Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/lmkm8oViO921_sq-SVWxr80ivJE.roa
File:                     lmkm8oViO921_sq-SVWxr80ivJE.roa (raw, json)
Hash identifier:          b6zmyZbp8fgyFoUGh7yMw4RZX9tUvl8oLMK4jv4dI+8=
Subject key identifier:   96:69:26:F2:85:62:3B:DD:B5:FE:CA:BE:49:55:B1:AF:CD:22:BC:91
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       05FD
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/lmkm8oViO921_sq-SVWxr80ivJE.roa
Signing time:             Thu 29 Feb 2024 01:35:46 +0000
ROA not before:           Thu 29 Feb 2024 01:35:46 +0000
ROA not after:            Fri 14 Feb 2025 01:30:03 +0000
asID:                     9605
IP address blocks:        220.159.54.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1533 (0x5fd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Feb 29 01:35:46 2024 GMT
            Not After : Feb 14 01:30:03 2025 GMT
        Subject: CN=966926F285623BDDB5FECABE4955B1AFCD22BC91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:34:7a:d1:a4:3d:92:04:9f:c9:cc:fc:7d:1c:
                    4c:df:8c:b5:68:44:ef:e1:48:77:32:b7:2d:43:55:
                    10:6b:75:06:91:6b:da:24:4f:db:2b:7e:11:60:7e:
                    2c:d0:fe:5b:d6:be:51:9a:65:71:fc:f7:b9:1a:9a:
                    76:06:7c:b7:2a:55:d7:7a:52:27:13:5f:ac:43:11:
                    eb:3b:02:ce:c6:15:6d:40:72:4e:06:5c:2d:62:b2:
                    19:7b:b7:ed:85:49:3c:c5:dd:50:1c:ea:0e:38:1b:
                    02:08:c3:5b:01:f0:59:8b:f5:fd:7a:95:f1:a6:51:
                    cf:ff:da:c2:cb:f3:c1:8d:09:50:93:68:51:bd:74:
                    db:27:41:07:22:23:0e:c4:f0:c2:0c:29:ca:6f:ae:
                    da:32:f0:9c:29:9d:e4:05:5b:f6:a2:8b:96:a3:b0:
                    31:08:b6:ce:1e:e3:8b:ca:4f:42:f4:44:b3:b5:ec:
                    fb:ad:b4:63:fb:95:b7:c4:e4:44:2b:fd:31:00:71:
                    44:b4:4f:74:8e:66:26:a7:c4:dd:af:d1:ce:73:bb:
                    f0:eb:8e:a6:09:47:63:99:f6:50:4b:d0:3a:b2:d6:
                    72:1d:35:21:ac:73:9f:c3:4d:25:30:e7:e1:aa:10:
                    49:84:02:a3:29:dd:0c:37:bd:3c:47:df:69:ac:55:
                    2c:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:69:26:F2:85:62:3B:DD:B5:FE:CA:BE:49:55:B1:AF:CD:22:BC:91
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/lmkm8oViO921_sq-SVWxr80ivJE.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  220.159.54.0/23

    Signature Algorithm: sha256WithRSAEncryption
         46:00:13:70:fc:2e:79:53:f6:00:bb:79:41:ad:d1:e1:43:f0:
         e8:24:3b:a7:aa:e8:72:3e:ee:fd:95:3a:13:23:f0:5a:99:cf:
         fe:b9:c9:a0:51:9c:a1:52:db:c9:d1:ad:f6:33:10:63:63:f9:
         71:25:08:aa:18:a7:1c:76:e0:16:36:27:25:2f:58:4d:93:b4:
         1e:e1:b4:a4:20:db:93:d0:e8:77:5e:d1:ea:cc:2e:95:3f:60:
         32:6d:65:e3:b8:a4:94:bd:dd:94:75:5d:28:96:b5:26:e1:1f:
         87:10:86:41:42:c2:f6:6a:ff:e7:0a:21:70:53:8d:87:e3:4c:
         9f:52:c1:a6:a3:89:f2:c9:2a:41:26:d2:63:da:dd:8b:f4:a8:
         51:97:86:b1:58:ac:75:74:87:a0:35:7b:e2:dd:70:0f:89:db:
         a0:49:59:24:a3:ad:99:18:90:07:1b:f1:63:a9:58:da:4e:d9:
         37:32:c8:cf:9b:95:c2:a8:bd:86:a2:66:5d:e4:52:41:88:80:
         72:39:37:91:e6:f2:ad:67:af:0a:10:67:62:c4:07:ac:f0:53:
         33:4d:8d:a9:85:6a:63:64:4b:ba:1b:cd:03:cb:f5:e6:d7:c6:
         5a:50:31:1f:3d:cb:69:0d:22:89:ca:3c:b8:79:97:66:59:d2:
         1a:08:d3:a0
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBf0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDAyMjkw
MTM1NDZaFw0yNTAyMTQwMTMwMDNaMDMxMTAvBgNVBAMTKDk2NjkyNkYyODU2MjNC
RERCNUZFQ0FCRTQ5NTVCMUFGQ0QyMkJDOTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaNHrRpD2SBJ/JzPx9HEzfjLVoRO/hSHcyty1DVRBrdQaRa9ok
T9srfhFgfizQ/lvWvlGaZXH897kamnYGfLcqVdd6UicTX6xDEes7As7GFW1Ack4G
XC1ishl7t+2FSTzF3VAc6g44GwIIw1sB8FmL9f16lfGmUc//2sLL88GNCVCTaFG9
dNsnQQciIw7E8MIMKcpvrtoy8JwpneQFW/aii5ajsDEIts4e44vKT0L0RLO17Put
tGP7lbfE5EQr/TEAcUS0T3SOZianxN2v0c5zu/DrjqYJR2OZ9lBL0Dqy1nIdNSGs
c5/DTSUw5+GqEEmEAqMp3Qw3vTxH32msVSwfAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUlmkm8oViO921/sq+SVWxr80ivJEwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L2xta204b1ZpTzkyMV9zcS1TVld4cjgwaXZKRS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAHcnzYwDQYJKoZIhvcNAQELBQADggEBAEYAE3D8LnlT9gC7eUGt0eFD8Ogk
O6eq6HI+7v2VOhMj8FqZz/65yaBRnKFS28nRrfYzEGNj+XElCKoYpxx24BY2JyUv
WE2TtB7htKQg25PQ6Hde0erMLpU/YDJtZeO4pJS93ZR1XSiWtSbhH4cQhkFCwvZq
/+cKIXBTjYfjTJ9SwaajifLJKkEm0mPa3Yv0qFGXhrFYrHV0h6A1e+LdcA+J26BJ
WSSjrZkYkAcb8WOpWNpO2TcyyM+blcKovYaiZl3kUkGIgHI5N5Hm8q1nrwoQZ2LE
B6zwUzNNjamFamNkS7obzQPL9ebXxlpQMR89y2kNIonKPLh5l2ZZ0hoI06A=
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:31:54 2024 by rpki-client on console-ams.rpki-client.org