Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/nz-UlOVUO34CNR2M5UuhfTQS5Jc.roa
File:                     nz-UlOVUO34CNR2M5UuhfTQS5Jc.roa (raw, json)
Hash identifier:          pVINPZ7Rl/TDM5niGEPyxxRvhEcng/FHQ57eqgnMvFA=
Subject key identifier:   9F:3F:94:94:E5:54:3B:7E:02:35:1D:8C:E5:4B:A1:7D:34:12:E4:97
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0821
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/nz-UlOVUO34CNR2M5UuhfTQS5Jc.roa
Signing time:             Tue 30 Apr 2024 02:14:19 +0000
ROA not before:           Tue 30 Apr 2024 02:14:19 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        49.104.42.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 01:30:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2081 (0x821)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 02:14:19 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=9F3F9494E5543B7E02351D8CE54BA17D3412E497
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:4a:92:78:6e:20:3b:0b:1c:83:4e:b5:5c:24:
                    8a:8b:bf:56:aa:48:94:cb:0d:fd:30:8f:0a:e2:14:
                    ae:14:c6:7f:e7:5b:36:58:17:f1:e0:4e:37:44:81:
                    67:36:75:a3:3d:d3:46:f9:dc:30:77:60:98:aa:de:
                    6c:1b:3d:02:0e:c7:39:3c:ac:6a:14:c0:09:c1:e0:
                    3b:8b:f4:37:a6:37:42:68:7e:b2:0b:c5:fa:fc:0b:
                    a2:29:22:bd:55:ef:88:d0:fa:7b:cd:95:14:ab:50:
                    6e:cf:9b:6b:b3:3e:2c:b8:c3:b9:73:91:f6:94:d1:
                    36:08:bd:a1:8b:01:85:26:9f:3a:d7:71:51:f4:4f:
                    be:c2:5c:12:94:90:e3:6d:bf:ef:49:e4:82:3d:de:
                    95:60:ed:ac:80:32:29:85:db:ec:36:ae:5b:f7:90:
                    80:17:9c:61:34:3e:1e:21:dd:33:6f:f3:db:cd:fd:
                    36:a0:cc:ad:60:a6:f3:3f:ce:9d:0f:bd:cb:20:e0:
                    d6:8f:16:18:b9:27:d0:d4:1b:b2:76:6c:51:14:df:
                    87:d6:3a:7c:d7:ea:7c:8e:90:28:99:31:f3:c4:dd:
                    94:dc:c0:a6:a8:77:1c:92:29:7b:6e:4b:0d:27:80:
                    80:6d:dc:03:f0:4e:fd:ea:8b:79:eb:4f:f0:86:ac:
                    da:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:3F:94:94:E5:54:3B:7E:02:35:1D:8C:E5:4B:A1:7D:34:12:E4:97
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/nz-UlOVUO34CNR2M5UuhfTQS5Jc.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.104.42.0/23

    Signature Algorithm: sha256WithRSAEncryption
         83:f9:bc:14:db:e5:f1:8a:a8:28:0c:67:e9:7d:a4:45:8d:30:
         64:ec:c0:36:30:0e:9d:f3:ce:01:b4:f2:d8:43:dc:55:10:8f:
         9e:b0:0e:44:43:31:ad:27:81:62:c4:a3:cc:aa:73:90:ef:94:
         03:b7:90:e3:d0:be:3a:9c:d9:fc:ec:28:da:6d:c3:dc:2f:ec:
         5f:41:d0:5c:8c:ea:28:56:40:8c:9f:8e:74:04:e9:88:b1:a7:
         bf:a8:97:d7:76:61:94:66:1b:a0:27:c6:85:17:b7:f8:0f:6a:
         56:2b:c2:f1:9a:97:76:db:47:71:2c:0f:9f:a4:8c:1d:5b:61:
         92:1b:5e:a7:fe:05:a2:4d:8d:90:64:2d:65:3c:36:e3:f4:00:
         bd:04:90:a0:67:d6:a7:ef:9a:c6:e9:ad:1a:af:16:ed:ff:18:
         14:8e:9f:f4:9f:d5:70:47:90:8b:71:07:aa:18:31:83:40:ae:
         ce:1b:9b:1a:4c:72:4e:3f:db:8f:d5:b7:14:9e:5b:f3:38:c5:
         03:81:e9:cf:f9:a1:a6:c0:63:94:ce:da:18:17:43:bb:8e:3d:
         12:e9:a8:dd:a2:cc:e4:18:b1:b3:d2:8d:53:1c:be:9b:76:f0:
         74:62:46:07:e7:1e:27:20:af:30:bc:74:51:2b:5e:de:5b:d7:
         73:2b:b8:91
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICCCEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MjE0MTlaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKDlGM0Y5NDk0RTU1NDNC
N0UwMjM1MUQ4Q0U1NEJBMTdEMzQxMkU0OTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDESpJ4biA7CxyDTrVcJIqLv1aqSJTLDf0wjwriFK4Uxn/nWzZY
F/HgTjdEgWc2daM900b53DB3YJiq3mwbPQIOxzk8rGoUwAnB4DuL9DemN0JofrIL
xfr8C6IpIr1V74jQ+nvNlRSrUG7Pm2uzPiy4w7lzkfaU0TYIvaGLAYUmnzrXcVH0
T77CXBKUkONtv+9J5II93pVg7ayAMimF2+w2rlv3kIAXnGE0Ph4h3TNv89vN/Tag
zK1gpvM/zp0Pvcsg4NaPFhi5J9DUG7J2bFEU34fWOnzX6nyOkCiZMfPE3ZTcwKao
dxySKXtuSw0ngIBt3APwTv3qi3nrT/CGrNoFAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUnz+UlOVUO34CNR2M5UuhfTQS5JcwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L256LVVsT1ZVTzM0Q05SMk01VXVoZlRRUzVKYy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAExaCowDQYJKoZIhvcNAQELBQADggEBAIP5vBTb5fGKqCgMZ+l9pEWNMGTs
wDYwDp3zzgG08thD3FUQj56wDkRDMa0ngWLEo8yqc5DvlAO3kOPQvjqc2fzsKNpt
w9wv7F9B0FyM6ihWQIyfjnQE6Yixp7+ol9d2YZRmG6AnxoUXt/gPalYrwvGal3bb
R3EsD5+kjB1bYZIbXqf+BaJNjZBkLWU8NuP0AL0EkKBn1qfvmsbprRqvFu3/GBSO
n/Sf1XBHkItxB6oYMYNArs4bmxpMck4/24/VtxSeW/M4xQOB6c/5oabAY5TO2hgX
Q7uOPRLpqN2izOQYsbPSjVMcvpt28HRiRgfnHicgrzC8dFErXt5b13MruJE=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:01:43 2024 by rpki-client on console-fra.rpki-client.org