Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/IyMFsMDHygmPDH4uRfiCD7LBZos.roa
File:                     IyMFsMDHygmPDH4uRfiCD7LBZos.roa (raw, json)
Hash identifier:          +ppXP0wFD/VeIfRomlgyBJFO+rAK0AYQ/swGBhrqtvs=
Subject key identifier:   23:23:05:B0:C0:C7:CA:09:8F:0C:7E:2E:45:F8:82:0F:B2:C1:66:8B
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       050A
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/IyMFsMDHygmPDH4uRfiCD7LBZos.roa
Signing time:             Thu 27 Jul 2023 16:52:10 +0000
ROA not before:           Thu 27 Jul 2023 16:52:10 +0000
ROA not after:            Sun 14 Jul 2024 01:30:03 +0000
asID:                     9605
IP address blocks:        49.102.154.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1290 (0x50a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jul 27 16:52:10 2023 GMT
            Not After : Jul 14 01:30:03 2024 GMT
        Subject: CN=232305B0C0C7CA098F0C7E2E45F8820FB2C1668B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:ca:2a:fd:5d:0f:02:83:32:f8:4b:04:a7:fb:
                    d8:49:b6:21:87:ac:cd:0f:94:0a:7d:7f:df:42:10:
                    fb:55:87:0d:2b:44:bb:df:e9:20:f5:3e:e2:75:95:
                    62:f9:93:af:fb:5b:1b:64:ec:88:55:f8:35:c1:d1:
                    a1:b2:60:8d:f7:65:cd:ac:f1:c1:1d:6d:9f:78:ef:
                    1d:b3:75:f1:a5:14:8d:e3:e3:61:0c:82:3e:96:cd:
                    1d:57:5b:b3:40:a2:8c:c5:cb:0c:75:ea:7c:15:25:
                    6f:15:cf:84:b7:47:42:0b:3b:bc:f5:0a:5c:1c:68:
                    0b:3a:bb:76:89:b4:bf:b3:29:2f:08:37:01:f0:3f:
                    76:0c:57:ec:1f:21:ae:94:21:a9:2c:b2:e0:12:8e:
                    36:7e:c2:e5:0a:9d:83:df:c9:9c:84:11:f5:92:50:
                    59:ce:52:e9:bf:a4:fe:72:c9:29:b6:c1:e5:51:80:
                    64:6a:9f:43:a6:81:06:dd:e3:c7:90:51:74:42:46:
                    5e:38:76:29:b5:07:c5:b0:f9:90:4c:e5:68:f0:1e:
                    0a:97:4f:73:59:66:24:c4:ff:94:08:d4:b8:72:55:
                    49:34:e7:56:d0:e8:49:71:28:ff:90:98:25:dd:00:
                    17:08:dd:2d:fb:f4:7d:f7:6d:b4:a6:8d:39:9c:79:
                    c9:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:23:05:B0:C0:C7:CA:09:8F:0C:7E:2E:45:F8:82:0F:B2:C1:66:8B
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/IyMFsMDHygmPDH4uRfiCD7LBZos.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.102.154.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:06:ca:5b:b0:ac:33:2d:ba:3e:fb:5e:07:c7:02:80:e6:4f:
         c5:46:07:58:1b:26:08:6e:80:3a:bf:3b:ae:bd:d5:da:8b:d3:
         10:b6:11:6c:38:cf:ea:1c:f3:76:5b:c3:0c:c4:07:f1:56:54:
         52:97:67:ab:e9:f7:f8:0f:d4:93:6b:c7:87:27:fa:86:25:4d:
         f4:d3:74:5c:93:eb:eb:fe:10:1c:33:10:b0:0c:90:76:b1:cc:
         57:0a:67:60:a4:43:86:e5:33:4b:94:35:db:99:12:9e:0d:24:
         08:5d:17:e3:10:f8:9b:63:41:4b:c3:ad:42:90:8a:f3:ad:ea:
         78:2f:b2:fa:0a:03:69:a9:30:28:8b:1c:c9:c2:78:38:a4:ec:
         70:a5:6f:d4:9d:7f:1a:1e:5a:b4:0a:e2:5a:a9:37:7a:de:75:
         95:03:a6:64:a7:ae:f8:0f:6b:fa:97:c8:e2:ec:1b:a6:cd:7a:
         ac:d4:42:5d:30:9c:5f:cb:b8:eb:cb:90:81:31:37:24:37:53:
         93:0f:c6:70:22:9f:27:23:13:cd:88:a8:6f:c1:e4:bb:41:de:
         6b:12:bf:ba:9f:7d:d5:55:34:50:ea:04:cb:74:dc:6b:85:45:
         96:27:98:01:1c:84:fe:59:a3:d5:2a:49:f4:f4:4f:ca:84:5a:
         a8:1b:94:8e
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBQowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA3Mjcx
NjUyMTBaFw0yNDA3MTQwMTMwMDNaMDMxMTAvBgNVBAMTKDIzMjMwNUIwQzBDN0NB
MDk4RjBDN0UyRTQ1Rjg4MjBGQjJDMTY2OEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLyir9XQ8CgzL4SwSn+9hJtiGHrM0PlAp9f99CEPtVhw0rRLvf
6SD1PuJ1lWL5k6/7Wxtk7IhV+DXB0aGyYI33Zc2s8cEdbZ947x2zdfGlFI3j42EM
gj6WzR1XW7NAoozFywx16nwVJW8Vz4S3R0ILO7z1ClwcaAs6u3aJtL+zKS8INwHw
P3YMV+wfIa6UIakssuASjjZ+wuUKnYPfyZyEEfWSUFnOUum/pP5yySm2weVRgGRq
n0OmgQbd48eQUXRCRl44dim1B8Ww+ZBM5WjwHgqXT3NZZiTE/5QI1LhyVUk051bQ
6ElxKP+QmCXdABcI3S379H33bbSmjTmcecntAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUIyMFsMDHygmPDH4uRfiCD7LBZoswHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L0l5TUZzTURIeWdtUERINHVSZmlDRDdMQlpvcy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAxZpowDQYJKoZIhvcNAQELBQADggEBAI0GyluwrDMtuj77XgfHAoDmT8VG
B1gbJghugDq/O6691dqL0xC2EWw4z+oc83ZbwwzEB/FWVFKXZ6vp9/gP1JNrx4cn
+oYlTfTTdFyT6+v+EBwzELAMkHaxzFcKZ2CkQ4blM0uUNduZEp4NJAhdF+MQ+Jtj
QUvDrUKQivOt6ngvsvoKA2mpMCiLHMnCeDik7HClb9SdfxoeWrQK4lqpN3redZUD
pmSnrvgPa/qXyOLsG6bNeqzUQl0wnF/LuOvLkIExNyQ3U5MPxnAinycjE82IqG/B
5LtB3msSv7qffdVVNFDqBMt03GuFRZYnmAEchP5Zo9UqSfT0T8qEWqgblI4=
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:31:52 2024 by rpki-client on console-ams.rpki-client.org