Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/R67rBGj5hnAoz_l5x7ToONci5uM.roa
File:                     R67rBGj5hnAoz_l5x7ToONci5uM.roa (raw, json)
Hash identifier:          ncMa8N5bhZik5373zCFr7EsDdHj1K+N3yKsFs4bJ3hY=
Subject key identifier:   47:AE:EB:04:68:F9:86:70:28:CF:F9:79:C7:B4:E8:38:D7:22:E6:E3
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       05C8
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/R67rBGj5hnAoz_l5x7ToONci5uM.roa
Signing time:             Thu 29 Feb 2024 01:32:08 +0000
ROA not before:           Thu 29 Feb 2024 01:32:08 +0000
ROA not after:            Fri 14 Feb 2025 01:30:03 +0000
asID:                     9605
IP address blocks:        1.72.7.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1480 (0x5c8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Feb 29 01:32:08 2024 GMT
            Not After : Feb 14 01:30:03 2025 GMT
        Subject: CN=47AEEB0468F9867028CFF979C7B4E838D722E6E3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:99:95:f0:92:be:5b:a4:58:8b:50:4c:6d:bb:
                    98:e5:7d:78:d1:d1:72:6d:7c:44:8b:ba:fa:80:24:
                    d5:59:9e:58:07:da:4f:3f:30:23:97:ec:ed:8e:ee:
                    1f:e0:b2:36:99:5e:9f:ae:78:3d:13:11:d4:b3:9f:
                    48:9f:cd:db:20:0d:c8:e2:03:a4:b7:5e:14:81:c1:
                    c4:b3:05:d6:fe:46:73:4a:1d:05:b7:56:71:4d:ed:
                    a8:35:78:e3:8d:88:71:28:80:54:1e:d3:ed:38:e1:
                    c7:8f:4f:21:d9:dd:69:74:7a:e1:fd:c0:c7:13:f7:
                    d6:7b:a5:8d:99:bd:50:cf:9b:7f:ee:cf:d6:80:11:
                    f8:8f:e0:68:34:ba:60:e3:5d:6b:bc:a5:e5:98:8b:
                    ad:49:89:3d:6e:65:ad:30:9b:fa:09:dc:b0:49:62:
                    c0:20:af:55:70:02:27:3a:59:96:e8:53:de:50:0b:
                    c5:bf:7b:52:48:36:8f:5f:95:51:41:be:f1:b8:b9:
                    64:ff:d6:65:1e:6a:e8:22:2e:7f:a8:4c:d8:24:e1:
                    21:4e:a1:96:52:12:c2:55:47:1d:fc:ba:e9:ad:24:
                    c8:27:07:64:98:2c:b7:7c:92:91:d5:4e:78:8c:fc:
                    b2:d1:98:d0:d1:7c:5d:5b:c7:67:39:bc:52:35:0b:
                    b0:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:AE:EB:04:68:F9:86:70:28:CF:F9:79:C7:B4:E8:38:D7:22:E6:E3
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/R67rBGj5hnAoz_l5x7ToONci5uM.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.72.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:25:6f:77:95:5c:07:29:b1:e4:7d:26:60:1d:8a:5c:b6:00:
         f7:bc:5e:fc:0e:17:7c:c8:92:ac:f9:ef:2f:07:0b:74:27:ce:
         2c:d0:2a:57:2a:46:9a:41:1c:65:6b:65:a0:27:cd:6f:f6:0f:
         8c:c5:aa:fc:9e:9c:f6:33:6a:d4:86:f2:2a:8e:e1:df:3a:17:
         9d:86:07:6a:49:e6:a7:17:87:2c:ab:3e:a7:be:56:b7:60:cb:
         66:ba:e0:fb:96:d7:09:43:c4:36:31:fe:c2:5a:28:cb:cc:c4:
         e1:5d:bb:77:29:1f:ea:e6:f2:0f:78:eb:5a:f3:57:62:1a:2c:
         f1:bb:e5:55:dd:e8:37:87:0d:51:2e:c2:a3:b4:cc:fa:c4:1c:
         8b:be:19:bf:aa:78:a2:45:d2:02:ca:0e:d8:4b:0d:55:cb:2e:
         6f:6e:1f:1a:94:c7:8c:55:41:36:f7:24:0e:88:6e:c7:0f:90:
         c8:ce:be:93:d8:0a:51:f8:c8:d9:6d:ca:7e:c1:89:49:ba:10:
         59:1e:70:95:22:ff:27:69:c8:27:b6:b0:37:c7:42:ed:2e:5d:
         25:fc:9f:82:5c:dc:58:fa:db:38:7c:fa:93:bb:42:6f:b8:26:
         e6:b0:42:69:a8:95:03:6c:79:e1:64:12:b5:82:0c:fe:24:7c:
         38:bb:ea:45
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBcgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDAyMjkw
MTMyMDhaFw0yNTAyMTQwMTMwMDNaMDMxMTAvBgNVBAMTKDQ3QUVFQjA0NjhGOTg2
NzAyOENGRjk3OUM3QjRFODM4RDcyMkU2RTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQmZXwkr5bpFiLUExtu5jlfXjR0XJtfESLuvqAJNVZnlgH2k8/
MCOX7O2O7h/gsjaZXp+ueD0TEdSzn0ifzdsgDcjiA6S3XhSBwcSzBdb+RnNKHQW3
VnFN7ag1eOONiHEogFQe0+044cePTyHZ3Wl0euH9wMcT99Z7pY2ZvVDPm3/uz9aA
EfiP4Gg0umDjXWu8peWYi61JiT1uZa0wm/oJ3LBJYsAgr1VwAic6WZboU95QC8W/
e1JINo9flVFBvvG4uWT/1mUeaugiLn+oTNgk4SFOoZZSEsJVRx38uumtJMgnB2SY
LLd8kpHVTniM/LLRmNDRfF1bx2c5vFI1C7BjAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUR67rBGj5hnAoz/l5x7ToONci5uMwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L1I2N3JCR2o1aG5Bb3pfbDV4N1RvT05jaTV1TS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAABSAcwDQYJKoZIhvcNAQELBQADggEBAD8lb3eVXAcpseR9JmAdily2APe8
XvwOF3zIkqz57y8HC3QnzizQKlcqRppBHGVrZaAnzW/2D4zFqvyenPYzatSG8iqO
4d86F52GB2pJ5qcXhyyrPqe+Vrdgy2a64PuW1wlDxDYx/sJaKMvMxOFdu3cpH+rm
8g9461rzV2IaLPG75VXd6DeHDVEuwqO0zPrEHIu+Gb+qeKJF0gLKDthLDVXLLm9u
HxqUx4xVQTb3JA6IbscPkMjOvpPYClH4yNltyn7BiUm6EFkecJUi/ydpyCe2sDfH
Qu0uXSX8n4Jc3Fj62zh8+pO7Qm+4JuawQmmolQNseeFkErWCDP4kfDi76kU=
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:57:21 2024 by rpki-client on console-fra.rpki-client.org