Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/llsu5DruW77dIjkk72U_piTWB1Q.roa
File:                     llsu5DruW77dIjkk72U_piTWB1Q.roa (raw, json)
Hash identifier:          PgG6ihG4di3eePPF/bK96YOk9rXFyLXXan1v/JW4aGM=
Subject key identifier:   96:5B:2E:E4:3A:EE:5B:BE:DD:22:39:24:EF:65:3F:A6:24:D6:07:54
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       07F5
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/llsu5DruW77dIjkk72U_piTWB1Q.roa
Signing time:             Tue 30 Apr 2024 02:10:39 +0000
ROA not before:           Tue 30 Apr 2024 02:10:39 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        49.106.112.0/20 maxlen: 20

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2037 (0x7f5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 02:10:39 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=965B2EE43AEE5BBEDD223924EF653FA624D60754
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:ef:30:90:34:cd:ea:d0:5a:4c:e8:6f:93:7e:
                    bd:22:3e:ad:65:14:7b:73:7c:13:4f:5f:d2:7f:3a:
                    9f:1b:ac:2d:9f:91:36:27:f2:95:b6:a8:ad:3d:69:
                    e2:16:79:4c:0b:88:3e:ed:3d:6b:82:37:4d:01:37:
                    8c:e1:34:7b:e3:40:54:da:fc:67:f0:e5:12:a5:03:
                    a5:c8:79:ba:17:c6:14:c1:75:ab:bb:f9:bb:de:ed:
                    a6:8e:d2:f2:84:92:6b:b4:84:e0:57:29:c2:c7:72:
                    66:47:a9:ce:bf:7e:be:d3:c7:8d:0e:b9:50:55:77:
                    95:f4:1a:16:52:0b:17:7c:52:02:53:22:65:bb:74:
                    a0:45:63:9f:55:a9:31:f2:3f:46:7d:c8:1d:e4:75:
                    a3:a3:15:0f:39:b9:08:4c:06:44:4c:f9:2b:a4:62:
                    75:22:c7:97:2f:00:38:c2:37:e7:88:c0:65:ed:33:
                    e9:4d:0a:6e:85:7f:fd:26:b7:50:cd:66:f7:7a:60:
                    74:0c:f5:eb:a2:37:67:ca:3b:84:b3:8b:aa:50:c6:
                    16:08:31:13:7b:de:61:8a:e1:b0:6b:f2:56:c5:3e:
                    90:a7:b4:6a:91:43:0a:cb:02:46:c3:32:e8:64:2f:
                    b1:87:50:9d:3a:f1:86:86:7f:e1:a7:02:41:2f:f7:
                    cd:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:5B:2E:E4:3A:EE:5B:BE:DD:22:39:24:EF:65:3F:A6:24:D6:07:54
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/llsu5DruW77dIjkk72U_piTWB1Q.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.106.112.0/20

    Signature Algorithm: sha256WithRSAEncryption
         17:aa:5d:f6:55:4d:5c:47:19:c0:d3:b2:21:d1:dc:da:dd:94:
         06:cf:27:59:55:7e:22:13:fd:9e:d1:21:31:80:d6:42:d4:e2:
         a7:bc:a8:fa:c7:0b:21:4b:eb:a6:e7:d9:3d:f1:4b:b4:5a:0a:
         9b:1c:37:17:96:5a:c8:12:39:23:96:7a:63:e8:28:df:ac:92:
         4a:20:c6:f6:17:45:5f:f8:05:39:f2:fe:bf:95:c7:5c:d9:f0:
         6d:9b:c6:21:78:9c:91:2f:75:ff:2f:16:dc:57:f3:1e:9b:ab:
         14:0d:3f:39:91:e5:7d:05:f2:09:0d:09:da:ac:2a:53:2c:cb:
         3b:73:82:70:0d:0c:e0:07:0d:0a:e3:6b:3f:07:36:6d:1c:c9:
         7e:01:37:8c:52:38:54:cd:fe:70:62:64:b3:67:44:7f:b3:2c:
         e0:97:1a:aa:55:c9:1d:69:b5:db:a3:05:c6:4f:43:1a:88:89:
         45:ff:43:e8:c8:c3:ed:73:a6:86:99:cb:4d:ff:d9:e7:71:93:
         b8:c1:ee:70:07:45:3e:f5:35:d3:9e:63:31:a6:86:7e:ed:8a:
         7d:71:6c:93:e8:de:11:ca:5f:a6:c2:6e:89:14:ba:df:8f:19:
         04:d2:f5:01:c3:65:d6:af:c3:7b:4f:00:c7:f1:91:30:66:e9:
         28:bc:c0:c2
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICB/UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MjEwMzlaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDk2NUIyRUU0M0FFRTVC
QkVERDIyMzkyNEVGNjUzRkE2MjRENjA3NTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC57zCQNM3q0FpM6G+Tfr0iPq1lFHtzfBNPX9J/Op8brC2fkTYn
8pW2qK09aeIWeUwLiD7tPWuCN00BN4zhNHvjQFTa/Gfw5RKlA6XIeboXxhTBdau7
+bve7aaO0vKEkmu0hOBXKcLHcmZHqc6/fr7Tx40OuVBVd5X0GhZSCxd8UgJTImW7
dKBFY59VqTHyP0Z9yB3kdaOjFQ85uQhMBkRM+SukYnUix5cvADjCN+eIwGXtM+lN
Cm6Ff/0mt1DNZvd6YHQM9euiN2fKO4Szi6pQxhYIMRN73mGK4bBr8lbFPpCntGqR
QwrLAkbDMuhkL7GHUJ068YaGf+GnAkEv980pAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUllsu5DruW77dIjkk72U/piTWB1QwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L2xsc3U1RHJ1Vzc3ZElqa2s3MlVfcGlUV0IxUS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQxanAwDQYJKoZIhvcNAQELBQADggEBABeqXfZVTVxHGcDTsiHR3NrdlAbP
J1lVfiIT/Z7RITGA1kLU4qe8qPrHCyFL66bn2T3xS7RaCpscNxeWWsgSOSOWemPo
KN+skkogxvYXRV/4BTny/r+Vx1zZ8G2bxiF4nJEvdf8vFtxX8x6bqxQNPzmR5X0F
8gkNCdqsKlMsyztzgnANDOAHDQrjaz8HNm0cyX4BN4xSOFTN/nBiZLNnRH+zLOCX
GqpVyR1ptdujBcZPQxqIiUX/Q+jIw+1zpoaZy03/2edxk7jB7nAHRT71NdOeYzGm
hn7tin1xbJPo3hHKX6bCbokUut+PGQTS9QHDZdavw3tPAMfxkTBm6Si8wMI=
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:57:22 2024 by rpki-client on console-fra.rpki-client.org