Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/SSvHCeGmxIF8KamQ24Il5HCWm1w.roa
File:                     SSvHCeGmxIF8KamQ24Il5HCWm1w.roa (raw, json)
Hash identifier:          RG5r2oaE9eX0WZ0AYiCGVCanR/hZrkoFqt7oNW629ZY=
Subject key identifier:   49:2B:C7:09:E1:A6:C4:81:7C:29:A9:90:DB:82:25:E4:70:96:9B:5C
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0B06
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/SSvHCeGmxIF8KamQ24Il5HCWm1w.roa
Signing time:             Fri 31 Jan 2025 01:34:21 +0000
ROA not before:           Fri 31 Jan 2025 01:34:21 +0000
ROA not after:            Thu 15 Jan 2026 01:30:03 +0000
asID:                     9605
IP address blocks:        49.97.109.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 21 Feb 2025 05:15:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2822 (0xb06)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jan 31 01:34:21 2025 GMT
            Not After : Jan 15 01:30:03 2026 GMT
        Subject: CN=492BC709E1A6C4817C29A990DB8225E470969B5C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:2d:3d:13:e9:0d:15:4d:6e:70:b8:26:5f:74:
                    c4:9e:d0:1a:32:a7:c1:22:75:9f:3b:70:dd:42:4a:
                    49:f6:fd:79:f1:4a:d4:67:16:ae:7b:b7:c3:07:c7:
                    61:a8:de:64:d6:9e:2a:e3:18:0f:8c:7a:1e:5c:f8:
                    39:7f:05:e5:86:c9:09:cb:c0:ad:f3:80:db:51:1d:
                    9a:5a:ec:5e:22:2a:ad:ff:65:bb:fc:9f:0c:ba:fd:
                    eb:3e:16:5e:7e:82:0c:b0:08:8a:b0:50:ed:53:5c:
                    c3:39:d9:44:5e:3b:cb:b6:5c:f1:24:4a:d9:e4:9d:
                    fd:83:96:f9:50:89:03:b5:4a:83:c6:c8:e7:99:b2:
                    0c:a0:a6:0a:ba:75:ad:58:f7:9e:89:aa:2c:21:d8:
                    9a:fa:a7:1e:36:80:9f:91:76:c3:65:2c:a1:95:53:
                    df:7c:38:78:a3:8b:7a:47:42:e8:ba:6e:e7:7c:f6:
                    78:8f:d4:34:88:7f:c6:11:72:63:d6:1c:a5:e4:07:
                    33:e3:7c:1d:01:a6:c8:39:2a:54:d4:e9:af:a5:a7:
                    ea:5c:37:09:3f:da:31:10:48:d4:55:ff:1c:66:fe:
                    76:18:8f:de:4a:3a:9e:82:42:c8:2c:61:d2:bc:85:
                    82:87:95:09:80:06:00:fd:13:75:11:db:13:bf:bd:
                    c7:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:2B:C7:09:E1:A6:C4:81:7C:29:A9:90:DB:82:25:E4:70:96:9B:5C
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/SSvHCeGmxIF8KamQ24Il5HCWm1w.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.97.109.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:b6:e0:10:a2:e3:be:00:c6:27:06:06:6c:2c:3e:f9:45:9a:
         a6:e6:8e:07:18:39:1a:9f:a6:3e:7e:ba:3d:a2:9c:67:22:b8:
         ad:b1:cf:37:be:b5:29:1b:0c:b3:84:71:f2:54:7a:43:9f:24:
         f7:2c:99:93:e6:cf:14:0b:bf:28:23:5b:52:8f:d4:40:18:7b:
         4d:40:b9:67:0d:01:ff:83:44:12:49:3a:ad:30:91:a8:82:a3:
         72:6e:2c:e7:be:54:fa:17:54:c5:12:f8:65:22:18:7e:ad:49:
         7d:d9:49:75:72:8e:18:b4:31:8d:07:d1:a5:07:8c:d4:3c:ba:
         13:d4:48:c1:9d:6d:44:42:cb:f1:ff:73:e7:78:23:0c:75:7e:
         ed:26:d3:bf:fb:a5:6f:f7:3e:e4:80:82:cd:60:b2:52:7b:57:
         62:98:5f:f4:3b:aa:b8:e9:f8:8e:5b:7c:49:ef:a0:24:62:03:
         3a:d2:3f:fe:f6:31:6b:63:fa:f3:9b:50:76:08:0f:5a:0f:e3:
         1b:99:c7:ea:48:63:57:70:11:f6:22:33:ce:83:a7:03:52:b6:
         7b:46:8f:b6:31:80:0c:2c:d5:f5:d8:60:34:54:c3:03:33:3e:
         3a:a8:ef:28:a7:c3:db:b4:00:34:a0:bb:9e:44:c4:7c:fc:d1:
         09:18:09:d7
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICCwYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNTAxMzEw
MTM0MjFaFw0yNjAxMTUwMTMwMDNaMDMxMTAvBgNVBAMTKDQ5MkJDNzA5RTFBNkM0
ODE3QzI5QTk5MERCODIyNUU0NzA5NjlCNUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxLT0T6Q0VTW5wuCZfdMSe0Boyp8EidZ87cN1CSkn2/XnxStRn
Fq57t8MHx2Go3mTWnirjGA+Meh5c+Dl/BeWGyQnLwK3zgNtRHZpa7F4iKq3/Zbv8
nwy6/es+Fl5+ggywCIqwUO1TXMM52UReO8u2XPEkStnknf2DlvlQiQO1SoPGyOeZ
sgygpgq6da1Y956Jqiwh2Jr6px42gJ+RdsNlLKGVU998OHiji3pHQui6bud89niP
1DSIf8YRcmPWHKXkBzPjfB0Bpsg5KlTU6a+lp+pcNwk/2jEQSNRV/xxm/nYYj95K
Op6CQsgsYdK8hYKHlQmABgD9E3UR2xO/vcddAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUSSvHCeGmxIF8KamQ24Il5HCWm1wwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L1NTdkhDZUdteElGOEthbVEyNElsNUhDV20xdy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAxYW0wDQYJKoZIhvcNAQELBQADggEBAGy24BCi474AxicGBmwsPvlFmqbm
jgcYORqfpj5+uj2inGciuK2xzze+tSkbDLOEcfJUekOfJPcsmZPmzxQLvygjW1KP
1EAYe01AuWcNAf+DRBJJOq0wkaiCo3JuLOe+VPoXVMUS+GUiGH6tSX3ZSXVyjhi0
MY0H0aUHjNQ8uhPUSMGdbURCy/H/c+d4Iwx1fu0m07/7pW/3PuSAgs1gslJ7V2KY
X/Q7qrjp+I5bfEnvoCRiAzrSP/72MWtj+vObUHYID1oP4xuZx+pIY1dwEfYiM86D
pwNStntGj7YxgAws1fXYYDRUwwMzPjqo7yinw9u0ADSgu55ExHz80QkYCdc=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:12 2025 by rpki-client