Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/f7SnjFsiThs8hQHL8HZt8z9Ga-M.roa
File:                     f7SnjFsiThs8hQHL8HZt8z9Ga-M.roa (raw, json)
Hash identifier:          jXKi4pkfdmPwJl5s7oAVx28iMOXwCMJvEWdZ+tpwk2s=
Subject key identifier:   7F:B4:A7:8C:5B:22:4E:1B:3C:85:01:CB:F0:76:6D:F3:3F:46:6B:E3
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       05E2
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/f7SnjFsiThs8hQHL8HZt8z9Ga-M.roa
Signing time:             Thu 29 Feb 2024 01:32:20 +0000
ROA not before:           Thu 29 Feb 2024 01:32:20 +0000
ROA not after:            Fri 14 Feb 2025 01:30:03 +0000
asID:                     9605
IP address blocks:        1.75.28.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1506 (0x5e2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Feb 29 01:32:20 2024 GMT
            Not After : Feb 14 01:30:03 2025 GMT
        Subject: CN=7FB4A78C5B224E1B3C8501CBF0766DF33F466BE3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:d0:bd:53:95:a9:46:d4:9e:9b:9f:1e:b6:8a:
                    fb:b0:6d:0a:0e:47:b1:0d:c7:83:1c:57:1c:24:cf:
                    8b:4b:eb:07:60:b6:e3:71:6f:30:4f:2f:9a:dc:3a:
                    11:c9:ea:2b:22:d5:89:3e:d2:06:0e:2f:06:3f:9d:
                    cf:07:ba:a2:7e:c3:14:c4:6c:04:bb:2d:72:8d:41:
                    32:f2:74:b3:e2:c6:0f:76:dd:a4:e2:64:d6:fc:ff:
                    2d:8b:7a:71:e8:61:60:7a:21:6b:a5:ed:29:cc:2c:
                    c7:9f:e1:3d:e3:75:29:fb:6c:ea:de:3a:dd:26:57:
                    70:20:46:1c:3d:72:aa:ea:d1:c8:6b:26:6e:5d:6b:
                    f0:3d:0b:c8:f5:3e:44:16:d7:ca:42:aa:67:08:14:
                    fe:dd:3e:e0:23:64:05:46:44:8e:35:56:94:de:7e:
                    3a:ee:2c:0e:56:ec:84:14:d1:ed:c7:2b:2e:fa:80:
                    e9:a7:9f:11:44:cc:c0:7d:b2:5e:19:27:4a:da:c2:
                    92:af:b2:04:5c:eb:cd:2d:80:5c:1d:ca:25:0c:91:
                    8b:a8:88:db:77:90:15:77:0c:30:f7:0a:31:64:cb:
                    ac:43:c6:4d:6d:f9:76:a6:55:62:1e:7b:9d:78:18:
                    d8:c8:87:1b:9a:ae:37:01:9b:76:a0:18:33:0d:0f:
                    d8:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:B4:A7:8C:5B:22:4E:1B:3C:85:01:CB:F0:76:6D:F3:3F:46:6B:E3
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/f7SnjFsiThs8hQHL8HZt8z9Ga-M.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.75.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         77:a2:12:4f:a3:5e:86:dd:cf:26:0f:30:c3:e5:6c:a8:03:4d:
         81:b1:9b:45:74:bd:e2:7c:26:39:1c:35:19:2f:3d:a0:4c:62:
         8c:93:d3:1b:db:1d:11:e9:9a:46:29:40:d6:31:f1:c1:93:00:
         a8:87:92:38:6f:a5:ae:e9:59:b1:27:67:f6:57:47:7c:48:ab:
         28:05:e7:5e:fa:83:3d:41:54:58:39:84:43:08:d0:56:68:ca:
         4e:57:db:e4:22:cf:1d:8c:1d:2e:7c:5f:0d:2a:8b:b8:71:54:
         09:55:1b:2d:fa:dd:d3:8a:49:7f:35:e9:02:81:47:71:7c:8f:
         5c:c0:09:eb:3c:34:a5:ad:4c:df:ea:c8:9c:0c:94:91:07:0d:
         71:ad:51:47:67:60:9f:bb:dd:2e:d0:26:0e:76:f8:92:dd:c6:
         4e:96:71:d7:aa:a9:f0:8d:45:08:dd:47:84:0a:fa:81:38:36:
         0a:92:7c:19:07:e2:37:53:bd:1e:d9:c2:ea:4f:d8:b4:ca:cb:
         96:32:d5:5f:0d:b7:0b:f4:77:a9:05:0d:ff:20:d1:77:c1:05:
         85:5e:7f:20:8f:fc:22:16:9e:60:83:cf:42:c1:fe:42:52:21:
         f0:73:93:a6:86:98:45:78:5c:2d:ef:a1:a1:fb:18:08:32:ea:
         3e:64:59:5c
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBeIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDAyMjkw
MTMyMjBaFw0yNTAyMTQwMTMwMDNaMDMxMTAvBgNVBAMTKDdGQjRBNzhDNUIyMjRF
MUIzQzg1MDFDQkYwNzY2REYzM0Y0NjZCRTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDL0L1TlalG1J6bnx62ivuwbQoOR7ENx4McVxwkz4tL6wdgtuNx
bzBPL5rcOhHJ6isi1Yk+0gYOLwY/nc8HuqJ+wxTEbAS7LXKNQTLydLPixg923aTi
ZNb8/y2LenHoYWB6IWul7SnMLMef4T3jdSn7bOreOt0mV3AgRhw9cqrq0chrJm5d
a/A9C8j1PkQW18pCqmcIFP7dPuAjZAVGRI41VpTefjruLA5W7IQU0e3HKy76gOmn
nxFEzMB9sl4ZJ0rawpKvsgRc680tgFwdyiUMkYuoiNt3kBV3DDD3CjFky6xDxk1t
+XamVWIee514GNjIhxuarjcBm3agGDMND9hpAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUf7SnjFsiThs8hQHL8HZt8z9Ga+MwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L2Y3U25qRnNpVGhzOGhRSEw4SFp0OHo5R2EtTS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIBSxwwDQYJKoZIhvcNAQELBQADggEBAHeiEk+jXobdzyYPMMPlbKgDTYGx
m0V0veJ8JjkcNRkvPaBMYoyT0xvbHRHpmkYpQNYx8cGTAKiHkjhvpa7pWbEnZ/ZX
R3xIqygF5176gz1BVFg5hEMI0FZoyk5X2+Qizx2MHS58Xw0qi7hxVAlVGy363dOK
SX816QKBR3F8j1zACes8NKWtTN/qyJwMlJEHDXGtUUdnYJ+73S7QJg52+JLdxk6W
cdeqqfCNRQjdR4QK+oE4NgqSfBkH4jdTvR7ZwupP2LTKy5Yy1V8Ntwv0d6kFDf8g
0XfBBYVefyCP/CIWnmCDz0LB/kJSIfBzk6aGmEV4XC3voaH7GAgy6j5kWVw=
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:57:22 2024 by rpki-client on console-fra.rpki-client.org