Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/YZ-2EMD41ZeXFvv7YsiMDvSqe9s.roa
File:                     YZ-2EMD41ZeXFvv7YsiMDvSqe9s.roa (raw, json)
Hash identifier:          yYZA7isIf16/bqyFUdGLrE5gUpn8mD+cCELvEg0MaKc=
Subject key identifier:   61:9F:B6:10:C0:F8:D5:97:97:16:FB:FB:62:C8:8C:0E:F4:AA:7B:DB
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       04AD
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/YZ-2EMD41ZeXFvv7YsiMDvSqe9s.roa
Signing time:             Thu 27 Jul 2023 16:46:17 +0000
ROA not before:           Thu 27 Jul 2023 16:46:17 +0000
ROA not after:            Sun 14 Jul 2024 01:30:03 +0000
asID:                     9605
IP address blocks:        1.66.24.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 01:30:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1197 (0x4ad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jul 27 16:46:17 2023 GMT
            Not After : Jul 14 01:30:03 2024 GMT
        Subject: CN=619FB610C0F8D5979716FBFB62C88C0EF4AA7BDB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:7a:65:46:d7:33:94:81:12:55:33:5c:7a:b0:
                    ad:1b:c6:5e:bd:c1:a0:6f:d7:ba:65:8a:b9:9a:e1:
                    85:d3:f7:30:e0:c2:fe:2c:4d:89:41:b5:32:0d:b5:
                    e0:94:a4:f9:f6:40:4e:d0:f1:f4:76:6b:f2:bc:15:
                    1d:22:85:d2:d9:9d:04:d3:f4:55:5e:e6:14:40:27:
                    0f:02:08:32:f2:fe:98:d4:01:0a:5e:9c:66:e0:2c:
                    86:f5:03:3f:6f:01:5c:c5:47:e7:8f:30:33:65:f7:
                    e6:e5:2e:65:bb:7a:67:08:37:bc:a4:ff:83:e1:3d:
                    bc:33:22:d9:00:5e:bf:55:e9:05:f8:41:5e:52:d3:
                    dd:ff:2e:1a:83:7d:73:76:6d:3a:48:b2:97:69:32:
                    39:81:28:39:6b:90:c0:ae:0a:0a:47:7d:c9:85:07:
                    a8:e7:55:b2:ed:3e:5d:2b:33:b2:fd:66:7d:e8:09:
                    2f:0f:34:05:f1:68:93:46:ed:15:20:f9:94:86:a8:
                    e6:20:ea:bd:6e:fa:a4:18:62:4c:c3:8c:42:1a:35:
                    74:92:af:da:46:41:07:86:ed:6f:b1:31:ea:88:36:
                    6c:4e:d0:01:5a:5c:a0:09:dd:76:e6:da:92:0e:81:
                    23:0d:e1:04:1a:8b:5d:50:cf:12:1c:1f:47:8b:f3:
                    f3:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:9F:B6:10:C0:F8:D5:97:97:16:FB:FB:62:C8:8C:0E:F4:AA:7B:DB
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/YZ-2EMD41ZeXFvv7YsiMDvSqe9s.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.66.24.0/22

    Signature Algorithm: sha256WithRSAEncryption
         23:ec:a1:d5:f6:e1:7e:62:f3:81:67:8a:8f:ac:eb:0d:d4:af:
         67:fa:fb:3e:42:e0:85:14:3d:13:16:89:4b:bf:35:48:99:5a:
         34:62:a8:17:8d:9c:5c:a8:41:bf:40:d4:13:15:dd:fa:49:03:
         ae:4f:aa:ff:6e:d8:de:7d:f9:09:22:4e:3f:01:93:13:e7:c4:
         ee:bf:04:84:b1:d0:07:43:6e:c0:a8:3f:b1:98:ff:27:63:f3:
         aa:6a:50:7b:08:17:8a:1f:74:30:43:fd:95:66:98:2e:57:8e:
         37:34:50:2f:02:bb:b3:f4:62:9f:50:cb:ee:e6:09:f1:0b:78:
         eb:61:0b:9d:ad:9c:47:cd:ff:d9:eb:e7:4e:56:70:ac:e6:55:
         02:11:bd:9f:84:b9:6b:9e:c4:79:28:e2:71:c9:0b:7a:82:05:
         51:7d:54:84:83:e6:e1:d6:42:7e:72:15:84:fb:49:aa:97:8f:
         96:ad:46:41:41:d7:4a:80:b1:4b:78:5e:bf:0a:2a:b0:6f:18:
         5f:4a:d6:3a:e9:6a:87:6d:18:21:31:02:c3:fc:0a:4d:0a:3e:
         de:8f:50:24:de:9d:be:42:0f:16:7e:72:4b:0e:38:0a:72:51:
         00:1a:5d:e1:4d:0e:a6:b4:a0:d0:1b:8a:9d:9a:cf:1d:c5:13:
         c8:ac:98:b6
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBK0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA3Mjcx
NjQ2MTdaFw0yNDA3MTQwMTMwMDNaMDMxMTAvBgNVBAMTKDYxOUZCNjEwQzBGOEQ1
OTc5NzE2RkJGQjYyQzg4QzBFRjRBQTdCREIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3emVG1zOUgRJVM1x6sK0bxl69waBv17plirma4YXT9zDgwv4s
TYlBtTINteCUpPn2QE7Q8fR2a/K8FR0ihdLZnQTT9FVe5hRAJw8CCDLy/pjUAQpe
nGbgLIb1Az9vAVzFR+ePMDNl9+blLmW7emcIN7yk/4PhPbwzItkAXr9V6QX4QV5S
093/LhqDfXN2bTpIspdpMjmBKDlrkMCuCgpHfcmFB6jnVbLtPl0rM7L9Zn3oCS8P
NAXxaJNG7RUg+ZSGqOYg6r1u+qQYYkzDjEIaNXSSr9pGQQeG7W+xMeqINmxO0AFa
XKAJ3Xbm2pIOgSMN4QQai11QzxIcH0eL8/MjAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUYZ+2EMD41ZeXFvv7YsiMDvSqe9swHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L1laLTJFTUQ0MVplWEZ2djdZc2lNRHZTcWU5cy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIBQhgwDQYJKoZIhvcNAQELBQADggEBACPsodX24X5i84Fnio+s6w3Ur2f6
+z5C4IUUPRMWiUu/NUiZWjRiqBeNnFyoQb9A1BMV3fpJA65Pqv9u2N59+QkiTj8B
kxPnxO6/BISx0AdDbsCoP7GY/ydj86pqUHsIF4ofdDBD/ZVmmC5Xjjc0UC8Cu7P0
Yp9Qy+7mCfELeOthC52tnEfN/9nr505WcKzmVQIRvZ+EuWuexHko4nHJC3qCBVF9
VISD5uHWQn5yFYT7SaqXj5atRkFB10qAsUt4Xr8KKrBvGF9K1jrpaodtGCExAsP8
Ck0KPt6PUCTenb5CDxZ+cksOOApyUQAaXeFNDqa0oNAbip2azx3FE8ismLY=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:01:42 2024 by rpki-client on console-fra.rpki-client.org