Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/T3jTemNA2S6FXelsyNgL0MAKqYc.roa
File:                     T3jTemNA2S6FXelsyNgL0MAKqYc.roa (raw, json)
Hash identifier:          GtMkrps26HFKupYA4zId+WAgfACOyzv7SADViHzGN1A=
Subject key identifier:   4F:78:D3:7A:63:40:D9:2E:85:5D:E9:6C:C8:D8:0B:D0:C0:0A:A9:87
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0507
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/T3jTemNA2S6FXelsyNgL0MAKqYc.roa
Signing time:             Thu 27 Jul 2023 16:52:09 +0000
ROA not before:           Thu 27 Jul 2023 16:52:09 +0000
ROA not after:            Sun 14 Jul 2024 01:30:03 +0000
asID:                     9605
IP address blocks:        211.14.72.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 01:32:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1287 (0x507)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jul 27 16:52:09 2023 GMT
            Not After : Jul 14 01:30:03 2024 GMT
        Subject: CN=4F78D37A6340D92E855DE96CC8D80BD0C00AA987
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:58:29:c5:7a:d0:7e:0e:84:75:5b:60:5d:a6:
                    1a:62:f7:f5:59:33:77:b5:60:ab:77:02:b5:13:b9:
                    78:57:77:5f:a2:99:fc:1d:2c:96:6a:be:e9:ed:0f:
                    c2:f1:a4:4e:14:1a:4b:cf:86:3b:1b:f0:8c:21:18:
                    6c:5f:44:0a:18:25:85:dd:6a:ce:5d:9e:8b:55:49:
                    1c:fb:9b:18:f5:16:e7:55:a0:b5:c2:86:fc:f6:c3:
                    28:84:74:79:b4:90:8e:33:11:d1:c8:01:f1:bb:13:
                    c7:6a:b8:ca:dd:c8:e3:30:0b:78:66:00:88:b0:ed:
                    ab:30:e2:40:c7:fe:5b:86:5d:b5:71:a4:a9:c5:a0:
                    db:32:ad:02:10:bf:01:86:66:9c:99:e6:76:a8:a8:
                    ff:e5:f0:ae:79:c6:1c:51:b8:23:1c:50:4a:48:0a:
                    6c:fd:97:64:d4:4f:0b:ec:01:bb:ca:b6:bc:91:73:
                    2f:ef:ad:b2:5f:d9:e8:3a:14:c0:f4:a1:3c:0b:f6:
                    ca:af:ec:60:cb:78:70:e0:35:13:a0:1a:29:d9:22:
                    7a:ec:49:d2:ce:95:e9:54:e3:b9:8c:c2:33:04:c9:
                    b6:3f:4d:47:a3:76:ca:18:a6:97:78:4e:43:c5:9a:
                    41:42:66:5f:23:eb:3b:89:56:fa:43:21:0b:90:32:
                    c3:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:78:D3:7A:63:40:D9:2E:85:5D:E9:6C:C8:D8:0B:D0:C0:0A:A9:87
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/T3jTemNA2S6FXelsyNgL0MAKqYc.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  211.14.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a1:69:8d:b1:2b:27:77:e4:23:a6:7a:b5:41:93:56:e1:fa:88:
         ae:59:2c:58:fb:a7:0c:13:34:79:74:75:6c:17:95:54:c0:cb:
         d2:02:70:90:7f:61:71:e7:b0:77:08:5c:70:04:47:68:5d:eb:
         12:58:21:2e:2b:06:75:7b:75:3c:6d:e3:d9:42:cc:78:3c:c3:
         a9:ee:43:d5:6d:fc:7c:4e:87:eb:33:8c:52:99:c3:9d:73:e3:
         26:8f:ab:88:74:ff:8d:98:c6:8d:25:47:e1:29:fb:0f:10:36:
         7b:84:51:1a:e9:ab:71:1f:48:4a:78:9e:e3:5e:d0:a6:96:9c:
         bf:16:91:ec:53:14:25:ff:05:ba:62:a0:1f:39:58:53:9c:60:
         fb:8b:f2:3d:27:f9:45:e3:f9:96:87:ca:11:f4:73:19:80:98:
         75:d6:8c:2b:d0:81:26:c8:d3:c3:19:de:e2:14:2e:f2:52:21:
         e1:43:0e:ca:2f:82:85:17:42:27:d7:2b:ee:08:bd:f2:d2:76:
         e2:b8:a2:c2:6e:83:28:89:19:8a:4f:c0:c4:ae:ca:fa:7f:23:
         db:91:4f:bf:7c:89:c5:93:12:fc:11:5c:53:09:f9:47:07:8f:
         3c:a8:dd:ed:51:4a:aa:be:6f:86:0a:b0:79:83:cd:80:19:bc:
         15:f6:20:55
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBQcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA3Mjcx
NjUyMDlaFw0yNDA3MTQwMTMwMDNaMDMxMTAvBgNVBAMTKDRGNzhEMzdBNjM0MEQ5
MkU4NTVERTk2Q0M4RDgwQkQwQzAwQUE5ODcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrWCnFetB+DoR1W2Bdphpi9/VZM3e1YKt3ArUTuXhXd1+imfwd
LJZqvuntD8LxpE4UGkvPhjsb8IwhGGxfRAoYJYXdas5dnotVSRz7mxj1FudVoLXC
hvz2wyiEdHm0kI4zEdHIAfG7E8dquMrdyOMwC3hmAIiw7asw4kDH/luGXbVxpKnF
oNsyrQIQvwGGZpyZ5naoqP/l8K55xhxRuCMcUEpICmz9l2TUTwvsAbvKtryRcy/v
rbJf2eg6FMD0oTwL9sqv7GDLeHDgNROgGinZInrsSdLOlelU47mMwjMEybY/TUej
dsoYppd4TkPFmkFCZl8j6zuJVvpDIQuQMsMfAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUT3jTemNA2S6FXelsyNgL0MAKqYcwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L1QzalRlbU5BMlM2RlhlbHN5TmdMME1BS3FZYy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADTDkgwDQYJKoZIhvcNAQELBQADggEBAKFpjbErJ3fkI6Z6tUGTVuH6iK5Z
LFj7pwwTNHl0dWwXlVTAy9ICcJB/YXHnsHcIXHAER2hd6xJYIS4rBnV7dTxt49lC
zHg8w6nuQ9Vt/HxOh+szjFKZw51z4yaPq4h0/42Yxo0lR+Ep+w8QNnuEURrpq3Ef
SEp4nuNe0KaWnL8WkexTFCX/BbpioB85WFOcYPuL8j0n+UXj+ZaHyhH0cxmAmHXW
jCvQgSbI08MZ3uIULvJSIeFDDsovgoUXQifXK+4IvfLSduK4osJugyiJGYpPwMSu
yvp/I9uRT798icWTEvwRXFMJ+UcHjzyo3e1RSqq+b4YKsHmDzYAZvBX2IFU=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:41:54 2024 by rpki-client on console-ams.rpki-client.org