Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/sAbArK276k-QxX_dsAJDTeiH2SQ.roa
File:                     sAbArK276k-QxX_dsAJDTeiH2SQ.roa (raw, json)
Hash identifier:          YA/vJEXrQ593uGAjwmNkrUVz0yUFGe0Bdj90Z75jQX8=
Subject key identifier:   B0:06:C0:AC:AD:BB:EA:4F:90:C5:7F:DD:B0:02:43:4D:E8:87:D9:24
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0714
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/sAbArK276k-QxX_dsAJDTeiH2SQ.roa
Signing time:             Tue 30 Apr 2024 01:52:59 +0000
ROA not before:           Tue 30 Apr 2024 01:52:59 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        220.210.16.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1812 (0x714)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 01:52:59 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=B006C0ACADBBEA4F90C57FDDB002434DE887D924
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:fc:d3:2c:dc:93:a3:57:9c:17:d7:68:af:c4:
                    a5:be:cc:4f:e0:9e:a8:bc:83:0e:cb:e7:79:83:55:
                    6b:fb:95:83:72:79:b6:f9:a6:e0:23:ed:51:23:fd:
                    81:fe:c1:77:9d:ca:7e:33:91:43:fd:1a:ce:55:e5:
                    77:82:2b:27:e5:dc:c8:64:5f:3d:ab:1d:e7:b6:1b:
                    3e:39:ba:37:28:7b:0d:c7:26:1a:6d:d7:d4:8a:7e:
                    52:32:d1:db:26:cd:23:27:35:2a:1b:15:4a:d4:7a:
                    31:1c:63:0e:6c:ed:b2:57:35:e7:3c:c4:64:53:d7:
                    be:11:85:c1:7a:2a:a4:9e:4e:3a:83:86:7b:58:bd:
                    76:78:b0:ea:d4:26:80:15:e9:5d:60:19:22:f8:7f:
                    92:29:cd:90:2c:df:dc:03:2f:4e:ec:a9:54:6a:ea:
                    32:8d:ed:ec:6e:04:11:bb:c0:6e:e8:e7:61:e6:50:
                    6e:ef:8d:cc:f8:f0:12:61:49:f5:09:73:1b:4f:74:
                    2f:b7:ea:21:9a:24:11:dd:d6:6e:31:0b:2f:82:51:
                    82:79:5e:6e:af:4e:56:03:27:b5:26:a5:40:e5:7c:
                    5d:02:da:57:71:8f:07:04:75:94:a5:52:72:c4:a0:
                    4a:28:33:88:f3:31:ee:3f:f7:dc:4c:d4:60:53:53:
                    8b:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:06:C0:AC:AD:BB:EA:4F:90:C5:7F:DD:B0:02:43:4D:E8:87:D9:24
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/sAbArK276k-QxX_dsAJDTeiH2SQ.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  220.210.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         28:8e:86:b4:13:12:70:2f:97:7d:6f:2d:a7:a9:69:4b:95:8c:
         3d:11:e5:b4:a2:d3:cd:a4:4b:e4:64:18:2f:05:76:f1:6d:13:
         d2:45:7f:31:24:db:66:22:38:3f:24:3f:db:db:80:ae:d2:4e:
         93:b0:de:b1:8d:26:75:e3:d3:90:c3:00:5a:5d:54:8f:69:99:
         4f:43:7f:01:4f:9a:f0:1b:01:e3:61:80:a0:e6:af:a0:ed:1e:
         d5:f2:c2:2e:fb:d4:6c:d6:b6:e4:8a:d4:4e:ac:4b:ce:2e:26:
         09:7f:90:3a:de:f8:16:ba:5d:fd:76:97:23:f8:0b:2a:3e:a7:
         fc:1c:53:7f:21:36:f3:fa:d2:14:f1:66:ef:76:0b:8c:75:b9:
         a4:48:69:fd:51:87:1f:2a:6d:d2:2e:a9:1c:ee:0c:e9:49:7f:
         db:4f:86:b3:93:30:3e:2b:53:80:0c:86:a6:22:bb:c1:89:9e:
         b5:10:ac:91:49:d1:e8:07:f9:0f:13:89:59:e7:e7:86:ab:62:
         f5:bd:84:66:63:11:24:1c:ae:ed:9f:83:aa:e4:f7:79:75:cc:
         40:5e:68:43:43:42:79:b3:30:dc:a2:fb:3a:97:91:4d:98:91:
         cd:80:b6:d0:7a:be:21:eb:55:47:e1:8e:1d:9c:14:0a:bb:7f:
         5b:a4:e6:0e
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBxQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MTUyNTlaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKEIwMDZDMEFDQURCQkVB
NEY5MEM1N0ZEREIwMDI0MzRERTg4N0Q5MjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDI/NMs3JOjV5wX12ivxKW+zE/gnqi8gw7L53mDVWv7lYNyebb5
puAj7VEj/YH+wXedyn4zkUP9Gs5V5XeCKyfl3MhkXz2rHee2Gz45ujcoew3HJhpt
19SKflIy0dsmzSMnNSobFUrUejEcYw5s7bJXNec8xGRT174RhcF6KqSeTjqDhntY
vXZ4sOrUJoAV6V1gGSL4f5IpzZAs39wDL07sqVRq6jKN7exuBBG7wG7o52HmUG7v
jcz48BJhSfUJcxtPdC+36iGaJBHd1m4xCy+CUYJ5Xm6vTlYDJ7UmpUDlfF0C2ldx
jwcEdZSlUnLEoEooM4jzMe4/99xM1GBTU4uRAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUsAbArK276k+QxX/dsAJDTeiH2SQwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3NBYkFySzI3NmstUXhYX2RzQUpEVGVpSDJTUS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALc0hAwDQYJKoZIhvcNAQELBQADggEBACiOhrQTEnAvl31vLaepaUuVjD0R
5bSi082kS+RkGC8FdvFtE9JFfzEk22YiOD8kP9vbgK7STpOw3rGNJnXj05DDAFpd
VI9pmU9DfwFPmvAbAeNhgKDmr6DtHtXywi771GzWtuSK1E6sS84uJgl/kDre+Ba6
Xf12lyP4Cyo+p/wcU38hNvP60hTxZu92C4x1uaRIaf1Rhx8qbdIuqRzuDOlJf9tP
hrOTMD4rU4AMhqYiu8GJnrUQrJFJ0egH+Q8TiVnn54arYvW9hGZjESQcru2fg6rk
93l1zEBeaENDQnmzMNyi+zqXkU2Ykc2AttB6viHrVUfhjh2cFAq7f1uk5g4=
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:57:22 2024 by rpki-client on console-fra.rpki-client.org