Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/HnaHbfz5Ip4UnM_mgtbvTJ2_Efs.roa
File:                     HnaHbfz5Ip4UnM_mgtbvTJ2_Efs.roa (raw, json)
Hash identifier:          O9lJGOs+REhy4sFOgeo1M6zXarcRbKsdhDOin5DDtbs=
Subject key identifier:   1E:76:87:6D:FC:F9:22:9E:14:9C:CF:E6:82:D6:EF:4C:9D:BF:11:FB
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       07BF
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/HnaHbfz5Ip4UnM_mgtbvTJ2_Efs.roa
Signing time:             Tue 30 Apr 2024 02:08:44 +0000
ROA not before:           Tue 30 Apr 2024 02:08:44 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        110.163.21.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 01:30:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1983 (0x7bf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 02:08:44 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=1E76876DFCF9229E149CCFE682D6EF4C9DBF11FB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:34:7e:08:89:50:45:b6:61:31:d1:d4:02:83:
                    d9:d6:ed:f0:24:d1:81:0b:4c:9f:09:7c:96:30:2b:
                    d4:ca:48:d5:73:cb:c4:44:41:31:8a:ed:a1:14:ef:
                    92:31:e8:71:2b:f5:57:d6:7f:43:40:a6:9a:bc:40:
                    6a:f9:8e:b7:88:7b:29:21:f2:2d:48:25:52:78:29:
                    74:9f:bd:f0:7f:b9:a8:56:e6:5a:1a:87:88:17:ca:
                    ab:52:8c:69:11:59:bb:ad:b9:2d:06:34:fd:40:8a:
                    57:cd:e8:c9:08:09:1e:42:1d:ca:0c:9a:36:bf:85:
                    f3:5b:a6:85:59:33:d9:85:2a:6c:29:2a:e6:12:e9:
                    04:ee:e7:c9:2f:a4:1e:d8:62:a5:82:4a:72:16:25:
                    0c:70:7b:f0:6e:46:00:1c:67:73:8e:60:4a:5b:a5:
                    7a:79:67:5f:b4:14:da:30:40:31:38:d0:bd:87:44:
                    31:a8:bd:95:4e:6e:7c:2f:97:61:8b:3b:43:f4:cc:
                    da:57:23:30:0e:95:3f:0b:3a:93:e8:cd:d9:6b:a7:
                    f5:62:fe:99:db:e2:48:41:a1:0d:f4:08:5d:9d:de:
                    31:77:3a:cb:75:6b:4a:01:a9:a2:b4:92:3a:1e:48:
                    27:5b:c5:e0:49:14:53:f2:f7:df:cb:df:a2:04:84:
                    83:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:76:87:6D:FC:F9:22:9E:14:9C:CF:E6:82:D6:EF:4C:9D:BF:11:FB
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/HnaHbfz5Ip4UnM_mgtbvTJ2_Efs.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  110.163.21.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:f5:dc:d8:0c:b0:40:76:7d:b7:69:46:f1:c3:30:1d:32:22:
         1a:61:24:dc:9d:6a:d2:b4:b9:a6:7b:c4:50:2a:62:bc:19:ec:
         52:25:d9:cf:dd:1a:c5:3a:a3:e8:73:c3:98:20:66:11:54:80:
         8f:1c:5c:42:66:bc:e6:75:35:a8:15:77:2c:af:c1:cb:a4:bd:
         23:41:1a:c3:71:98:c2:a4:80:c0:7e:b3:2a:7d:92:19:4f:5b:
         b1:a0:09:7e:2d:43:d4:1f:a1:b3:b2:ac:03:1f:b6:c1:2f:d1:
         f8:29:d4:70:c0:a5:32:c0:ee:9f:8e:f3:ac:34:80:a3:bb:eb:
         40:e0:68:75:d4:0b:cd:c4:91:9a:2e:83:02:2c:01:c6:82:9a:
         16:73:58:57:d9:b8:af:c8:81:43:d3:9f:9c:1c:bc:2d:17:e9:
         6c:eb:e5:4e:13:91:8b:0f:7b:e3:cd:ba:bc:a4:50:43:fd:32:
         5f:3d:ab:c9:a7:8b:a2:a5:26:a6:a3:d0:46:f4:61:86:2f:75:
         40:dd:c5:10:86:4b:59:fb:18:6e:68:57:73:86:83:6b:fd:d4:
         e3:bb:03:91:d5:37:60:e1:18:96:23:0e:39:5d:6b:e5:01:8e:
         fe:93:b3:df:19:1e:61:79:5d:df:46:29:15:93:20:51:3b:79:
         5b:8d:f8:df
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICB78wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MjA4NDRaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDFFNzY4NzZERkNGOTIy
OUUxNDlDQ0ZFNjgyRDZFRjRDOURCRjExRkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCbNH4IiVBFtmEx0dQCg9nW7fAk0YELTJ8JfJYwK9TKSNVzy8RE
QTGK7aEU75Ix6HEr9VfWf0NAppq8QGr5jreIeykh8i1IJVJ4KXSfvfB/uahW5loa
h4gXyqtSjGkRWbutuS0GNP1AilfN6MkICR5CHcoMmja/hfNbpoVZM9mFKmwpKuYS
6QTu58kvpB7YYqWCSnIWJQxwe/BuRgAcZ3OOYEpbpXp5Z1+0FNowQDE40L2HRDGo
vZVObnwvl2GLO0P0zNpXIzAOlT8LOpPozdlrp/Vi/pnb4khBoQ30CF2d3jF3Ost1
a0oBqaK0kjoeSCdbxeBJFFPy99/L36IEhIOlAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUHnaHbfz5Ip4UnM/mgtbvTJ2/EfswHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L0huYUhiZno1SXA0VW5NX21ndGJ2VEoyX0Vmcy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABuoxUwDQYJKoZIhvcNAQELBQADggEBACD13NgMsEB2fbdpRvHDMB0yIhph
JNydatK0uaZ7xFAqYrwZ7FIl2c/dGsU6o+hzw5ggZhFUgI8cXEJmvOZ1NagVdyyv
wcukvSNBGsNxmMKkgMB+syp9khlPW7GgCX4tQ9QfobOyrAMftsEv0fgp1HDApTLA
7p+O86w0gKO760DgaHXUC83EkZougwIsAcaCmhZzWFfZuK/IgUPTn5wcvC0X6Wzr
5U4TkYsPe+PNurykUEP9Ml89q8mni6KlJqaj0Eb0YYYvdUDdxRCGS1n7GG5oV3OG
g2v91OO7A5HVN2DhGJYjDjlda+UBjv6Ts98ZHmF5Xd9GKRWTIFE7eVuN+N8=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:01:41 2024 by rpki-client on console-fra.rpki-client.org