Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/Il4rcgCnKUoBhsdz_1552gvb2BM.roa
File:                     Il4rcgCnKUoBhsdz_1552gvb2BM.roa (raw, json)
Hash identifier:          3mKxw76cl6SQISWsQ086HWFAo75/CgcG7SDegwrq5fM=
Subject key identifier:   22:5E:2B:72:00:A7:29:4A:01:86:C7:73:FF:5E:79:DA:0B:DB:D8:13
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       06CF
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/Il4rcgCnKUoBhsdz_1552gvb2BM.roa
Signing time:             Tue 30 Apr 2024 01:47:01 +0000
ROA not before:           Tue 30 Apr 2024 01:47:01 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        49.96.24.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1743 (0x6cf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 01:47:01 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=225E2B7200A7294A0186C773FF5E79DA0BDBD813
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:3f:27:94:6f:b9:af:d3:ca:f9:64:80:38:bf:
                    80:32:fb:a6:f7:12:a2:cf:f9:29:a9:e2:e3:13:2a:
                    85:66:93:0c:86:48:4d:cd:19:98:e4:ae:e1:91:ee:
                    e5:fc:b7:55:b2:aa:99:be:89:02:1c:b9:81:35:0e:
                    c8:3e:a4:8c:88:3d:12:16:b0:78:b3:c7:52:e3:88:
                    fd:cb:44:fe:3d:66:bc:c7:8a:91:f3:5a:b6:71:d5:
                    a6:33:38:1c:01:70:65:53:74:85:04:91:0e:92:44:
                    e3:94:e6:9c:13:bd:0f:bc:10:7a:fb:13:c0:16:13:
                    73:4e:51:98:8b:cd:a7:68:f6:90:ec:e9:5f:0f:9a:
                    8e:02:45:52:d0:30:56:e9:08:4c:55:4b:0d:81:1e:
                    85:de:75:ae:31:5f:4a:21:e5:c4:13:2e:28:e4:05:
                    13:8f:a8:c0:b4:48:f0:5b:1a:2f:5e:25:a6:3c:5b:
                    4c:8f:61:8a:5c:ad:83:2c:18:c5:19:02:a7:b2:c3:
                    4c:d3:0e:f7:bc:ea:f1:59:14:1a:b8:79:ff:08:da:
                    e5:a5:c7:8b:97:6c:73:cd:2d:75:04:87:0e:be:af:
                    29:2e:3b:25:0a:64:2c:ee:41:23:c0:27:08:fb:df:
                    f2:d4:33:e6:77:6a:2c:1d:67:d4:a1:f5:2e:5f:70:
                    ad:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:5E:2B:72:00:A7:29:4A:01:86:C7:73:FF:5E:79:DA:0B:DB:D8:13
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/Il4rcgCnKUoBhsdz_1552gvb2BM.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.96.24.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:67:2e:8a:01:9f:b3:25:c5:77:35:4b:6c:03:e5:56:b8:0b:
         c0:be:00:23:89:4e:7a:7e:05:f9:8d:de:bf:59:24:a6:29:f8:
         59:e6:07:0d:b3:bc:51:a5:86:10:f3:84:f8:41:c3:4f:78:98:
         63:7f:e3:20:4c:4b:a0:a0:9d:2f:ee:44:25:71:67:6c:17:90:
         1d:ea:2a:cc:84:d6:48:03:91:76:68:9b:ce:01:80:8d:2c:67:
         1a:f2:5f:51:24:bf:22:cf:8d:5f:95:7b:f9:16:21:fd:70:67:
         db:77:47:00:e4:1b:57:fc:5c:f0:8d:48:ed:e6:a0:a9:13:2f:
         3d:02:b7:18:5e:85:ab:b8:15:5e:3d:80:de:7c:0c:ac:14:55:
         f6:d5:d1:a7:59:2c:b7:f4:5d:f5:9f:1c:32:21:91:06:3f:a0:
         ea:03:2e:53:b2:d7:51:6f:85:8b:37:2a:19:fa:15:e1:9b:a6:
         01:d0:be:35:1c:bd:fd:7b:39:53:4f:45:c7:04:10:a3:d8:b4:
         61:af:25:40:ea:f7:e9:e9:dd:9b:a3:1d:74:13:7f:53:da:86:
         6f:76:0d:ca:b9:85:c3:3b:99:41:8f:94:1c:3a:b1:7d:6a:3a:
         a1:3e:bc:7e:65:75:46:96:6f:47:f1:35:b9:a3:35:14:28:ba:
         c3:88:1f:4c
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBs8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MTQ3MDFaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDIyNUUyQjcyMDBBNzI5
NEEwMTg2Qzc3M0ZGNUU3OURBMEJEQkQ4MTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDyPyeUb7mv08r5ZIA4v4Ay+6b3EqLP+Smp4uMTKoVmkwyGSE3N
GZjkruGR7uX8t1Wyqpm+iQIcuYE1Dsg+pIyIPRIWsHizx1LjiP3LRP49ZrzHipHz
WrZx1aYzOBwBcGVTdIUEkQ6SROOU5pwTvQ+8EHr7E8AWE3NOUZiLzado9pDs6V8P
mo4CRVLQMFbpCExVSw2BHoXeda4xX0oh5cQTLijkBROPqMC0SPBbGi9eJaY8W0yP
YYpcrYMsGMUZAqeyw0zTDve86vFZFBq4ef8I2uWlx4uXbHPNLXUEhw6+rykuOyUK
ZCzuQSPAJwj73/LUM+Z3aiwdZ9Sh9S5fcK1dAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUIl4rcgCnKUoBhsdz/1552gvb2BMwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L0lsNHJjZ0NuS1VvQmhzZHpfMTU1Mmd2YjJCTS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAxYBgwDQYJKoZIhvcNAQELBQADggEBAA5nLooBn7MlxXc1S2wD5Va4C8C+
ACOJTnp+BfmN3r9ZJKYp+FnmBw2zvFGlhhDzhPhBw094mGN/4yBMS6CgnS/uRCVx
Z2wXkB3qKsyE1kgDkXZom84BgI0sZxryX1EkvyLPjV+Ve/kWIf1wZ9t3RwDkG1f8
XPCNSO3moKkTLz0Ctxhehau4FV49gN58DKwUVfbV0adZLLf0XfWfHDIhkQY/oOoD
LlOy11FvhYs3Khn6FeGbpgHQvjUcvf17OVNPRccEEKPYtGGvJUDq9+np3ZujHXQT
f1Pahm92Dcq5hcM7mUGPlBw6sX1qOqE+vH5ldUaWb0fxNbmjNRQousOIH0w=
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:57:21 2024 by rpki-client on console-fra.rpki-client.org