Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/Q1jQc7oroKEAdXYxQGVSO3O858U.roa
File:                     Q1jQc7oroKEAdXYxQGVSO3O858U.roa (raw, json)
Hash identifier:          NEo+M/hpJAdMbFVSmbyw8FwWJzbx/ApVUThnJ4nOTGw=
Subject key identifier:   43:58:D0:73:BA:2B:A0:A1:00:75:76:31:40:65:52:3B:73:BC:E7:C5
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       06B9
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/Q1jQc7oroKEAdXYxQGVSO3O858U.roa
Signing time:             Tue 30 Apr 2024 01:46:52 +0000
ROA not before:           Tue 30 Apr 2024 01:46:52 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        27.230.96.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1721 (0x6b9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 01:46:52 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=4358D073BA2BA0A1007576314065523B73BCE7C5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:29:e7:78:80:09:d9:47:5d:bc:08:f6:7a:50:
                    e8:3d:c3:c6:48:fa:28:8f:b7:de:24:4d:a8:b8:a0:
                    86:03:b7:68:8b:79:e8:8f:44:f7:91:3b:9a:bb:db:
                    7e:87:a7:09:71:2f:6e:82:25:1f:d6:97:9b:6c:58:
                    4f:b4:12:fa:7f:c0:ad:8a:a8:ce:0a:a0:8f:cf:bb:
                    dc:c3:54:03:94:17:a7:1d:13:f1:91:df:ef:2f:25:
                    52:cf:19:1a:d8:6f:d1:fc:33:e7:34:55:a2:cc:bd:
                    b9:a2:4a:5c:23:95:b5:84:99:c9:74:cd:f7:5b:65:
                    98:5b:dc:3d:3c:53:35:3c:91:2a:4d:44:a6:fe:db:
                    24:d5:b6:b3:48:e2:fe:60:fa:90:63:63:eb:57:1e:
                    62:2b:93:c9:c1:f9:01:03:c5:0b:6d:28:83:4b:c9:
                    73:6e:56:d4:b7:a8:d4:7c:dd:71:86:43:9f:45:20:
                    be:f8:c5:b3:f6:1a:9f:2f:4f:13:8d:6a:a3:e1:7a:
                    36:6c:aa:bf:37:b8:a8:3e:ce:92:7b:0b:29:d0:e1:
                    c4:24:2d:cc:45:d5:4f:38:a5:5d:85:cf:e6:6b:08:
                    2d:27:b7:a0:3a:f4:a0:4a:6f:e5:5f:90:59:a9:c8:
                    92:72:05:bf:6a:c9:e5:25:00:86:fe:a7:b9:12:79:
                    d9:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:58:D0:73:BA:2B:A0:A1:00:75:76:31:40:65:52:3B:73:BC:E7:C5
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/Q1jQc7oroKEAdXYxQGVSO3O858U.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.230.96.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2a:3d:87:5c:38:09:be:72:8d:d3:dc:e4:25:ef:7a:98:30:c2:
         78:c1:eb:79:f5:d3:1a:f6:5d:a1:c9:dc:80:e0:e6:e9:d8:d4:
         d4:9b:70:37:5c:1a:32:78:97:c7:b8:c2:f1:0b:ec:36:29:69:
         39:f1:e1:1a:f1:6d:77:4e:82:82:20:2e:20:06:a8:0d:5d:2e:
         2a:5c:0d:20:9e:38:90:c8:08:d8:70:db:a6:c3:ab:d1:31:a0:
         ea:9e:ac:4e:98:fc:06:83:a6:10:68:94:4a:45:c1:8f:b9:82:
         84:d4:04:33:76:2c:70:7a:65:61:33:a1:15:51:4a:05:44:65:
         98:ab:85:fa:82:56:7c:58:bf:a2:17:be:5b:63:28:d7:72:2a:
         c4:f4:9b:69:83:ec:28:11:0f:eb:c5:d8:c3:08:06:12:b3:27:
         e3:89:9d:62:2c:84:b0:cb:a1:56:d7:ff:5a:3e:a9:39:d4:fd:
         1b:07:16:7e:4e:55:06:6a:95:d3:cb:e7:5c:d4:32:4d:d3:3c:
         83:f1:0b:9c:d3:0d:98:b2:06:ce:28:5f:92:6f:14:85:03:d9:
         a3:98:f3:fa:68:3b:ff:eb:ce:06:3b:e6:25:38:a1:0d:53:9f:
         3f:16:96:62:ce:b4:e7:46:a4:20:4c:62:72:85:0d:7c:86:92:
         3d:63:55:0c
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBrkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MTQ2NTJaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDQzNThEMDczQkEyQkEw
QTEwMDc1NzYzMTQwNjU1MjNCNzNCQ0U3QzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJKed4gAnZR128CPZ6UOg9w8ZI+iiPt94kTai4oIYDt2iLeeiP
RPeRO5q7236HpwlxL26CJR/Wl5tsWE+0Evp/wK2KqM4KoI/Pu9zDVAOUF6cdE/GR
3+8vJVLPGRrYb9H8M+c0VaLMvbmiSlwjlbWEmcl0zfdbZZhb3D08UzU8kSpNRKb+
2yTVtrNI4v5g+pBjY+tXHmIrk8nB+QEDxQttKINLyXNuVtS3qNR83XGGQ59FIL74
xbP2Gp8vTxONaqPhejZsqr83uKg+zpJ7CynQ4cQkLcxF1U84pV2Fz+ZrCC0nt6A6
9KBKb+VfkFmpyJJyBb9qyeUlAIb+p7kSedkNAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUQ1jQc7oroKEAdXYxQGVSO3O858UwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L1ExalFjN29yb0tFQWRYWXhRR1ZTTzNPODU4VS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEb5mAwDQYJKoZIhvcNAQELBQADggEBACo9h1w4Cb5yjdPc5CXvepgwwnjB
63n10xr2XaHJ3IDg5unY1NSbcDdcGjJ4l8e4wvEL7DYpaTnx4RrxbXdOgoIgLiAG
qA1dLipcDSCeOJDICNhw26bDq9ExoOqerE6Y/AaDphBolEpFwY+5goTUBDN2LHB6
ZWEzoRVRSgVEZZirhfqCVnxYv6IXvltjKNdyKsT0m2mD7CgRD+vF2MMIBhKzJ+OJ
nWIshLDLoVbX/1o+qTnU/RsHFn5OVQZqldPL51zUMk3TPIPxC5zTDZiyBs4oX5Jv
FIUD2aOY8/poO//rzgY75iU4oQ1Tnz8WlmLOtOdGpCBMYnKFDXyGkj1jVQw=
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:57:21 2024 by rpki-client on console-fra.rpki-client.org