Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/ixQomTZSJifKM7ynno0Dg5HmLm0.roa
File:                     ixQomTZSJifKM7ynno0Dg5HmLm0.roa (raw, json)
Hash identifier:          obqZjqQeM3S5xnZwvs5yhO0pJ9iYM/9L33/gb/NrsPc=
Subject key identifier:   8B:14:28:99:36:52:26:27:CA:33:BC:A7:9E:8D:03:83:91:E6:2E:6D
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0840
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/ixQomTZSJifKM7ynno0Dg5HmLm0.roa
Signing time:             Tue 30 Apr 2024 02:16:20 +0000
ROA not before:           Tue 30 Apr 2024 02:16:20 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        49.98.18.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2112 (0x840)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 02:16:20 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=8B14289936522627CA33BCA79E8D038391E62E6D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:fb:f7:45:f1:7c:5e:58:5e:be:23:3b:0e:61:
                    65:c9:21:8b:46:8e:75:8a:09:04:33:5e:c6:b6:a2:
                    95:80:6d:14:5f:f7:cb:48:3b:bb:3c:ee:8b:a8:52:
                    4b:eb:9f:59:c8:d2:24:1c:4a:0d:0b:30:58:f3:1b:
                    61:88:d8:84:68:79:8c:5b:bc:da:8a:cb:f5:b8:0c:
                    91:6e:aa:7c:1a:d6:f6:4b:e1:67:6c:97:5d:4d:3e:
                    96:3c:2e:a6:73:14:aa:28:3c:84:04:75:8d:79:06:
                    12:56:28:67:2e:fa:66:7f:13:76:ca:d5:bc:bf:d0:
                    6b:53:86:d5:d7:1e:10:f3:87:e1:51:04:22:9a:a7:
                    74:be:08:d2:8f:48:4e:67:77:f4:80:bf:0f:70:a7:
                    a5:4e:52:28:4f:92:2e:91:bf:72:c6:47:22:40:5c:
                    3e:5b:fe:17:0b:8c:5b:fb:b6:dc:5b:ad:88:bd:26:
                    e6:d7:2e:c0:45:63:cd:78:fa:86:29:d9:28:59:f4:
                    97:34:30:a7:05:0f:b4:c5:e4:a3:59:49:e4:00:1a:
                    2d:b6:2e:6f:c5:51:50:3d:55:aa:8e:e2:d4:49:62:
                    79:0e:27:cf:63:e2:30:29:b7:f5:55:c4:8a:f8:1c:
                    37:6f:27:f3:da:67:e5:cf:1c:9a:0e:80:22:38:12:
                    27:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:14:28:99:36:52:26:27:CA:33:BC:A7:9E:8D:03:83:91:E6:2E:6D
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/ixQomTZSJifKM7ynno0Dg5HmLm0.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.98.18.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:08:71:9c:38:f5:e9:d9:8d:d7:59:5f:32:79:5a:11:31:d3:
         d5:38:72:bc:8c:c6:d5:2a:7f:2f:5d:52:ef:76:02:d3:cd:05:
         52:d2:c2:ab:1d:d4:d5:04:ce:4f:b4:e1:ed:df:43:03:1f:80:
         7b:78:1c:a2:ce:54:37:a7:4a:64:16:a9:cb:ca:cc:1b:94:57:
         13:04:c9:9c:9e:ad:f1:5c:ef:f8:c8:6b:09:e4:97:09:74:f8:
         81:dd:ab:bb:bc:e2:ea:95:2c:fc:eb:90:80:27:d9:57:4d:63:
         ed:c9:b7:62:35:ab:6c:43:23:e2:c1:fa:b9:85:c7:94:a8:d1:
         5e:eb:a0:1e:17:c6:77:e7:87:52:af:ca:1a:18:00:f7:47:1f:
         b8:f1:1e:6b:af:1e:00:98:da:31:12:a1:cf:8f:3f:61:4b:7f:
         7d:f0:10:86:14:d9:23:51:6b:57:9f:c7:8c:18:f9:31:4c:90:
         b1:5f:51:70:af:8d:79:4e:57:4e:e2:15:0a:91:a8:1c:7f:0c:
         b8:fe:6a:89:95:74:d3:b9:0e:49:42:8d:18:ce:b3:bd:4b:4f:
         3d:68:70:e4:78:2e:38:94:3a:cb:d9:ba:38:c5:71:ba:bc:4b:
         90:ab:67:52:8b:64:1d:8d:9e:f5:1d:25:a0:7f:f8:d3:a4:b3:
         07:85:1d:3a
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICCEAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MjE2MjBaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDhCMTQyODk5MzY1MjI2
MjdDQTMzQkNBNzlFOEQwMzgzOTFFNjJFNkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9+/dF8XxeWF6+IzsOYWXJIYtGjnWKCQQzXsa2opWAbRRf98tI
O7s87ouoUkvrn1nI0iQcSg0LMFjzG2GI2IRoeYxbvNqKy/W4DJFuqnwa1vZL4Wds
l11NPpY8LqZzFKooPIQEdY15BhJWKGcu+mZ/E3bK1by/0GtThtXXHhDzh+FRBCKa
p3S+CNKPSE5nd/SAvw9wp6VOUihPki6Rv3LGRyJAXD5b/hcLjFv7ttxbrYi9JubX
LsBFY814+oYp2ShZ9Jc0MKcFD7TF5KNZSeQAGi22Lm/FUVA9VaqO4tRJYnkOJ89j
4jApt/VVxIr4HDdvJ/PaZ+XPHJoOgCI4Eif1AgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUixQomTZSJifKM7ynno0Dg5HmLm0wHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L2l4UW9tVFpTSmlmS003eW5ubzBEZzVIbUxtMC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAxYhIwDQYJKoZIhvcNAQELBQADggEBAGUIcZw49enZjddZXzJ5WhEx09U4
cryMxtUqfy9dUu92AtPNBVLSwqsd1NUEzk+04e3fQwMfgHt4HKLOVDenSmQWqcvK
zBuUVxMEyZyerfFc7/jIawnklwl0+IHdq7u84uqVLPzrkIAn2VdNY+3Jt2I1q2xD
I+LB+rmFx5So0V7roB4Xxnfnh1KvyhoYAPdHH7jxHmuvHgCY2jESoc+PP2FLf33w
EIYU2SNRa1efx4wY+TFMkLFfUXCvjXlOV07iFQqRqBx/DLj+aomVdNO5DklCjRjO
s71LTz1ocOR4LjiUOsvZujjFcbq8S5CrZ1KLZB2NnvUdJaB/+NOksweFHTo=
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:31:54 2024 by rpki-client on console-ams.rpki-client.org