Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/ZRr1U2eWsw98hl5JZ3P9OKGsVh0.roa
File:                     ZRr1U2eWsw98hl5JZ3P9OKGsVh0.roa (raw, json)
Hash identifier:          wtxldhUeMWVYwJXI5x//LfvtUPwzc1LGbbm+tUHSUO0=
Subject key identifier:   65:1A:F5:53:67:96:B3:0F:7C:86:5E:49:67:73:FD:38:A1:AC:56:1D
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       07AB
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/ZRr1U2eWsw98hl5JZ3P9OKGsVh0.roa
Signing time:             Tue 30 Apr 2024 02:06:34 +0000
ROA not before:           Tue 30 Apr 2024 02:06:34 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        1.79.3.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1963 (0x7ab)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 02:06:34 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=651AF5536796B30F7C865E496773FD38A1AC561D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:d6:50:1d:b5:9b:9c:b9:4f:22:52:92:19:af:
                    d6:0d:8e:45:18:6a:15:74:3e:10:d0:27:c3:ba:72:
                    6c:04:02:8a:86:75:47:17:69:0a:de:0b:58:2f:e4:
                    6c:54:b1:4e:14:bc:55:84:b8:96:c8:d8:d2:83:5f:
                    5c:c5:47:9e:bd:c1:4e:a4:f4:9e:0c:60:7b:b7:9b:
                    a1:b4:c5:05:a8:28:8a:22:4f:44:53:4d:f4:7c:43:
                    2e:30:1e:3f:07:45:04:54:1f:f8:c4:1a:0b:0c:81:
                    c3:82:2b:79:fc:3b:ed:2e:cf:1d:14:52:60:0d:f5:
                    de:3c:fe:8c:63:9f:ea:56:d3:e3:3e:ce:27:33:5c:
                    0e:17:f1:1e:81:bd:49:6d:bd:9e:84:b3:f2:1b:cc:
                    eb:66:cd:9c:4d:b8:28:1f:b2:98:5c:34:85:4d:ba:
                    cc:d9:56:e5:0d:bd:d6:17:87:7e:0c:59:60:27:a5:
                    ad:24:8f:29:11:41:c7:2a:65:0c:7e:20:ba:20:bf:
                    6f:bb:55:04:e5:cf:c7:6d:de:15:04:90:99:0e:36:
                    15:71:35:e2:df:ae:63:4a:ae:f6:a6:f2:18:40:aa:
                    02:7d:ee:9d:5e:c8:2e:c0:37:66:86:65:a7:c2:7c:
                    9c:01:6a:d1:7d:6f:10:71:5e:16:a6:5e:16:1c:c8:
                    cb:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:1A:F5:53:67:96:B3:0F:7C:86:5E:49:67:73:FD:38:A1:AC:56:1D
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/ZRr1U2eWsw98hl5JZ3P9OKGsVh0.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.79.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:10:6d:8b:f9:45:a9:0f:3b:67:f1:5d:11:23:11:d5:58:f2:
         d6:21:7c:36:64:88:45:43:a9:63:b9:9d:70:2c:b4:23:62:b3:
         a2:cc:91:f0:a0:27:07:7f:cb:7a:e1:6c:d9:45:12:0f:a9:b7:
         ea:1d:b9:6c:6d:2b:70:af:fe:25:b7:bf:a7:0c:f6:d6:eb:1b:
         f5:4a:d0:75:91:95:3e:a2:e7:11:ff:04:a8:21:9e:3a:4f:54:
         a0:f6:3e:ea:98:44:24:15:ba:85:c5:ca:f6:2b:26:10:81:04:
         ff:05:94:f9:11:05:85:98:9b:ed:58:01:da:dd:29:9a:43:12:
         6b:88:9e:3f:e1:8a:a4:ec:6b:0e:95:47:dd:7e:3d:69:ac:82:
         54:93:1a:51:d0:45:3f:73:8f:84:60:c0:ff:01:ac:21:31:a2:
         17:dc:1f:e1:99:9f:9b:7a:cb:c0:66:e1:2b:9d:13:2c:2c:a6:
         1b:8e:59:8a:79:20:a9:fe:65:c7:bb:0e:b8:99:f8:8a:1b:4d:
         bd:d0:c2:46:4d:5f:06:fc:04:a9:26:ae:32:79:aa:b6:55:3d:
         50:7b:78:3e:bf:79:cd:e7:d9:8b:ec:9a:29:1c:26:47:25:37:
         d1:1b:87:26:75:d7:a6:a2:4b:bc:44:2a:1b:ca:48:9c:17:8b:
         32:65:e8:ea
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICB6swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MjA2MzRaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDY1MUFGNTUzNjc5NkIz
MEY3Qzg2NUU0OTY3NzNGRDM4QTFBQzU2MUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCo1lAdtZucuU8iUpIZr9YNjkUYahV0PhDQJ8O6cmwEAoqGdUcX
aQreC1gv5GxUsU4UvFWEuJbI2NKDX1zFR569wU6k9J4MYHu3m6G0xQWoKIoiT0RT
TfR8Qy4wHj8HRQRUH/jEGgsMgcOCK3n8O+0uzx0UUmAN9d48/oxjn+pW0+M+zicz
XA4X8R6BvUltvZ6Es/IbzOtmzZxNuCgfsphcNIVNuszZVuUNvdYXh34MWWAnpa0k
jykRQccqZQx+ILogv2+7VQTlz8dt3hUEkJkONhVxNeLfrmNKrvam8hhAqgJ97p1e
yC7AN2aGZafCfJwBatF9bxBxXhamXhYcyMuzAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUZRr1U2eWsw98hl5JZ3P9OKGsVh0wHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L1pScjFVMmVXc3c5OGhsNUpaM1A5T0tHc1ZoMC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAABTwMwDQYJKoZIhvcNAQELBQADggEBAFEQbYv5RakPO2fxXREjEdVY8tYh
fDZkiEVDqWO5nXAstCNis6LMkfCgJwd/y3rhbNlFEg+pt+oduWxtK3Cv/iW3v6cM
9tbrG/VK0HWRlT6i5xH/BKghnjpPVKD2PuqYRCQVuoXFyvYrJhCBBP8FlPkRBYWY
m+1YAdrdKZpDEmuInj/hiqTsaw6VR91+PWmsglSTGlHQRT9zj4RgwP8BrCExohfc
H+GZn5t6y8Bm4SudEywsphuOWYp5IKn+Zce7DriZ+IobTb3QwkZNXwb8BKkmrjJ5
qrZVPVB7eD6/ec3n2YvsmikcJkclN9EbhyZ116aiS7xEKhvKSJwXizJl6Oo=
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:57:21 2024 by rpki-client on console-fra.rpki-client.org