Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/s0pZaPABWElO69OwSZFejgqHlgE.roa
File:                     s0pZaPABWElO69OwSZFejgqHlgE.roa (raw, json)
Hash identifier:          6fQDObMPrUpCLJxBYL/BP9mdlFarAbMBCTixzgvyaUk=
Subject key identifier:   B3:4A:59:68:F0:01:58:49:4E:EB:D3:B0:49:91:5E:8E:0A:87:96:01
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0679
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/s0pZaPABWElO69OwSZFejgqHlgE.roa
Signing time:             Tue 30 Apr 2024 01:37:59 +0000
ROA not before:           Tue 30 Apr 2024 01:37:59 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        49.104.0.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1657 (0x679)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 01:37:59 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=B34A5968F00158494EEBD3B049915E8E0A879601
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:89:e1:d2:8d:90:59:03:ab:98:fa:f3:38:b1:
                    2c:18:44:93:fe:84:a4:e7:df:f4:65:d1:97:df:62:
                    a6:69:c2:63:71:a7:85:b7:a3:5f:42:73:88:81:84:
                    25:48:34:9e:16:56:52:12:ea:0f:f7:87:2b:07:8c:
                    4e:c1:6b:b7:97:9b:90:b5:ef:28:37:88:bf:cb:80:
                    d0:51:48:59:57:fc:49:b1:fe:64:65:df:71:06:90:
                    30:12:ae:07:29:c8:66:17:f0:db:0c:11:13:75:3e:
                    89:b4:ad:0d:9a:ee:2e:c4:16:49:24:21:b3:c4:eb:
                    1a:1d:91:9c:a5:f1:c6:32:91:83:fc:ed:5b:52:a0:
                    15:01:3f:1b:80:0d:3d:13:ca:18:60:b5:17:3b:d5:
                    06:27:dd:0b:d7:0f:3e:9a:4f:1d:95:ec:f7:97:c1:
                    30:c9:b1:c5:a6:70:b5:31:41:3d:89:f3:97:e8:88:
                    da:d4:6a:ca:ad:89:7c:02:17:64:a9:cf:b7:0c:01:
                    87:f3:de:4d:ca:f8:ef:03:a1:2a:2b:92:b5:b6:8b:
                    56:b4:96:e7:5f:f6:64:ed:fb:80:ad:9d:5e:2e:d3:
                    31:b5:81:96:c4:19:7e:d8:26:04:b8:48:ce:df:f6:
                    e4:30:76:95:e0:cc:47:36:80:e0:4b:7f:70:fe:2f:
                    ed:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:4A:59:68:F0:01:58:49:4E:EB:D3:B0:49:91:5E:8E:0A:87:96:01
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/s0pZaPABWElO69OwSZFejgqHlgE.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.104.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         52:3f:bf:87:fd:1e:83:5e:d6:44:71:e8:4c:49:e9:cc:86:5a:
         49:d8:f5:ca:af:fc:93:ba:d1:b6:a7:fb:84:23:d4:89:f9:0f:
         11:69:55:ef:79:95:d8:5d:15:99:b2:b2:13:9e:fc:ba:a0:b0:
         41:93:31:04:da:da:7d:63:0f:14:52:2b:3a:c9:ba:9a:9a:3b:
         6f:c2:62:78:73:e9:24:fd:28:14:d5:c1:0e:38:a7:00:94:61:
         0e:48:5f:2c:bf:c4:78:f9:0e:d4:8c:17:bc:58:79:3b:cd:7d:
         78:51:f1:1b:6f:e6:7c:56:c6:34:8e:66:7c:e5:58:0c:67:82:
         20:a7:d9:a8:89:86:92:11:48:60:60:0e:2f:b0:be:e4:bc:f1:
         31:68:59:f1:54:6e:5a:ec:44:43:ea:6b:3f:30:38:71:a5:29:
         4c:00:91:40:1c:3d:a6:12:da:b0:e9:5d:ab:6e:44:6e:e0:0e:
         1f:23:b0:4a:04:08:51:a7:5c:51:20:3b:0d:e7:df:9e:4b:81:
         58:c6:63:91:08:be:e1:4e:0a:50:9d:44:70:42:4d:4f:32:4c:
         80:13:24:84:06:10:33:2e:4b:6e:bf:a7:b5:c8:76:43:32:28:
         07:a9:76:25:87:ee:b7:cf:95:ae:41:57:ef:0d:1f:46:97:7a:
         d3:47:0c:f6
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBnkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MTM3NTlaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKEIzNEE1OTY4RjAwMTU4
NDk0RUVCRDNCMDQ5OTE1RThFMEE4Nzk2MDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKieHSjZBZA6uY+vM4sSwYRJP+hKTn3/Rl0ZffYqZpwmNxp4W3
o19Cc4iBhCVINJ4WVlIS6g/3hysHjE7Ba7eXm5C17yg3iL/LgNBRSFlX/Emx/mRl
33EGkDASrgcpyGYX8NsMERN1Pom0rQ2a7i7EFkkkIbPE6xodkZyl8cYykYP87VtS
oBUBPxuADT0TyhhgtRc71QYn3QvXDz6aTx2V7PeXwTDJscWmcLUxQT2J85foiNrU
asqtiXwCF2Spz7cMAYfz3k3K+O8DoSorkrW2i1a0ludf9mTt+4CtnV4u0zG1gZbE
GX7YJgS4SM7f9uQwdpXgzEc2gOBLf3D+L+3VAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUs0pZaPABWElO69OwSZFejgqHlgEwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3MwcFphUEFCV0VsTzY5T3dTWkZlamdxSGxnRS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIxaAAwDQYJKoZIhvcNAQELBQADggEBAFI/v4f9HoNe1kRx6ExJ6cyGWknY
9cqv/JO60ban+4Qj1In5DxFpVe95ldhdFZmyshOe/LqgsEGTMQTa2n1jDxRSKzrJ
upqaO2/CYnhz6ST9KBTVwQ44pwCUYQ5IXyy/xHj5DtSMF7xYeTvNfXhR8Rtv5nxW
xjSOZnzlWAxngiCn2aiJhpIRSGBgDi+wvuS88TFoWfFUblrsREPqaz8wOHGlKUwA
kUAcPaYS2rDpXatuRG7gDh8jsEoECFGnXFEgOw3n355LgVjGY5EIvuFOClCdRHBC
TU8yTIATJIQGEDMuS26/p7XIdkMyKAepdiWH7rfPla5BV+8NH0aXetNHDPY=
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:31:56 2024 by rpki-client on console-ams.rpki-client.org