Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/upX-qGDXAFwcpV-J2ZYtUFpCZX8.roa
File:                     upX-qGDXAFwcpV-J2ZYtUFpCZX8.roa (raw, json)
Hash identifier:          JBVFxNoYzTKZw5QBsqRN+RCJ0s6hW/At+LnWrZVfAx4=
Subject key identifier:   BA:95:FE:A8:60:D7:00:5C:1C:A5:5F:89:D9:96:2D:50:5A:42:65:7F
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       04FC
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/upX-qGDXAFwcpV-J2ZYtUFpCZX8.roa
Signing time:             Thu 27 Jul 2023 16:52:04 +0000
ROA not before:           Thu 27 Jul 2023 16:52:04 +0000
ROA not after:            Sun 14 Jul 2024 01:30:03 +0000
asID:                     9605
IP address blocks:        1.74.200.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 14:09:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1276 (0x4fc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jul 27 16:52:04 2023 GMT
            Not After : Jul 14 01:30:03 2024 GMT
        Subject: CN=BA95FEA860D7005C1CA55F89D9962D505A42657F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:08:17:6c:4f:cd:b9:1d:b3:63:b6:ac:a9:aa:
                    ee:e2:b8:ba:a6:80:6f:ac:07:c0:a4:28:26:19:cd:
                    2d:a1:f2:d8:9b:67:cd:21:e7:de:89:75:53:57:f1:
                    91:9b:26:1e:70:7b:94:11:0d:9d:bb:94:1c:37:09:
                    5f:ae:fc:dd:54:d7:c8:74:93:47:06:6d:1f:b3:c5:
                    1f:9f:27:54:10:ea:19:15:76:f5:92:37:2c:cc:04:
                    69:4a:30:49:21:c3:c9:cf:9d:cc:36:2e:58:bb:14:
                    da:4a:75:6d:e5:ba:ad:4e:df:1a:5b:be:5f:ae:de:
                    4f:63:90:31:a0:a8:bf:1e:47:a3:44:dc:e9:3d:93:
                    1b:94:7f:a1:1e:e2:05:98:48:6a:c3:66:fa:f5:64:
                    23:73:80:4a:01:ac:69:18:f2:9a:06:44:04:c1:84:
                    e9:26:ae:da:20:ed:15:0d:a7:d9:82:8b:ac:b3:41:
                    d8:f9:36:c0:25:60:78:e4:b2:78:df:a2:15:4c:d3:
                    a1:e5:c4:53:cb:be:e0:db:45:71:4e:3f:a7:e4:6c:
                    21:60:fb:49:39:2b:5e:77:e0:a5:21:57:58:90:0d:
                    9b:f2:d2:a1:c1:de:74:e4:e0:11:a2:27:69:3d:bf:
                    73:df:52:d4:a9:62:d8:87:b0:33:86:6d:3f:c0:ed:
                    67:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:95:FE:A8:60:D7:00:5C:1C:A5:5F:89:D9:96:2D:50:5A:42:65:7F
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/upX-qGDXAFwcpV-J2ZYtUFpCZX8.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.74.200.0/22

    Signature Algorithm: sha256WithRSAEncryption
         09:1a:55:b4:83:1d:6f:a0:07:57:0c:4b:2b:93:e4:3f:5e:0e:
         1b:36:8b:b7:21:96:44:fb:e3:a3:9b:5b:65:cd:c6:d0:ae:36:
         ad:76:ad:c9:b7:e7:e4:7a:72:33:f4:20:3d:ad:04:dd:8c:a1:
         3f:93:17:0c:ac:85:bc:34:34:b5:74:35:1f:c2:94:b5:2f:eb:
         24:c3:0d:53:3d:8f:42:23:a4:35:2f:18:6d:fc:ee:93:6a:55:
         2b:94:cd:87:45:85:36:a9:d3:14:17:06:57:5d:3a:3f:e5:12:
         e0:c8:50:d3:db:b6:23:aa:9a:64:9c:a7:b7:b9:9e:c3:a7:b9:
         3e:ff:be:f6:64:87:c9:a9:37:5b:b0:c0:d5:e4:7b:b5:d7:ff:
         13:c9:d8:54:34:57:22:22:f5:9e:36:61:aa:4a:5b:c0:a0:31:
         04:e8:e3:f5:1d:e2:dc:4a:9f:bd:98:47:f2:12:e3:f4:65:aa:
         ef:82:91:54:0f:42:63:e9:6c:6c:f6:d3:eb:22:fc:4c:5b:aa:
         18:3a:1b:cd:6e:9e:9c:33:d7:80:f5:3c:4a:5c:30:bd:f6:02:
         ee:4e:44:15:4e:50:7d:1f:c4:2b:e1:8a:fd:88:77:ed:f8:ed:
         94:28:68:ee:93:5c:f4:68:82:4f:f3:d1:5f:06:b5:3f:a2:61:
         08:eb:a6:ea
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBPwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA3Mjcx
NjUyMDRaFw0yNDA3MTQwMTMwMDNaMDMxMTAvBgNVBAMTKEJBOTVGRUE4NjBENzAw
NUMxQ0E1NUY4OUQ5OTYyRDUwNUE0MjY1N0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPCBdsT825HbNjtqypqu7iuLqmgG+sB8CkKCYZzS2h8tibZ80h
596JdVNX8ZGbJh5we5QRDZ27lBw3CV+u/N1U18h0k0cGbR+zxR+fJ1QQ6hkVdvWS
NyzMBGlKMEkhw8nPncw2Lli7FNpKdW3luq1O3xpbvl+u3k9jkDGgqL8eR6NE3Ok9
kxuUf6Ee4gWYSGrDZvr1ZCNzgEoBrGkY8poGRATBhOkmrtog7RUNp9mCi6yzQdj5
NsAlYHjksnjfohVM06HlxFPLvuDbRXFOP6fkbCFg+0k5K1534KUhV1iQDZvy0qHB
3nTk4BGiJ2k9v3PfUtSpYtiHsDOGbT/A7WcvAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUupX+qGDXAFwcpV+J2ZYtUFpCZX8wHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3VwWC1xR0RYQUZ3Y3BWLUoyWll0VUZwQ1pYOC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIBSsgwDQYJKoZIhvcNAQELBQADggEBAAkaVbSDHW+gB1cMSyuT5D9eDhs2
i7chlkT746ObW2XNxtCuNq12rcm35+R6cjP0ID2tBN2MoT+TFwyshbw0NLV0NR/C
lLUv6yTDDVM9j0IjpDUvGG387pNqVSuUzYdFhTap0xQXBlddOj/lEuDIUNPbtiOq
mmScp7e5nsOnuT7/vvZkh8mpN1uwwNXke7XX/xPJ2FQ0VyIi9Z42YapKW8CgMQTo
4/Ud4txKn72YR/IS4/Rlqu+CkVQPQmPpbGz20+si/Exbqhg6G81unpwz14D1PEpc
ML32Au5ORBVOUH0fxCvhiv2Id+347ZQoaO6TXPRogk/z0V8GtT+iYQjrpuo=
-----END CERTIFICATE-----
Generated at Mon Jun 17 09:40:10 2024 by rpki-client on console-fra.rpki-client.org