Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/qjbgGT9R6JQvQeOclQNNo3jNnno.roa
File:                     qjbgGT9R6JQvQeOclQNNo3jNnno.roa (raw, json)
Hash identifier:          c9oxV+cmXKL1I3FAaCeoLn8f/wg67k4cF7ZX6zEfAQc=
Subject key identifier:   AA:36:E0:19:3F:51:E8:94:2F:41:E3:9C:95:03:4D:A3:78:CD:9E:7A
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0608
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/qjbgGT9R6JQvQeOclQNNo3jNnno.roa
Signing time:             Thu 29 Feb 2024 01:38:24 +0000
ROA not before:           Thu 29 Feb 2024 01:38:24 +0000
ROA not after:            Fri 14 Feb 2025 01:30:03 +0000
asID:                     9605
IP address blocks:        49.97.104.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 14:09:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1544 (0x608)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Feb 29 01:38:24 2024 GMT
            Not After : Feb 14 01:30:03 2025 GMT
        Subject: CN=AA36E0193F51E8942F41E39C95034DA378CD9E7A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:38:28:e6:94:52:ed:d8:4d:cf:74:af:b2:2a:
                    d1:6e:26:51:58:13:15:11:26:19:21:d3:95:cf:50:
                    46:ea:80:40:6d:50:c3:d7:4b:11:ca:da:28:3f:71:
                    8e:84:2e:db:22:9a:c2:4d:68:d6:cc:61:1c:79:f5:
                    f2:84:63:79:da:3b:83:36:79:b3:d3:f3:65:45:5c:
                    05:06:dd:93:54:93:3f:19:f3:c1:d0:ee:91:29:d6:
                    57:c6:db:94:62:84:85:b5:4e:65:40:f0:40:20:9a:
                    ab:ac:e0:95:cf:08:d4:c1:77:c5:44:a2:f4:83:ec:
                    54:9c:cb:e8:44:47:0f:99:93:af:7a:99:5e:ad:f7:
                    85:25:10:e7:34:f5:0c:e8:2d:24:29:07:e6:a2:e1:
                    4d:6b:a0:97:26:70:19:92:29:df:aa:91:63:8c:0c:
                    ea:c0:94:9b:1b:40:b8:8a:d0:e5:94:f0:c4:2c:98:
                    0a:0d:f0:23:57:f4:ae:6d:8e:ed:99:c0:d2:32:52:
                    46:d8:60:3d:7b:c6:3c:0f:f2:26:cc:30:75:e5:82:
                    bb:e6:39:43:d3:96:3d:21:66:3e:47:6a:fd:56:66:
                    0c:f5:c8:81:2d:04:09:d1:db:2a:d4:53:51:c0:10:
                    fb:00:a0:53:c8:73:4a:ec:d2:fb:83:34:59:64:43:
                    f7:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:36:E0:19:3F:51:E8:94:2F:41:E3:9C:95:03:4D:A3:78:CD:9E:7A
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/qjbgGT9R6JQvQeOclQNNo3jNnno.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.97.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b7:12:78:5c:a2:b2:49:ee:35:03:ed:36:f6:c2:78:ab:1e:12:
         f8:77:29:76:fe:d9:ef:5d:33:fd:f6:ac:b0:50:7b:eb:c9:b6:
         42:3b:4f:61:1e:65:46:43:fa:e4:45:88:24:be:09:f6:d4:eb:
         14:13:93:e5:1b:1b:df:22:1c:2a:76:cb:80:9f:7d:84:81:28:
         bd:a4:9b:7f:55:60:e5:d3:b9:93:8c:10:f7:37:b3:e1:78:42:
         0d:60:c5:cf:76:8f:1f:ce:41:d8:1d:3a:e4:4d:83:d2:b0:70:
         cf:75:20:c4:cd:98:65:97:b7:86:85:22:2d:84:29:46:2a:62:
         cc:d3:23:0b:b6:91:83:2e:64:6e:a8:90:fa:af:5d:70:cb:a2:
         44:5c:d4:6a:c9:af:ab:f3:85:b7:bf:63:87:12:de:4d:ce:c8:
         e5:ea:1a:78:fa:d6:45:82:a9:a6:a7:2c:87:37:ca:c4:7e:fd:
         6b:31:e8:1b:15:b3:9d:60:98:18:09:5e:1e:8d:af:fd:91:02:
         02:f3:73:cf:bb:7f:31:76:66:1f:fe:89:5a:d9:80:9c:e5:3a:
         da:16:cf:cf:85:c3:63:1d:48:d8:11:f0:aa:df:51:52:4a:8a:
         9f:aa:75:37:3b:fd:46:38:f7:bb:4a:30:4a:db:6a:28:bf:51:
         a1:5e:d8:68
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBggwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDAyMjkw
MTM4MjRaFw0yNTAyMTQwMTMwMDNaMDMxMTAvBgNVBAMTKEFBMzZFMDE5M0Y1MUU4
OTQyRjQxRTM5Qzk1MDM0REEzNzhDRDlFN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKOCjmlFLt2E3PdK+yKtFuJlFYExURJhkh05XPUEbqgEBtUMPX
SxHK2ig/cY6ELtsimsJNaNbMYRx59fKEY3naO4M2ebPT82VFXAUG3ZNUkz8Z88HQ
7pEp1lfG25RihIW1TmVA8EAgmqus4JXPCNTBd8VEovSD7FScy+hERw+Zk696mV6t
94UlEOc09QzoLSQpB+ai4U1roJcmcBmSKd+qkWOMDOrAlJsbQLiK0OWU8MQsmAoN
8CNX9K5tju2ZwNIyUkbYYD17xjwP8ibMMHXlgrvmOUPTlj0hZj5Hav1WZgz1yIEt
BAnR2yrUU1HAEPsAoFPIc0rs0vuDNFlkQ/ejAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUqjbgGT9R6JQvQeOclQNNo3jNnnowHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3FqYmdHVDlSNkpRdlFlT2NsUU5ObzNqTm5uby5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAxYWgwDQYJKoZIhvcNAQELBQADggEBALcSeFyisknuNQPtNvbCeKseEvh3
KXb+2e9dM/32rLBQe+vJtkI7T2EeZUZD+uRFiCS+CfbU6xQTk+UbG98iHCp2y4Cf
fYSBKL2km39VYOXTuZOMEPc3s+F4Qg1gxc92jx/OQdgdOuRNg9KwcM91IMTNmGWX
t4aFIi2EKUYqYszTIwu2kYMuZG6okPqvXXDLokRc1GrJr6vzhbe/Y4cS3k3OyOXq
Gnj61kWCqaanLIc3ysR+/Wsx6BsVs51gmBgJXh6Nr/2RAgLzc8+7fzF2Zh/+iVrZ
gJzlOtoWz8+Fw2MdSNgR8KrfUVJKip+qdTc7/UY497tKMErbaii/UaFe2Gg=
-----END CERTIFICATE-----
Generated at Mon Jun 17 11:39:13 2024 by rpki-client on console-fra.rpki-client.org