Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/ndrMFF7DJTwpfz9E2EjGZY7IEaw.roa
File:                     ndrMFF7DJTwpfz9E2EjGZY7IEaw.roa (raw, json)
Hash identifier:          q1fB/bcjGdA9V4aO98YKZ/da3ZIavI0aU6UOryWUTNY=
Subject key identifier:   9D:DA:CC:14:5E:C3:25:3C:29:7F:3F:44:D8:48:C6:65:8E:C8:11:AC
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       090F
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/ndrMFF7DJTwpfz9E2EjGZY7IEaw.roa
Signing time:             Tue 30 Apr 2024 02:28:43 +0000
ROA not before:           Tue 30 Apr 2024 02:28:43 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        110.163.216.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2319 (0x90f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 02:28:43 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=9DDACC145EC3253C297F3F44D848C6658EC811AC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:56:16:d5:75:4b:fa:bb:3c:27:d8:7e:30:4d:
                    aa:da:57:53:a1:1e:19:4d:02:a5:e6:00:cf:6b:a8:
                    4a:9e:3c:10:a2:53:f0:3e:55:02:f9:10:f2:c2:a8:
                    68:56:6b:61:4b:65:3d:3f:92:51:b2:d8:01:4a:7a:
                    ed:84:c9:98:cc:9c:83:b1:42:76:29:4f:e5:17:79:
                    56:fb:27:84:1c:29:98:fc:e1:c7:8d:97:00:89:10:
                    d9:98:29:46:e5:f6:ba:57:2f:c1:d3:1d:3b:90:b4:
                    8a:bc:03:6a:7b:b4:80:f6:d3:f4:b2:f8:a5:bd:26:
                    d0:5d:33:d8:87:69:a4:f5:9a:69:82:52:90:bc:4e:
                    0f:99:95:48:13:b8:8e:09:a4:8b:f9:67:ee:8f:6c:
                    0e:6c:ee:55:7b:27:ab:b7:01:cf:cc:c7:09:98:80:
                    c9:79:99:64:cb:a5:e0:1b:f8:7b:ad:51:d1:3e:fb:
                    6f:cb:ab:10:92:79:f6:11:7c:ce:c7:27:2b:17:8d:
                    71:ec:78:ec:da:4b:fa:dc:1c:08:fb:27:e7:97:b5:
                    87:13:bb:a2:c6:fd:cf:d4:da:8b:f0:1a:f8:33:c2:
                    8d:50:f1:61:c1:14:77:b2:45:6c:59:b5:bc:4c:4d:
                    f2:e6:12:59:b6:16:20:01:21:b8:d9:60:ad:f2:a4:
                    bc:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:DA:CC:14:5E:C3:25:3C:29:7F:3F:44:D8:48:C6:65:8E:C8:11:AC
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/ndrMFF7DJTwpfz9E2EjGZY7IEaw.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  110.163.216.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3f:a1:7a:7d:df:6e:ec:84:87:35:71:20:0f:b6:ab:59:37:30:
         30:30:07:08:5a:a7:79:06:dc:64:e8:a3:09:a3:c0:05:ef:19:
         65:25:71:86:63:29:25:92:cd:4d:dd:83:bd:22:c4:83:3d:39:
         f3:70:eb:9f:fb:9b:44:c6:fd:c3:c1:64:c5:07:a4:17:41:94:
         12:8e:fa:e0:32:6d:9d:0a:50:89:69:3f:3a:f1:35:aa:9c:b3:
         da:4f:f1:45:2e:f4:f0:47:80:01:79:b2:a2:a3:82:91:a6:27:
         7e:99:28:ab:08:dc:46:50:7b:d5:ff:51:05:74:f7:8d:7b:49:
         c1:86:25:16:9c:3d:f4:2d:0d:74:76:0a:c7:13:4e:6e:50:6d:
         50:11:46:a4:1d:f2:b6:f3:1e:9a:b0:eb:50:39:91:a6:f2:51:
         cb:48:cb:11:ee:9f:62:08:33:53:60:0c:74:fb:dc:bd:1e:d2:
         6f:4c:41:4d:be:10:35:1e:d7:67:46:a8:8c:5e:d4:bd:1d:51:
         29:88:76:75:74:76:f9:d4:9d:bd:1b:d3:62:e1:ea:90:1f:df:
         82:50:7c:7e:ba:8f:e7:25:51:bc:cf:6f:a2:14:b0:18:de:14:
         de:5d:56:cd:43:cc:ae:47:f8:94:35:1e:22:ed:4d:5c:94:f1:
         fd:44:e2:d5
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICCQ8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MjI4NDNaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDlEREFDQzE0NUVDMzI1
M0MyOTdGM0Y0NEQ4NDhDNjY1OEVDODExQUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDeVhbVdUv6uzwn2H4wTaraV1OhHhlNAqXmAM9rqEqePBCiU/A+
VQL5EPLCqGhWa2FLZT0/klGy2AFKeu2EyZjMnIOxQnYpT+UXeVb7J4QcKZj84ceN
lwCJENmYKUbl9rpXL8HTHTuQtIq8A2p7tID20/Sy+KW9JtBdM9iHaaT1mmmCUpC8
Tg+ZlUgTuI4JpIv5Z+6PbA5s7lV7J6u3Ac/MxwmYgMl5mWTLpeAb+HutUdE++2/L
qxCSefYRfM7HJysXjXHseOzaS/rcHAj7J+eXtYcTu6LG/c/U2ovwGvgzwo1Q8WHB
FHeyRWxZtbxMTfLmElm2FiABIbjZYK3ypLz9AgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUndrMFF7DJTwpfz9E2EjGZY7IEawwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L25kck1GRjdESlR3cGZ6OUUyRWpHWlk3SUVhdy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFuo9gwDQYJKoZIhvcNAQELBQADggEBAD+hen3fbuyEhzVxIA+2q1k3MDAw
Bwhap3kG3GToowmjwAXvGWUlcYZjKSWSzU3dg70ixIM9OfNw65/7m0TG/cPBZMUH
pBdBlBKO+uAybZ0KUIlpPzrxNaqcs9pP8UUu9PBHgAF5sqKjgpGmJ36ZKKsI3EZQ
e9X/UQV09417ScGGJRacPfQtDXR2CscTTm5QbVARRqQd8rbzHpqw61A5kabyUctI
yxHun2IIM1NgDHT73L0e0m9MQU2+EDUe12dGqIxe1L0dUSmIdnV0dvnUnb0b02Lh
6pAf34JQfH66j+clUbzPb6IUsBjeFN5dVs1DzK5H+JQ1HiLtTVyU8f1E4tU=
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:31:54 2024 by rpki-client on console-ams.rpki-client.org