Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/fKAxsvbacF2BPsqXYiL-Ss4mkdk.roa
File:                     fKAxsvbacF2BPsqXYiL-Ss4mkdk.roa (raw, json)
Hash identifier:          W6zp5v7P9l2HML+ePgCGFcP4q0MtdfvjFbC3HeW2HXs=
Subject key identifier:   7C:A0:31:B2:F6:DA:70:5D:81:3E:CA:97:62:22:FE:4A:CE:26:91:D9
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       08F6
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/fKAxsvbacF2BPsqXYiL-Ss4mkdk.roa
Signing time:             Tue 30 Apr 2024 02:26:36 +0000
ROA not before:           Tue 30 Apr 2024 02:26:36 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        1.79.72.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 14:09:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2294 (0x8f6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 02:26:36 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=7CA031B2F6DA705D813ECA976222FE4ACE2691D9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:ca:6a:7c:4e:43:b9:4d:55:37:54:0d:8d:68:
                    27:4c:ad:a0:c1:5e:f0:af:fe:a2:9f:d8:7a:eb:15:
                    cc:4c:cd:35:7f:b4:7f:39:6c:da:60:9a:62:54:60:
                    70:8f:f6:60:aa:f0:82:24:c7:8c:10:cf:fe:6f:c9:
                    76:55:91:48:80:7a:43:af:b1:16:63:48:05:16:fc:
                    a0:be:4a:e7:70:8f:61:61:0b:3b:ca:3c:cf:70:b8:
                    81:c1:ee:a8:89:d8:97:55:bf:80:f0:da:76:c8:f1:
                    2f:e9:35:db:32:c8:fe:1a:46:ce:4f:9d:de:40:55:
                    f1:ea:86:b1:f6:42:36:32:9b:73:db:f8:a5:03:ce:
                    1c:28:ae:e5:12:12:39:f4:a8:06:0e:5d:f5:f8:54:
                    12:89:92:71:bc:04:84:04:80:a9:20:b5:96:05:17:
                    6d:33:3c:0c:06:88:14:d1:c7:53:ab:d8:88:41:92:
                    03:e1:1e:e0:8c:fc:72:bd:89:a3:bd:7d:73:55:1e:
                    05:79:22:0f:32:05:a7:58:1d:fb:93:71:d4:53:d7:
                    8f:18:46:d0:0a:db:c7:d1:cb:c4:c6:ef:d1:a1:f9:
                    55:40:6c:cc:c1:96:53:a6:e2:08:08:85:ca:8d:b6:
                    43:fb:c0:4d:ce:82:06:4e:f7:e1:23:08:af:90:a0:
                    24:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:A0:31:B2:F6:DA:70:5D:81:3E:CA:97:62:22:FE:4A:CE:26:91:D9
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/fKAxsvbacF2BPsqXYiL-Ss4mkdk.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.79.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         e2:83:a5:36:01:45:75:b0:27:a4:f3:ca:af:5a:04:98:3d:06:
         51:3a:20:ab:45:ab:94:29:4f:2e:67:ca:7d:8a:38:ad:09:51:
         5e:65:f1:2b:d1:09:ea:34:a8:e1:66:67:98:a5:1f:b9:1a:7d:
         9b:0e:b8:37:0c:3a:87:77:90:a9:07:f0:e5:31:61:16:e1:95:
         27:46:28:31:22:d6:ae:b9:e1:8d:76:c4:1b:fc:b6:54:b1:c1:
         5b:75:9c:0b:f9:91:8e:37:eb:32:dc:35:2b:c2:57:f2:f5:98:
         e8:09:5e:81:88:22:92:40:19:ac:16:04:1c:30:90:f8:61:42:
         52:08:e6:e3:1f:d4:81:c7:c3:d7:46:65:b3:a6:fa:db:e5:49:
         32:27:7e:03:80:c8:77:25:7a:63:f1:08:7c:c5:62:9c:62:0b:
         61:a0:16:83:6f:28:a3:33:c2:ac:5b:61:88:ee:b5:78:ec:57:
         ed:11:0e:b7:b8:a0:37:9d:c4:91:5a:28:c5:28:ba:4e:7e:0e:
         69:de:e4:2c:ac:7b:99:97:16:14:3c:5f:77:ad:56:c2:ff:d7:
         cc:b2:87:53:cf:83:d0:a5:ca:a8:e1:4b:ab:2f:be:96:8f:a0:
         5c:80:d8:d6:b2:30:9e:31:dd:84:0a:b4:c4:ef:bb:81:45:97:
         03:d0:43:c2
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICCPYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MjI2MzZaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDdDQTAzMUIyRjZEQTcw
NUQ4MTNFQ0E5NzYyMjJGRTRBQ0UyNjkxRDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqymp8TkO5TVU3VA2NaCdMraDBXvCv/qKf2HrrFcxMzTV/tH85
bNpgmmJUYHCP9mCq8IIkx4wQz/5vyXZVkUiAekOvsRZjSAUW/KC+Sudwj2FhCzvK
PM9wuIHB7qiJ2JdVv4Dw2nbI8S/pNdsyyP4aRs5Pnd5AVfHqhrH2QjYym3Pb+KUD
zhworuUSEjn0qAYOXfX4VBKJknG8BIQEgKkgtZYFF20zPAwGiBTRx1Or2IhBkgPh
HuCM/HK9iaO9fXNVHgV5Ig8yBadYHfuTcdRT148YRtAK28fRy8TG79Gh+VVAbMzB
llOm4ggIhcqNtkP7wE3OggZO9+EjCK+QoCQzAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUfKAxsvbacF2BPsqXYiL+Ss4mkdkwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L2ZLQXhzdmJhY0YyQlBzcVhZaUwtU3M0bWtkay5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAABT0gwDQYJKoZIhvcNAQELBQADggEBAOKDpTYBRXWwJ6Tzyq9aBJg9BlE6
IKtFq5QpTy5nyn2KOK0JUV5l8SvRCeo0qOFmZ5ilH7kafZsOuDcMOod3kKkH8OUx
YRbhlSdGKDEi1q654Y12xBv8tlSxwVt1nAv5kY436zLcNSvCV/L1mOgJXoGIIpJA
GawWBBwwkPhhQlII5uMf1IHHw9dGZbOm+tvlSTInfgOAyHclemPxCHzFYpxiC2Gg
FoNvKKMzwqxbYYjutXjsV+0RDre4oDedxJFaKMUouk5+Dmne5Cyse5mXFhQ8X3et
VsL/18yyh1PPg9ClyqjhS6svvpaPoFyA2NayMJ4x3YQKtMTvu4FFlwPQQ8I=
-----END CERTIFICATE-----
Generated at Mon Jun 17 11:41:37 2024 by rpki-client on console-ams.rpki-client.org