Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/XlFvfKg32vPCYOqdJ1eEFdnQy0g.roa
File:                     XlFvfKg32vPCYOqdJ1eEFdnQy0g.roa (raw, json)
Hash identifier:          diIVHSXnH0iNGjrTdSX1OL06f9jpnF5fvc0VKrTx3tw=
Subject key identifier:   5E:51:6F:7C:A8:37:DA:F3:C2:60:EA:9D:27:57:84:15:D9:D0:CB:48
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       05BD
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/XlFvfKg32vPCYOqdJ1eEFdnQy0g.roa
Signing time:             Tue 22 Aug 2023 05:35:57 +0000
ROA not before:           Tue 22 Aug 2023 05:35:57 +0000
ROA not after:            Wed 14 Aug 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.109.96.0/19 maxlen: 19

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1469 (0x5bd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Aug 22 05:35:57 2023 GMT
            Not After : Aug 14 01:30:02 2024 GMT
        Subject: CN=5E516F7CA837DAF3C260EA9D27578415D9D0CB48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:39:5d:94:49:08:2d:73:fc:7e:fc:71:6d:a3:
                    c1:e1:79:53:0d:a8:0d:db:74:2f:14:cf:8c:5a:96:
                    59:4f:6e:72:2c:83:8d:39:b8:15:ae:7f:2b:84:81:
                    a8:22:5f:bd:70:e5:cf:a2:b0:22:de:42:3d:a2:7a:
                    0e:4f:8e:b8:d9:8a:35:06:5e:fa:b9:0e:92:ac:5c:
                    6d:e5:ce:a2:20:87:eb:4e:a2:8b:6b:dc:07:82:61:
                    96:8c:d2:52:94:60:5e:4f:f9:fa:44:b7:a9:c1:c0:
                    e1:c6:f0:52:06:bc:29:8e:24:da:2f:50:00:a2:bb:
                    be:29:a1:92:cc:ca:8f:cf:ab:52:9b:17:18:e4:2b:
                    65:51:67:29:3e:a6:1b:a3:fe:8c:b5:03:94:4b:26:
                    da:5f:7e:da:73:cb:db:63:6b:31:9a:8d:cb:a3:ba:
                    84:61:5d:52:27:ba:6a:c4:4b:78:8c:af:da:9b:de:
                    8e:8a:ac:a0:fe:18:a6:1b:02:38:a9:03:85:1e:84:
                    f5:36:ac:33:01:fd:c4:db:3e:8d:12:8e:78:2d:8e:
                    81:08:89:b3:e3:26:bc:71:b7:f5:df:e5:e8:5f:d1:
                    1e:b6:25:8f:a6:32:9b:d1:0d:51:65:94:e3:0d:fe:
                    7e:8c:c7:30:d7:58:22:68:a7:46:b6:84:53:ad:fa:
                    8d:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:51:6F:7C:A8:37:DA:F3:C2:60:EA:9D:27:57:84:15:D9:D0:CB:48
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/XlFvfKg32vPCYOqdJ1eEFdnQy0g.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.109.96.0/19

    Signature Algorithm: sha256WithRSAEncryption
         a8:cf:2d:2b:fb:c5:6e:12:29:d7:b8:27:01:3f:75:4c:43:71:
         51:4e:7a:13:b9:c1:06:fe:ba:9f:11:79:4c:9e:25:e7:c4:ae:
         d7:1e:b3:48:f0:13:c8:87:68:fc:92:4f:3e:f4:69:7a:06:61:
         ff:69:13:72:62:03:d9:d4:62:77:01:db:66:ca:e1:cb:ec:ce:
         90:80:dc:f2:53:68:da:8e:b1:8c:55:ac:80:28:41:e1:61:87:
         ef:29:66:f8:e7:20:64:a4:07:a1:4b:01:46:87:c6:c3:29:28:
         fe:a2:cc:12:08:df:d1:91:e2:d7:0a:15:d1:98:fb:22:19:df:
         f3:38:cb:9e:73:0b:a8:45:7f:d6:79:c2:06:6d:e9:02:94:a7:
         62:8c:ea:db:7b:45:23:a4:58:84:2e:30:36:6a:9b:d7:73:8a:
         66:49:ef:ab:a7:b6:83:b3:c9:18:b5:18:25:ab:b6:ec:49:32:
         97:50:9e:fd:b0:ed:37:74:2b:90:dd:a3:fc:fe:b1:82:6b:82:
         7a:60:70:17:65:bd:1a:5c:38:68:64:64:39:a8:f3:03:51:a2:
         7c:44:8c:e2:a3:df:aa:de:89:41:2c:39:91:e8:26:3b:be:9e:
         52:a2:b8:b7:02:45:24:9d:f7:4d:80:ec:17:ba:a5:09:6f:f6:
         03:c1:7a:37
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBb0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA4MjIw
NTM1NTdaFw0yNDA4MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDVFNTE2RjdDQTgzN0RB
RjNDMjYwRUE5RDI3NTc4NDE1RDlEMENCNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBOV2USQgtc/x+/HFto8HheVMNqA3bdC8Uz4xalllPbnIsg405
uBWufyuEgagiX71w5c+isCLeQj2ieg5PjrjZijUGXvq5DpKsXG3lzqIgh+tOootr
3AeCYZaM0lKUYF5P+fpEt6nBwOHG8FIGvCmOJNovUACiu74poZLMyo/Pq1KbFxjk
K2VRZyk+phuj/oy1A5RLJtpfftpzy9tjazGajcujuoRhXVInumrES3iMr9qb3o6K
rKD+GKYbAjipA4UehPU2rDMB/cTbPo0SjngtjoEIibPjJrxxt/Xf5ehf0R62JY+m
MpvRDVFllOMN/n6MxzDXWCJop0a2hFOt+o1nAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUXlFvfKg32vPCYOqdJ1eEFdnQy0gwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L1hsRnZmS2czMnZQQ1lPcWRKMWVFRmRuUXkwZy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAUxbWAwDQYJKoZIhvcNAQELBQADggEBAKjPLSv7xW4SKde4JwE/dUxDcVFO
ehO5wQb+up8ReUyeJefErtces0jwE8iHaPySTz70aXoGYf9pE3JiA9nUYncB22bK
4cvszpCA3PJTaNqOsYxVrIAoQeFhh+8pZvjnIGSkB6FLAUaHxsMpKP6izBII39GR
4tcKFdGY+yIZ3/M4y55zC6hFf9Z5wgZt6QKUp2KM6tt7RSOkWIQuMDZqm9dzimZJ
76untoOzyRi1GCWrtuxJMpdQnv2w7Td0K5Ddo/z+sYJrgnpgcBdlvRpcOGhkZDmo
8wNRonxEjOKj36reiUEsOZHoJju+nlKiuLcCRSSd902A7Be6pQlv9gPBejc=
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:31:53 2024 by rpki-client on console-ams.rpki-client.org