Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/Z3lfao2bqV3e4P0Qh9KTiQugi7g.roa
File:                     Z3lfao2bqV3e4P0Qh9KTiQugi7g.roa (raw, json)
Hash identifier:          FBsZjB70En316cz4pIM/zSFoUEhOItN/n+YzGbO/t3c=
Subject key identifier:   67:79:5F:6A:8D:9B:A9:5D:DE:E0:FD:10:87:D2:93:89:0B:A0:8B:B8
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       07F2
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/Z3lfao2bqV3e4P0Qh9KTiQugi7g.roa
Signing time:             Tue 30 Apr 2024 02:10:36 +0000
ROA not before:           Tue 30 Apr 2024 02:10:36 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        1.75.237.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2034 (0x7f2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 02:10:36 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=67795F6A8D9BA95DDEE0FD1087D293890BA08BB8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:4a:2d:83:d9:5a:da:f1:20:42:78:96:1b:81:
                    d4:8e:1c:ac:a1:12:3b:5e:46:17:c3:f7:e0:fd:06:
                    2c:83:38:20:04:38:07:1a:92:9e:fe:60:17:39:fa:
                    d2:ab:8c:b6:4c:2a:10:e3:85:bd:4f:2b:e6:60:8a:
                    dc:09:b2:d5:5e:7b:c9:5a:60:09:df:72:0e:c2:37:
                    a6:e1:cc:0d:f7:3b:9c:be:dc:65:0b:0e:04:a4:04:
                    5f:ac:4c:cc:8f:fd:3a:53:c3:c5:1e:cb:f9:35:75:
                    1f:e8:a4:3e:9c:95:8a:cf:f9:13:bd:dd:fc:1e:ab:
                    2a:fe:26:12:db:51:46:58:fa:65:67:1d:b3:4c:3f:
                    20:b8:b5:de:a9:9f:08:34:6d:58:79:39:d7:03:aa:
                    f9:80:28:6e:65:55:8c:7e:79:fb:8b:24:0f:32:b0:
                    78:2c:3f:d9:76:00:f2:d3:d9:02:bd:08:8b:af:3c:
                    5d:d3:89:98:6c:0f:03:8d:9b:80:9d:d0:69:ee:a2:
                    58:1c:0a:e5:55:d8:bf:0c:08:91:0c:00:c4:2e:fb:
                    9e:a9:f9:2d:93:c0:d9:40:d4:dd:11:fb:e7:02:87:
                    20:4f:7b:53:94:5b:4c:a7:14:e3:fc:5a:1e:28:95:
                    f4:47:34:7a:6d:72:c4:5c:67:c7:c7:71:5f:86:17:
                    4b:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:79:5F:6A:8D:9B:A9:5D:DE:E0:FD:10:87:D2:93:89:0B:A0:8B:B8
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/Z3lfao2bqV3e4P0Qh9KTiQugi7g.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.75.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a7:63:80:66:ce:cc:54:a4:d2:3d:35:b4:e3:94:cb:e7:56:7e:
         63:05:bf:c0:90:62:84:54:82:52:8b:e1:f4:12:a6:d5:54:3c:
         e6:98:45:e8:a3:0e:1a:c7:53:2b:ca:72:b6:16:f3:72:61:67:
         41:04:9b:d9:3b:16:ac:71:d3:dc:e0:2c:3b:7c:7e:42:eb:fa:
         1c:dd:fe:bf:4b:5f:49:bc:8b:bc:1a:e9:87:ea:9d:e9:7d:a5:
         c4:78:b0:67:61:5b:33:5a:7d:6d:70:07:ca:ca:d1:e3:7e:ee:
         66:da:33:6b:88:3f:88:51:10:64:7e:e4:b8:f9:62:38:ba:c9:
         91:b8:34:81:4e:14:bc:07:61:bb:be:52:f9:70:af:ce:c5:17:
         42:74:51:7e:e5:ae:ac:bc:26:b6:60:bf:3a:74:76:5e:7a:f9:
         45:00:28:16:f0:db:c4:3e:a2:95:a1:eb:07:3d:e2:3f:f3:53:
         ea:ef:a0:0e:1b:a1:a0:12:52:1b:2e:4c:27:7a:01:cb:fa:8f:
         be:93:32:70:9d:e4:76:18:9d:09:4b:8a:6a:ba:d9:63:4f:25:
         4b:29:9c:47:63:11:9e:7b:1c:be:ab:50:4e:c2:34:9e:c8:2f:
         48:48:d1:42:7f:07:36:27:37:28:ca:43:00:90:e5:ab:45:20:
         cf:a7:83:89
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICB/IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MjEwMzZaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDY3Nzk1RjZBOEQ5QkE5
NURERUUwRkQxMDg3RDI5Mzg5MEJBMDhCQjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMSi2D2Vra8SBCeJYbgdSOHKyhEjteRhfD9+D9BiyDOCAEOAca
kp7+YBc5+tKrjLZMKhDjhb1PK+ZgitwJstVee8laYAnfcg7CN6bhzA33O5y+3GUL
DgSkBF+sTMyP/TpTw8Uey/k1dR/opD6clYrP+RO93fweqyr+JhLbUUZY+mVnHbNM
PyC4td6pnwg0bVh5OdcDqvmAKG5lVYx+efuLJA8ysHgsP9l2APLT2QK9CIuvPF3T
iZhsDwONm4Cd0GnuolgcCuVV2L8MCJEMAMQu+56p+S2TwNlA1N0R++cChyBPe1OU
W0ynFOP8Wh4olfRHNHptcsRcZ8fHcV+GF0vdAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUZ3lfao2bqV3e4P0Qh9KTiQugi7gwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L1ozbGZhbzJicVYzZTRQMFFoOUtUaVF1Z2k3Zy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAABS+0wDQYJKoZIhvcNAQELBQADggEBAKdjgGbOzFSk0j01tOOUy+dWfmMF
v8CQYoRUglKL4fQSptVUPOaYReijDhrHUyvKcrYW83JhZ0EEm9k7Fqxx09zgLDt8
fkLr+hzd/r9LX0m8i7wa6Yfqnel9pcR4sGdhWzNafW1wB8rK0eN+7mbaM2uIP4hR
EGR+5Lj5Yji6yZG4NIFOFLwHYbu+Uvlwr87FF0J0UX7lrqy8JrZgvzp0dl56+UUA
KBbw28Q+opWh6wc94j/zU+rvoA4boaASUhsuTCd6Acv6j76TMnCd5HYYnQlLimq6
2WNPJUspnEdjEZ57HL6rUE7CNJ7IL0hI0UJ/BzYnNyjKQwCQ5atFIM+ng4k=
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:57:21 2024 by rpki-client on console-fra.rpki-client.org