Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/iHt6R6TvgmwhHVGFLnZM-t2QvIo.roa
File:                     iHt6R6TvgmwhHVGFLnZM-t2QvIo.roa (raw, json)
Hash identifier:          M4fgPtIXQx4Ckgaqj+kspwp8GCXqC3Vd/CKrK+x6i+A=
Subject key identifier:   88:7B:7A:47:A4:EF:82:6C:21:1D:51:85:2E:76:4C:FA:DD:90:BC:8A
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0922
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/iHt6R6TvgmwhHVGFLnZM-t2QvIo.roa
Signing time:             Tue 30 Apr 2024 02:30:26 +0000
ROA not before:           Tue 30 Apr 2024 02:30:26 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        49.108.224.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 14:09:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2338 (0x922)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 02:30:26 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=887B7A47A4EF826C211D51852E764CFADD90BC8A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:94:29:42:7b:c4:b7:94:5b:08:97:5d:79:9c:
                    2e:c4:aa:f0:0a:45:52:94:43:72:4d:c3:50:45:6d:
                    f2:f5:c6:d3:a0:2b:6a:62:72:ed:07:17:85:8e:ef:
                    02:f9:33:43:7c:2d:48:a5:58:dc:02:86:89:38:d6:
                    fe:e3:81:60:98:9e:a4:63:c9:50:e6:05:b9:18:5c:
                    11:0e:9c:82:19:26:f0:7b:ae:2e:31:e5:7f:da:a5:
                    fe:fe:d7:a4:b9:12:3f:a7:c3:17:6f:ae:3d:53:ba:
                    35:d5:1b:fd:20:a9:20:28:4c:eb:b1:27:ec:49:0e:
                    d3:d5:7d:0d:b2:7e:74:35:28:fd:d8:56:2a:5d:37:
                    7f:ea:33:f9:8f:f4:00:e9:0e:ed:75:dd:64:c8:6e:
                    a8:1e:33:e7:14:9f:c4:c7:92:7d:02:a4:03:47:b1:
                    72:dd:21:68:0e:45:96:63:90:15:19:3b:38:f4:0e:
                    1d:47:ad:eb:19:4a:de:05:2f:f5:ee:de:49:30:e2:
                    45:d3:2b:47:26:5a:9d:0d:2e:16:1b:c7:df:58:5f:
                    ee:bb:21:ae:cf:15:e8:1b:71:1f:fe:c1:d2:41:b5:
                    f3:1a:02:65:5b:a9:fc:61:dc:53:2c:6e:5c:bb:1a:
                    1b:f5:41:23:85:05:9b:96:c2:02:36:1a:6b:18:80:
                    c3:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:7B:7A:47:A4:EF:82:6C:21:1D:51:85:2E:76:4C:FA:DD:90:BC:8A
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/iHt6R6TvgmwhHVGFLnZM-t2QvIo.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.108.224.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9c:ef:20:14:b5:1c:a0:a3:72:e8:87:cf:2d:33:77:b0:27:ab:
         76:c4:cb:5c:93:1e:0e:7d:cb:63:bb:a6:d2:76:63:0f:88:50:
         42:4f:7f:ad:00:51:13:55:a2:0f:8b:47:0b:33:87:48:2f:a5:
         d4:37:38:b2:f9:10:5a:9f:4b:6d:a2:73:7f:01:76:ea:27:fd:
         bb:8f:85:29:b0:f2:30:3e:cc:f2:ae:02:98:e7:87:45:e3:13:
         ac:1f:12:89:bd:85:1a:7f:6d:58:dc:76:0f:d7:7b:4a:2b:54:
         6f:5d:8f:d5:e8:cb:a3:09:6e:6b:9a:2a:ea:f9:e8:66:49:68:
         06:a3:28:84:42:0e:0e:81:30:2a:01:d2:74:29:31:f5:c0:75:
         fc:30:35:9e:51:c3:5b:0e:9a:f2:f0:e8:9c:2c:33:c5:69:ee:
         09:16:6e:ef:29:88:13:3b:aa:ee:9e:ab:4a:d7:67:36:30:46:
         8b:af:48:f5:c4:ea:78:bc:92:27:31:a7:50:a4:da:ad:d8:c3:
         77:3d:ec:7f:14:63:00:60:46:25:03:dd:20:e9:5b:82:c0:16:
         5b:bc:f5:cd:31:92:31:4b:1c:40:6e:ee:1e:16:d4:c6:99:75:
         e6:53:3f:ee:63:6f:15:31:29:d1:74:fb:1a:06:8b:a7:d9:d9:
         3f:e7:34:4c
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICCSIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MjMwMjZaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDg4N0I3QTQ3QTRFRjgy
NkMyMTFENTE4NTJFNzY0Q0ZBREQ5MEJDOEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCUlClCe8S3lFsIl115nC7EqvAKRVKUQ3JNw1BFbfL1xtOgK2pi
cu0HF4WO7wL5M0N8LUilWNwChok41v7jgWCYnqRjyVDmBbkYXBEOnIIZJvB7ri4x
5X/apf7+16S5Ej+nwxdvrj1TujXVG/0gqSAoTOuxJ+xJDtPVfQ2yfnQ1KP3YVipd
N3/qM/mP9ADpDu113WTIbqgeM+cUn8THkn0CpANHsXLdIWgORZZjkBUZOzj0Dh1H
resZSt4FL/Xu3kkw4kXTK0cmWp0NLhYbx99YX+67Ia7PFegbcR/+wdJBtfMaAmVb
qfxh3FMsbly7Ghv1QSOFBZuWwgI2GmsYgMMPAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUiHt6R6TvgmwhHVGFLnZM+t2QvIowHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L2lIdDZSNlR2Z213aEhWR0ZMblpNLXQyUXZJby5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAExbOAwDQYJKoZIhvcNAQELBQADggEBAJzvIBS1HKCjcuiHzy0zd7Anq3bE
y1yTHg59y2O7ptJ2Yw+IUEJPf60AURNVog+LRwszh0gvpdQ3OLL5EFqfS22ic38B
duon/buPhSmw8jA+zPKuApjnh0XjE6wfEom9hRp/bVjcdg/Xe0orVG9dj9Xoy6MJ
bmuaKur56GZJaAajKIRCDg6BMCoB0nQpMfXAdfwwNZ5Rw1sOmvLw6JwsM8Vp7gkW
bu8piBM7qu6eq0rXZzYwRouvSPXE6ni8kicxp1Ck2q3Yw3c97H8UYwBgRiUD3SDp
W4LAFlu89c0xkjFLHEBu7h4W1MaZdeZTP+5jbxUxKdF0+xoGi6fZ2T/nNEw=
-----END CERTIFICATE-----
Generated at Mon Jun 17 14:52:14 2024 by rpki-client on console-ams.rpki-client.org