Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/ksi4ck25hTB3fbFC-W1HwPLfieE.roa
File:                     ksi4ck25hTB3fbFC-W1HwPLfieE.roa (raw, json)
Hash identifier:          aD9pMEYeFqLtUq3ZQa4jhNaOc1Mh0/JWW/QzQEOcHxo=
Subject key identifier:   92:C8:B8:72:4D:B9:85:30:77:7D:B1:42:F9:6D:47:C0:F2:DF:89:E1
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       082A
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/ksi4ck25hTB3fbFC-W1HwPLfieE.roa
Signing time:             Tue 30 Apr 2024 02:14:23 +0000
ROA not before:           Tue 30 Apr 2024 02:14:23 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        49.97.28.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2090 (0x82a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 02:14:23 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=92C8B8724DB98530777DB142F96D47C0F2DF89E1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:66:ac:35:d3:c9:8d:38:71:36:a1:86:10:0f:
                    b7:3a:65:90:dd:be:c4:24:59:80:67:d3:6e:d6:b6:
                    cc:c2:70:cd:14:d9:25:fc:3b:d1:15:41:c0:b1:1e:
                    9e:83:1d:53:ee:80:8b:03:a6:96:a4:ae:e1:ff:41:
                    5f:71:ac:d0:53:93:59:0e:52:ee:2b:27:fb:a7:2d:
                    65:45:d9:5b:95:fb:89:ad:61:7a:4d:b4:9b:a7:31:
                    e3:b1:e0:22:ab:db:7c:c5:72:34:e5:25:87:30:d6:
                    40:27:b8:24:73:3f:4d:4d:98:13:1b:5b:04:ef:c6:
                    9a:57:d4:a3:04:ca:38:e8:d7:80:2d:d8:25:66:2e:
                    af:6f:3d:8f:e2:00:ea:7e:f0:d0:4b:ba:f2:9a:2f:
                    dd:bd:36:8c:50:7c:68:17:e5:57:a9:25:1f:da:bc:
                    d7:92:09:a9:c7:1d:db:6f:63:c2:fd:f1:3f:6c:c9:
                    43:b8:f6:de:4d:0b:04:47:85:a4:6f:3d:21:49:e3:
                    ea:22:e2:12:b9:79:9f:ad:1d:e9:a4:d3:eb:45:ae:
                    5b:43:be:e8:78:17:98:6c:84:43:3d:7c:2a:8b:ce:
                    5f:83:70:77:4e:5e:f9:6b:50:82:e8:40:71:9a:27:
                    6e:6b:0f:92:22:72:46:55:84:a4:0a:ca:ba:4f:f1:
                    f1:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:C8:B8:72:4D:B9:85:30:77:7D:B1:42:F9:6D:47:C0:F2:DF:89:E1
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/ksi4ck25hTB3fbFC-W1HwPLfieE.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.97.28.0/23

    Signature Algorithm: sha256WithRSAEncryption
         13:15:4c:4e:79:04:43:6d:86:e6:8d:88:7d:14:93:28:96:e9:
         f8:16:33:28:41:81:96:72:c8:20:78:01:9c:95:0b:81:ee:ca:
         d1:27:68:f2:30:b3:c5:d1:2d:d8:ba:eb:61:6f:d5:21:3f:49:
         ee:cd:02:b4:d4:ca:43:dd:51:f4:de:da:32:6a:99:b2:46:b9:
         77:b7:47:61:89:68:39:62:3c:a6:84:64:07:8e:18:6a:c1:ba:
         ab:a5:88:50:d9:cf:8f:52:d6:3d:5e:59:82:bd:56:cc:fb:61:
         68:d5:09:22:af:4e:74:69:36:de:5b:ee:1f:df:67:cd:dd:f7:
         8e:64:1d:6b:d6:11:b8:4d:5b:a5:0e:d5:20:97:ba:bd:e7:54:
         da:01:a6:00:9f:ed:d3:25:4d:64:11:c5:43:aa:56:6b:8f:b2:
         39:92:d6:34:53:d1:97:88:d1:56:24:d2:96:62:b4:fd:d2:1b:
         7e:4c:82:31:b7:cb:5d:79:2e:8c:41:ff:10:60:b9:ee:f0:cf:
         bd:28:1d:f2:d5:68:67:dd:9c:4a:86:40:c9:83:25:70:fb:fd:
         26:86:22:71:55:2c:91:e1:a8:23:92:33:2c:ab:9a:a1:4f:72:
         07:ff:05:67:89:ed:99:08:65:12:19:38:a4:0e:54:d3:e3:9e:
         83:96:83:12
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICCCowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MjE0MjNaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDkyQzhCODcyNERCOTg1
MzA3NzdEQjE0MkY5NkQ0N0MwRjJERjg5RTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUZqw108mNOHE2oYYQD7c6ZZDdvsQkWYBn027WtszCcM0U2SX8
O9EVQcCxHp6DHVPugIsDppakruH/QV9xrNBTk1kOUu4rJ/unLWVF2VuV+4mtYXpN
tJunMeOx4CKr23zFcjTlJYcw1kAnuCRzP01NmBMbWwTvxppX1KMEyjjo14At2CVm
Lq9vPY/iAOp+8NBLuvKaL929NoxQfGgX5VepJR/avNeSCanHHdtvY8L98T9syUO4
9t5NCwRHhaRvPSFJ4+oi4hK5eZ+tHemk0+tFrltDvuh4F5hshEM9fCqLzl+DcHdO
XvlrUILoQHGaJ25rD5IickZVhKQKyrpP8fF5AgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUksi4ck25hTB3fbFC+W1HwPLfieEwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L2tzaTRjazI1aFRCM2ZiRkMtVzFId1BMZmllRS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAExYRwwDQYJKoZIhvcNAQELBQADggEBABMVTE55BENthuaNiH0UkyiW6fgW
MyhBgZZyyCB4AZyVC4HuytEnaPIws8XRLdi662Fv1SE/Se7NArTUykPdUfTe2jJq
mbJGuXe3R2GJaDliPKaEZAeOGGrBuquliFDZz49S1j1eWYK9Vsz7YWjVCSKvTnRp
Nt5b7h/fZ83d945kHWvWEbhNW6UO1SCXur3nVNoBpgCf7dMlTWQRxUOqVmuPsjmS
1jRT0ZeI0VYk0pZitP3SG35MgjG3y115LoxB/xBgue7wz70oHfLVaGfdnEqGQMmD
JXD7/SaGInFVLJHhqCOSMyyrmqFPcgf/BWeJ7ZkIZRIZOKQOVNPjnoOWgxI=
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:57:22 2024 by rpki-client on console-fra.rpki-client.org