Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/JZ9W7KlksaEzeiRsx8upIm1pa_g.roa
File:                     JZ9W7KlksaEzeiRsx8upIm1pa_g.roa (raw, json)
Hash identifier:          /MzPwP5vyc0xubuy8arQiKHl0eakfEKnxuwRTyDBGw4=
Subject key identifier:   25:9F:56:EC:A9:64:B1:A1:33:7A:24:6C:C7:CB:A9:22:6D:69:6B:F8
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0ACF
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/JZ9W7KlksaEzeiRsx8upIm1pa_g.roa
Signing time:             Tue 31 Dec 2024 01:28:52 +0000
ROA not before:           Tue 31 Dec 2024 01:28:52 +0000
ROA not after:            Mon 15 Dec 2025 01:30:03 +0000
asID:                     9605
IP address blocks:        49.109.208.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 26 Feb 2025 20:50:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2767 (0xacf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Dec 31 01:28:52 2024 GMT
            Not After : Dec 15 01:30:03 2025 GMT
        Subject: CN=259F56ECA964B1A1337A246CC7CBA9226D696BF8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:ac:bd:58:3a:d9:e6:e3:8e:56:4b:05:7e:77:
                    f4:ca:d9:6a:c1:15:28:a6:44:04:db:57:b4:0b:82:
                    2d:21:21:20:fe:ee:23:03:63:01:16:db:10:9d:7f:
                    b3:16:17:94:82:2c:9f:06:8b:10:ee:02:6a:db:ca:
                    65:ef:12:8e:65:07:1f:31:19:ac:72:1a:75:4c:80:
                    05:a5:82:4a:1d:28:cc:ce:26:b9:39:15:b9:09:1a:
                    b1:bd:81:fc:b0:42:f4:f5:5e:d2:c9:2e:ad:0b:fb:
                    85:fb:fb:e4:f9:53:e3:fe:6d:d4:60:43:0b:f2:d3:
                    58:f1:de:4f:22:68:31:d4:c7:8d:50:5a:71:ed:aa:
                    4d:28:10:d5:cb:10:5f:e9:7a:8a:62:96:2e:f7:55:
                    3d:75:a0:b6:bb:34:f8:29:36:66:73:d3:dc:c8:0f:
                    39:c2:a9:8e:3f:b3:46:5e:1d:ca:39:ac:be:4d:11:
                    e0:01:fd:14:34:f8:1b:39:8b:91:2c:10:54:51:ef:
                    6c:e0:55:33:ae:c7:09:80:86:63:9a:09:04:43:c4:
                    6e:be:08:1d:4f:40:8e:23:d5:3a:f8:52:55:eb:68:
                    9a:49:73:e9:08:fb:d4:fe:b6:81:0f:8a:99:02:94:
                    31:f2:c7:90:ce:9b:f8:9b:86:51:81:0b:b4:a5:3d:
                    50:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:9F:56:EC:A9:64:B1:A1:33:7A:24:6C:C7:CB:A9:22:6D:69:6B:F8
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/JZ9W7KlksaEzeiRsx8upIm1pa_g.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.109.208.0/21

    Signature Algorithm: sha256WithRSAEncryption
         5a:c3:6f:3d:19:2a:9e:35:2d:ec:c3:63:89:24:e7:7e:1c:21:
         ee:6d:99:5c:b9:8c:0b:58:77:b4:31:b9:d8:58:cd:54:1f:b3:
         20:8b:7a:66:ee:b1:4d:f3:bf:27:ed:4a:10:bc:16:d4:cb:bb:
         e2:62:7b:99:15:a1:19:34:54:bb:71:09:49:e7:db:de:ef:dd:
         eb:84:05:4a:52:f2:7f:a6:35:bf:48:20:15:ea:54:3c:6b:f7:
         5a:de:45:58:45:b2:46:c1:a2:a4:e2:49:8a:20:39:bd:07:c3:
         27:db:db:52:f0:30:0b:66:a2:58:a4:1f:c1:23:14:dd:aa:6c:
         bd:21:7d:e2:c2:9c:50:f5:fd:f3:62:5d:20:29:a0:9b:27:03:
         a6:10:bf:3f:3c:6d:45:2c:3f:80:da:ad:4f:1e:f6:a0:00:d4:
         63:77:f2:18:c4:a0:7b:c6:21:4f:d1:91:74:a5:31:95:f9:61:
         6b:d5:bd:4e:17:e3:13:0a:c9:f2:7f:34:64:64:70:ff:b0:b5:
         cb:4b:48:9f:a7:36:63:2f:4b:24:a1:57:62:af:52:9f:07:6d:
         bc:da:9e:2d:19:da:88:a8:a4:87:e8:6f:61:3c:8e:9a:71:c9:
         82:f9:2f:9d:6f:d5:1a:3d:59:68:99:86:f9:68:8c:c7:9a:c7:
         49:91:e6:cf
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICCs8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDEyMzEw
MTI4NTJaFw0yNTEyMTUwMTMwMDNaMDMxMTAvBgNVBAMTKDI1OUY1NkVDQTk2NEIx
QTEzMzdBMjQ2Q0M3Q0JBOTIyNkQ2OTZCRjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7rL1YOtnm445WSwV+d/TK2WrBFSimRATbV7QLgi0hISD+7iMD
YwEW2xCdf7MWF5SCLJ8GixDuAmrbymXvEo5lBx8xGaxyGnVMgAWlgkodKMzOJrk5
FbkJGrG9gfywQvT1XtLJLq0L+4X7++T5U+P+bdRgQwvy01jx3k8iaDHUx41QWnHt
qk0oENXLEF/peopili73VT11oLa7NPgpNmZz09zIDznCqY4/s0ZeHco5rL5NEeAB
/RQ0+Bs5i5EsEFRR72zgVTOuxwmAhmOaCQRDxG6+CB1PQI4j1Tr4UlXraJpJc+kI
+9T+toEPipkClDHyx5DOm/ibhlGBC7SlPVDxAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUJZ9W7KlksaEzeiRsx8upIm1pa/gwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L0paOVc3S2xrc2FFemVpUnN4OHVwSW0xcGFfZy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMxbdAwDQYJKoZIhvcNAQELBQADggEBAFrDbz0ZKp41LezDY4kk534cIe5t
mVy5jAtYd7QxudhYzVQfsyCLembusU3zvyftShC8FtTLu+Jie5kVoRk0VLtxCUnn
297v3euEBUpS8n+mNb9IIBXqVDxr91reRVhFskbBoqTiSYogOb0Hwyfb21LwMAtm
olikH8EjFN2qbL0hfeLCnFD1/fNiXSApoJsnA6YQvz88bUUsP4DarU8e9qAA1GN3
8hjEoHvGIU/RkXSlMZX5YWvVvU4X4xMKyfJ/NGRkcP+wtctLSJ+nNmMvSyShV2Kv
Up8Hbbzani0Z2oiopIfob2E8jppxyYL5L51v1Ro9WWiZhvlojMeax0mR5s8=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:12 2025 by rpki-client