Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/Il_VVEFaI-coL4wo3Lq-BKk9IY4.roa
File:                     Il_VVEFaI-coL4wo3Lq-BKk9IY4.roa (raw, json)
Hash identifier:          ydv4axyRPPkdJIs444IYs08UczUQT8FClVKBJoSVaqI=
Subject key identifier:   22:5F:D5:54:41:5A:23:E7:28:2F:8C:28:DC:BA:BE:04:A9:3D:21:8E
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0788
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/Il_VVEFaI-coL4wo3Lq-BKk9IY4.roa
Signing time:             Tue 30 Apr 2024 02:04:44 +0000
ROA not before:           Tue 30 Apr 2024 02:04:44 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        49.98.76.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1928 (0x788)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 02:04:44 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=225FD554415A23E7282F8C28DCBABE04A93D218E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:93:1c:d6:6b:20:c3:b4:97:cc:90:62:f3:01:
                    4b:91:94:15:89:59:b0:04:88:b1:9b:66:43:bb:97:
                    f9:86:e7:13:42:c0:46:22:3e:55:88:a2:c8:bb:ed:
                    42:d9:22:97:c6:f0:97:3a:0b:d7:ec:69:4d:67:8f:
                    2e:f3:4f:44:c2:09:94:1c:3a:66:c5:96:ad:ba:31:
                    b4:e0:5c:31:b9:ce:dc:0a:21:f7:f4:39:66:32:4c:
                    67:77:bb:4f:93:5f:19:c6:ce:88:ee:af:72:29:57:
                    9f:df:03:c0:23:b6:02:4b:ca:3d:bb:5e:50:0e:15:
                    03:5e:19:32:4d:8e:cd:68:fc:dd:f2:af:19:4a:37:
                    a0:e2:aa:f7:95:1b:1a:25:e4:a8:42:54:00:83:1d:
                    6b:5d:48:4f:0d:fa:e1:58:65:47:72:32:13:14:92:
                    7a:2e:8b:7f:5d:58:78:e9:92:96:1e:85:00:48:9c:
                    d2:15:61:94:99:88:ca:78:98:89:87:b3:28:f8:d1:
                    d3:d5:91:ac:f3:bd:a8:db:af:e3:cb:e6:9b:1e:b6:
                    37:d3:cb:93:f4:a3:15:8e:ac:12:e1:d7:1a:02:98:
                    6e:5d:73:6b:69:ca:cd:7e:a7:83:03:30:34:60:ec:
                    6b:45:e6:5a:e4:f5:83:0d:0a:7c:45:97:96:f0:8d:
                    db:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:5F:D5:54:41:5A:23:E7:28:2F:8C:28:DC:BA:BE:04:A9:3D:21:8E
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/Il_VVEFaI-coL4wo3Lq-BKk9IY4.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.98.76.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4f:42:23:5c:7b:07:46:bb:64:a0:6b:ab:78:1a:10:8a:73:28:
         5a:c2:cc:00:3c:b0:6b:9c:29:6c:3d:c7:68:bc:f4:8c:15:2a:
         ac:3a:40:13:09:56:97:a7:a2:70:39:d2:32:2d:6a:7f:1f:26:
         99:5e:8d:f6:28:50:ba:81:e9:90:e8:b1:99:75:a4:d9:5b:12:
         25:9b:5f:49:eb:c1:12:55:d1:cb:a3:d6:49:52:62:8b:05:4f:
         02:fb:63:21:e9:9c:fd:16:53:19:41:dc:7f:c0:e7:b6:e8:65:
         bf:5e:df:83:55:1f:f4:2b:e6:35:03:44:1a:91:bc:8b:c7:12:
         99:94:bc:83:78:1f:a6:22:c3:b6:fe:93:e7:98:c9:7f:31:dd:
         75:35:24:b3:2f:ba:82:24:07:c2:16:8f:5b:eb:ae:65:6e:43:
         64:23:ee:31:53:00:17:e4:f8:25:83:75:4f:ed:21:75:d4:24:
         c7:ca:76:b9:da:e0:f0:19:d1:83:c0:e8:f5:28:29:ed:a5:c9:
         13:fa:6a:01:2c:02:ef:2c:51:a7:90:6b:2a:1b:e8:41:65:11:
         58:6b:b5:62:09:84:b3:e5:d2:11:81:16:3c:51:cc:9a:47:54:
         0b:ee:1f:a1:5f:98:68:d3:f8:36:be:32:e7:b2:d6:35:35:46:
         a4:dd:1a:c8
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICB4gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MjA0NDRaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDIyNUZENTU0NDE1QTIz
RTcyODJGOEMyOERDQkFCRTA0QTkzRDIxOEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBkxzWayDDtJfMkGLzAUuRlBWJWbAEiLGbZkO7l/mG5xNCwEYi
PlWIosi77ULZIpfG8Jc6C9fsaU1njy7zT0TCCZQcOmbFlq26MbTgXDG5ztwKIff0
OWYyTGd3u0+TXxnGzojur3IpV5/fA8AjtgJLyj27XlAOFQNeGTJNjs1o/N3yrxlK
N6DiqveVGxol5KhCVACDHWtdSE8N+uFYZUdyMhMUknoui39dWHjpkpYehQBInNIV
YZSZiMp4mImHsyj40dPVkazzvajbr+PL5psetjfTy5P0oxWOrBLh1xoCmG5dc2tp
ys1+p4MDMDRg7GtF5lrk9YMNCnxFl5bwjdu7AgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUIl/VVEFaI+coL4wo3Lq+BKk9IY4wHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L0lsX1ZWRUZhSS1jb0w0d28zTHEtQktrOUlZNC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIxYkwwDQYJKoZIhvcNAQELBQADggEBAE9CI1x7B0a7ZKBrq3gaEIpzKFrC
zAA8sGucKWw9x2i89IwVKqw6QBMJVpenonA50jItan8fJplejfYoULqB6ZDosZl1
pNlbEiWbX0nrwRJV0cuj1klSYosFTwL7YyHpnP0WUxlB3H/A57boZb9e34NVH/Qr
5jUDRBqRvIvHEpmUvIN4H6Yiw7b+k+eYyX8x3XU1JLMvuoIkB8IWj1vrrmVuQ2Qj
7jFTABfk+CWDdU/tIXXUJMfKdrna4PAZ0YPA6PUoKe2lyRP6agEsAu8sUaeQayob
6EFlEVhrtWIJhLPl0hGBFjxRzJpHVAvuH6FfmGjT+Da+Muey1jU1RqTdGsg=
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:57:21 2024 by rpki-client on console-fra.rpki-client.org