Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/rAok27EAFMcCOxgkKHIHv8zHK20.roa
File:                     rAok27EAFMcCOxgkKHIHv8zHK20.roa (raw, json)
Hash identifier:          va3Mf0IGMsFBEg2zyhzH4nmsu6DmyELAl8zQ2lMwbVk=
Subject key identifier:   AC:0A:24:DB:B1:00:14:C7:02:3B:18:24:28:72:07:BF:CC:C7:2B:6D
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0719
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/rAok27EAFMcCOxgkKHIHv8zHK20.roa
Signing time:             Tue 30 Apr 2024 01:53:02 +0000
ROA not before:           Tue 30 Apr 2024 01:53:02 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        49.102.128.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 01:32:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1817 (0x719)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 01:53:02 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=AC0A24DBB10014C7023B1824287207BFCCC72B6D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:26:62:51:f5:61:15:13:ce:99:ed:3e:f7:99:
                    17:e9:70:8b:73:2e:a5:65:ee:09:20:ff:1c:62:b3:
                    9e:48:6e:32:a1:46:5b:84:d7:0e:56:5f:8c:ca:14:
                    a7:12:a7:cf:21:e6:1c:ab:05:f7:db:8d:4c:22:9b:
                    58:7d:08:bb:32:0f:72:70:c2:54:1f:60:4f:c7:25:
                    17:c7:fb:3f:a0:78:06:fe:8e:0a:fb:91:43:9c:49:
                    32:6f:dd:93:9d:f5:f0:f9:fd:51:63:41:f3:ae:66:
                    d3:a4:b5:cc:4b:3c:85:52:de:2b:1c:02:c4:40:f0:
                    c7:ed:14:2c:cd:92:12:7e:48:86:35:91:fb:00:c8:
                    ae:e2:3c:49:f3:cd:d7:2e:28:3a:da:0d:f9:02:c2:
                    dd:2f:33:5e:95:61:c3:4a:cd:92:6b:56:5d:22:1f:
                    4f:e6:e9:6d:b3:44:7d:c0:bd:25:5e:cf:85:3e:33:
                    28:60:7f:66:ba:92:94:c0:13:71:3a:08:b8:9f:46:
                    53:16:ad:75:2b:2c:03:92:b2:87:e7:82:66:9a:f9:
                    fd:39:22:de:a0:5b:c8:d5:d2:5c:97:c4:7a:e6:c1:
                    f3:bb:cc:d2:00:c9:ef:ae:da:8e:a4:8c:1f:b2:20:
                    6f:e3:8d:fd:cb:11:db:03:23:1f:ad:29:51:08:db:
                    ff:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:0A:24:DB:B1:00:14:C7:02:3B:18:24:28:72:07:BF:CC:C7:2B:6D
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/rAok27EAFMcCOxgkKHIHv8zHK20.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.102.128.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7f:0e:4a:cb:5a:c0:ff:0c:0c:30:39:33:85:75:f5:1e:eb:76:
         27:44:b1:8a:7a:e7:1f:57:38:1b:cf:a8:57:9d:7e:d3:5c:f2:
         a0:84:98:8e:b6:ce:41:24:66:25:c4:4f:1e:78:3d:29:09:57:
         d1:07:49:d7:d9:81:6a:ac:38:7f:e1:e1:0f:e0:b9:34:0a:6e:
         ad:94:fc:80:f6:25:ad:7c:e4:83:1c:13:fb:49:50:29:9f:05:
         b7:d5:cc:2d:ec:c9:6b:a1:19:32:f8:6c:f9:8f:d7:5d:4a:08:
         93:d9:bf:cc:6a:e1:c3:d2:7a:34:1f:8d:fc:ec:e8:88:46:4d:
         92:93:4c:6c:59:da:c8:0a:6e:2b:37:36:77:f6:db:bd:48:06:
         db:86:c2:00:bb:05:32:7b:c0:b7:8a:9d:ee:fe:8e:a3:ea:41:
         42:be:56:dd:5e:65:85:41:2f:4a:c5:5d:e3:fb:7f:f7:3e:2f:
         71:60:43:2d:a3:e4:5c:93:ed:e1:15:33:1a:87:f9:a1:3e:b8:
         1d:9b:d0:48:bb:8e:b9:01:15:30:cc:8e:27:bb:9f:93:8c:b6:
         ee:2a:e8:d2:b2:99:4f:e8:47:a8:d0:17:c8:86:95:8d:c7:c4:
         17:a7:97:aa:54:dd:84:51:b2:ba:6f:fd:c4:d4:b5:1c:ac:22:
         cb:91:e8:c6
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBxkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MTUzMDJaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKEFDMEEyNERCQjEwMDE0
QzcwMjNCMTgyNDI4NzIwN0JGQ0NDNzJCNkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDqJmJR9WEVE86Z7T73mRfpcItzLqVl7gkg/xxis55IbjKhRluE
1w5WX4zKFKcSp88h5hyrBffbjUwim1h9CLsyD3JwwlQfYE/HJRfH+z+geAb+jgr7
kUOcSTJv3ZOd9fD5/VFjQfOuZtOktcxLPIVS3iscAsRA8MftFCzNkhJ+SIY1kfsA
yK7iPEnzzdcuKDraDfkCwt0vM16VYcNKzZJrVl0iH0/m6W2zRH3AvSVez4U+Myhg
f2a6kpTAE3E6CLifRlMWrXUrLAOSsofngmaa+f05It6gW8jV0lyXxHrmwfO7zNIA
ye+u2o6kjB+yIG/jjf3LEdsDIx+tKVEI2/+TAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUrAok27EAFMcCOxgkKHIHv8zHK20wHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3JBb2syN0VBRk1jQ094Z2tLSElIdjh6SEsyMC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAExZoAwDQYJKoZIhvcNAQELBQADggEBAH8OSstawP8MDDA5M4V19R7rdidE
sYp65x9XOBvPqFedftNc8qCEmI62zkEkZiXETx54PSkJV9EHSdfZgWqsOH/h4Q/g
uTQKbq2U/ID2Ja185IMcE/tJUCmfBbfVzC3syWuhGTL4bPmP111KCJPZv8xq4cPS
ejQfjfzs6IhGTZKTTGxZ2sgKbis3Nnf2271IBtuGwgC7BTJ7wLeKne7+jqPqQUK+
Vt1eZYVBL0rFXeP7f/c+L3FgQy2j5FyT7eEVMxqH+aE+uB2b0Ei7jrkBFTDMjie7
n5OMtu4q6NKymU/oR6jQF8iGlY3HxBenl6pU3YRRsrpv/cTUtRysIsuR6MY=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:41:55 2024 by rpki-client on console-ams.rpki-client.org