Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/Ik-kKCKCKt5uFi_8oO4fqmUNZF0.roa
File:                     Ik-kKCKCKt5uFi_8oO4fqmUNZF0.roa (raw, json)
Hash identifier:          kT5kWk1ZvwVyftzXe9BMdGNWUZnogsewE+OTmHU8aA4=
Subject key identifier:   22:4F:A4:28:22:82:2A:DE:6E:16:2F:FC:A0:EE:1F:AA:65:0D:64:5D
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       04A9
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/Ik-kKCKCKt5uFi_8oO4fqmUNZF0.roa
Signing time:             Thu 27 Jul 2023 16:46:15 +0000
ROA not before:           Thu 27 Jul 2023 16:46:15 +0000
ROA not after:            Sun 14 Jul 2024 01:30:03 +0000
asID:                     9605
IP address blocks:        219.114.188.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1193 (0x4a9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jul 27 16:46:15 2023 GMT
            Not After : Jul 14 01:30:03 2024 GMT
        Subject: CN=224FA42822822ADE6E162FFCA0EE1FAA650D645D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:ef:75:6c:f5:32:8d:18:35:d2:45:3f:59:b0:
                    65:26:52:8a:43:0c:3b:51:4c:fd:c2:4d:5e:b2:2a:
                    3b:2e:d8:50:24:20:66:80:ac:f2:ff:d5:9c:00:76:
                    c1:3e:e9:40:20:e5:b6:4b:e9:36:23:66:3d:1e:3f:
                    d0:72:fd:8c:4d:fb:db:fe:53:70:67:ef:87:cf:10:
                    51:c0:4d:bd:a2:a7:89:97:ca:27:17:65:c3:a4:04:
                    08:76:42:71:15:e3:6f:c6:cf:cb:6b:f9:b9:a9:82:
                    dc:ba:9a:80:c7:db:1c:aa:e0:2e:6d:33:4c:c3:76:
                    80:49:e3:f1:9b:63:0c:21:24:54:0b:22:12:5e:f9:
                    64:00:2c:f4:32:19:b1:fc:5a:c9:9d:71:3f:c3:fa:
                    4a:21:93:c8:6d:fd:5e:4f:c5:b4:3c:67:25:c1:09:
                    38:af:66:93:c9:9f:c8:dc:97:a5:06:79:6d:83:d2:
                    f1:0a:ae:f2:25:47:4a:11:b0:c3:bf:82:41:45:c5:
                    f5:f6:0e:be:51:6e:86:0c:66:4d:d9:1c:e3:8b:5e:
                    b5:b8:1a:e8:e5:11:9b:9a:b9:b8:ea:37:fb:47:98:
                    55:68:bf:33:d9:14:90:b3:02:e2:87:0c:06:71:15:
                    38:e5:6f:77:bf:47:75:b1:bf:4c:88:95:de:5e:5b:
                    f6:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:4F:A4:28:22:82:2A:DE:6E:16:2F:FC:A0:EE:1F:AA:65:0D:64:5D
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/Ik-kKCKCKt5uFi_8oO4fqmUNZF0.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  219.114.188.0/23

    Signature Algorithm: sha256WithRSAEncryption
         97:13:c9:c7:ce:03:95:d8:51:d0:3a:c5:63:69:b4:1b:65:ef:
         73:8c:e8:45:fa:97:cb:e8:f0:49:da:f5:b0:ee:e9:a1:63:92:
         55:52:11:68:a9:8e:73:c3:d3:fb:22:85:14:1d:65:56:a2:ea:
         f9:c4:9e:6b:b2:13:e0:8a:09:db:7b:e2:b8:a7:ad:e3:10:91:
         93:50:c9:f3:14:f2:48:5b:d4:bc:82:32:fd:f5:34:6e:b7:1a:
         13:5a:20:62:83:19:cc:eb:a8:9e:a7:63:62:1f:2b:69:5a:3f:
         9d:71:82:cc:0c:40:21:fa:b8:33:a4:44:9c:9b:9e:3d:5c:6a:
         f6:5c:d5:d0:12:fe:de:75:4b:c1:5f:15:22:df:80:11:2c:4b:
         97:6b:4c:1b:4a:97:63:82:c6:d5:89:e1:28:33:fc:97:01:60:
         68:66:f9:72:a0:5d:e5:21:77:08:65:12:c9:27:63:78:b2:08:
         2e:8d:74:9e:69:14:e6:8f:cb:d5:4f:09:4c:e1:0c:a9:59:73:
         b3:14:20:cf:07:c8:47:65:21:9e:66:ce:04:2a:35:b8:d2:96:
         6e:1d:01:c8:de:36:a8:4f:40:ff:07:2f:11:33:bd:c1:87:5d:
         1a:68:18:52:03:3c:41:fe:7f:e1:c2:87:7d:53:4f:2e:5f:c4:
         b7:31:fc:e0
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBKkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA3Mjcx
NjQ2MTVaFw0yNDA3MTQwMTMwMDNaMDMxMTAvBgNVBAMTKDIyNEZBNDI4MjI4MjJB
REU2RTE2MkZGQ0EwRUUxRkFBNjUwRDY0NUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC973Vs9TKNGDXSRT9ZsGUmUopDDDtRTP3CTV6yKjsu2FAkIGaA
rPL/1ZwAdsE+6UAg5bZL6TYjZj0eP9By/YxN+9v+U3Bn74fPEFHATb2ip4mXyicX
ZcOkBAh2QnEV42/Gz8tr+bmpgty6moDH2xyq4C5tM0zDdoBJ4/GbYwwhJFQLIhJe
+WQALPQyGbH8WsmdcT/D+kohk8ht/V5PxbQ8ZyXBCTivZpPJn8jcl6UGeW2D0vEK
rvIlR0oRsMO/gkFFxfX2Dr5RboYMZk3ZHOOLXrW4GujlEZuaubjqN/tHmFVovzPZ
FJCzAuKHDAZxFTjlb3e/R3Wxv0yIld5eW/bfAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUIk+kKCKCKt5uFi/8oO4fqmUNZF0wHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L0lrLWtLQ0tDS3Q1dUZpXzhvTzRmcW1VTlpGMC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAHbcrwwDQYJKoZIhvcNAQELBQADggEBAJcTycfOA5XYUdA6xWNptBtl73OM
6EX6l8vo8Ena9bDu6aFjklVSEWipjnPD0/sihRQdZVai6vnEnmuyE+CKCdt74rin
reMQkZNQyfMU8khb1LyCMv31NG63GhNaIGKDGczrqJ6nY2IfK2laP51xgswMQCH6
uDOkRJybnj1cavZc1dAS/t51S8FfFSLfgBEsS5drTBtKl2OCxtWJ4Sgz/JcBYGhm
+XKgXeUhdwhlEsknY3iyCC6NdJ5pFOaPy9VPCUzhDKlZc7MUIM8HyEdlIZ5mzgQq
NbjSlm4dAcjeNqhPQP8HLxEzvcGHXRpoGFIDPEH+f+HCh31TTy5fxLcx/OA=
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:31:52 2024 by rpki-client on console-ams.rpki-client.org