Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/dq5b2mRSiv3IKWJrvjpGTlVzqSU.roa
File:                     dq5b2mRSiv3IKWJrvjpGTlVzqSU.roa (raw, json)
Hash identifier:          0OH9PaV+bmJuejdvfEz8ksqGN5nadntZclFYeVmutZ8=
Subject key identifier:   76:AE:5B:DA:64:52:8A:FD:C8:29:62:6B:BE:3A:46:4E:55:73:A9:25
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0692
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/dq5b2mRSiv3IKWJrvjpGTlVzqSU.roa
Signing time:             Tue 30 Apr 2024 01:38:10 +0000
ROA not before:           Tue 30 Apr 2024 01:38:10 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        49.106.80.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 01:32:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1682 (0x692)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 01:38:10 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=76AE5BDA64528AFDC829626BBE3A464E5573A925
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:05:dc:34:74:e2:38:5e:38:89:71:f4:8a:56:
                    50:45:ed:63:8b:99:99:66:1c:85:62:e6:fb:ae:43:
                    f2:07:01:99:69:cb:82:e3:18:b2:8b:95:26:14:2a:
                    11:f7:ce:48:97:5d:d5:c2:ce:50:3c:df:fa:18:0b:
                    3a:6d:95:f6:6b:c7:51:dd:6b:2f:fc:dc:1b:31:01:
                    8a:80:64:b6:51:20:8e:de:64:e6:4f:09:ab:f5:4f:
                    b1:ec:4b:aa:9f:45:77:bb:67:f2:db:b2:16:57:8a:
                    a4:be:e9:63:22:5d:21:0f:17:9f:93:49:f3:3b:bd:
                    d0:a5:ea:eb:a6:51:b0:4c:09:ac:06:8a:06:53:34:
                    5f:a2:ac:a7:fd:a9:4c:20:41:b3:5e:1d:f8:16:df:
                    fc:00:17:fa:4a:84:84:e9:9d:6a:22:a3:fc:fd:4f:
                    11:26:66:ae:34:7d:db:de:be:1c:18:00:79:37:b5:
                    69:87:83:a8:34:d1:17:29:f1:06:06:b7:ef:2c:8d:
                    08:0d:2a:b0:c4:e9:28:6b:a9:f7:8b:d6:0c:fb:54:
                    34:8e:f4:6b:46:82:b2:2c:2b:36:3d:1a:9d:a2:a8:
                    8b:c8:cc:6a:e7:65:15:81:95:2c:4d:9a:9b:97:db:
                    2d:60:c7:99:90:75:6e:af:f4:06:db:9b:2c:cf:6e:
                    95:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:AE:5B:DA:64:52:8A:FD:C8:29:62:6B:BE:3A:46:4E:55:73:A9:25
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/dq5b2mRSiv3IKWJrvjpGTlVzqSU.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.106.80.0/21

    Signature Algorithm: sha256WithRSAEncryption
         75:19:ff:cf:ae:3b:ab:5c:85:9e:13:1c:14:fc:d3:d2:f3:49:
         92:d7:55:13:54:d1:64:d1:9c:92:17:17:70:52:74:af:ea:1d:
         bd:2b:92:56:71:ed:53:2b:4f:3b:fa:2a:6c:ee:3e:c5:e4:24:
         67:f5:52:e1:24:03:38:7a:99:6d:d4:4b:62:4b:f0:a0:19:c2:
         9c:78:12:6a:05:2b:69:de:f7:2d:a4:bc:23:88:f8:1d:1c:0f:
         74:02:13:8a:71:34:a8:2a:ee:44:39:64:56:c6:1e:f0:e0:28:
         59:ba:99:3a:44:71:db:bd:1c:3f:53:f6:e9:22:26:ff:b3:de:
         3b:9a:28:32:3f:73:2f:fe:71:3c:b6:22:fc:08:a0:fd:24:e1:
         89:d9:c7:53:7b:ab:ba:49:5c:71:1f:bd:1e:ea:24:4c:8b:40:
         02:ab:eb:1b:6d:6c:c7:b6:f0:ce:c8:85:b0:95:ae:b1:e0:2a:
         44:94:20:b6:0d:36:48:91:90:6c:97:ab:12:6d:cc:aa:a3:55:
         2b:f5:47:b7:1a:77:ce:d5:2d:45:3d:15:ca:37:1d:ab:5b:2e:
         4a:6d:9b:6c:b5:3b:ad:b0:d9:07:b4:ff:f4:41:19:18:be:c8:
         4e:c5:e7:98:78:41:79:45:76:a2:21:f3:1f:2c:44:f2:bd:43:
         d5:74:6d:df
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBpIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MTM4MTBaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDc2QUU1QkRBNjQ1MjhB
RkRDODI5NjI2QkJFM0E0NjRFNTU3M0E5MjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqBdw0dOI4XjiJcfSKVlBF7WOLmZlmHIVi5vuuQ/IHAZlpy4Lj
GLKLlSYUKhH3zkiXXdXCzlA83/oYCzptlfZrx1Hday/83BsxAYqAZLZRII7eZOZP
Cav1T7HsS6qfRXe7Z/LbshZXiqS+6WMiXSEPF5+TSfM7vdCl6uumUbBMCawGigZT
NF+irKf9qUwgQbNeHfgW3/wAF/pKhITpnWoio/z9TxEmZq40fdvevhwYAHk3tWmH
g6g00Rcp8QYGt+8sjQgNKrDE6ShrqfeL1gz7VDSO9GtGgrIsKzY9Gp2iqIvIzGrn
ZRWBlSxNmpuX2y1gx5mQdW6v9AbbmyzPbpVNAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUdq5b2mRSiv3IKWJrvjpGTlVzqSUwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L2RxNWIybVJTaXYzSUtXSnJ2anBHVGxWenFTVS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMxalAwDQYJKoZIhvcNAQELBQADggEBAHUZ/8+uO6tchZ4THBT809LzSZLX
VRNU0WTRnJIXF3BSdK/qHb0rklZx7VMrTzv6KmzuPsXkJGf1UuEkAzh6mW3US2JL
8KAZwpx4EmoFK2ne9y2kvCOI+B0cD3QCE4pxNKgq7kQ5ZFbGHvDgKFm6mTpEcdu9
HD9T9ukiJv+z3juaKDI/cy/+cTy2IvwIoP0k4YnZx1N7q7pJXHEfvR7qJEyLQAKr
6xttbMe28M7IhbCVrrHgKkSUILYNNkiRkGyXqxJtzKqjVSv1R7cad87VLUU9Fco3
HatbLkptm2y1O62w2Qe0//RBGRi+yE7F55h4QXlFdqIh8x8sRPK9Q9V0bd8=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:41:54 2024 by rpki-client on console-ams.rpki-client.org