Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/iUTuCNp_LUqgODPftvenQE8imJU.roa
File:                     iUTuCNp_LUqgODPftvenQE8imJU.roa (raw, json)
Hash identifier:          e0V5iF+vvfpFJbPwAa8gWn6R8Bk86EG+unNd9A2atH0=
Subject key identifier:   89:44:EE:08:DA:7F:2D:4A:A0:38:33:DF:B6:F7:A7:40:4F:22:98:95
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       04F2
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/iUTuCNp_LUqgODPftvenQE8imJU.roa
Signing time:             Thu 27 Jul 2023 16:52:00 +0000
ROA not before:           Thu 27 Jul 2023 16:52:00 +0000
ROA not after:            Sun 14 Jul 2024 01:30:03 +0000
asID:                     9605
IP address blocks:        27.230.112.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1266 (0x4f2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jul 27 16:52:00 2023 GMT
            Not After : Jul 14 01:30:03 2024 GMT
        Subject: CN=8944EE08DA7F2D4AA03833DFB6F7A7404F229895
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:3a:5d:27:e4:c6:e4:7c:41:33:4f:6c:7a:66:
                    ff:7e:1a:c5:a1:d5:cd:ba:d8:c8:c3:6b:46:52:b3:
                    9a:0c:36:33:c2:45:0f:e7:bd:ac:3a:8a:b9:13:9e:
                    d8:81:75:8e:0c:1d:fe:7e:24:ce:45:d0:58:e4:e8:
                    ae:d9:5b:fa:ef:c1:cf:a2:86:c5:46:ae:57:55:59:
                    f1:d4:8b:3d:37:9c:2c:5d:5a:7d:35:cf:73:28:9d:
                    cf:0f:de:0e:a2:7b:65:85:5c:a2:4b:7e:8b:39:4c:
                    af:b6:7b:18:cc:75:c4:ed:d0:4a:06:ff:95:4d:2b:
                    95:a5:e7:a4:4f:56:8a:5b:92:75:3f:56:ae:c1:04:
                    bb:a9:52:a8:16:5c:4c:a1:08:b0:f2:a6:b9:7b:d7:
                    46:24:1a:23:01:0d:31:9f:da:3a:07:50:eb:09:fb:
                    88:7a:0e:36:86:40:fb:9a:9b:31:ef:ca:66:26:58:
                    a1:75:27:59:bc:11:3e:12:0b:a0:a7:80:d9:77:40:
                    97:22:51:33:43:b7:98:30:bb:19:59:70:7e:29:38:
                    de:67:cb:93:50:ac:1f:6d:ad:01:14:9d:9c:c3:f6:
                    d5:ca:85:c8:91:fb:da:46:be:99:07:b7:6e:2a:ed:
                    b0:2f:3c:42:13:cc:0b:c6:3b:3e:98:93:63:87:85:
                    25:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:44:EE:08:DA:7F:2D:4A:A0:38:33:DF:B6:F7:A7:40:4F:22:98:95
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/iUTuCNp_LUqgODPftvenQE8imJU.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.230.112.0/21

    Signature Algorithm: sha256WithRSAEncryption
         a1:c9:15:f2:ad:67:e6:33:d1:e4:0d:08:09:45:03:b7:f7:9c:
         2b:4b:ed:bc:ad:af:98:ac:1c:dd:a2:b6:f5:85:96:8c:01:d2:
         48:0c:bd:9d:4f:dd:67:fa:4e:ce:ee:bb:49:7a:42:5b:52:e3:
         d8:16:16:f3:5e:89:10:e2:08:20:f9:4c:c6:8b:e5:a5:56:d9:
         72:5e:6d:bf:71:6a:74:9f:ed:e6:62:a1:41:54:d3:1b:85:72:
         76:cb:9e:32:43:4a:bc:e6:e2:3c:fe:0d:7d:d6:bd:d9:0c:07:
         b8:be:6f:7b:dc:7a:c5:4f:17:15:3f:67:02:81:df:bc:2e:22:
         0f:74:be:93:9d:46:0b:90:cf:7f:bd:31:44:eb:13:b7:68:60:
         c6:d0:8b:a9:a2:3c:bd:90:56:02:27:79:75:b2:52:0d:b4:fc:
         87:98:4b:b7:2f:e0:fd:62:8d:3e:88:4a:52:b8:88:90:56:64:
         47:13:53:6c:da:33:a2:3a:7f:81:1c:98:bf:3c:05:75:ca:f8:
         79:16:fb:83:5c:e0:b8:25:8a:67:15:f7:f9:aa:cf:ee:0e:a2:
         c8:cc:17:31:cd:df:7a:f3:77:9d:e5:cd:4e:e3:8b:94:72:6c:
         9f:b6:87:81:ca:3b:a3:d0:10:44:3b:25:ab:1e:20:e2:13:be:
         10:05:08:c4
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBPIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA3Mjcx
NjUyMDBaFw0yNDA3MTQwMTMwMDNaMDMxMTAvBgNVBAMTKDg5NDRFRTA4REE3RjJE
NEFBMDM4MzNERkI2RjdBNzQwNEYyMjk4OTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGOl0n5MbkfEEzT2x6Zv9+GsWh1c262MjDa0ZSs5oMNjPCRQ/n
vaw6irkTntiBdY4MHf5+JM5F0Fjk6K7ZW/rvwc+ihsVGrldVWfHUiz03nCxdWn01
z3Monc8P3g6ie2WFXKJLfos5TK+2exjMdcTt0EoG/5VNK5Wl56RPVopbknU/Vq7B
BLupUqgWXEyhCLDyprl710YkGiMBDTGf2joHUOsJ+4h6DjaGQPuamzHvymYmWKF1
J1m8ET4SC6CngNl3QJciUTNDt5gwuxlZcH4pON5ny5NQrB9trQEUnZzD9tXKhciR
+9pGvpkHt24q7bAvPEITzAvGOz6Yk2OHhSU5AgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUiUTuCNp/LUqgODPftvenQE8imJUwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L2lVVHVDTnBfTFVxZ09EUGZ0dmVuUUU4aW1KVS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMb5nAwDQYJKoZIhvcNAQELBQADggEBAKHJFfKtZ+Yz0eQNCAlFA7f3nCtL
7bytr5isHN2itvWFlowB0kgMvZ1P3Wf6Ts7uu0l6QltS49gWFvNeiRDiCCD5TMaL
5aVW2XJebb9xanSf7eZioUFU0xuFcnbLnjJDSrzm4jz+DX3WvdkMB7i+b3vcesVP
FxU/ZwKB37wuIg90vpOdRguQz3+9MUTrE7doYMbQi6miPL2QVgIneXWyUg20/IeY
S7cv4P1ijT6ISlK4iJBWZEcTU2zaM6I6f4EcmL88BXXK+HkW+4Nc4LglimcV9/mq
z+4OosjMFzHN33rzd53lzU7ji5RybJ+2h4HKO6PQEEQ7JaseIOITvhAFCMQ=
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:57:22 2024 by rpki-client on console-fra.rpki-client.org