Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/qxc2m49m4Mj3ecZDQQmyhONHKXY.roa
File:                     qxc2m49m4Mj3ecZDQQmyhONHKXY.roa (raw, json)
Hash identifier:          9GXDjfZ0D3PgK4GwA/BNUbHDM2/agYwK0DHVND27c9k=
Subject key identifier:   AB:17:36:9B:8F:66:E0:C8:F7:79:C6:43:41:09:B2:84:E3:47:29:76
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0585
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/qxc2m49m4Mj3ecZDQQmyhONHKXY.roa
Signing time:             Thu 27 Jul 2023 16:58:13 +0000
ROA not before:           Thu 27 Jul 2023 16:58:13 +0000
ROA not after:            Sun 14 Jul 2024 01:30:03 +0000
asID:                     9605
IP address blocks:        27.230.128.0/20 maxlen: 20

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1413 (0x585)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jul 27 16:58:13 2023 GMT
            Not After : Jul 14 01:30:03 2024 GMT
        Subject: CN=AB17369B8F66E0C8F779C6434109B284E3472976
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:9e:74:2d:87:c8:07:be:39:f9:59:df:30:86:
                    c9:04:ff:c7:15:ea:45:98:28:27:1d:a6:35:b7:88:
                    b9:06:8e:46:0d:26:da:89:af:29:0e:1a:a0:dd:bf:
                    5e:6b:37:db:6d:54:b9:79:8c:85:53:21:57:11:57:
                    73:44:83:87:09:1d:b4:11:f6:b0:8f:d9:13:51:2c:
                    1a:32:e7:d0:74:f0:2d:0e:f3:97:e5:57:51:6a:8e:
                    44:08:a5:78:c2:0b:09:41:f1:5c:88:d0:27:80:b4:
                    7b:42:44:e0:09:8d:7c:14:3e:3a:eb:98:b6:b2:83:
                    d0:94:3e:a3:39:75:73:85:4a:c3:c9:30:e4:bf:fe:
                    7e:3e:4f:f7:a3:17:b6:17:07:be:64:cb:4d:f1:32:
                    64:4e:c6:25:db:1c:19:19:a1:d8:ce:65:e9:03:ff:
                    a2:93:ea:84:7c:d3:09:a9:b9:8e:8d:10:60:0b:22:
                    84:7e:0b:8c:b5:76:3d:cd:b8:9d:57:e7:84:25:d9:
                    46:92:4a:93:7d:71:a7:22:b9:44:65:d4:91:fd:3b:
                    94:b6:45:01:b3:29:35:95:32:e0:58:4b:5a:f1:aa:
                    74:a4:af:4c:ed:ca:72:4d:f1:1f:0b:f9:36:dd:7c:
                    57:e3:af:c8:30:59:93:4d:68:e4:ef:02:11:06:b4:
                    ad:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:17:36:9B:8F:66:E0:C8:F7:79:C6:43:41:09:B2:84:E3:47:29:76
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/qxc2m49m4Mj3ecZDQQmyhONHKXY.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.230.128.0/20

    Signature Algorithm: sha256WithRSAEncryption
         e3:c6:1e:65:15:61:f8:09:2a:59:2a:bb:88:b5:93:9f:2b:98:
         ef:91:cd:73:0e:55:f9:8b:a2:62:db:8a:e0:02:2c:51:0a:3a:
         f4:37:d3:0f:fd:59:01:27:0c:27:1f:a5:6c:19:1f:f0:65:cf:
         79:ba:3d:5e:04:4b:93:9f:12:e0:42:1d:56:fe:2b:2a:53:c3:
         54:8c:66:f1:af:5c:a8:66:c1:8c:38:c5:bf:dc:d0:99:81:94:
         53:e5:21:6f:ab:4a:95:c0:48:b1:66:49:98:e6:37:1c:10:52:
         a1:a7:48:5d:d6:7f:d3:e3:e3:65:e0:31:75:cc:f2:69:ef:38:
         47:88:07:2b:60:6a:c9:f6:2f:56:d8:fd:f4:4e:63:6f:d3:f5:
         29:ba:17:68:7b:1c:2b:76:10:26:56:1b:46:5f:62:70:c3:d6:
         d9:8c:cd:68:5e:f9:c3:6b:4d:fe:e2:de:9c:55:8a:ca:a4:8b:
         fc:df:52:f7:84:e2:27:89:43:23:5f:a5:9f:05:7b:07:d0:ab:
         d7:f4:38:12:da:ff:f2:e8:be:c5:69:57:f7:88:1e:50:1d:ac:
         db:38:73:b9:28:7c:1d:f1:06:aa:71:4a:5e:1e:4d:88:09:83:
         48:16:33:be:96:f3:83:7a:59:2d:87:ad:bc:f9:fc:9e:3d:a7:
         b0:f8:5c:0d
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBYUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA3Mjcx
NjU4MTNaFw0yNDA3MTQwMTMwMDNaMDMxMTAvBgNVBAMTKEFCMTczNjlCOEY2NkUw
QzhGNzc5QzY0MzQxMDlCMjg0RTM0NzI5NzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDonnQth8gHvjn5Wd8whskE/8cV6kWYKCcdpjW3iLkGjkYNJtqJ
rykOGqDdv15rN9ttVLl5jIVTIVcRV3NEg4cJHbQR9rCP2RNRLBoy59B08C0O85fl
V1FqjkQIpXjCCwlB8VyI0CeAtHtCROAJjXwUPjrrmLayg9CUPqM5dXOFSsPJMOS/
/n4+T/ejF7YXB75ky03xMmROxiXbHBkZodjOZekD/6KT6oR80wmpuY6NEGALIoR+
C4y1dj3NuJ1X54Ql2UaSSpN9caciuURl1JH9O5S2RQGzKTWVMuBYS1rxqnSkr0zt
ynJN8R8L+TbdfFfjr8gwWZNNaOTvAhEGtK0xAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUqxc2m49m4Mj3ecZDQQmyhONHKXYwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3F4YzJtNDltNE1qM2VjWkRRUW15aE9OSEtYWS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQb5oAwDQYJKoZIhvcNAQELBQADggEBAOPGHmUVYfgJKlkqu4i1k58rmO+R
zXMOVfmLomLbiuACLFEKOvQ30w/9WQEnDCcfpWwZH/Blz3m6PV4ES5OfEuBCHVb+
KypTw1SMZvGvXKhmwYw4xb/c0JmBlFPlIW+rSpXASLFmSZjmNxwQUqGnSF3Wf9Pj
42XgMXXM8mnvOEeIBytgasn2L1bY/fROY2/T9Sm6F2h7HCt2ECZWG0ZfYnDD1tmM
zWhe+cNrTf7i3pxVisqki/zfUveE4ieJQyNfpZ8FewfQq9f0OBLa//LovsVpV/eI
HlAdrNs4c7kofB3xBqpxSl4eTYgJg0gWM76W84N6WS2Hrbz5/J49p7D4XA0=
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:57:22 2024 by rpki-client on console-fra.rpki-client.org