Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/YXBQEYJ6_6nr-jPTs9tC2dfQyqE.roa
File:                     YXBQEYJ6_6nr-jPTs9tC2dfQyqE.roa (raw, json)
Hash identifier:          nP4O+OVAxRMpgi6kNbppZnlJdzf37uLofX9ezbQxf0I=
Subject key identifier:   61:70:50:11:82:7A:FF:A9:EB:FA:33:D3:B3:DB:42:D9:D7:D0:CA:A1
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0471
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/YXBQEYJ6_6nr-jPTs9tC2dfQyqE.roa
Signing time:             Thu 27 Jul 2023 16:44:06 +0000
ROA not before:           Thu 27 Jul 2023 16:44:06 +0000
ROA not after:            Sun 14 Jul 2024 01:30:03 +0000
asID:                     9605
IP address blocks:        1.66.112.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 14:09:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1137 (0x471)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jul 27 16:44:06 2023 GMT
            Not After : Jul 14 01:30:03 2024 GMT
        Subject: CN=61705011827AFFA9EBFA33D3B3DB42D9D7D0CAA1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:64:7e:34:4c:16:ab:70:7a:9a:d1:22:68:52:
                    32:be:6b:84:00:c1:0b:c1:07:18:29:c9:9b:50:df:
                    c4:d4:63:89:83:92:7c:32:e8:38:ce:99:34:4f:fe:
                    2c:c0:d5:f7:24:01:54:96:64:8b:d4:ef:74:f2:76:
                    ad:ea:e7:4d:d5:65:77:75:89:93:f8:88:ba:f2:a8:
                    47:8e:02:27:7f:d3:63:b9:2b:0e:4a:5f:c6:25:1b:
                    8d:fb:d4:ef:8c:90:be:ea:d8:7f:73:b1:45:97:32:
                    d4:14:78:aa:8e:f1:7b:2d:ce:62:d1:10:0a:2e:1e:
                    ca:5c:5b:86:b9:f3:f6:ff:74:24:ad:75:fa:9b:77:
                    5a:61:85:d5:c7:40:78:7e:e1:cd:0a:11:47:d1:d8:
                    5e:8e:b3:cc:94:7e:77:4f:a7:a1:ed:68:61:22:4b:
                    6b:f7:99:74:e9:43:09:39:cb:a5:0e:0d:0f:57:62:
                    2e:ab:a7:0f:e5:3e:47:c1:59:dc:f8:29:72:6a:99:
                    18:e0:40:44:64:c2:67:6a:36:33:52:d9:4c:43:c4:
                    9f:31:cc:47:22:14:e2:50:55:5c:73:bb:7c:9e:df:
                    e9:0c:31:71:bf:15:ae:4e:14:a2:d8:63:3a:d4:27:
                    53:fb:55:0e:87:59:d7:6d:db:c2:f2:3d:84:60:b6:
                    37:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:70:50:11:82:7A:FF:A9:EB:FA:33:D3:B3:DB:42:D9:D7:D0:CA:A1
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/YXBQEYJ6_6nr-jPTs9tC2dfQyqE.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.66.112.0/21

    Signature Algorithm: sha256WithRSAEncryption
         b3:ea:b2:bd:cd:a4:fb:8f:09:55:c1:df:63:92:cf:c3:cf:2d:
         6e:d0:eb:ac:04:6c:be:32:d9:d8:30:43:2e:04:dc:ba:3a:2f:
         c0:74:4a:a4:68:9c:d2:67:8d:df:07:b3:b1:fc:3c:a5:79:57:
         6c:66:b2:45:dc:cb:20:8a:f2:29:a7:db:6e:ee:c2:bc:b3:e8:
         42:83:09:62:d0:30:60:52:63:15:64:8a:4d:37:3a:8b:a3:c4:
         89:a6:0d:9a:fd:82:74:b9:e9:2a:04:1d:70:7b:0e:6c:d3:9c:
         a2:f3:53:bc:21:b9:e5:34:e8:49:51:9e:0f:1d:03:0b:ff:4f:
         17:29:c4:36:ca:7d:df:f1:ff:31:f1:d0:42:cc:73:61:2d:b5:
         99:d2:5a:a2:2b:c9:40:ac:e4:9b:e3:30:ea:4c:45:09:8b:3a:
         95:c5:7d:67:e8:b7:0d:6d:28:ad:2d:c9:c9:c8:9f:3a:fb:56:
         2f:39:9f:5b:0c:fd:63:a0:ec:b8:af:23:3e:3b:db:b3:87:30:
         08:ce:6c:85:7d:35:2f:49:18:f5:25:bb:6d:59:58:cf:bf:74:
         16:60:6f:fa:9c:1b:02:43:70:12:84:d1:8e:cb:59:47:2f:cb:
         4c:6f:5f:27:77:46:87:94:0d:e1:da:f9:9c:96:49:f7:1a:79:
         58:b8:2f:1f
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBHEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA3Mjcx
NjQ0MDZaFw0yNDA3MTQwMTMwMDNaMDMxMTAvBgNVBAMTKDYxNzA1MDExODI3QUZG
QTlFQkZBMzNEM0IzREI0MkQ5RDdEMENBQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDZH40TBarcHqa0SJoUjK+a4QAwQvBBxgpyZtQ38TUY4mDknwy
6DjOmTRP/izA1fckAVSWZIvU73Tydq3q503VZXd1iZP4iLryqEeOAid/02O5Kw5K
X8YlG4371O+MkL7q2H9zsUWXMtQUeKqO8XstzmLREAouHspcW4a58/b/dCStdfqb
d1phhdXHQHh+4c0KEUfR2F6Os8yUfndPp6HtaGEiS2v3mXTpQwk5y6UODQ9XYi6r
pw/lPkfBWdz4KXJqmRjgQERkwmdqNjNS2UxDxJ8xzEciFOJQVVxzu3ye3+kMMXG/
Fa5OFKLYYzrUJ1P7VQ6HWddt28LyPYRgtjdrAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUYXBQEYJ6/6nr+jPTs9tC2dfQyqEwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L1lYQlFFWUo2XzZuci1qUFRzOXRDMmRmUXlxRS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMBQnAwDQYJKoZIhvcNAQELBQADggEBALPqsr3NpPuPCVXB32OSz8PPLW7Q
66wEbL4y2dgwQy4E3Lo6L8B0SqRonNJnjd8Hs7H8PKV5V2xmskXcyyCK8imn227u
wryz6EKDCWLQMGBSYxVkik03OoujxImmDZr9gnS56SoEHXB7DmzTnKLzU7whueU0
6ElRng8dAwv/TxcpxDbKfd/x/zHx0ELMc2EttZnSWqIryUCs5JvjMOpMRQmLOpXF
fWfotw1tKK0tycnInzr7Vi85n1sM/WOg7LivIz4727OHMAjObIV9NS9JGPUlu21Z
WM+/dBZgb/qcGwJDcBKE0Y7LWUcvy0xvXyd3RoeUDeHa+ZyWSfcaeVi4Lx8=
-----END CERTIFICATE-----
Generated at Mon Jun 17 11:39:12 2024 by rpki-client on console-fra.rpki-client.org