Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/L9uOTicOIGgqVjRW3qaGnLDYNzU.roa
File:                     L9uOTicOIGgqVjRW3qaGnLDYNzU.roa (raw, json)
Hash identifier:          FmIPHpk7nA/tJrFUgXmTK+vYSWRRQwrs33Ya/Swilhs=
Subject key identifier:   2F:DB:8E:4E:27:0E:20:68:2A:56:34:56:DE:A6:86:9C:B0:D8:37:35
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       064A
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/L9uOTicOIGgqVjRW3qaGnLDYNzU.roa
Signing time:             Tue 30 Apr 2024 01:31:31 +0000
ROA not before:           Tue 30 Apr 2024 01:31:31 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        49.98.60.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1610 (0x64a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 01:31:31 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=2FDB8E4E270E20682A563456DEA6869CB0D83735
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:8a:68:ee:2d:26:80:e5:be:b3:fa:98:6a:cd:
                    71:15:26:9f:99:72:c3:75:24:f9:ae:ec:2d:f6:af:
                    84:d1:8b:af:83:01:2c:4b:32:f5:98:17:6a:96:81:
                    77:b3:03:22:48:34:37:21:01:a0:9c:89:9a:fb:33:
                    8b:1d:18:dc:3a:e2:8e:85:bc:bb:25:c6:bf:57:2e:
                    08:b1:53:bb:6d:66:2d:0e:71:d7:0b:fa:ed:ef:8b:
                    d8:0d:b2:19:bf:eb:5d:d7:6e:e4:87:b4:18:04:5f:
                    15:c0:69:d5:99:2a:87:51:5c:2d:0a:88:b1:9e:68:
                    93:0d:5b:f8:88:e6:21:59:d6:a9:3c:85:7f:11:bb:
                    c3:9d:ad:ff:13:bc:f2:dd:9f:bc:05:ba:f3:01:ad:
                    fa:21:c7:b2:14:a8:87:76:c9:f6:83:99:54:a2:e6:
                    2a:83:2d:d3:38:e1:45:1f:a4:12:d3:a8:d5:01:b4:
                    fc:b2:3d:40:95:8f:bd:a7:68:3d:7e:7e:62:25:47:
                    e7:11:08:8c:eb:fc:4b:bc:98:f7:4f:74:26:a2:9f:
                    ee:e8:20:81:1d:86:47:83:04:ea:79:04:26:61:98:
                    90:aa:88:40:6a:2f:0d:c1:89:46:e1:4c:11:0f:95:
                    23:a0:c4:01:87:a9:b1:e1:dd:e9:72:89:b6:a2:64:
                    ef:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:DB:8E:4E:27:0E:20:68:2A:56:34:56:DE:A6:86:9C:B0:D8:37:35
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/L9uOTicOIGgqVjRW3qaGnLDYNzU.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.98.60.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8b:60:42:b5:9b:91:01:1d:77:9c:72:43:6b:0d:13:f1:13:ab:
         b0:53:6e:19:ea:66:5c:70:51:d5:1f:12:3b:dc:29:00:98:d2:
         07:39:db:42:1a:72:a2:2b:53:21:c5:30:f0:03:91:69:96:ee:
         51:91:2b:38:e3:95:70:e6:ee:25:7c:22:b3:93:55:47:40:c2:
         6d:7e:ff:3d:60:5d:23:4c:d5:f1:97:1d:d6:8e:bd:11:71:41:
         bf:58:a6:22:e0:1b:e6:d8:bc:8a:0c:42:e5:d6:71:7c:83:92:
         37:25:f1:54:c3:30:4f:86:8f:42:17:ce:6c:bb:fa:ba:94:c8:
         64:46:f0:5f:dc:a9:86:59:95:2e:63:61:f6:a7:58:2c:1a:42:
         1f:15:ea:5d:5d:d4:36:20:75:e4:2a:73:07:23:41:9c:11:0e:
         cb:d8:f8:d6:22:f2:73:9d:ed:fe:24:f4:86:b0:74:4b:9b:4b:
         e9:d2:6a:21:f4:52:10:1c:c7:39:af:33:d6:a0:48:1c:d0:ee:
         53:ef:3c:9e:b0:f2:b1:6a:3b:96:8e:2d:e5:0f:4a:72:c4:6f:
         4a:8c:85:00:bc:5e:be:ac:34:f0:90:ab:de:29:6c:68:35:46:
         6e:53:e9:18:d4:c8:1a:57:87:97:d1:69:f6:50:39:c4:6a:eb:
         67:67:41:c7
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBkowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MTMxMzFaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDJGREI4RTRFMjcwRTIw
NjgyQTU2MzQ1NkRFQTY4NjlDQjBEODM3MzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSimjuLSaA5b6z+phqzXEVJp+ZcsN1JPmu7C32r4TRi6+DASxL
MvWYF2qWgXezAyJINDchAaCciZr7M4sdGNw64o6FvLslxr9XLgixU7ttZi0OcdcL
+u3vi9gNshm/613XbuSHtBgEXxXAadWZKodRXC0KiLGeaJMNW/iI5iFZ1qk8hX8R
u8Odrf8TvPLdn7wFuvMBrfohx7IUqId2yfaDmVSi5iqDLdM44UUfpBLTqNUBtPyy
PUCVj72naD1+fmIlR+cRCIzr/Eu8mPdPdCain+7oIIEdhkeDBOp5BCZhmJCqiEBq
Lw3BiUbhTBEPlSOgxAGHqbHh3elyibaiZO+xAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUL9uOTicOIGgqVjRW3qaGnLDYNzUwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L0w5dU9UaWNPSUdncVZqUlczcWFHbkxEWU56VS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIxYjwwDQYJKoZIhvcNAQELBQADggEBAItgQrWbkQEdd5xyQ2sNE/ETq7BT
bhnqZlxwUdUfEjvcKQCY0gc520IacqIrUyHFMPADkWmW7lGRKzjjlXDm7iV8IrOT
VUdAwm1+/z1gXSNM1fGXHdaOvRFxQb9YpiLgG+bYvIoMQuXWcXyDkjcl8VTDME+G
j0IXzmy7+rqUyGRG8F/cqYZZlS5jYfanWCwaQh8V6l1d1DYgdeQqcwcjQZwRDsvY
+NYi8nOd7f4k9IawdEubS+nSaiH0UhAcxzmvM9agSBzQ7lPvPJ6w8rFqO5aOLeUP
SnLEb0qMhQC8Xr6sNPCQq94pbGg1Rm5T6RjUyBpXh5fRafZQOcRq62dnQcc=
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:57:21 2024 by rpki-client on console-fra.rpki-client.org