Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/vLkRI-LcDLRNKmigadtRitKvaWM.roa
File:                     vLkRI-LcDLRNKmigadtRitKvaWM.roa (raw, json)
Hash identifier:          fGoSNbWEZEtrTFXy1EBdFerFEQN55Dje19IIvKPKoAo=
Subject key identifier:   BC:B9:11:23:E2:DC:0C:B4:4D:2A:68:A0:69:DB:51:8A:D2:AF:69:63
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0781
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/vLkRI-LcDLRNKmigadtRitKvaWM.roa
Signing time:             Tue 30 Apr 2024 02:04:41 +0000
ROA not before:           Tue 30 Apr 2024 02:04:41 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        49.98.35.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1921 (0x781)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 02:04:41 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=BCB91123E2DC0CB44D2A68A069DB518AD2AF6963
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:76:4f:3e:c4:dd:dd:c7:5f:93:5a:be:26:e1:
                    f3:78:e5:d6:94:28:75:94:ba:09:93:a6:36:8a:39:
                    bb:4b:94:71:32:36:3b:d3:ca:90:97:a0:95:d9:8d:
                    77:24:fd:c6:a7:8c:63:f3:c7:3c:c9:ee:0c:d5:fe:
                    d7:e1:ff:2d:cb:00:1a:96:e1:cd:35:0d:01:6e:0d:
                    27:a6:39:a9:6a:28:6a:f6:9e:da:2a:3b:0b:04:8b:
                    6b:02:97:02:f5:d4:9e:5b:29:35:5a:19:d7:b2:da:
                    66:09:2e:f1:5c:82:fb:50:e0:d8:29:9e:2d:b0:8d:
                    39:44:6c:26:b3:27:8c:fc:a1:07:28:88:94:74:16:
                    8d:75:94:14:c8:d2:99:2f:1c:cf:60:19:ff:ba:1d:
                    6e:83:99:74:70:86:7e:29:cf:89:1f:b9:5a:fa:73:
                    68:b4:40:8a:9e:bd:2b:9f:0e:a4:73:8e:df:9a:fa:
                    0d:db:1e:ee:f5:95:e6:48:8a:76:3a:2a:20:f2:4f:
                    04:5a:65:a6:19:0d:cc:95:62:35:cb:4f:4c:d2:10:
                    6d:75:a7:47:0a:07:62:f7:f6:4e:83:1e:36:95:24:
                    87:42:ba:73:ab:18:a8:de:62:82:b9:03:53:c3:47:
                    bb:39:6f:92:57:74:8a:81:f3:c0:bf:88:b6:c8:36:
                    67:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:B9:11:23:E2:DC:0C:B4:4D:2A:68:A0:69:DB:51:8A:D2:AF:69:63
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/vLkRI-LcDLRNKmigadtRitKvaWM.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.98.35.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:94:cb:5d:df:a2:92:45:5f:c3:82:33:8f:6c:db:03:47:c9:
         54:0b:22:40:9f:61:47:93:83:54:ac:82:b3:81:ba:62:51:bf:
         2d:39:d7:fb:bd:b9:7e:a4:f5:ef:a3:40:23:97:27:ca:42:72:
         43:ea:19:1f:e8:b3:83:c9:ad:47:c3:23:2e:81:a0:ee:52:88:
         25:57:59:2c:ef:e9:b3:c3:7c:7e:6a:63:9b:d5:2a:87:a4:4c:
         df:cb:a3:3c:a7:a9:c6:45:7d:fd:c9:92:64:0a:e8:90:18:b2:
         cb:0a:4c:21:cd:e5:c3:a6:71:c0:bd:0f:d7:57:e2:91:15:00:
         27:41:73:76:b0:76:9c:61:26:74:f6:d6:ff:cd:90:1d:46:05:
         d8:42:ec:8e:0b:b0:d8:45:e9:a7:c3:68:3d:6f:4c:99:17:c4:
         b8:cc:97:3c:c9:19:e9:85:63:f8:a4:6f:55:fe:e5:3c:53:26:
         f9:47:6e:d0:17:16:05:d7:a2:a6:51:a0:3f:c0:04:b0:47:84:
         e7:fe:6c:28:e0:ea:96:55:a6:28:34:6a:56:14:1f:0b:81:17:
         fc:42:b1:62:5f:8b:25:fe:d4:44:73:3f:a1:fd:b6:dd:1a:79:
         87:fd:2e:0e:25:51:6b:39:54:92:b6:35:98:89:e1:74:e0:a4:
         9f:5d:eb:8f
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICB4EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MjA0NDFaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKEJDQjkxMTIzRTJEQzBD
QjQ0RDJBNjhBMDY5REI1MThBRDJBRjY5NjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGdk8+xN3dx1+TWr4m4fN45daUKHWUugmTpjaKObtLlHEyNjvT
ypCXoJXZjXck/canjGPzxzzJ7gzV/tfh/y3LABqW4c01DQFuDSemOalqKGr2ntoq
OwsEi2sClwL11J5bKTVaGdey2mYJLvFcgvtQ4Ngpni2wjTlEbCazJ4z8oQcoiJR0
Fo11lBTI0pkvHM9gGf+6HW6DmXRwhn4pz4kfuVr6c2i0QIqevSufDqRzjt+a+g3b
Hu71leZIinY6KiDyTwRaZaYZDcyVYjXLT0zSEG11p0cKB2L39k6DHjaVJIdCunOr
GKjeYoK5A1PDR7s5b5JXdIqB88C/iLbINmeHAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUvLkRI+LcDLRNKmigadtRitKvaWMwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3ZMa1JJLUxjRExSTkttaWdhZHRSaXRLdmFXTS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAxYiMwDQYJKoZIhvcNAQELBQADggEBAE2Uy13fopJFX8OCM49s2wNHyVQL
IkCfYUeTg1SsgrOBumJRvy051/u9uX6k9e+jQCOXJ8pCckPqGR/os4PJrUfDIy6B
oO5SiCVXWSzv6bPDfH5qY5vVKoekTN/LozynqcZFff3JkmQK6JAYsssKTCHN5cOm
ccC9D9dX4pEVACdBc3awdpxhJnT21v/NkB1GBdhC7I4LsNhF6afDaD1vTJkXxLjM
lzzJGemFY/ikb1X+5TxTJvlHbtAXFgXXoqZRoD/ABLBHhOf+bCjg6pZVpig0alYU
HwuBF/xCsWJfiyX+1ERzP6H9tt0aeYf9Lg4lUWs5VJK2NZiJ4XTgpJ9d648=
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:31:56 2024 by rpki-client on console-ams.rpki-client.org