Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/GKoMU7HAHX6ChpdWcaN-I7xQfGY.roa
File:                     GKoMU7HAHX6ChpdWcaN-I7xQfGY.roa (raw, json)
Hash identifier:          Wq4Tw5842hElvdlQAJ+W+qjuz26NC1t2OBHJsD1r864=
Subject key identifier:   18:AA:0C:53:B1:C0:1D:7E:82:86:97:56:71:A3:7E:23:BC:50:7C:66
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0712
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/GKoMU7HAHX6ChpdWcaN-I7xQfGY.roa
Signing time:             Tue 30 Apr 2024 01:52:58 +0000
ROA not before:           Tue 30 Apr 2024 01:52:58 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        49.104.36.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 14:09:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1810 (0x712)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 01:52:58 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=18AA0C53B1C01D7E8286975671A37E23BC507C66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:8b:de:f1:dd:87:c3:fc:59:de:e2:fc:c5:82:
                    f3:f3:da:35:9e:24:24:a8:01:a0:87:7f:77:93:6c:
                    73:69:3d:f3:71:e3:5d:62:35:f5:c1:ca:92:d2:93:
                    17:47:02:40:04:cf:8f:02:7d:d7:d4:dd:ba:7b:37:
                    fb:46:e2:bd:bf:bb:03:97:67:99:ea:62:ea:58:80:
                    ee:cc:0a:59:d2:6f:86:35:d1:6e:03:7d:b0:cb:a3:
                    73:7a:68:07:68:85:dd:9d:e7:5f:84:89:2c:49:2d:
                    21:ed:08:25:68:17:d1:fe:4d:cb:2b:1e:19:e1:26:
                    2f:c6:0c:ed:e4:f6:56:37:5d:e1:85:3d:83:f4:fe:
                    cc:15:b9:1d:e1:89:f0:c5:f2:11:e1:c5:99:42:e4:
                    be:30:bb:f4:af:54:c2:91:f4:a3:0f:c8:0d:72:ed:
                    50:20:57:36:81:cb:df:57:fe:16:fd:5b:3f:34:8f:
                    7f:a9:a7:55:0e:c1:38:fc:93:16:8f:f1:da:3f:00:
                    38:b6:9d:b6:6a:7a:ba:fc:3e:81:00:25:10:2a:d7:
                    78:d6:0f:eb:93:98:89:39:19:9d:20:65:e6:3c:82:
                    52:02:f6:8a:4c:de:95:f8:22:6a:78:0c:a8:b2:ca:
                    0c:bd:c3:9e:ef:5e:1c:06:28:e4:80:1c:2e:53:54:
                    d4:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:AA:0C:53:B1:C0:1D:7E:82:86:97:56:71:A3:7E:23:BC:50:7C:66
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/GKoMU7HAHX6ChpdWcaN-I7xQfGY.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.104.36.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2e:e0:8d:50:3a:6d:f5:03:0e:1c:a1:95:2f:6d:94:6e:34:86:
         88:2c:9a:4e:18:c2:ae:dd:da:7c:22:ad:91:31:53:90:15:24:
         ea:02:5a:a6:71:38:b1:de:22:8f:b0:67:48:65:bc:e8:ee:21:
         26:95:6e:35:c9:b4:ea:bd:cf:99:4b:b9:e4:23:16:0b:2e:7e:
         07:34:60:00:b1:7f:2d:22:99:f1:8c:76:2e:58:de:e9:cd:65:
         44:96:e9:0a:b9:e2:b5:ad:1c:9d:80:05:2f:6d:4f:fa:dd:e9:
         c5:da:a1:e8:b4:15:98:54:fc:f4:20:b7:22:51:b1:37:80:da:
         ac:ff:35:f4:14:ae:d1:03:2d:98:ba:36:c3:ad:67:fc:65:18:
         75:7c:80:9a:2b:67:d5:d6:1e:58:67:8b:3e:8a:10:65:51:c1:
         4a:8f:0b:52:a7:f4:88:4e:49:74:d1:1c:88:c4:6c:c4:6a:8f:
         42:cc:db:61:57:1c:c3:be:f4:07:43:f6:78:9a:21:9a:34:4a:
         5b:08:14:0c:66:c1:cb:c3:26:0c:5b:fa:60:99:43:f4:ef:83:
         7a:83:30:64:53:5c:ef:4f:68:54:e5:88:4e:99:77:2f:27:10:
         b6:0e:ac:52:be:8a:3e:7c:fc:43:87:4b:ae:70:02:f4:cf:04:
         c1:e7:f0:db
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBxIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MTUyNThaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDE4QUEwQzUzQjFDMDFE
N0U4Mjg2OTc1NjcxQTM3RTIzQkM1MDdDNjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbi97x3YfD/Fne4vzFgvPz2jWeJCSoAaCHf3eTbHNpPfNx411i
NfXBypLSkxdHAkAEz48CfdfU3bp7N/tG4r2/uwOXZ5nqYupYgO7MClnSb4Y10W4D
fbDLo3N6aAdohd2d51+EiSxJLSHtCCVoF9H+TcsrHhnhJi/GDO3k9lY3XeGFPYP0
/swVuR3hifDF8hHhxZlC5L4wu/SvVMKR9KMPyA1y7VAgVzaBy99X/hb9Wz80j3+p
p1UOwTj8kxaP8do/ADi2nbZqerr8PoEAJRAq13jWD+uTmIk5GZ0gZeY8glIC9opM
3pX4Imp4DKiyygy9w57vXhwGKOSAHC5TVNSBAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUGKoMU7HAHX6ChpdWcaN+I7xQfGYwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L0dLb01VN0hBSFg2Q2hwZFdjYU4tSTd4UWZHWS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIxaCQwDQYJKoZIhvcNAQELBQADggEBAC7gjVA6bfUDDhyhlS9tlG40hogs
mk4Ywq7d2nwirZExU5AVJOoCWqZxOLHeIo+wZ0hlvOjuISaVbjXJtOq9z5lLueQj
Fgsufgc0YACxfy0imfGMdi5Y3unNZUSW6Qq54rWtHJ2ABS9tT/rd6cXaoei0FZhU
/PQgtyJRsTeA2qz/NfQUrtEDLZi6NsOtZ/xlGHV8gJorZ9XWHlhniz6KEGVRwUqP
C1Kn9IhOSXTRHIjEbMRqj0LM22FXHMO+9AdD9niaIZo0SlsIFAxmwcvDJgxb+mCZ
Q/Tvg3qDMGRTXO9PaFTliE6Zdy8nELYOrFK+ij58/EOHS65wAvTPBMHn8Ns=
-----END CERTIFICATE-----
Generated at Mon Jun 17 11:39:11 2024 by rpki-client on console-fra.rpki-client.org