Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/Vhp31tF134Y2CfL_OLCrk7dpsy4.roa
File:                     Vhp31tF134Y2CfL_OLCrk7dpsy4.roa (raw, json)
Hash identifier:          uw+oKmVNz259ICSjaqbRVaT8U2ZXvElR6EIhtIsxYs4=
Subject key identifier:   56:1A:77:D6:D1:75:DF:86:36:09:F2:FF:38:B0:AB:93:B7:69:B3:2E
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       04F9
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/Vhp31tF134Y2CfL_OLCrk7dpsy4.roa
Signing time:             Thu 27 Jul 2023 16:52:03 +0000
ROA not before:           Thu 27 Jul 2023 16:52:03 +0000
ROA not after:            Sun 14 Jul 2024 01:30:03 +0000
asID:                     9605
IP address blocks:        1.76.192.0/20 maxlen: 20

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 01:32:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1273 (0x4f9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jul 27 16:52:03 2023 GMT
            Not After : Jul 14 01:30:03 2024 GMT
        Subject: CN=561A77D6D175DF863609F2FF38B0AB93B769B32E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:ef:b5:b1:8e:64:b3:a0:2e:b8:ac:0b:7e:9a:
                    5a:4c:dd:a8:be:8b:ca:27:12:fb:23:b6:d5:70:81:
                    ed:02:d2:5d:33:69:d2:e2:8c:af:67:61:04:8b:6f:
                    12:66:a0:bc:15:c6:3a:8b:30:e3:03:b8:07:f4:24:
                    ed:e5:c0:af:96:d6:5b:c1:a6:55:05:56:96:5a:4a:
                    72:47:c8:5f:b7:d6:4f:bf:1b:c5:ca:0e:c3:cc:cb:
                    b3:7f:dc:a9:77:1d:70:96:b8:bc:76:f1:18:25:0e:
                    a5:6f:a2:6c:34:b4:92:d2:ca:28:e8:4c:11:47:7a:
                    18:86:b6:3c:ab:a2:52:d2:79:4e:11:4c:d0:b0:8f:
                    80:46:74:66:3c:db:65:cb:86:c6:c3:a0:93:99:d8:
                    11:4e:e5:b7:aa:47:5f:a3:44:90:2b:f6:28:01:ec:
                    ca:ac:9d:be:e8:80:b1:bb:c3:16:9c:20:63:a7:45:
                    a0:a8:d2:59:ea:8b:ad:01:b7:2e:84:64:9c:54:54:
                    07:67:37:c3:fb:f2:02:7f:3c:1a:02:b7:b3:79:2e:
                    97:9c:ae:cc:e2:8b:90:6a:b4:2e:b3:f5:2b:48:ce:
                    62:fa:2e:b8:a6:c1:2e:a1:03:58:e0:31:58:d6:8d:
                    65:8e:4f:3d:36:78:2b:64:2c:4c:a2:7a:9a:d2:af:
                    df:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:1A:77:D6:D1:75:DF:86:36:09:F2:FF:38:B0:AB:93:B7:69:B3:2E
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/Vhp31tF134Y2CfL_OLCrk7dpsy4.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.76.192.0/20

    Signature Algorithm: sha256WithRSAEncryption
         af:31:43:34:66:f1:58:bd:7d:d0:a9:1e:a3:18:53:5a:5b:42:
         fb:8a:48:76:a8:30:04:77:4f:51:ef:6b:e7:51:43:b8:2b:7a:
         a8:b4:a8:cd:3d:fc:30:b6:60:ff:52:a3:65:47:c0:08:de:29:
         21:d9:84:62:ea:83:40:d9:77:d6:e8:3d:b7:32:f5:d8:4b:03:
         4d:14:f0:2e:64:a7:aa:4c:85:cf:e1:b6:73:8c:4f:d2:0b:ee:
         38:77:e5:3e:fd:83:21:33:80:2b:69:25:d6:97:dd:c8:83:40:
         39:67:bb:ce:7a:ad:2d:9c:59:c0:02:ea:cd:bb:1f:64:43:e0:
         dd:3f:f8:fb:89:de:88:a8:b8:3b:8a:e6:44:68:65:00:9e:38:
         80:7d:16:69:54:6b:5e:fe:67:e0:b8:0a:bd:d9:3b:28:06:fe:
         31:a9:94:ee:bd:4a:09:73:e9:7b:4b:b3:e2:2c:7b:d2:8a:4e:
         8a:92:7d:04:9c:ee:8c:bf:58:a1:e4:78:12:61:a8:cd:14:e8:
         5e:a7:24:79:fb:50:62:1f:0a:f0:5b:45:bb:9c:6e:37:7e:f2:
         53:fd:a2:bc:9d:be:a8:62:d4:e7:cc:50:c4:fe:1d:c6:0a:b5:
         e2:5b:61:95:ac:ca:e5:f9:70:75:c5:1f:02:bd:5f:12:28:f2:
         1b:a5:63:a4
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBPkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA3Mjcx
NjUyMDNaFw0yNDA3MTQwMTMwMDNaMDMxMTAvBgNVBAMTKDU2MUE3N0Q2RDE3NURG
ODYzNjA5RjJGRjM4QjBBQjkzQjc2OUIzMkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCi77WxjmSzoC64rAt+mlpM3ai+i8onEvsjttVwge0C0l0zadLi
jK9nYQSLbxJmoLwVxjqLMOMDuAf0JO3lwK+W1lvBplUFVpZaSnJHyF+31k+/G8XK
DsPMy7N/3Kl3HXCWuLx28RglDqVvomw0tJLSyijoTBFHehiGtjyrolLSeU4RTNCw
j4BGdGY822XLhsbDoJOZ2BFO5beqR1+jRJAr9igB7Mqsnb7ogLG7wxacIGOnRaCo
0lnqi60Bty6EZJxUVAdnN8P78gJ/PBoCt7N5Lpecrszii5BqtC6z9StIzmL6Lrim
wS6hA1jgMVjWjWWOTz02eCtkLEyieprSr9/rAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUVhp31tF134Y2CfL/OLCrk7dpsy4wHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L1ZocDMxdEYxMzRZMkNmTF9PTENyazdkcHN5NC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQBTMAwDQYJKoZIhvcNAQELBQADggEBAK8xQzRm8Vi9fdCpHqMYU1pbQvuK
SHaoMAR3T1Hva+dRQ7greqi0qM09/DC2YP9So2VHwAjeKSHZhGLqg0DZd9boPbcy
9dhLA00U8C5kp6pMhc/htnOMT9IL7jh35T79gyEzgCtpJdaX3ciDQDlnu856rS2c
WcAC6s27H2RD4N0/+PuJ3oiouDuK5kRoZQCeOIB9FmlUa17+Z+C4Cr3ZOygG/jGp
lO69Sglz6XtLs+Ise9KKToqSfQSc7oy/WKHkeBJhqM0U6F6nJHn7UGIfCvBbRbuc
bjd+8lP9orydvqhi1OfMUMT+HcYKteJbYZWsyuX5cHXFHwK9XxIo8hulY6Q=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:41:54 2024 by rpki-client on console-ams.rpki-client.org