Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/ElsbCbDUJgQfV0pH3KGpSUKkESw.roa
File:                     ElsbCbDUJgQfV0pH3KGpSUKkESw.roa (raw, json)
Hash identifier:          I9PAKmujas0gTavcrFQ6MvMS29NsNjUOFy/L2itXQBA=
Subject key identifier:   12:5B:1B:09:B0:D4:26:04:1F:57:4A:47:DC:A1:A9:49:42:A4:11:2C
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       05C4
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/ElsbCbDUJgQfV0pH3KGpSUKkESw.roa
Signing time:             Tue 16 Jan 2024 05:31:52 +0000
ROA not before:           Tue 16 Jan 2024 05:31:52 +0000
ROA not after:            Tue 14 Jan 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        49.109.192.0/20 maxlen: 20

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1476 (0x5c4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jan 16 05:31:52 2024 GMT
            Not After : Jan 14 01:30:02 2025 GMT
        Subject: CN=125B1B09B0D426041F574A47DCA1A94942A4112C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:2a:5e:34:cf:fd:1e:35:f9:a8:e0:2d:5e:6e:
                    7c:e5:93:39:f6:15:99:11:a2:d0:2e:5d:65:6a:4e:
                    9d:a0:9a:96:69:b6:bc:77:81:b2:6c:dd:a4:1c:66:
                    c4:e3:2f:22:9e:f2:66:8a:8c:38:ab:5b:dd:83:f1:
                    22:a6:30:db:76:68:6d:39:bc:48:a8:f2:7d:ec:a1:
                    db:fa:71:4b:6a:60:bd:79:57:20:c6:59:58:65:1b:
                    f1:a1:66:4e:0f:7c:da:51:ea:b6:f4:c8:b9:c8:c2:
                    fd:bf:e0:c8:81:0a:bc:e5:82:3e:b4:aa:f6:77:6b:
                    c2:21:19:d4:6b:4f:51:ad:d3:99:76:21:df:98:d6:
                    5d:19:71:01:17:5f:43:f5:30:5c:e1:8a:76:ce:8f:
                    a4:e3:fb:0d:35:37:ac:31:72:f7:b1:d0:ba:70:9d:
                    34:5f:75:64:74:4b:3c:eb:62:c6:d0:e3:1b:23:cb:
                    83:74:8c:6f:3b:e7:de:81:31:9d:73:c1:ba:a8:3c:
                    a6:9d:c5:a1:5a:dd:ca:fa:82:c5:b8:b5:ef:18:4e:
                    5e:40:3e:bf:f4:ce:37:40:2f:53:9c:91:e6:d9:4d:
                    2c:c8:8e:35:b1:38:f7:20:7b:b4:10:12:24:0d:74:
                    08:9e:30:b6:a1:99:b4:2c:2f:84:1e:27:21:f8:69:
                    e4:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:5B:1B:09:B0:D4:26:04:1F:57:4A:47:DC:A1:A9:49:42:A4:11:2C
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/ElsbCbDUJgQfV0pH3KGpSUKkESw.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.109.192.0/20

    Signature Algorithm: sha256WithRSAEncryption
         56:af:11:35:f0:ff:f9:82:4b:77:9c:78:3d:d1:d1:2e:30:13:
         0d:c1:17:76:c1:c6:eb:d6:16:bd:e8:a1:70:3c:db:92:33:96:
         6f:a2:e8:8f:03:06:63:0d:a0:b6:45:77:af:52:aa:b2:df:6c:
         ea:cc:a9:42:1d:cf:c6:36:9e:0a:08:5f:dd:8c:3d:94:1d:ea:
         d0:98:6d:33:23:8d:36:4c:6b:36:03:ff:94:c1:7c:48:6a:c7:
         18:35:8b:6f:63:57:7a:19:4f:06:50:8a:ea:f9:5c:d1:1d:90:
         50:96:64:50:5d:d0:63:46:cc:e2:95:32:a9:2d:a4:5b:25:91:
         c8:93:77:3b:d9:37:d1:77:1b:db:63:74:7c:65:9d:e1:fb:a2:
         e6:0f:83:12:41:04:35:41:ed:90:3d:01:54:4e:f3:8f:a0:04:
         f4:c9:36:9c:72:c7:8e:15:0b:e7:50:88:69:20:fe:df:18:ea:
         c6:92:40:77:11:45:fe:97:58:ce:6b:18:82:20:2b:df:1c:44:
         ec:82:3f:6c:2f:ee:95:69:b4:8a:bb:e7:da:52:c9:ed:fb:5b:
         cb:e5:9d:85:51:a8:ad:5d:ec:0f:18:3a:61:82:49:ec:d0:48:
         fa:b8:69:72:0c:e6:41:e0:1e:ab:13:f4:ff:bb:8e:9b:ce:ec:
         de:62:fc:4c
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBcQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDAxMTYw
NTMxNTJaFw0yNTAxMTQwMTMwMDJaMDMxMTAvBgNVBAMTKDEyNUIxQjA5QjBENDI2
MDQxRjU3NEE0N0RDQTFBOTQ5NDJBNDExMkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtKl40z/0eNfmo4C1ebnzlkzn2FZkRotAuXWVqTp2gmpZptrx3
gbJs3aQcZsTjLyKe8maKjDirW92D8SKmMNt2aG05vEio8n3sodv6cUtqYL15VyDG
WVhlG/GhZk4PfNpR6rb0yLnIwv2/4MiBCrzlgj60qvZ3a8IhGdRrT1Gt05l2Id+Y
1l0ZcQEXX0P1MFzhinbOj6Tj+w01N6wxcvex0LpwnTRfdWR0SzzrYsbQ4xsjy4N0
jG87596BMZ1zwbqoPKadxaFa3cr6gsW4te8YTl5APr/0zjdAL1OckebZTSzIjjWx
OPcge7QQEiQNdAieMLahmbQsL4QeJyH4aeTBAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUElsbCbDUJgQfV0pH3KGpSUKkESwwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L0Vsc2JDYkRVSmdRZlYwcEgzS0dwU1VLa0VTdy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQxbcAwDQYJKoZIhvcNAQELBQADggEBAFavETXw//mCS3eceD3R0S4wEw3B
F3bBxuvWFr3ooXA825Izlm+i6I8DBmMNoLZFd69SqrLfbOrMqUIdz8Y2ngoIX92M
PZQd6tCYbTMjjTZMazYD/5TBfEhqxxg1i29jV3oZTwZQiur5XNEdkFCWZFBd0GNG
zOKVMqktpFslkciTdzvZN9F3G9tjdHxlneH7ouYPgxJBBDVB7ZA9AVRO84+gBPTJ
Npxyx44VC+dQiGkg/t8Y6saSQHcRRf6XWM5rGIIgK98cROyCP2wv7pVptIq759pS
ye37W8vlnYVRqK1d7A8YOmGCSezQSPq4aXIM5kHgHqsT9P+7jpvO7N5i/Ew=
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:31:52 2024 by rpki-client on console-ams.rpki-client.org