Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/kWG_XTlZbpRsCvZGpmLN0tfBN_g.roa
File:                     kWG_XTlZbpRsCvZGpmLN0tfBN_g.roa (raw, json)
Hash identifier:          vSpBws588d18OHDmEsRX4xQQgHI9tl4JFg8Ce1kFdv4=
Subject key identifier:   91:61:BF:5D:39:59:6E:94:6C:0A:F6:46:A6:62:CD:D2:D7:C1:37:F8
Certificate issuer:       /CN=F89E0F15C1E20E191AAF17288F6E30FF01869A6E
Certificate serial:       45
Authority key identifier: F8:9E:0F:15:C1:E2:0E:19:1A:AF:17:28:8F:6E:30:FF:01:86:9A:6E
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/-J4PFcHiDhkarxcoj24w_wGGmm4.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/kWG_XTlZbpRsCvZGpmLN0tfBN_g.roa
Signing time:             Wed 15 May 2024 08:35:37 +0000
ROA not before:           Wed 15 May 2024 08:35:37 +0000
ROA not after:            Thu 15 May 2025 01:30:03 +0000
asID:                     9605
IP address blocks:        160.249.80.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/-J4PFcHiDhkarxcoj24w_wGGmm4.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/-J4PFcHiDhkarxcoj24w_wGGmm4.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/-J4PFcHiDhkarxcoj24w_wGGmm4.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b2g-rjmhc4rmyT_fBB8RSOZTTfI.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:52:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 69 (0x45)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F89E0F15C1E20E191AAF17288F6E30FF01869A6E
        Validity
            Not Before: May 15 08:35:37 2024 GMT
            Not After : May 15 01:30:03 2025 GMT
        Subject: CN=9161BF5D39596E946C0AF646A662CDD2D7C137F8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:91:bc:03:1d:33:36:ac:3b:4c:8f:0a:2e:65:
                    2d:3d:fa:ab:13:c8:14:04:6b:13:c2:2d:0e:23:9d:
                    95:ff:ef:8a:04:2e:c3:a2:93:53:87:99:48:5a:2d:
                    67:2e:b1:89:ec:93:e1:37:2b:7a:51:0c:4f:58:33:
                    59:56:b3:fd:c9:20:61:3b:03:22:f2:1e:73:a8:cc:
                    68:da:25:61:86:20:c2:13:cf:d7:01:5f:0c:1f:3c:
                    1f:57:f3:0a:4c:3e:5b:41:69:cb:23:87:00:1a:d4:
                    e0:5c:d1:9a:f9:66:4a:79:7a:4b:d9:09:a9:b6:97:
                    d6:c5:19:45:8c:6c:52:79:b6:ff:97:c1:de:8d:b4:
                    e8:a7:0e:0d:fc:f6:ac:f9:8e:85:28:be:34:f7:ab:
                    10:18:cc:f7:b1:ca:68:2a:68:9b:07:65:98:6a:eb:
                    bb:af:0f:4a:3a:9a:cf:e6:f4:9a:af:69:3d:00:44:
                    27:b6:47:a9:ae:94:03:39:81:90:46:51:1f:69:24:
                    42:2f:fd:78:aa:fd:4c:8e:50:64:f0:8c:98:47:30:
                    57:84:02:af:a2:41:fa:cc:f7:21:97:05:f6:49:8f:
                    b6:58:7d:ed:f7:a7:93:46:c9:ca:26:8c:ea:8f:ca:
                    d7:7f:9c:6c:26:c4:ab:c8:88:2d:b5:1f:e9:20:e7:
                    a4:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:61:BF:5D:39:59:6E:94:6C:0A:F6:46:A6:62:CD:D2:D7:C1:37:F8
            X509v3 Authority Key Identifier:
                keyid:F8:9E:0F:15:C1:E2:0E:19:1A:AF:17:28:8F:6E:30:FF:01:86:9A:6E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/-J4PFcHiDhkarxcoj24w_wGGmm4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/-J4PFcHiDhkarxcoj24w_wGGmm4.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/kWG_XTlZbpRsCvZGpmLN0tfBN_g.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.249.80.0/21

    Signature Algorithm: sha256WithRSAEncryption
         3d:01:f1:c9:29:f6:9f:f7:f4:c1:ef:1d:4a:dc:d8:c1:1e:e0:
         60:2f:3f:c6:8d:9e:2d:35:21:51:3a:69:85:b1:f5:0b:69:3d:
         10:a7:84:f9:e9:b5:9e:a5:44:49:f0:e5:c3:10:d7:21:aa:c2:
         96:11:19:83:42:53:0c:c6:38:9b:e2:3b:47:fc:03:40:f2:05:
         33:55:83:7d:ea:4f:93:31:ea:67:29:56:ed:9f:d3:5d:fc:e3:
         bd:42:ac:27:fa:ad:3c:1f:29:2c:7f:c3:2a:77:2d:b3:06:ef:
         1d:04:6a:7b:fe:63:f4:e8:57:28:fb:76:7f:9f:28:76:24:01:
         70:6e:03:a3:53:5b:57:a3:87:88:2b:9d:f8:1e:10:b4:2c:90:
         0d:a8:df:86:dc:58:03:b5:21:ad:47:c2:e3:16:1f:b2:38:26:
         88:02:11:c2:2f:32:da:4b:91:a5:4f:56:72:77:ee:cb:93:5c:
         92:c4:ba:f0:63:f1:54:6b:fe:77:36:4d:2c:e9:2f:31:58:21:
         af:36:32:bb:78:91:ba:1d:bf:5a:ac:f0:82:2e:11:2d:9b:a9:
         57:cc:c4:7c:11:7d:16:c5:bd:8c:c0:b9:a2:5d:19:60:f0:02:
         e8:f4:35:a6:49:33:a5:8f:42:af:48:5b:70:1b:73:ab:e8:3c:
         81:a4:c0:dd
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBRTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGODlF
MEYxNUMxRTIwRTE5MUFBRjE3Mjg4RjZFMzBGRjAxODY5QTZFMB4XDTI0MDUxNTA4
MzUzN1oXDTI1MDUxNTAxMzAwM1owMzExMC8GA1UEAxMoOTE2MUJGNUQzOTU5NkU5
NDZDMEFGNjQ2QTY2MkNERDJEN0MxMzdGODCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALiRvAMdMzasO0yPCi5lLT36qxPIFARrE8ItDiOdlf/vigQuw6KT
U4eZSFotZy6xieyT4TcrelEMT1gzWVaz/ckgYTsDIvIec6jMaNolYYYgwhPP1wFf
DB88H1fzCkw+W0FpyyOHABrU4FzRmvlmSnl6S9kJqbaX1sUZRYxsUnm2/5fB3o20
6KcODfz2rPmOhSi+NPerEBjM97HKaCpomwdlmGrru68PSjqaz+b0mq9pPQBEJ7ZH
qa6UAzmBkEZRH2kkQi/9eKr9TI5QZPCMmEcwV4QCr6JB+sz3IZcF9kmPtlh97fen
k0bJyiaM6o/K13+cbCbEq8iILbUf6SDnpFUCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBSRYb9dOVlulGwK9kamYs3S18E3+DAfBgNVHSMEGDAWgBT4ng8VweIOGRqvFyiP
bjD/AYaabjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzA5Ly1KNFBGY0hpRGhrYXJ4Y29qMjR3X3dHR21tNC5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwLy1KNFBGY0hpRGhrYXJ4Y29qMjR3X3dH
R21tNC5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC8zMDkva1dHX1hUbFpicFJzQ3ZaR3BtTE4wdGZCTl9nLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEA6D5UDANBgkqhkiG9w0BAQsFAAOCAQEAPQHxySn2n/f0we8dStzYwR7gYC8/
xo2eLTUhUTpphbH1C2k9EKeE+em1nqVESfDlwxDXIarClhEZg0JTDMY4m+I7R/wD
QPIFM1WDfepPkzHqZylW7Z/TXfzjvUKsJ/qtPB8pLH/DKnctswbvHQRqe/5j9OhX
KPt2f58odiQBcG4Do1NbV6OHiCud+B4QtCyQDajfhtxYA7UhrUfC4xYfsjgmiAIR
wi8y2kuRpU9Wcnfuy5NcksS68GPxVGv+dzZNLOkvMVghrzYyu3iRuh2/Wqzwgi4R
LZupV8zEfBF9FsW9jMC5ol0ZYPAC6PQ1pkkzpY9Cr0hbcBtzq+g8gaTA3Q==
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:31:54 2024 by rpki-client on console-ams.rpki-client.org