Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/o0VVrZe8BAxcRr6ScNYN7YXn8J4.roa
File:                     o0VVrZe8BAxcRr6ScNYN7YXn8J4.roa (raw, json)
Hash identifier:          fgAB97pS3DcLXTxVhuFuF2QHfXzFSfqLOVV/errUGa8=
Subject key identifier:   A3:45:55:AD:97:BC:04:0C:5C:46:BE:92:70:D6:0D:ED:85:E7:F0:9E
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0601
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/o0VVrZe8BAxcRr6ScNYN7YXn8J4.roa
Signing time:             Thu 29 Feb 2024 01:35:47 +0000
ROA not before:           Thu 29 Feb 2024 01:35:47 +0000
ROA not after:            Fri 14 Feb 2025 01:30:03 +0000
asID:                     9605
IP address blocks:        49.97.108.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1537 (0x601)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Feb 29 01:35:47 2024 GMT
            Not After : Feb 14 01:30:03 2025 GMT
        Subject: CN=A34555AD97BC040C5C46BE9270D60DED85E7F09E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:17:a6:45:d4:70:f4:b1:a6:73:53:4e:bf:76:
                    33:52:9c:79:a8:67:46:5a:16:f9:0e:e5:ce:45:b1:
                    60:e6:84:3a:55:a0:59:17:e4:e6:b0:54:22:2f:cf:
                    c1:6c:91:a6:e1:fa:ac:34:cb:dd:5f:6e:db:0a:3a:
                    61:b8:92:88:fc:b8:17:23:06:75:82:85:86:4b:03:
                    07:83:11:1c:1d:b6:51:34:36:89:c6:5a:0a:a6:12:
                    5c:f0:3a:f3:0d:44:7f:1d:c2:80:80:27:22:1e:d9:
                    32:d2:92:3e:67:a2:71:6a:37:60:2b:15:23:52:bc:
                    cd:1d:11:7c:d0:0d:0b:51:20:53:cf:84:2c:a4:55:
                    c1:87:a7:be:d0:07:7e:a0:44:b9:1d:df:ae:6f:6d:
                    3d:ac:40:ac:95:31:b0:da:8c:cb:cc:bb:16:77:af:
                    72:88:db:11:b3:a2:3b:c1:ed:7d:90:12:60:90:96:
                    4f:e4:38:d7:c2:d2:e6:35:38:63:f5:37:c5:29:16:
                    ed:a8:e5:c2:0e:af:74:65:43:01:da:c4:d3:ff:14:
                    54:7d:a6:1b:a0:b3:41:03:dc:69:c1:0b:3e:a1:d4:
                    17:3b:60:a8:28:85:54:14:1a:7b:e5:63:14:46:4f:
                    8b:af:98:e1:d2:6e:48:dd:a3:2e:5c:5d:1b:d5:b0:
                    88:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:45:55:AD:97:BC:04:0C:5C:46:BE:92:70:D6:0D:ED:85:E7:F0:9E
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/o0VVrZe8BAxcRr6ScNYN7YXn8J4.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.97.108.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bb:35:a7:86:1d:d5:cc:ae:f8:70:ca:30:c4:41:2a:9c:ad:86:
         2d:a2:b9:62:eb:be:59:43:56:31:9e:aa:25:4d:7a:46:15:69:
         81:4b:f0:d2:7f:30:3a:fe:9d:4d:6a:01:c8:4a:99:bc:b1:06:
         48:ea:e8:d3:13:c1:36:a1:3e:04:18:2c:aa:f1:cf:ef:88:ca:
         f7:5b:f0:30:7a:3a:35:b6:9b:4d:32:1f:ba:0c:c3:3a:9c:d0:
         cb:92:d4:5b:0f:2e:f5:f6:c3:09:e8:a1:38:06:fa:e3:a9:a4:
         b1:00:9e:75:5f:db:00:17:67:b1:80:c4:67:6e:42:26:05:31:
         34:a1:c0:19:66:40:71:17:d9:89:32:02:0e:86:04:5e:b3:18:
         42:e0:90:23:92:6d:5e:99:87:84:f2:3e:f2:6b:17:7d:ed:57:
         fc:e6:0c:f8:2a:fd:8b:34:42:59:bb:87:42:2d:eb:e2:f9:fd:
         a1:43:17:e4:ec:4b:71:cc:99:d8:be:99:b1:32:24:30:5a:be:
         95:df:1b:b5:94:f5:d2:55:cc:67:3c:81:a3:db:fe:72:d4:8e:
         d0:97:84:90:49:a5:b3:85:cc:fd:94:57:f5:50:d2:07:46:b1:
         5e:fa:e6:98:1b:a6:7e:06:38:ff:b3:59:cf:98:f8:98:d3:6c:
         80:36:d9:03
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBgEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDAyMjkw
MTM1NDdaFw0yNTAyMTQwMTMwMDNaMDMxMTAvBgNVBAMTKEEzNDU1NUFEOTdCQzA0
MEM1QzQ2QkU5MjcwRDYwREVEODVFN0YwOUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCF6ZF1HD0saZzU06/djNSnHmoZ0ZaFvkO5c5FsWDmhDpVoFkX
5OawVCIvz8Fskabh+qw0y91fbtsKOmG4koj8uBcjBnWChYZLAweDERwdtlE0NonG
WgqmElzwOvMNRH8dwoCAJyIe2TLSkj5nonFqN2ArFSNSvM0dEXzQDQtRIFPPhCyk
VcGHp77QB36gRLkd365vbT2sQKyVMbDajMvMuxZ3r3KI2xGzojvB7X2QEmCQlk/k
ONfC0uY1OGP1N8UpFu2o5cIOr3RlQwHaxNP/FFR9phugs0ED3GnBCz6h1Bc7YKgo
hVQUGnvlYxRGT4uvmOHSbkjdoy5cXRvVsIjXAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUo0VVrZe8BAxcRr6ScNYN7YXn8J4wHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L28wVlZyWmU4QkF4Y1JyNlNjTllON1lYbjhKNC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAxYWwwDQYJKoZIhvcNAQELBQADggEBALs1p4Yd1cyu+HDKMMRBKpythi2i
uWLrvllDVjGeqiVNekYVaYFL8NJ/MDr+nU1qAchKmbyxBkjq6NMTwTahPgQYLKrx
z++Iyvdb8DB6OjW2m00yH7oMwzqc0MuS1FsPLvX2wwnooTgG+uOppLEAnnVf2wAX
Z7GAxGduQiYFMTShwBlmQHEX2YkyAg6GBF6zGELgkCOSbV6Zh4TyPvJrF33tV/zm
DPgq/Ys0Qlm7h0It6+L5/aFDF+TsS3HMmdi+mbEyJDBavpXfG7WU9dJVzGc8gaPb
/nLUjtCXhJBJpbOFzP2UV/VQ0gdGsV765pgbpn4GOP+zWc+Y+JjTbIA22QM=
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:31:54 2024 by rpki-client on console-ams.rpki-client.org