Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/arWYggvfUs8x1E5cET3YmUldsfE.roa
File:                     arWYggvfUs8x1E5cET3YmUldsfE.roa (raw, json)
Hash identifier:          b1u7LFq84bAeyIPkuPg+QMQ5d7i9mVVbFZ+Bi6Z51cI=
Subject key identifier:   6A:B5:98:82:0B:DF:52:CF:31:D4:4E:5C:11:3D:D8:99:49:5D:B1:F1
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0698
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/arWYggvfUs8x1E5cET3YmUldsfE.roa
Signing time:             Tue 30 Apr 2024 01:43:10 +0000
ROA not before:           Tue 30 Apr 2024 01:43:10 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        49.106.216.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1688 (0x698)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 01:43:10 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=6AB598820BDF52CF31D44E5C113DD899495DB1F1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:12:3f:66:57:dd:92:6e:ad:da:7f:69:73:0f:
                    83:14:ac:87:74:e9:55:f7:12:c4:4b:12:2a:42:cd:
                    1d:71:2e:5e:43:52:98:2e:db:f1:4f:b4:00:23:e9:
                    d5:d0:a3:20:e4:05:80:4d:2a:1d:d0:93:b2:3d:1e:
                    28:d8:39:f9:dd:e8:c7:df:13:16:a4:52:52:24:e1:
                    3d:1b:cf:8c:e8:28:7a:c2:6c:72:c0:62:92:ac:05:
                    0f:b3:c4:22:fd:aa:be:5b:f7:af:f7:7a:39:08:94:
                    9a:8d:20:dc:1e:bb:7a:bc:8b:28:d7:b2:de:5e:38:
                    ec:95:f0:ba:b8:71:b0:a1:06:39:ce:12:36:cd:44:
                    16:50:6d:2a:0b:ba:e2:b7:15:22:d4:56:b3:8e:b7:
                    f5:07:62:7f:5c:14:66:92:74:49:45:de:c2:7f:ee:
                    c9:66:fe:70:e5:80:23:43:3f:f4:b8:ef:5f:4b:d8:
                    95:f7:c7:33:0f:b9:2c:24:c1:ed:9e:7a:2b:c3:1b:
                    14:33:97:85:25:87:25:fd:bf:23:41:db:3a:fb:8c:
                    cb:77:22:be:17:6c:ed:fa:ed:8f:c2:35:15:b5:f0:
                    8d:06:ec:b4:d5:e3:78:d1:13:05:f6:1a:03:d9:cc:
                    88:d0:09:a6:3a:7b:f3:68:e8:a3:31:8a:c7:1e:d9:
                    08:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:B5:98:82:0B:DF:52:CF:31:D4:4E:5C:11:3D:D8:99:49:5D:B1:F1
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/arWYggvfUs8x1E5cET3YmUldsfE.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.106.216.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:b4:ef:41:0c:bd:69:cd:52:d9:72:b8:5f:4f:ed:aa:f8:c9:
         bb:d8:28:ad:af:dc:d4:ab:a8:0e:b2:a4:e8:b4:8e:d0:6f:9f:
         01:11:56:e7:d8:06:85:b6:14:8a:cd:86:dd:21:cd:82:be:99:
         74:d7:d1:f3:aa:0b:2b:53:da:21:b4:c1:af:71:04:3e:26:ca:
         d9:28:09:bd:a5:a4:1f:12:31:9e:f8:ab:6f:04:f9:6a:2c:14:
         f0:2e:d8:62:3c:a0:83:48:3c:9a:4d:b6:5e:e4:2c:a7:10:fd:
         db:8b:ac:b6:3c:1f:fe:20:b8:66:df:8f:53:e1:e7:42:cc:bc:
         ac:92:ea:cf:02:db:ef:83:92:ac:bb:68:3f:22:3a:4b:9b:ef:
         04:c9:b2:dd:56:69:f3:7f:d4:a5:28:98:d2:28:f0:57:6d:e6:
         ea:4a:d0:c3:a9:4d:a5:ea:16:0c:db:00:78:76:7b:97:67:2d:
         41:59:c3:4f:54:61:93:35:3f:e1:9d:4c:c0:06:2d:9f:40:ac:
         35:e5:ef:ca:1c:14:4d:7c:ac:06:40:a2:71:1b:e0:20:0a:bb:
         45:e8:9b:b1:d8:e1:e4:1f:cf:fc:65:2f:ff:be:91:be:65:16:
         c9:82:49:da:a0:63:b1:16:6d:a2:ed:1a:b0:0c:12:cd:61:dd:
         0f:46:58:96
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBpgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MTQzMTBaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDZBQjU5ODgyMEJERjUy
Q0YzMUQ0NEU1QzExM0REODk5NDk1REIxRjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDrEj9mV92Sbq3af2lzD4MUrId06VX3EsRLEipCzR1xLl5DUpgu
2/FPtAAj6dXQoyDkBYBNKh3Qk7I9HijYOfnd6MffExakUlIk4T0bz4zoKHrCbHLA
YpKsBQ+zxCL9qr5b96/3ejkIlJqNINweu3q8iyjXst5eOOyV8Lq4cbChBjnOEjbN
RBZQbSoLuuK3FSLUVrOOt/UHYn9cFGaSdElF3sJ/7slm/nDlgCNDP/S4719L2JX3
xzMPuSwkwe2eeivDGxQzl4UlhyX9vyNB2zr7jMt3Ir4XbO367Y/CNRW18I0G7LTV
43jREwX2GgPZzIjQCaY6e/No6KMxisce2Qj3AgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUarWYggvfUs8x1E5cET3YmUldsfEwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L2FyV1lnZ3ZmVXM4eDFFNWNFVDNZbVVsZHNmRS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAxatgwDQYJKoZIhvcNAQELBQADggEBAIC070EMvWnNUtlyuF9P7ar4ybvY
KK2v3NSrqA6ypOi0jtBvnwERVufYBoW2FIrNht0hzYK+mXTX0fOqCytT2iG0wa9x
BD4mytkoCb2lpB8SMZ74q28E+WosFPAu2GI8oINIPJpNtl7kLKcQ/duLrLY8H/4g
uGbfj1Ph50LMvKyS6s8C2++Dkqy7aD8iOkub7wTJst1WafN/1KUomNIo8Fdt5upK
0MOpTaXqFgzbAHh2e5dnLUFZw09UYZM1P+GdTMAGLZ9ArDXl78ocFE18rAZAonEb
4CAKu0Xom7HY4eQfz/xlL/++kb5lFsmCSdqgY7EWbaLtGrAMEs1h3Q9GWJY=
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:31:54 2024 by rpki-client on console-ams.rpki-client.org