Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/nJvCLvCX03eTbgIgE63mND8aFFU.roa
File:                     nJvCLvCX03eTbgIgE63mND8aFFU.roa (raw, json)
Hash identifier:          SJ899OnIN3E3R7p27buVFqY3KSw27GeJSaWIUhujwA4=
Subject key identifier:   9C:9B:C2:2E:F0:97:D3:77:93:6E:02:20:13:AD:E6:34:3F:1A:14:55
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0813
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/nJvCLvCX03eTbgIgE63mND8aFFU.roa
Signing time:             Tue 30 Apr 2024 02:12:28 +0000
ROA not before:           Tue 30 Apr 2024 02:12:28 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        49.104.32.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 14:09:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2067 (0x813)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 02:12:28 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=9C9BC22EF097D377936E022013ADE6343F1A1455
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:b5:09:79:37:7f:b3:23:7f:38:01:79:e4:9e:
                    81:bc:92:46:7a:25:6e:dd:6c:5d:d9:41:d5:00:31:
                    bc:88:34:fe:25:e4:09:d2:84:64:39:b4:6a:8a:64:
                    0e:87:45:7c:45:d3:0a:91:91:fd:f6:0d:2e:60:12:
                    16:f9:f9:87:bf:ef:42:d4:ad:6b:56:c4:71:04:fb:
                    c9:f4:72:c6:59:85:0f:42:c5:a7:00:da:d7:b4:fe:
                    b0:b9:5c:fa:84:25:cd:a2:a9:c0:94:a8:76:7f:a7:
                    28:2a:c6:dd:00:21:b8:09:37:cc:66:c1:b6:12:e9:
                    68:f3:b1:cf:c1:17:81:28:66:b0:73:bf:14:39:fa:
                    a2:49:d9:42:9b:31:98:28:f3:45:3c:29:e9:0f:e6:
                    c0:e6:c2:12:71:b7:63:6b:c2:7f:23:d7:07:08:7e:
                    fd:26:f6:cf:3f:84:f3:60:5a:a2:4c:f8:58:5f:16:
                    b7:1a:8d:01:cf:e1:e9:4b:7e:47:b9:f1:16:e0:f6:
                    2f:b5:78:fb:a6:40:a6:7d:d8:bd:b1:92:42:c2:44:
                    6b:87:f3:c0:70:92:47:3e:3d:67:8f:ef:de:b0:39:
                    39:cb:71:db:df:4f:9b:b2:4d:64:15:3e:1a:e2:a5:
                    22:e9:73:8e:10:26:41:9f:d9:0a:9a:fd:2e:a3:53:
                    43:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:9B:C2:2E:F0:97:D3:77:93:6E:02:20:13:AD:E6:34:3F:1A:14:55
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/nJvCLvCX03eTbgIgE63mND8aFFU.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.104.32.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:7d:6a:67:f2:54:41:aa:80:f2:fb:c3:27:83:5a:29:34:db:
         b4:6e:61:49:67:37:ce:22:f7:3c:fe:98:92:94:91:82:57:b6:
         e0:51:c2:27:12:9b:9e:a1:ae:83:62:62:9e:e2:2c:cd:1e:3a:
         ae:27:f5:c4:74:3e:5e:03:4e:8a:79:05:ce:74:cd:19:a0:88:
         4e:ae:cc:f8:d6:26:3a:89:d5:96:26:d2:2a:bd:c5:29:d1:7c:
         80:d6:38:00:e2:ab:f4:ab:46:c8:c4:8d:d6:3a:0a:b8:2d:fb:
         63:08:43:0c:d2:65:0f:3c:5e:b1:cf:bc:8a:db:59:18:10:c5:
         1c:e2:01:1d:cc:e7:10:81:b4:12:2c:74:5b:f0:ca:78:26:57:
         d2:9e:93:2e:5c:8b:d4:2b:60:a9:06:65:25:50:e9:58:76:35:
         e3:a7:c8:75:4e:42:56:87:26:9a:b5:9c:65:a1:b5:7e:3f:1c:
         42:6a:a0:c9:39:49:3f:fe:76:ed:11:26:cd:71:06:f9:c4:b1:
         49:71:3a:3f:a9:13:e6:50:c8:59:34:0d:30:ac:d4:bd:5d:57:
         49:55:74:ef:69:00:5c:af:7d:1b:c5:c7:cd:eb:1a:ee:1b:a3:
         8d:57:3c:55:31:3c:a9:0f:97:be:4d:ca:e1:00:0b:22:bb:0c:
         85:27:8c:d7
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICCBMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MjEyMjhaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDlDOUJDMjJFRjA5N0Qz
Nzc5MzZFMDIyMDEzQURFNjM0M0YxQTE0NTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKtQl5N3+zI384AXnknoG8kkZ6JW7dbF3ZQdUAMbyINP4l5AnS
hGQ5tGqKZA6HRXxF0wqRkf32DS5gEhb5+Ye/70LUrWtWxHEE+8n0csZZhQ9CxacA
2te0/rC5XPqEJc2iqcCUqHZ/pygqxt0AIbgJN8xmwbYS6Wjzsc/BF4EoZrBzvxQ5
+qJJ2UKbMZgo80U8KekP5sDmwhJxt2Nrwn8j1wcIfv0m9s8/hPNgWqJM+FhfFrca
jQHP4elLfke58Rbg9i+1ePumQKZ92L2xkkLCRGuH88Bwkkc+PWeP796wOTnLcdvf
T5uyTWQVPhripSLpc44QJkGf2Qqa/S6jU0M7AgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUnJvCLvCX03eTbgIgE63mND8aFFUwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L25KdkNMdkNYMDNlVGJnSWdFNjNtTkQ4YUZGVS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAxaCAwDQYJKoZIhvcNAQELBQADggEBAFV9amfyVEGqgPL7wyeDWik027Ru
YUlnN84i9zz+mJKUkYJXtuBRwicSm56hroNiYp7iLM0eOq4n9cR0Pl4DTop5Bc50
zRmgiE6uzPjWJjqJ1ZYm0iq9xSnRfIDWOADiq/SrRsjEjdY6Crgt+2MIQwzSZQ88
XrHPvIrbWRgQxRziAR3M5xCBtBIsdFvwyngmV9Keky5ci9QrYKkGZSVQ6Vh2NeOn
yHVOQlaHJpq1nGWhtX4/HEJqoMk5ST/+du0RJs1xBvnEsUlxOj+pE+ZQyFk0DTCs
1L1dV0lVdO9pAFyvfRvFx83rGu4bo41XPFUxPKkPl75NyuEACyK7DIUnjNc=
-----END CERTIFICATE-----
Generated at Mon Jun 17 09:40:10 2024 by rpki-client on console-fra.rpki-client.org