Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/FeWfCVjrrAjyWbretkHfrfF6990.roa
File:                     FeWfCVjrrAjyWbretkHfrfF6990.roa (raw, json)
Hash identifier:          WoA4pHRgvyC97644e5mOQCYt5jn+9l0JHmcQo0NkDZk=
Subject key identifier:   15:E5:9F:09:58:EB:AC:08:F2:59:BA:DE:B6:41:DF:AD:F1:7A:F7:DD
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       08C1
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/FeWfCVjrrAjyWbretkHfrfF6990.roa
Signing time:             Tue 30 Apr 2024 02:24:34 +0000
ROA not before:           Tue 30 Apr 2024 02:24:34 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        1.79.104.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2241 (0x8c1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 02:24:34 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=15E59F0958EBAC08F259BADEB641DFADF17AF7DD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:73:88:36:6b:ed:44:70:6e:1e:4b:57:51:d6:
                    b9:7a:1f:85:b7:60:dd:1f:9b:a6:83:fa:45:21:5f:
                    85:75:72:8e:7b:22:99:95:8c:14:a2:60:7b:68:3f:
                    2d:94:06:1d:42:db:13:97:e5:c9:f3:20:f1:0c:53:
                    94:0b:6b:53:52:e2:f9:05:dd:1a:aa:f7:bb:d5:80:
                    91:a0:fd:97:82:2e:fb:10:df:9b:fc:a4:ae:4b:f4:
                    8a:f0:2d:11:09:c8:f8:73:8a:3b:7d:96:43:8c:37:
                    50:d1:83:32:1a:f9:d0:f3:28:35:c0:9c:0c:d6:cd:
                    35:a8:dd:8f:90:05:ec:91:88:32:2f:1d:bf:5f:4c:
                    55:9b:4d:ba:66:e1:4f:18:10:43:ea:50:7c:88:66:
                    6f:9f:7b:7f:ee:a8:95:42:3c:f1:bf:1c:79:70:29:
                    56:6f:3a:e3:6c:61:a4:7b:c7:07:21:8c:e2:be:a7:
                    16:7a:d1:95:6c:78:9a:39:c2:53:26:6e:b1:b7:16:
                    14:de:30:46:f0:d5:6f:57:4d:83:8e:72:32:74:f0:
                    56:31:0f:b1:b3:d7:68:20:8a:89:2f:e1:88:3b:8c:
                    93:d2:fc:76:96:93:67:8a:10:87:ad:7e:17:50:bc:
                    8e:df:21:39:54:93:34:b7:e0:48:f3:37:d4:45:00:
                    2c:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:E5:9F:09:58:EB:AC:08:F2:59:BA:DE:B6:41:DF:AD:F1:7A:F7:DD
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/FeWfCVjrrAjyWbretkHfrfF6990.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.79.104.0/21

    Signature Algorithm: sha256WithRSAEncryption
         11:a3:8d:17:74:14:d8:c3:64:63:56:b2:58:55:b9:20:20:2c:
         06:98:c7:e7:47:5e:be:35:ee:c9:46:e0:31:01:72:53:1b:10:
         fa:67:55:fe:cc:6d:32:e3:1e:d8:0a:13:23:0a:32:a0:73:49:
         4e:7a:9a:8b:b8:ca:da:46:0e:3b:8b:95:a7:3a:b1:22:b4:46:
         a4:d0:54:25:1e:03:a0:22:08:7d:c9:79:fc:5e:1f:e8:1e:6c:
         b9:6d:ec:75:95:6c:65:5b:b6:ac:d9:68:8a:d2:1d:1d:a5:3c:
         99:47:03:45:3f:31:0c:c0:ca:92:26:35:fe:9c:d9:6a:df:6e:
         af:cf:76:68:32:4c:81:c3:df:b6:80:58:03:34:e8:a5:49:eb:
         37:ba:52:7b:54:d2:7c:0b:7d:8b:7e:84:94:15:bc:f8:4b:98:
         0c:c3:68:4f:8c:91:0b:ca:c9:93:10:20:a4:94:26:2b:71:a1:
         84:c8:bd:2f:aa:4e:7f:0a:a1:dd:0d:12:9a:a5:61:93:0f:4b:
         15:83:2c:98:b6:7a:f7:a7:51:62:39:26:ce:52:4f:cc:39:51:
         40:d1:94:f1:7a:28:da:f7:0a:53:af:f6:90:12:04:a2:de:03:
         27:16:d6:42:9b:65:71:64:37:df:a5:51:17:95:7f:cb:74:c3:
         5e:04:98:b1
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICCMEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MjI0MzRaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDE1RTU5RjA5NThFQkFD
MDhGMjU5QkFERUI2NDFERkFERjE3QUY3REQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHc4g2a+1EcG4eS1dR1rl6H4W3YN0fm6aD+kUhX4V1co57IpmV
jBSiYHtoPy2UBh1C2xOX5cnzIPEMU5QLa1NS4vkF3Rqq97vVgJGg/ZeCLvsQ35v8
pK5L9IrwLREJyPhzijt9lkOMN1DRgzIa+dDzKDXAnAzWzTWo3Y+QBeyRiDIvHb9f
TFWbTbpm4U8YEEPqUHyIZm+fe3/uqJVCPPG/HHlwKVZvOuNsYaR7xwchjOK+pxZ6
0ZVseJo5wlMmbrG3FhTeMEbw1W9XTYOOcjJ08FYxD7Gz12ggiokv4Yg7jJPS/HaW
k2eKEIetfhdQvI7fITlUkzS34EjzN9RFACw5AgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUFeWfCVjrrAjyWbretkHfrfF6990wHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L0ZlV2ZDVmpyckFqeVdicmV0a0hmcmZGNjk5MC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMBT2gwDQYJKoZIhvcNAQELBQADggEBABGjjRd0FNjDZGNWslhVuSAgLAaY
x+dHXr417slG4DEBclMbEPpnVf7MbTLjHtgKEyMKMqBzSU56mou4ytpGDjuLlac6
sSK0RqTQVCUeA6AiCH3JefxeH+gebLlt7HWVbGVbtqzZaIrSHR2lPJlHA0U/MQzA
ypImNf6c2Wrfbq/PdmgyTIHD37aAWAM06KVJ6ze6UntU0nwLfYt+hJQVvPhLmAzD
aE+MkQvKyZMQIKSUJitxoYTIvS+qTn8Kod0NEpqlYZMPSxWDLJi2evenUWI5Js5S
T8w5UUDRlPF6KNr3ClOv9pASBKLeAycW1kKbZXFkN9+lUReVf8t0w14EmLE=
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:31:52 2024 by rpki-client on console-ams.rpki-client.org