Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/n39q3niKU4cYbo2Ya_mAVC8XS74.roa
File:                     n39q3niKU4cYbo2Ya_mAVC8XS74.roa (raw, json)
Hash identifier:          0uxSHTnBFYQqQFGXzQq+Mro/LnxP18fDFuKUG6ZPJ80=
Subject key identifier:   9F:7F:6A:DE:78:8A:53:87:18:6E:8D:98:6B:F9:80:54:2F:17:4B:BE
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       05DF
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/n39q3niKU4cYbo2Ya_mAVC8XS74.roa
Signing time:             Thu 29 Feb 2024 01:32:19 +0000
ROA not before:           Thu 29 Feb 2024 01:32:19 +0000
ROA not after:            Fri 14 Feb 2025 01:30:03 +0000
asID:                     9605
IP address blocks:        49.97.96.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1503 (0x5df)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Feb 29 01:32:19 2024 GMT
            Not After : Feb 14 01:30:03 2025 GMT
        Subject: CN=9F7F6ADE788A5387186E8D986BF980542F174BBE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:c0:67:13:cb:fb:f4:2f:ab:36:3f:34:ea:ef:
                    11:27:fa:de:83:b3:10:50:65:6a:92:22:53:55:ac:
                    b4:be:cb:5c:da:28:bd:2a:46:4f:54:32:39:e1:78:
                    fb:14:ca:88:a4:44:30:67:b0:11:57:0c:18:c9:99:
                    e1:e2:25:c2:00:3f:55:0e:ab:05:de:69:54:92:ac:
                    1f:26:04:82:76:1f:23:39:da:d4:61:8f:6c:f9:34:
                    d3:ec:06:d6:00:ed:27:6a:01:fd:2e:23:87:9f:4f:
                    ae:6f:db:b8:09:1e:ec:95:f4:15:16:93:a3:a4:08:
                    45:ca:9a:c9:8d:fd:d3:80:df:21:74:8d:12:8c:55:
                    5c:42:06:c4:bd:5a:e9:1b:8e:09:49:b0:43:2f:36:
                    9b:07:ed:6a:22:06:36:88:19:45:52:0e:a6:ab:69:
                    75:b1:29:07:aa:66:55:5d:49:89:0e:0a:b6:8c:05:
                    42:e9:57:e2:f3:45:36:6c:e0:50:6b:81:e3:43:89:
                    8f:41:d0:e2:d9:89:13:1a:10:d7:7d:68:6b:e3:16:
                    8d:c8:d1:bc:80:6a:34:a0:29:1c:8d:1d:ce:82:3d:
                    c9:05:88:96:bb:4d:f2:b6:b1:25:7f:07:ee:06:bc:
                    26:c5:e4:f8:f9:15:d6:19:35:44:d1:7d:1d:79:5d:
                    4e:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:7F:6A:DE:78:8A:53:87:18:6E:8D:98:6B:F9:80:54:2F:17:4B:BE
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/n39q3niKU4cYbo2Ya_mAVC8XS74.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.97.96.0/23

    Signature Algorithm: sha256WithRSAEncryption
         92:42:c5:61:a3:b9:68:69:07:83:03:21:34:93:24:37:82:6c:
         e6:04:83:e0:97:e1:2f:ce:d8:b9:13:47:74:0f:fd:6f:ac:0f:
         25:86:3e:ef:64:eb:1f:29:c4:c6:8c:de:bb:ac:b7:d9:a5:42:
         86:b1:a6:7c:28:cb:8c:fb:c0:19:0b:fe:55:a5:ca:7f:5e:da:
         36:f0:b6:55:27:5b:7f:2a:c4:c0:2c:b3:e8:ed:3a:fa:81:13:
         5b:a0:ca:63:1c:32:4b:89:51:97:b4:fc:76:c3:6b:e1:bd:7e:
         2b:06:96:cb:b1:d5:ff:64:81:a7:85:58:fb:64:d8:48:af:c3:
         e5:8f:c7:9f:dc:9a:c2:38:07:8b:21:62:b3:94:b5:21:a7:8b:
         91:44:f9:09:2e:f6:88:4a:55:ec:49:13:6a:19:34:3c:44:a9:
         eb:47:c5:1f:2d:7c:c1:f1:ed:fb:e1:8f:38:44:81:e1:15:da:
         80:42:92:88:5f:ac:be:2b:cd:8a:21:e2:94:c4:71:a1:20:03:
         93:18:de:a5:5f:4c:85:4a:ce:b3:d6:a5:e4:0b:bb:18:47:99:
         15:fd:5f:af:e7:95:ae:e2:f4:16:84:8c:49:0d:94:f0:1d:e6:
         8f:a7:95:9c:f9:e4:ad:98:41:53:77:5e:b1:13:a0:ca:8b:46:
         03:ff:e8:e4
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBd8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDAyMjkw
MTMyMTlaFw0yNTAyMTQwMTMwMDNaMDMxMTAvBgNVBAMTKDlGN0Y2QURFNzg4QTUz
ODcxODZFOEQ5ODZCRjk4MDU0MkYxNzRCQkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1wGcTy/v0L6s2PzTq7xEn+t6DsxBQZWqSIlNVrLS+y1zaKL0q
Rk9UMjnhePsUyoikRDBnsBFXDBjJmeHiJcIAP1UOqwXeaVSSrB8mBIJ2HyM52tRh
j2z5NNPsBtYA7SdqAf0uI4efT65v27gJHuyV9BUWk6OkCEXKmsmN/dOA3yF0jRKM
VVxCBsS9WukbjglJsEMvNpsH7WoiBjaIGUVSDqaraXWxKQeqZlVdSYkOCraMBULp
V+LzRTZs4FBrgeNDiY9B0OLZiRMaENd9aGvjFo3I0byAajSgKRyNHc6CPckFiJa7
TfK2sSV/B+4GvCbF5Pj5FdYZNUTRfR15XU4fAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUn39q3niKU4cYbo2Ya/mAVC8XS74wHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L24zOXEzbmlLVTRjWWJvMllhX21BVkM4WFM3NC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAExYWAwDQYJKoZIhvcNAQELBQADggEBAJJCxWGjuWhpB4MDITSTJDeCbOYE
g+CX4S/O2LkTR3QP/W+sDyWGPu9k6x8pxMaM3rust9mlQoaxpnwoy4z7wBkL/lWl
yn9e2jbwtlUnW38qxMAss+jtOvqBE1ugymMcMkuJUZe0/HbDa+G9fisGlsux1f9k
gaeFWPtk2Eivw+WPx5/cmsI4B4shYrOUtSGni5FE+Qku9ohKVexJE2oZNDxEqetH
xR8tfMHx7fvhjzhEgeEV2oBCkohfrL4rzYoh4pTEcaEgA5MY3qVfTIVKzrPWpeQL
uxhHmRX9X6/nla7i9BaEjEkNlPAd5o+nlZz55K2YQVN3XrEToMqLRgP/6OQ=
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:31:54 2024 by rpki-client on console-ams.rpki-client.org