Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/DfShjETYZAy6HnTK8uTAhz8gihw.roa
File:                     DfShjETYZAy6HnTK8uTAhz8gihw.roa (raw, json)
Hash identifier:          KV/B0WhR5TE2RoX3ihjew+tYblooIKUXPQtfHgItCt0=
Subject key identifier:   0D:F4:A1:8C:44:D8:64:0C:BA:1E:74:CA:F2:E4:C0:87:3F:20:8A:1C
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0807
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/DfShjETYZAy6HnTK8uTAhz8gihw.roa
Signing time:             Tue 30 Apr 2024 02:12:22 +0000
ROA not before:           Tue 30 Apr 2024 02:12:22 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        211.14.78.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2055 (0x807)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 02:12:22 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=0DF4A18C44D8640CBA1E74CAF2E4C0873F208A1C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:9e:2e:9e:2b:a7:f2:7e:3c:46:36:6b:c1:9f:
                    16:e0:12:7d:ea:e3:4c:10:2b:14:49:77:5d:70:07:
                    e4:56:e4:dd:63:d5:a3:a4:0d:2d:33:da:30:5a:98:
                    58:6f:9c:41:08:20:2f:7d:ef:0c:64:50:58:1f:ee:
                    ed:11:66:ae:0f:d3:7a:da:d5:2e:71:06:e3:1d:9e:
                    a6:93:f1:9f:11:85:48:85:d7:b8:8b:b1:0a:32:7d:
                    1d:ad:94:1f:27:07:e8:39:51:f2:38:f0:de:06:a8:
                    80:a0:aa:1c:e0:49:65:84:6c:b8:5d:bf:8b:75:8b:
                    47:83:35:93:74:9e:94:92:97:ca:75:b6:62:1e:89:
                    a2:21:a3:db:74:19:b9:15:2f:86:82:b0:ae:f6:4f:
                    5b:e8:ec:37:c1:72:b3:d5:83:de:22:33:0e:68:b3:
                    be:14:fc:82:d3:ba:8e:b5:9b:31:43:85:94:4d:9b:
                    22:77:51:50:91:aa:1a:60:de:72:95:1c:0d:40:26:
                    e8:ac:f1:21:38:5f:1f:33:d3:28:d7:d6:e6:55:23:
                    a7:70:02:3b:59:55:5f:fb:dc:53:87:f0:27:3e:e7:
                    17:cd:f3:79:85:39:cb:4b:06:36:82:e8:51:6e:f3:
                    9a:e3:d4:39:54:fd:8a:ea:e9:ce:b0:e7:04:d3:11:
                    3d:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:F4:A1:8C:44:D8:64:0C:BA:1E:74:CA:F2:E4:C0:87:3F:20:8A:1C
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/DfShjETYZAy6HnTK8uTAhz8gihw.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  211.14.78.0/23

    Signature Algorithm: sha256WithRSAEncryption
         04:37:ad:d6:1e:96:74:c9:8a:46:2e:91:22:74:69:c3:b5:8c:
         df:a6:b4:a8:93:34:bf:b7:72:3f:6b:a2:41:5d:12:49:bb:79:
         ad:9b:2b:0e:d1:6d:86:d8:bb:46:96:a8:ff:ab:2a:e8:c6:b0:
         fa:fb:4e:f8:04:a3:62:6a:0d:21:fa:34:ae:ad:73:b6:f5:d5:
         c9:42:db:09:4d:5f:dc:98:a5:56:ef:7b:b4:ed:74:e5:8e:85:
         13:d2:b9:e9:62:b6:79:37:2a:b9:3e:ab:65:cb:13:b7:60:fc:
         75:5d:b9:39:48:a2:18:4b:8f:fc:10:d8:f7:dd:d1:f3:ae:0e:
         94:1c:a8:d0:28:7d:03:98:79:e3:e4:0b:19:b6:27:c1:03:14:
         53:8a:1a:f9:6b:d4:e7:04:9e:05:49:ae:56:0b:85:bf:ac:b7:
         a4:ed:b0:36:41:89:81:af:fd:a7:77:f4:58:da:0d:53:c2:94:
         3b:87:78:45:80:25:c6:f8:35:a1:dc:1a:a0:62:d0:de:b1:58:
         24:04:17:29:ea:62:6e:41:a1:87:d0:9a:b7:d1:bb:1e:e1:ad:
         b4:83:0b:9f:b7:bb:d3:ac:fc:20:6c:40:12:05:df:ba:22:8f:
         33:33:9f:1e:0a:77:25:91:b9:63:87:1b:a2:3d:79:c2:f3:dd:
         04:e5:9e:85
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICCAcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MjEyMjJaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDBERjRBMThDNDREODY0
MENCQTFFNzRDQUYyRTRDMDg3M0YyMDhBMUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJni6eK6fyfjxGNmvBnxbgEn3q40wQKxRJd11wB+RW5N1j1aOk
DS0z2jBamFhvnEEIIC997wxkUFgf7u0RZq4P03ra1S5xBuMdnqaT8Z8RhUiF17iL
sQoyfR2tlB8nB+g5UfI48N4GqICgqhzgSWWEbLhdv4t1i0eDNZN0npSSl8p1tmIe
iaIho9t0GbkVL4aCsK72T1vo7DfBcrPVg94iMw5os74U/ILTuo61mzFDhZRNmyJ3
UVCRqhpg3nKVHA1AJuis8SE4Xx8z0yjX1uZVI6dwAjtZVV/73FOH8Cc+5xfN83mF
OctLBjaC6FFu85rj1DlU/Yrq6c6w5wTTET1fAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUDfShjETYZAy6HnTK8uTAhz8gihwwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L0RmU2hqRVRZWkF5NkhuVEs4dVRBaHo4Z2lody5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAHTDk4wDQYJKoZIhvcNAQELBQADggEBAAQ3rdYelnTJikYukSJ0acO1jN+m
tKiTNL+3cj9rokFdEkm7ea2bKw7RbYbYu0aWqP+rKujGsPr7TvgEo2JqDSH6NK6t
c7b11clC2wlNX9yYpVbve7TtdOWOhRPSuelitnk3Krk+q2XLE7dg/HVduTlIohhL
j/wQ2Pfd0fOuDpQcqNAofQOYeePkCxm2J8EDFFOKGvlr1OcEngVJrlYLhb+st6Tt
sDZBiYGv/ad39FjaDVPClDuHeEWAJcb4NaHcGqBi0N6xWCQEFynqYm5BoYfQmrfR
ux7hrbSDC5+3u9Os/CBsQBIF37oijzMznx4KdyWRuWOHG6I9ecLz3QTlnoU=
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:57:21 2024 by rpki-client on console-fra.rpki-client.org