Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/JBWDUuyU-1outncrOe0im4rdgyg.roa
File:                     JBWDUuyU-1outncrOe0im4rdgyg.roa (raw, json)
Hash identifier:          dPpNZqIMzNvCNE9iWNlel9K9TpGfwFPZioP9OirK5UE=
Subject key identifier:   24:15:83:52:EC:94:FB:5A:2E:B6:77:2B:39:ED:22:9B:8A:DD:83:28
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       04B3
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/JBWDUuyU-1outncrOe0im4rdgyg.roa
Signing time:             Thu 27 Jul 2023 16:48:09 +0000
ROA not before:           Thu 27 Jul 2023 16:48:09 +0000
ROA not after:            Sun 14 Jul 2024 01:30:03 +0000
asID:                     9605
IP address blocks:        220.210.52.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1203 (0x4b3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jul 27 16:48:09 2023 GMT
            Not After : Jul 14 01:30:03 2024 GMT
        Subject: CN=24158352EC94FB5A2EB6772B39ED229B8ADD8328
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:2b:ce:74:13:b1:05:13:a9:40:75:f3:23:54:
                    02:02:ab:4d:f8:7b:ae:29:47:6e:af:96:88:ef:05:
                    2d:fb:38:13:22:37:03:22:0a:a2:52:a4:0b:37:97:
                    e9:52:16:dc:48:75:4d:d4:1b:a1:13:b0:3f:68:81:
                    5f:5b:64:e1:33:54:88:18:c3:68:83:0a:5c:94:ee:
                    64:ee:46:a1:98:e5:15:01:ca:4f:e5:7b:70:ca:c6:
                    99:6c:88:08:e3:65:1e:92:c3:b2:cd:71:b6:6b:8d:
                    1e:ec:cd:9b:1f:7d:a4:cf:ca:8d:56:f6:55:ee:17:
                    3c:77:b8:5f:8a:b5:47:5e:38:bd:c3:f7:98:fa:b4:
                    19:61:5f:f4:09:7d:9c:4e:da:67:2f:be:2a:cc:71:
                    90:f2:2a:05:ba:e3:5e:fe:37:a1:60:de:82:d4:f7:
                    e2:a3:d3:bc:83:da:d2:8f:60:1d:63:b0:d5:e9:38:
                    8a:55:8f:63:ad:bf:6e:56:f7:cf:88:b1:98:d0:52:
                    86:bf:f4:20:3e:46:7c:7e:e3:eb:fd:72:ee:78:88:
                    77:72:cf:b6:33:c2:e2:ac:33:5d:de:a1:77:b4:e5:
                    eb:5f:55:ee:dc:b2:bf:55:a7:f2:4a:b6:61:3c:6a:
                    a2:4d:28:1b:65:bb:98:27:ed:c0:85:10:ec:47:ea:
                    9b:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:15:83:52:EC:94:FB:5A:2E:B6:77:2B:39:ED:22:9B:8A:DD:83:28
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/JBWDUuyU-1outncrOe0im4rdgyg.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  220.210.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         04:72:ec:50:fd:e5:3c:26:bc:39:38:54:4f:78:34:a2:a4:5e:
         cd:05:24:9a:ab:25:f3:e5:3a:5e:8b:05:b4:82:ab:03:fb:2d:
         bf:6d:ef:14:90:a1:16:b4:b4:18:58:06:7a:e4:59:82:d1:f6:
         19:da:4f:5f:64:e8:e7:d3:ef:34:b3:14:b5:ab:b4:62:c2:65:
         ef:e2:91:b4:28:52:ea:dd:67:09:b4:bc:fb:0c:c7:af:ae:02:
         18:2c:17:22:1d:88:49:58:85:51:0d:d9:d0:17:dc:e2:b4:91:
         39:6a:6d:10:aa:7f:15:97:39:d7:74:5d:8d:84:88:58:30:ff:
         76:0e:4a:ae:8f:e4:6d:db:d6:c3:b1:54:05:8f:f6:97:48:0d:
         e3:37:85:00:1e:fa:b0:82:8b:b2:6b:93:83:3f:7b:f9:c2:81:
         a8:6c:28:2c:c6:52:2f:f1:03:93:7e:d8:9b:f2:81:42:7e:6b:
         cd:6a:2c:0c:7b:b2:31:13:61:f3:58:5c:92:b1:de:fb:31:e1:
         06:61:18:d9:d2:9c:52:b6:25:52:60:3e:46:fb:b9:b2:6f:27:
         7d:47:ff:e0:ca:8c:0f:77:3d:1a:4b:44:75:1c:50:a6:34:00:
         d6:62:d7:a4:88:9f:c7:6b:31:67:ac:2b:74:d1:be:fc:fb:69:
         a4:4f:a8:c2
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBLMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA3Mjcx
NjQ4MDlaFw0yNDA3MTQwMTMwMDNaMDMxMTAvBgNVBAMTKDI0MTU4MzUyRUM5NEZC
NUEyRUI2NzcyQjM5RUQyMjlCOEFERDgzMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDK850E7EFE6lAdfMjVAICq034e64pR26vlojvBS37OBMiNwMi
CqJSpAs3l+lSFtxIdU3UG6ETsD9ogV9bZOEzVIgYw2iDClyU7mTuRqGY5RUByk/l
e3DKxplsiAjjZR6Sw7LNcbZrjR7szZsffaTPyo1W9lXuFzx3uF+KtUdeOL3D95j6
tBlhX/QJfZxO2mcvvirMcZDyKgW6417+N6Fg3oLU9+Kj07yD2tKPYB1jsNXpOIpV
j2Otv25W98+IsZjQUoa/9CA+Rnx+4+v9cu54iHdyz7YzwuKsM13eoXe05etfVe7c
sr9Vp/JKtmE8aqJNKBtlu5gn7cCFEOxH6puzAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUJBWDUuyU+1outncrOe0im4rdgygwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L0pCV0RVdXlVLTFvdXRuY3JPZTBpbTRyZGd5Zy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALc0jQwDQYJKoZIhvcNAQELBQADggEBAARy7FD95TwmvDk4VE94NKKkXs0F
JJqrJfPlOl6LBbSCqwP7Lb9t7xSQoRa0tBhYBnrkWYLR9hnaT19k6OfT7zSzFLWr
tGLCZe/ikbQoUurdZwm0vPsMx6+uAhgsFyIdiElYhVEN2dAX3OK0kTlqbRCqfxWX
Odd0XY2EiFgw/3YOSq6P5G3b1sOxVAWP9pdIDeM3hQAe+rCCi7Jrk4M/e/nCgahs
KCzGUi/xA5N+2JvygUJ+a81qLAx7sjETYfNYXJKx3vsx4QZhGNnSnFK2JVJgPkb7
ubJvJ31H/+DKjA93PRpLRHUcUKY0ANZi16SIn8drMWesK3TRvvz7aaRPqMI=
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:31:52 2024 by rpki-client on console-ams.rpki-client.org