Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/jqj68k5GBJcJHiVb_dFzjhFXxgw.roa
File:                     jqj68k5GBJcJHiVb_dFzjhFXxgw.roa (raw, json)
Hash identifier:          j/SBhelC7/rkA3APJYBbB1Y/7xD+xwEWEqyJGOXPQLs=
Subject key identifier:   8E:A8:FA:F2:4E:46:04:97:09:1E:25:5B:FD:D1:73:8E:11:57:C6:0C
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       04FD
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/jqj68k5GBJcJHiVb_dFzjhFXxgw.roa
Signing time:             Thu 27 Jul 2023 16:52:04 +0000
ROA not before:           Thu 27 Jul 2023 16:52:04 +0000
ROA not after:            Sun 14 Jul 2024 01:30:03 +0000
asID:                     9605
IP address blocks:        1.76.68.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1277 (0x4fd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jul 27 16:52:04 2023 GMT
            Not After : Jul 14 01:30:03 2024 GMT
        Subject: CN=8EA8FAF24E460497091E255BFDD1738E1157C60C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:22:d9:b5:0c:af:d6:47:af:01:fa:68:fe:37:
                    7e:c4:1b:42:65:b5:b5:cb:61:8e:ca:19:87:9f:be:
                    68:67:2d:a2:ae:33:05:95:4b:92:ee:3d:94:44:91:
                    2a:87:1b:71:e9:00:00:15:ed:bb:09:e3:2a:de:8b:
                    7b:ad:21:ae:eb:1b:2c:44:62:87:de:ca:20:e3:8a:
                    b4:eb:e7:cb:17:bf:4a:52:21:db:d2:15:62:2f:30:
                    d3:11:d2:72:cf:c2:df:09:3e:9c:ec:15:0c:ae:fb:
                    06:98:da:bd:a9:3d:e6:10:41:8e:f0:99:8a:c6:b5:
                    a4:e8:91:80:27:5f:07:3d:47:4f:0f:9d:80:17:ce:
                    77:90:79:9b:4d:13:8e:b3:6b:30:86:b4:44:9d:27:
                    78:6c:bb:a0:85:61:aa:92:8f:b2:2e:fe:f0:24:1b:
                    b7:65:04:e8:8d:90:a9:6b:85:3e:e6:2d:97:bd:4b:
                    9b:6a:dc:1a:99:57:ea:2c:0c:97:a0:1f:63:6c:54:
                    35:27:a8:11:d8:0a:9d:24:f7:e0:90:a3:31:1c:67:
                    c9:50:18:d9:b8:ec:85:5f:41:d9:b8:28:4b:42:41:
                    3f:ac:50:c9:77:29:55:d1:58:0a:8e:5c:b6:f2:78:
                    1f:b8:8b:5e:4d:5e:60:a6:6b:9d:aa:c8:d5:72:de:
                    df:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:A8:FA:F2:4E:46:04:97:09:1E:25:5B:FD:D1:73:8E:11:57:C6:0C
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/jqj68k5GBJcJHiVb_dFzjhFXxgw.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.76.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b5:45:f9:ea:a2:fd:ff:5c:03:e8:7f:5a:65:e4:cb:a7:4e:35:
         b6:55:b8:6a:49:58:10:02:0c:9d:aa:a0:8b:85:c2:97:ed:a8:
         00:bd:bb:93:ae:5e:c0:9f:a3:d6:9e:f9:9b:de:72:69:9f:75:
         17:27:96:25:77:a3:d6:54:77:81:77:ce:8c:41:c7:db:bc:ac:
         b7:52:4e:a4:3e:98:03:c0:18:4c:93:ca:8f:94:21:29:bd:46:
         98:f3:14:d2:ff:d6:e9:3e:87:82:a9:cb:27:30:ed:63:e4:be:
         b8:4e:cc:49:f7:85:1f:b9:29:77:e0:b3:ef:d4:46:67:65:67:
         53:a2:92:87:3e:af:1d:44:3e:af:93:79:63:95:91:26:14:e7:
         85:21:53:1d:f8:67:7c:1c:69:5a:e9:eb:c0:49:d0:c3:31:81:
         aa:80:00:5a:c2:d1:b3:48:d2:fe:5e:ed:77:9b:59:70:2f:68:
         b5:4b:54:b2:92:60:7f:ac:7a:0a:19:98:8e:df:ec:45:38:65:
         37:fb:78:5b:42:f5:b3:d0:ce:06:8f:5f:66:0a:ae:09:e2:2e:
         fe:5f:0f:4f:b5:4d:92:9b:a9:5d:71:90:4b:7a:0a:81:fd:9c:
         81:e3:f7:11:6e:81:02:74:e4:55:f7:70:e6:24:8b:09:2b:6e:
         95:24:db:0d
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBP0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA3Mjcx
NjUyMDRaFw0yNDA3MTQwMTMwMDNaMDMxMTAvBgNVBAMTKDhFQThGQUYyNEU0NjA0
OTcwOTFFMjU1QkZERDE3MzhFMTE1N0M2MEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlItm1DK/WR68B+mj+N37EG0JltbXLYY7KGYefvmhnLaKuMwWV
S5LuPZREkSqHG3HpAAAV7bsJ4yrei3utIa7rGyxEYofeyiDjirTr58sXv0pSIdvS
FWIvMNMR0nLPwt8JPpzsFQyu+waY2r2pPeYQQY7wmYrGtaTokYAnXwc9R08PnYAX
zneQeZtNE46zazCGtESdJ3hsu6CFYaqSj7Iu/vAkG7dlBOiNkKlrhT7mLZe9S5tq
3BqZV+osDJegH2NsVDUnqBHYCp0k9+CQozEcZ8lQGNm47IVfQdm4KEtCQT+sUMl3
KVXRWAqOXLbyeB+4i15NXmCma52qyNVy3t/PAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUjqj68k5GBJcJHiVb/dFzjhFXxgwwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L2pxajY4azVHQkpjSkhpVmJfZEZ6amhGWHhndy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIBTEQwDQYJKoZIhvcNAQELBQADggEBALVF+eqi/f9cA+h/WmXky6dONbZV
uGpJWBACDJ2qoIuFwpftqAC9u5OuXsCfo9ae+ZvecmmfdRcnliV3o9ZUd4F3zoxB
x9u8rLdSTqQ+mAPAGEyTyo+UISm9RpjzFNL/1uk+h4Kpyycw7WPkvrhOzEn3hR+5
KXfgs+/URmdlZ1Oikoc+rx1EPq+TeWOVkSYU54UhUx34Z3wcaVrp68BJ0MMxgaqA
AFrC0bNI0v5e7XebWXAvaLVLVLKSYH+segoZmI7f7EU4ZTf7eFtC9bPQzgaPX2YK
rgniLv5fD0+1TZKbqV1xkEt6CoH9nIHj9xFugQJ05FX3cOYkiwkrbpUk2w0=
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:57:22 2024 by rpki-client on console-fra.rpki-client.org