Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/k3QVSieEUkkWzA2gXdQf1gZM0bc.roa
File:                     k3QVSieEUkkWzA2gXdQf1gZM0bc.roa (raw, json)
Hash identifier:          1TQOd7OFxEq56qnf3ECQjS9zarkhaC+TKan/V0EPOKY=
Subject key identifier:   93:74:15:4A:27:84:52:49:16:CC:0D:A0:5D:D4:1F:D6:06:4C:D1:B7
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       064C
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/k3QVSieEUkkWzA2gXdQf1gZM0bc.roa
Signing time:             Tue 30 Apr 2024 01:31:32 +0000
ROA not before:           Tue 30 Apr 2024 01:31:32 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        219.122.72.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 02 Dec 2024 22:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1612 (0x64c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 01:31:32 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=9374154A2784524916CC0DA05DD41FD6064CD1B7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:e7:57:89:a2:28:30:83:e4:59:3c:61:76:4a:
                    d9:f8:75:ca:8c:9c:63:9e:3c:77:cd:a2:ab:d1:37:
                    04:8a:64:b7:4a:50:60:35:9d:14:f8:5a:cc:e9:42:
                    16:77:4d:b6:d3:57:15:b5:e4:90:ac:e6:b6:e3:7d:
                    f1:d7:3a:3c:b0:91:1e:27:a2:48:21:b6:b1:d0:30:
                    a4:d7:c1:38:4a:35:47:90:09:ca:38:f0:42:ac:25:
                    9d:8a:75:42:a9:47:a1:d1:c5:91:02:f2:51:03:a2:
                    2c:d6:d0:cb:7e:68:f8:2d:58:02:5d:3c:83:3f:21:
                    3a:70:b6:88:b6:ea:7d:ed:75:41:2a:af:97:9c:61:
                    59:d4:4f:8d:97:51:be:e0:f3:ca:66:7a:a8:8b:ef:
                    8f:ec:b7:09:af:74:0b:b9:f8:d8:14:bd:b2:1f:f8:
                    36:e8:02:4f:3d:7b:7c:4d:02:52:6b:f1:6d:8d:91:
                    8d:3a:c5:96:0a:10:e2:15:30:c4:f4:4c:72:6e:ab:
                    1e:74:b3:bb:f0:31:26:e2:5e:a4:8a:21:20:88:df:
                    db:50:07:6b:ff:72:00:11:2e:32:e0:7b:34:72:bb:
                    47:b2:75:40:59:7a:f0:cd:53:ad:24:c8:c8:d4:c2:
                    9c:cd:79:7c:50:48:5b:5e:ee:d4:cf:0f:ef:15:b4:
                    a2:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:74:15:4A:27:84:52:49:16:CC:0D:A0:5D:D4:1F:D6:06:4C:D1:B7
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/k3QVSieEUkkWzA2gXdQf1gZM0bc.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  219.122.72.0/21

    Signature Algorithm: sha256WithRSAEncryption
         45:55:5b:85:21:28:f7:9c:07:72:3a:45:5c:d1:3f:8c:23:24:
         35:65:83:fb:a2:31:9f:76:bf:38:fc:e5:7f:6c:fd:94:76:4c:
         5b:d8:37:f7:8c:65:70:17:ae:58:4b:e8:23:76:d0:c7:c4:fd:
         bb:c0:7e:80:da:42:6d:a2:79:80:40:a2:46:c2:e9:24:57:fe:
         b3:92:f3:58:cd:a7:4d:0e:1b:ff:8d:11:f6:c5:64:8e:ef:5a:
         68:4b:e0:6d:e1:c5:ed:cc:5b:f6:77:70:c8:7d:c7:f5:d4:f8:
         6d:32:76:24:b7:51:ae:45:51:8f:c4:cb:2a:8f:80:a1:ad:00:
         34:80:be:7b:d2:fd:bc:5a:68:5a:7b:80:de:55:9c:fa:12:cb:
         90:2d:76:59:1d:54:26:ce:c5:49:4d:f9:d5:fb:72:38:a1:ff:
         4a:17:79:93:af:5f:0d:06:ff:ad:de:7f:3c:8f:45:01:50:61:
         05:01:61:a6:5f:d4:42:be:1f:f3:e9:51:2a:dd:11:9e:40:d0:
         93:82:aa:00:91:06:f3:c9:24:1c:8b:2e:e7:6d:d9:60:bc:4c:
         0d:34:66:61:14:8a:1c:47:bb:dc:46:27:62:4e:71:de:fe:9e:
         68:ac:c5:00:4e:0e:17:ac:3f:e5:2d:14:10:0d:d0:d7:f8:44:
         14:37:33:d0
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBkwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MTMxMzJaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDkzNzQxNTRBMjc4NDUy
NDkxNkNDMERBMDVERDQxRkQ2MDY0Q0QxQjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDl51eJoigwg+RZPGF2Stn4dcqMnGOePHfNoqvRNwSKZLdKUGA1
nRT4WszpQhZ3TbbTVxW15JCs5rbjffHXOjywkR4nokghtrHQMKTXwThKNUeQCco4
8EKsJZ2KdUKpR6HRxZEC8lEDoizW0Mt+aPgtWAJdPIM/ITpwtoi26n3tdUEqr5ec
YVnUT42XUb7g88pmeqiL74/stwmvdAu5+NgUvbIf+DboAk89e3xNAlJr8W2NkY06
xZYKEOIVMMT0THJuqx50s7vwMSbiXqSKISCI39tQB2v/cgARLjLgezRyu0eydUBZ
evDNU60kyMjUwpzNeXxQSFte7tTPD+8VtKITAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUk3QVSieEUkkWzA2gXdQf1gZM0bcwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L2szUVZTaWVFVWtrV3pBMmdYZFFmMWdaTTBiYy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAPbekgwDQYJKoZIhvcNAQELBQADggEBAEVVW4UhKPecB3I6RVzRP4wjJDVl
g/uiMZ92vzj85X9s/ZR2TFvYN/eMZXAXrlhL6CN20MfE/bvAfoDaQm2ieYBAokbC
6SRX/rOS81jNp00OG/+NEfbFZI7vWmhL4G3hxe3MW/Z3cMh9x/XU+G0ydiS3Ua5F
UY/EyyqPgKGtADSAvnvS/bxaaFp7gN5VnPoSy5AtdlkdVCbOxUlN+dX7cjih/0oX
eZOvXw0G/63efzyPRQFQYQUBYaZf1EK+H/PpUSrdEZ5A0JOCqgCRBvPJJByLLudt
2WC8TA00ZmEUihxHu9xGJ2JOcd7+nmisxQBODhesP+UtFBAN0Nf4RBQ3M9A=
-----END CERTIFICATE-----
Generated at Mon Nov 25 23:54:42 2024 by rpki-client on console-ams.rpki-client.org