Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/YRaYAefqI0V1xnJa8C9Bvm1wR8U.roa
File:                     YRaYAefqI0V1xnJa8C9Bvm1wR8U.roa (raw, json)
Hash identifier:          yZqOejKbUF0R1MdkGvaaKIXcvTRwrS02WzMvvb90X6o=
Subject key identifier:   61:16:98:01:E7:EA:23:45:75:C6:72:5A:F0:2F:41:BE:6D:70:47:C5
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0577
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/YRaYAefqI0V1xnJa8C9Bvm1wR8U.roa
Signing time:             Thu 27 Jul 2023 16:58:07 +0000
ROA not before:           Thu 27 Jul 2023 16:58:07 +0000
ROA not after:            Sun 14 Jul 2024 01:30:03 +0000
asID:                     9605
IP address blocks:        211.14.124.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1399 (0x577)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jul 27 16:58:07 2023 GMT
            Not After : Jul 14 01:30:03 2024 GMT
        Subject: CN=61169801E7EA234575C6725AF02F41BE6D7047C5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:3f:88:d4:a4:7a:99:bb:fd:8a:05:82:5f:d7:
                    b1:a3:5a:af:d3:ef:45:89:ee:49:d2:24:d3:aa:64:
                    7d:7f:be:34:4d:85:cb:d3:5a:73:7c:42:cf:bf:7b:
                    b1:ab:a3:51:bb:fb:3f:6c:a5:18:5b:4b:2c:4f:98:
                    bf:0a:8c:66:f4:e0:56:29:a6:a2:a9:c4:2f:6e:2d:
                    0e:23:53:b7:f7:de:c7:eb:23:f3:08:05:8b:5e:d0:
                    57:65:47:9a:3a:c1:34:7f:bd:13:13:a3:26:f4:b5:
                    04:83:36:01:c4:53:95:56:49:26:fc:07:d1:4c:19:
                    c6:c0:ec:f3:b2:79:01:30:c8:e1:ae:74:bb:35:8c:
                    30:a9:0b:ed:7d:5f:ef:5a:32:92:68:ba:7f:5b:fc:
                    8e:08:2c:7f:bd:f4:5f:37:24:43:2b:9f:05:bc:87:
                    07:64:d6:26:ab:3d:db:b1:27:4e:3c:69:7d:c0:9f:
                    cc:0d:d6:ca:c8:9a:55:5a:78:a5:31:11:56:36:48:
                    85:86:e5:38:e6:8b:73:f0:fa:9e:07:0f:4d:08:8e:
                    ff:4a:19:03:4a:56:08:bc:12:23:f8:de:b3:ca:f2:
                    c1:66:0f:e3:2b:09:45:65:e5:75:c8:cb:49:a9:d2:
                    70:dd:38:40:f9:9d:1f:19:76:d9:f0:1a:19:53:ef:
                    5e:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:16:98:01:E7:EA:23:45:75:C6:72:5A:F0:2F:41:BE:6D:70:47:C5
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/YRaYAefqI0V1xnJa8C9Bvm1wR8U.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  211.14.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         52:86:a9:68:aa:76:8b:2a:6c:62:6b:49:b4:0c:1e:98:35:8a:
         69:98:6b:8b:ac:27:a3:a1:d5:1d:36:79:9c:7e:4a:c5:ec:47:
         17:4e:4a:6a:18:7c:b0:03:d7:5e:70:fb:f7:50:95:13:4d:c8:
         63:11:3e:92:24:5a:e7:e4:dc:af:e3:cd:7b:f8:a5:fd:9a:2d:
         ed:76:4e:8d:54:78:42:36:fb:41:54:63:fb:98:16:8f:78:41:
         a0:aa:6f:af:84:a5:5e:d2:8e:8c:80:d3:e5:98:b9:76:95:95:
         e3:c8:32:cb:61:f2:f8:f9:20:c6:f2:90:15:c5:d8:a3:a0:88:
         5f:6c:89:ec:66:93:29:dc:6e:6e:12:06:a5:b6:42:78:71:c1:
         e9:94:d8:22:45:b3:99:4d:b5:37:3a:4b:71:23:fb:06:73:4e:
         0f:c3:f7:f4:ec:56:c2:b3:38:e3:3b:67:c3:42:81:05:60:42:
         6b:03:34:e8:9a:b2:4b:77:fd:08:87:59:b1:13:a3:32:8f:c1:
         99:c4:86:2e:ef:b9:1a:75:9e:6d:27:b0:05:af:6c:23:f8:23:
         11:38:08:5c:85:17:7b:61:24:9c:39:46:91:16:ed:be:78:6c:
         0f:76:c2:65:d8:95:e5:99:fb:7d:50:6c:05:cc:4d:92:11:b0:
         ac:fb:64:71
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBXcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA3Mjcx
NjU4MDdaFw0yNDA3MTQwMTMwMDNaMDMxMTAvBgNVBAMTKDYxMTY5ODAxRTdFQTIz
NDU3NUM2NzI1QUYwMkY0MUJFNkQ3MDQ3QzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPP4jUpHqZu/2KBYJf17GjWq/T70WJ7knSJNOqZH1/vjRNhcvT
WnN8Qs+/e7Gro1G7+z9spRhbSyxPmL8KjGb04FYppqKpxC9uLQ4jU7f33sfrI/MI
BYte0FdlR5o6wTR/vRMToyb0tQSDNgHEU5VWSSb8B9FMGcbA7POyeQEwyOGudLs1
jDCpC+19X+9aMpJoun9b/I4ILH+99F83JEMrnwW8hwdk1iarPduxJ048aX3An8wN
1srImlVaeKUxEVY2SIWG5Tjmi3Pw+p4HD00Ijv9KGQNKVgi8EiP43rPK8sFmD+Mr
CUVl5XXIy0mp0nDdOED5nR8ZdtnwGhlT717BAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUYRaYAefqI0V1xnJa8C9Bvm1wR8UwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L1lSYVlBZWZxSTBWMXhuSmE4QzlCdm0xd1I4VS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALTDnwwDQYJKoZIhvcNAQELBQADggEBAFKGqWiqdosqbGJrSbQMHpg1immY
a4usJ6Oh1R02eZx+SsXsRxdOSmoYfLAD115w+/dQlRNNyGMRPpIkWufk3K/jzXv4
pf2aLe12To1UeEI2+0FUY/uYFo94QaCqb6+EpV7SjoyA0+WYuXaVlePIMsth8vj5
IMbykBXF2KOgiF9siexmkyncbm4SBqW2QnhxwemU2CJFs5lNtTc6S3Ej+wZzTg/D
9/TsVsKzOOM7Z8NCgQVgQmsDNOiaskt3/QiHWbETozKPwZnEhi7vuRp1nm0nsAWv
bCP4IxE4CFyFF3thJJw5RpEW7b54bA92wmXYleWZ+31QbAXMTZIRsKz7ZHE=
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:57:21 2024 by rpki-client on console-fra.rpki-client.org