Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/S0wn7K7DwHWJK8vz42V2X7EpXxY.roa
File:                     S0wn7K7DwHWJK8vz42V2X7EpXxY.roa (raw, json)
Hash identifier:          UOS8VN8xCUdv9rcZnE4qcjnvW62EG63m4gf3JL342E0=
Subject key identifier:   4B:4C:27:EC:AE:C3:C0:75:89:2B:CB:F3:E3:65:76:5F:B1:29:5F:16
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0522
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/S0wn7K7DwHWJK8vz42V2X7EpXxY.roa
Signing time:             Thu 27 Jul 2023 16:54:08 +0000
ROA not before:           Thu 27 Jul 2023 16:54:08 +0000
ROA not after:            Sun 14 Jul 2024 01:30:03 +0000
asID:                     9605
IP address blocks:        49.103.192.0/18 maxlen: 18

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1314 (0x522)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jul 27 16:54:08 2023 GMT
            Not After : Jul 14 01:30:03 2024 GMT
        Subject: CN=4B4C27ECAEC3C075892BCBF3E365765FB1295F16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:c7:7b:cb:27:86:74:29:d9:e2:37:46:33:d3:
                    68:00:41:0d:0f:fc:0f:40:d6:bc:94:bf:1c:0b:88:
                    7d:d7:f7:a6:d0:83:0d:ca:6e:11:03:60:fa:b9:36:
                    ed:60:66:5c:93:41:7d:2a:8b:20:43:73:bc:f0:b2:
                    2a:17:d2:2f:12:90:e4:37:03:1a:90:99:45:c6:2a:
                    5a:20:0a:55:0e:d8:ab:66:99:0f:63:da:49:97:00:
                    3d:32:65:a3:db:85:5e:6c:9f:21:41:47:df:2f:7f:
                    e8:ac:dd:75:f0:9a:b7:10:de:73:a2:91:98:d9:26:
                    e0:23:24:e4:42:83:c5:8c:af:5f:5d:a8:05:de:c3:
                    c8:42:68:79:15:1b:8a:b0:69:0a:41:a0:f7:02:8b:
                    28:3e:0f:03:cb:08:55:6e:02:9f:23:08:86:3b:a0:
                    e0:ac:08:34:60:98:fd:02:aa:8e:f8:58:37:ff:b8:
                    6d:b4:67:98:e3:26:da:a8:d1:a7:7d:a8:97:68:22:
                    06:a6:ca:cb:d3:90:cc:eb:16:43:74:10:1d:cc:e2:
                    ff:c2:ba:4d:9e:64:46:1e:d9:97:e9:73:f4:55:e6:
                    20:13:ae:bf:4d:1f:ca:8d:d2:77:a7:69:49:c3:ac:
                    7f:3a:f2:5d:e2:53:30:f9:d5:44:6f:b4:7e:1f:7d:
                    bc:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:4C:27:EC:AE:C3:C0:75:89:2B:CB:F3:E3:65:76:5F:B1:29:5F:16
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/S0wn7K7DwHWJK8vz42V2X7EpXxY.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.103.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         4d:73:6a:0d:d6:9e:3a:29:59:d7:64:e1:66:3e:90:ef:80:81:
         6b:f9:2b:4b:1d:22:0c:00:60:f6:43:d7:67:43:80:02:3e:de:
         44:9f:0f:40:b9:fc:38:f6:e5:39:71:7a:3b:3e:1f:f9:d7:85:
         e1:91:6b:6c:01:89:36:4b:a6:57:08:79:14:d7:ea:97:0b:c6:
         3d:d4:b6:8b:7e:dd:22:06:d0:f1:fb:03:2d:ec:26:62:96:e7:
         a7:98:e0:72:62:69:f1:d2:cd:1b:33:5c:09:f9:5e:69:68:39:
         0c:24:ac:9b:49:1c:f8:61:f8:fb:6c:d7:8f:9c:b2:55:b9:37:
         0d:b1:69:bf:0b:36:14:19:09:f7:c1:52:55:e7:81:41:af:0e:
         23:92:23:3a:d0:6c:f1:c0:9b:47:fd:db:ea:a2:19:ec:cb:43:
         48:df:52:b3:8a:cd:de:1a:86:30:8e:2c:da:f6:8c:f9:56:0f:
         0b:d8:28:6f:0d:97:cf:a9:80:30:78:79:18:fd:da:ee:75:eb:
         5e:05:fd:3f:29:ec:cd:7d:24:78:21:67:b3:2a:68:96:d1:0c:
         ab:2f:cb:9e:59:71:d7:86:e0:9a:7f:b9:93:fa:59:0b:c0:bb:
         5d:7d:13:93:4c:67:cb:dc:c7:2b:70:35:db:7b:1f:6a:9c:e8:
         89:16:41:3c
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBSIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA3Mjcx
NjU0MDhaFw0yNDA3MTQwMTMwMDNaMDMxMTAvBgNVBAMTKDRCNEMyN0VDQUVDM0Mw
NzU4OTJCQ0JGM0UzNjU3NjVGQjEyOTVGMTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpx3vLJ4Z0KdniN0Yz02gAQQ0P/A9A1ryUvxwLiH3X96bQgw3K
bhEDYPq5Nu1gZlyTQX0qiyBDc7zwsioX0i8SkOQ3AxqQmUXGKlogClUO2KtmmQ9j
2kmXAD0yZaPbhV5snyFBR98vf+is3XXwmrcQ3nOikZjZJuAjJORCg8WMr19dqAXe
w8hCaHkVG4qwaQpBoPcCiyg+DwPLCFVuAp8jCIY7oOCsCDRgmP0Cqo74WDf/uG20
Z5jjJtqo0ad9qJdoIgamysvTkMzrFkN0EB3M4v/Cuk2eZEYe2Zfpc/RV5iATrr9N
H8qN0nenaUnDrH868l3iUzD51URvtH4ffbylAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUS0wn7K7DwHWJK8vz42V2X7EpXxYwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L1Mwd243SzdEd0hXSks4dno0MlYyWDdFcFh4WS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAYxZ8AwDQYJKoZIhvcNAQELBQADggEBAE1zag3WnjopWddk4WY+kO+AgWv5
K0sdIgwAYPZD12dDgAI+3kSfD0C5/Dj25Tlxejs+H/nXheGRa2wBiTZLplcIeRTX
6pcLxj3Utot+3SIG0PH7Ay3sJmKW56eY4HJiafHSzRszXAn5XmloOQwkrJtJHPhh
+Pts14+cslW5Nw2xab8LNhQZCffBUlXngUGvDiOSIzrQbPHAm0f92+qiGezLQ0jf
UrOKzd4ahjCOLNr2jPlWDwvYKG8Nl8+pgDB4eRj92u51614F/T8p7M19JHghZ7Mq
aJbRDKsvy55ZcdeG4Jp/uZP6WQvAu119E5NMZ8vcxytwNdt7H2qc6IkWQTw=
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:31:53 2024 by rpki-client on console-ams.rpki-client.org