:6b:da:65:69:20:9f:d7:f8:8a:08:78:a2:13:07:a7:
         c7:fd:68:c6:b5:c2:18:16:34:e5:59:0e:86:22:65:02:6f:22:
         24:85:a7:bb:14:db:d0:84:cc:cf:56:9c:87:44:60:22:90:01:
         83:9d:fa:70:d4:05:2a:3e:eb:ab:94:ce:44:ba:50:db:95:da:
         e4:ff:d8:ff
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICB/gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MjEwNDBaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDBENTlGMUM5MEE0NDA1
MjJBRjdGNEFEMzJCQkNEMjZDNjlEQjA0NEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDoXgOWA1Nu2Jsi5RTZy4p/eTT3CKDFOp+YeYEJWULcoBNcuBDT
gc3jXK/kSrMT94zlwgC9NAQR0cQvE1trFHWDqnm0Llf3z51saM3mlmb13V37LCht
xQEbv5/CAEnfc43zZVxYqxyP4P56O5gpURbuOjBYvAYLY/iq49a6nmzvsdXL9sSb
zfgj2coCylVyejmF6dBrtnn/xa92Mv6Isn+OnJFVmQqsSMPqtFAZ3o0nzG9xXnUI
lG7ihOkA9V04GR+cLaUvpF9WdPuoDAMhHgYVCW1fXqOx4V6aKL13SWJLrZ/1uU7i
Ct189gOA6vr7O8mfSHyqeT8FfREq1YNfsz+jAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUDVnxyQpEBSKvf0rTK7zSbGnbBE8wHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L0RWbnh5UXBFQlNLdmYwclRLN3pTYkduYkJFOC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAO3SvAwDQYJKoZIhvcNAQELBQADggEBAA1UF2w4h2/i+4ocGWCNV7dCGTQo
Wmimk9lZhsr9RNIUUlAPl4oq0LDxT3/wROSDfrBwbuZaeWYMsCLPnl1F1lYv5D8o
WdUJMFocLS27Rg7gb7O7QOG4Y+FVAP3zmp0GqiwLWmzDGQlb82df9yzITVuH34UV
X/UrL02eId5BH1FpTOKjq+AO8SNIctIRDWoJUad3lQ5dVrpDYd6sLLMX+75S0OgB
DXjMASL81e8Hy4QZ7MPqBQiLNGvaZWkgn9f4igh4ohMHp8f9aMa1whgWNOVZDoYi
ZQJvIiSFp7sU29CEzM9WnIdEYCKQAYOd+nDUBSo+66uUzkS6UNuV2uT/2P8=
-----END CERTIFICATE-----
Generated at Mon Jun 17 11:41:35 2024 by rpki-client on console-ams.rpki-client.org