Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/MKEdvjmcwJeCjTjo5_yXdB2NveU.roa
File:                     MKEdvjmcwJeCjTjo5_yXdB2NveU.roa (raw, json)
Hash identifier:          JPXHHzil6PywEZyXAVfwG5CYBIHZ3vqmP7qUjg4ZjdI=
Subject key identifier:   30:A1:1D:BE:39:9C:C0:97:82:8D:38:E8:E7:FC:97:74:1D:8D:BD:E5
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0833
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/MKEdvjmcwJeCjTjo5_yXdB2NveU.roa
Signing time:             Tue 30 Apr 2024 02:14:27 +0000
ROA not before:           Tue 30 Apr 2024 02:14:27 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        1.73.76.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2099 (0x833)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 02:14:27 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=30A11DBE399CC097828D38E8E7FC97741D8DBDE5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:20:6d:12:8f:5c:05:0a:81:fd:8a:06:1a:0d:
                    e1:5c:e5:d6:8d:8d:95:90:36:38:a7:3d:ac:ed:9c:
                    66:fd:61:6f:df:c4:8f:8f:7c:c3:2c:e4:34:33:df:
                    c6:f7:d9:1a:b1:93:2d:02:ca:c7:13:1e:c2:61:fc:
                    87:aa:30:25:86:e5:2c:11:0c:c3:d5:23:f8:d1:93:
                    48:78:ec:69:8a:2a:1b:31:3b:24:70:04:1d:90:94:
                    cc:34:03:73:11:cf:99:4d:54:13:2d:dc:56:79:da:
                    df:a0:e2:ce:ba:11:82:9e:85:d1:b6:85:91:19:1a:
                    99:3b:f8:cf:aa:b4:f5:87:66:f3:75:d4:2a:5c:10:
                    49:d3:3e:b5:d0:c0:03:df:7d:4e:c8:73:6c:45:17:
                    6e:17:f4:a9:42:bc:ea:e4:3a:39:98:7a:23:71:f0:
                    f0:2b:4d:2b:83:83:c3:b2:bf:5b:8d:27:b4:22:76:
                    38:aa:44:b1:5b:eb:3d:ef:25:5c:d5:d6:26:72:6d:
                    0d:fa:21:54:90:fc:26:49:4e:d7:ef:a6:bc:a9:84:
                    29:d9:89:05:f7:1e:d2:44:99:8b:4f:2b:5c:af:17:
                    e2:1b:fa:59:d6:cd:2c:7a:dd:fe:5d:89:4f:6c:7c:
                    93:47:b6:18:2a:9a:ef:0c:26:93:6c:2d:f3:2c:66:
                    4b:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:A1:1D:BE:39:9C:C0:97:82:8D:38:E8:E7:FC:97:74:1D:8D:BD:E5
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/MKEdvjmcwJeCjTjo5_yXdB2NveU.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.73.76.0/23

    Signature Algorithm: sha256WithRSAEncryption
         15:0b:5c:b3:57:c7:96:12:85:41:9d:f1:b7:8d:c8:df:1d:13:
         d8:38:d0:d4:f1:5b:ff:8a:94:f6:22:49:a6:d4:8d:2a:47:4f:
         f7:68:47:ec:7e:5a:e0:6a:63:93:6c:9c:66:86:96:01:a3:9d:
         bf:b7:34:2e:0e:d6:6a:74:61:c7:fc:04:43:f5:52:48:cc:14:
         b8:07:43:eb:97:7a:e5:95:fc:41:74:50:83:67:b2:ac:b4:ec:
         20:4e:ed:9a:09:42:93:27:fb:0f:12:bb:0f:ec:ef:e3:ff:c5:
         ec:78:a3:28:33:f5:5d:f3:23:75:aa:f7:2c:a1:e8:db:48:e3:
         3e:00:13:66:06:83:ed:50:6d:85:9e:05:f4:ef:d5:79:71:1c:
         5e:40:3b:e3:95:b9:98:f3:2e:92:af:cc:ea:2b:ae:1c:d2:7c:
         11:30:41:e4:0f:78:fa:ee:b9:d3:96:8f:c7:83:bb:91:90:e1:
         a4:46:e0:2c:de:a4:09:27:90:ea:30:8e:a8:ec:69:bd:8d:44:
         07:02:f9:49:3c:ef:d6:fa:65:91:6b:ba:fa:06:70:02:30:21:
         81:2e:45:48:6e:b2:ee:e3:ba:19:11:0a:f8:e2:c3:e9:cb:5d:
         54:97:18:f3:65:cd:d5:c1:62:4c:95:f4:5e:30:5d:d6:fe:64:
         06:23:c6:81
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICCDMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MjE0MjdaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDMwQTExREJFMzk5Q0Mw
OTc4MjhEMzhFOEU3RkM5Nzc0MUQ4REJERTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPIG0Sj1wFCoH9igYaDeFc5daNjZWQNjinPaztnGb9YW/fxI+P
fMMs5DQz38b32Rqxky0CyscTHsJh/IeqMCWG5SwRDMPVI/jRk0h47GmKKhsxOyRw
BB2QlMw0A3MRz5lNVBMt3FZ52t+g4s66EYKehdG2hZEZGpk7+M+qtPWHZvN11Cpc
EEnTPrXQwAPffU7Ic2xFF24X9KlCvOrkOjmYeiNx8PArTSuDg8Oyv1uNJ7Qidjiq
RLFb6z3vJVzV1iZybQ36IVSQ/CZJTtfvpryphCnZiQX3HtJEmYtPK1yvF+Ib+lnW
zSx63f5diU9sfJNHthgqmu8MJpNsLfMsZkt/AgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUMKEdvjmcwJeCjTjo5/yXdB2NveUwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L01LRWR2am1jd0plQ2pUam81X3lYZEIyTnZlVS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEBSUwwDQYJKoZIhvcNAQELBQADggEBABULXLNXx5YShUGd8beNyN8dE9g4
0NTxW/+KlPYiSabUjSpHT/doR+x+WuBqY5NsnGaGlgGjnb+3NC4O1mp0Ycf8BEP1
UkjMFLgHQ+uXeuWV/EF0UINnsqy07CBO7ZoJQpMn+w8Suw/s7+P/xex4oygz9V3z
I3Wq9yyh6NtI4z4AE2YGg+1QbYWeBfTv1XlxHF5AO+OVuZjzLpKvzOorrhzSfBEw
QeQPePruudOWj8eDu5GQ4aRG4CzepAknkOowjqjsab2NRAcC+Uk879b6ZZFruvoG
cAIwIYEuRUhusu7juhkRCvjiw+nLXVSXGPNlzdXBYkyV9F4wXdb+ZAYjxoE=
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:57:21 2024 by rpki-client on console-fra.rpki-client.org