Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/YF6R5HyhICSAxDa9hjvQxomesro.roa
File:                     YF6R5HyhICSAxDa9hjvQxomesro.roa (raw, json)
Hash identifier:          DPVQgwzBZHnqfyPJQPNfxnNpzkxaeQff+v0AJKeODs8=
Subject key identifier:   60:5E:91:E4:7C:A1:20:24:80:C4:36:BD:86:3B:D0:C6:89:9E:B2:BA
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0683
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/YF6R5HyhICSAxDa9hjvQxomesro.roa
Signing time:             Tue 30 Apr 2024 01:38:03 +0000
ROA not before:           Tue 30 Apr 2024 01:38:03 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        1.78.24.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1667 (0x683)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 01:38:03 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=605E91E47CA1202480C436BD863BD0C6899EB2BA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:89:d5:e6:71:51:e1:ff:4c:7a:27:fc:f5:01:
                    44:79:46:c3:a5:f8:31:90:ff:8e:8c:e8:b0:4a:7d:
                    db:02:23:b2:2f:af:36:cc:07:37:be:2d:c5:13:c6:
                    ec:55:65:8e:69:d3:01:81:64:25:d7:68:2a:87:18:
                    71:c4:53:26:df:d7:14:81:25:f4:ae:ec:1a:3a:08:
                    7a:de:13:c1:71:04:e7:50:40:b6:cb:89:42:7f:55:
                    b6:03:8f:72:19:10:69:e2:81:05:c8:ec:bb:36:b2:
                    30:b6:02:1d:00:84:03:27:e1:0c:79:7b:7b:7e:80:
                    fe:18:13:29:e0:fe:5d:94:40:41:2d:08:a8:f3:16:
                    69:a3:b0:45:28:ca:ce:e0:c5:b7:f3:92:06:d7:33:
                    e1:66:13:57:3c:e0:78:0e:69:90:af:99:ce:07:67:
                    4e:a7:1e:70:4e:47:ca:5d:dd:b6:71:b4:37:b2:38:
                    ba:d0:cc:0d:9a:a5:0f:21:bc:9d:d9:46:43:33:1d:
                    bd:9c:b6:73:c5:47:50:9d:ef:5e:24:8d:b3:92:df:
                    82:0d:a1:3e:04:3f:4f:8d:35:e4:f6:7f:94:b8:ad:
                    ee:27:6c:0c:c5:8b:ec:9a:d9:93:5e:d2:2d:ef:79:
                    84:9c:da:8b:b1:e9:ac:8a:87:6c:32:02:70:ee:33:
                    22:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:5E:91:E4:7C:A1:20:24:80:C4:36:BD:86:3B:D0:C6:89:9E:B2:BA
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/YF6R5HyhICSAxDa9hjvQxomesro.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.78.24.0/23

    Signature Algorithm: sha256WithRSAEncryption
         e1:f3:31:ef:92:e6:96:4f:8b:30:3e:98:38:9d:e8:a6:39:07:
         22:f3:0b:cb:42:77:74:bd:d7:28:ec:c8:84:d4:73:54:56:9e:
         ac:f9:52:ee:71:2a:c5:c3:93:d6:b1:b0:52:aa:2a:8f:7b:2a:
         cc:76:af:7e:aa:7e:d5:e0:cf:3d:49:60:f4:a1:f5:8f:3d:38:
         6a:7f:85:e8:15:14:df:67:08:d2:35:bd:13:40:ac:58:c6:df:
         81:ab:0c:89:e8:c5:fc:ae:fc:c9:42:da:8b:d8:53:e6:15:06:
         b0:c5:2d:48:5f:4e:da:72:d4:ff:41:66:0c:bb:eb:bf:3d:de:
         3b:be:c6:9c:c4:b7:63:00:5c:69:3a:20:73:9d:47:1f:d7:2c:
         2d:bd:78:c7:7c:b3:e3:af:73:8f:41:f7:ac:5f:a6:59:83:6c:
         18:28:e6:f3:65:15:d0:00:84:fe:a2:3e:84:e4:52:13:aa:25:
         87:af:7e:4e:ab:86:5d:64:81:ba:a2:71:5f:31:6e:d8:80:47:
         18:cb:09:51:e4:a8:2e:8e:89:c9:ba:26:4a:1d:10:b4:98:ba:
         da:68:7b:30:26:31:eb:cb:f8:bd:8a:77:d8:ee:9b:e1:3f:3d:
         c2:c0:65:eb:00:9e:f7:48:3b:8c:16:a9:ff:b5:9e:d1:ec:f6:
         5b:73:9e:3e
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBoMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MTM4MDNaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDYwNUU5MUU0N0NBMTIw
MjQ4MEM0MzZCRDg2M0JEMEM2ODk5RUIyQkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDnidXmcVHh/0x6J/z1AUR5RsOl+DGQ/46M6LBKfdsCI7IvrzbM
Bze+LcUTxuxVZY5p0wGBZCXXaCqHGHHEUybf1xSBJfSu7Bo6CHreE8FxBOdQQLbL
iUJ/VbYDj3IZEGnigQXI7Ls2sjC2Ah0AhAMn4Qx5e3t+gP4YEyng/l2UQEEtCKjz
FmmjsEUoys7gxbfzkgbXM+FmE1c84HgOaZCvmc4HZ06nHnBOR8pd3bZxtDeyOLrQ
zA2apQ8hvJ3ZRkMzHb2ctnPFR1Cd714kjbOS34INoT4EP0+NNeT2f5S4re4nbAzF
i+ya2ZNe0i3veYSc2oux6ayKh2wyAnDuMyJzAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUYF6R5HyhICSAxDa9hjvQxomesrowHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L1lGNlI1SHloSUNTQXhEYTloanZReG9tZXNyby5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEBThgwDQYJKoZIhvcNAQELBQADggEBAOHzMe+S5pZPizA+mDid6KY5ByLz
C8tCd3S91yjsyITUc1RWnqz5Uu5xKsXDk9axsFKqKo97Ksx2r36qftXgzz1JYPSh
9Y89OGp/hegVFN9nCNI1vRNArFjG34GrDInoxfyu/MlC2ovYU+YVBrDFLUhfTtpy
1P9BZgy767893ju+xpzEt2MAXGk6IHOdRx/XLC29eMd8s+Ovc49B96xfplmDbBgo
5vNlFdAAhP6iPoTkUhOqJYevfk6rhl1kgbqicV8xbtiARxjLCVHkqC6Oicm6Jkod
ELSYutpoezAmMevL+L2Kd9jum+E/PcLAZesAnvdIO4wWqf+1ntHs9ltznj4=
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:31:53 2024 by rpki-client on console-ams.rpki-client.org