Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/DXZTfHL9wfnBXihYsvabXebCXaY.roa
File:                     DXZTfHL9wfnBXihYsvabXebCXaY.roa (raw, json)
Hash identifier:          pdWng2HReNcku3p3VZ8i7GqvzLhw7fYQQwtQV7oE7fA=
Subject key identifier:   0D:76:53:7C:72:FD:C1:F9:C1:5E:28:58:B2:F6:9B:5D:E6:C2:5D:A6
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0562
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/DXZTfHL9wfnBXihYsvabXebCXaY.roa
Signing time:             Thu 27 Jul 2023 16:56:19 +0000
ROA not before:           Thu 27 Jul 2023 16:56:19 +0000
ROA not after:            Sun 14 Jul 2024 01:30:03 +0000
asID:                     9605
IP address blocks:        1.76.16.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 01:32:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1378 (0x562)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jul 27 16:56:19 2023 GMT
            Not After : Jul 14 01:30:03 2024 GMT
        Subject: CN=0D76537C72FDC1F9C15E2858B2F69B5DE6C25DA6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:4f:7f:cc:db:b0:c6:92:6e:90:b2:d3:53:14:
                    24:a0:58:f4:d0:9b:b9:01:97:7a:bc:13:e0:f7:60:
                    cc:37:6a:7d:0b:95:80:62:9a:84:e4:cf:b2:35:d7:
                    4e:f5:00:d9:9e:21:6c:43:09:7c:58:df:ca:06:4b:
                    15:33:5c:2a:ff:14:c0:18:0e:3e:de:71:f2:1d:e5:
                    a4:97:a1:3d:3c:80:35:cf:91:56:71:bd:42:97:2c:
                    74:00:61:f4:05:21:7c:26:07:fe:65:6a:e7:01:73:
                    18:85:58:63:e8:91:b2:5d:2d:90:a7:9f:45:6f:29:
                    79:b3:c3:09:3d:47:41:63:19:bf:c6:95:91:19:69:
                    e6:96:8a:24:8b:20:ff:a7:87:ed:8b:d0:0b:90:f6:
                    a3:5b:46:b3:4a:46:3d:c9:20:1b:ae:51:a5:f9:9a:
                    a0:f3:16:85:04:f4:69:62:42:05:74:83:6c:76:ce:
                    c7:46:c1:c7:db:3d:b1:99:19:1d:93:95:77:a0:75:
                    ac:bc:ed:69:f8:34:05:8f:68:3d:c3:87:4b:72:e0:
                    23:b0:ec:bb:fd:f9:85:3f:00:65:db:8f:7a:2a:a2:
                    17:5f:5e:01:af:f5:17:5c:fe:3f:9d:e3:95:df:bb:
                    7e:92:9d:d9:17:fa:af:ac:a8:37:b8:d4:07:f6:c1:
                    c3:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:76:53:7C:72:FD:C1:F9:C1:5E:28:58:B2:F6:9B:5D:E6:C2:5D:A6
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/DXZTfHL9wfnBXihYsvabXebCXaY.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.76.16.0/21

    Signature Algorithm: sha256WithRSAEncryption
         54:b1:44:2f:4c:bc:f4:b3:62:ed:53:60:f9:6c:dd:df:e1:19:
         6d:16:25:40:8d:a1:96:fa:84:a9:e1:fe:79:7c:a0:28:b3:1e:
         5c:1a:a1:06:9e:86:b6:70:3e:97:a8:44:fb:2f:01:f9:5f:41:
         5b:33:f4:76:2b:79:e4:7e:92:d3:9a:75:09:68:e3:3d:98:fb:
         b8:d3:1d:74:fb:bb:7a:9a:5a:4d:31:90:2c:d6:22:71:6e:0f:
         41:a5:26:45:4c:b0:dd:79:01:85:ee:41:e5:ae:6e:47:1f:7b:
         7f:5b:bc:5b:36:14:1b:09:f9:f5:b9:11:4d:7c:55:47:ca:ef:
         a2:f5:1b:e4:a3:94:0f:d9:86:f9:9b:ef:10:b4:a7:a1:18:43:
         08:78:f6:da:6d:f1:e8:36:25:1b:10:1d:ec:73:10:a7:bb:7c:
         7a:11:ef:8d:4d:c8:09:34:7a:e2:9c:e8:09:8d:ab:f5:e5:4e:
         28:8a:6b:6f:b4:88:20:3e:1c:26:4f:99:32:7a:b3:bc:44:59:
         80:27:75:22:61:f2:c0:23:f7:90:14:ec:c8:bc:68:4e:85:e7:
         ed:a8:f6:23:09:41:7f:4a:b7:39:a0:d0:7c:ad:78:79:0d:c0:
         66:8a:5d:a5:25:34:8d:5b:d7:4b:80:51:a9:b8:e8:48:0c:32:
         d1:ef:47:f4
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBWIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA3Mjcx
NjU2MTlaFw0yNDA3MTQwMTMwMDNaMDMxMTAvBgNVBAMTKDBENzY1MzdDNzJGREMx
RjlDMTVFMjg1OEIyRjY5QjVERTZDMjVEQTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+T3/M27DGkm6QstNTFCSgWPTQm7kBl3q8E+D3YMw3an0LlYBi
moTkz7I11071ANmeIWxDCXxY38oGSxUzXCr/FMAYDj7ecfId5aSXoT08gDXPkVZx
vUKXLHQAYfQFIXwmB/5laucBcxiFWGPokbJdLZCnn0VvKXmzwwk9R0FjGb/GlZEZ
aeaWiiSLIP+nh+2L0AuQ9qNbRrNKRj3JIBuuUaX5mqDzFoUE9GliQgV0g2x2zsdG
wcfbPbGZGR2TlXegday87Wn4NAWPaD3Dh0ty4COw7Lv9+YU/AGXbj3oqohdfXgGv
9Rdc/j+d45Xfu36SndkX+q+sqDe41Af2wcMdAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUDXZTfHL9wfnBXihYsvabXebCXaYwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L0RYWlRmSEw5d2ZuQlhpaFlzdmFiWGViQ1hhWS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMBTBAwDQYJKoZIhvcNAQELBQADggEBAFSxRC9MvPSzYu1TYPls3d/hGW0W
JUCNoZb6hKnh/nl8oCizHlwaoQaehrZwPpeoRPsvAflfQVsz9HYreeR+ktOadQlo
4z2Y+7jTHXT7u3qaWk0xkCzWInFuD0GlJkVMsN15AYXuQeWubkcfe39bvFs2FBsJ
+fW5EU18VUfK76L1G+SjlA/Zhvmb7xC0p6EYQwh49tpt8eg2JRsQHexzEKe7fHoR
741NyAk0euKc6AmNq/XlTiiKa2+0iCA+HCZPmTJ6s7xEWYAndSJh8sAj95AU7Mi8
aE6F5+2o9iMJQX9Ktzmg0HyteHkNwGaKXaUlNI1b10uAUam46EgMMtHvR/Q=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:41:53 2024 by rpki-client on console-ams.rpki-client.org