Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/wPH8hnshI1X8xBKOLjNe-uvMKUg.roa
File:                     wPH8hnshI1X8xBKOLjNe-uvMKUg.roa (raw, json)
Hash identifier:          WgQ/yuW5etmDcUkopLQtguF55afAm7xlXBYJu3Gko4Q=
Subject key identifier:   C0:F1:FC:86:7B:21:23:55:FC:C4:12:8E:2E:33:5E:FA:EB:CC:29:48
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0761
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/wPH8hnshI1X8xBKOLjNe-uvMKUg.roa
Signing time:             Tue 30 Apr 2024 02:01:39 +0000
ROA not before:           Tue 30 Apr 2024 02:01:39 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        1.73.64.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 14:09:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1889 (0x761)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 02:01:39 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=C0F1FC867B212355FCC4128E2E335EFAEBCC2948
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:0d:53:6b:05:87:df:d9:b0:5d:65:ae:83:d9:
                    b7:41:d5:55:0f:42:83:64:25:af:b0:4a:44:47:3f:
                    e5:75:b6:bc:61:de:6d:22:c5:67:b9:d2:73:63:17:
                    e2:ca:d8:00:e4:48:27:61:b3:48:b4:85:d1:92:15:
                    9a:86:64:85:28:9d:e7:32:98:99:3e:61:f8:ec:70:
                    8a:42:59:3c:b7:63:8d:7a:c7:7a:48:1d:3a:8a:bc:
                    31:d3:c3:d8:2f:bd:8e:40:29:e2:cc:ca:77:2b:2c:
                    16:2d:b5:1a:f4:23:df:b8:c5:2f:6e:df:be:b6:44:
                    50:b5:ef:2d:b3:72:4a:ea:07:90:97:d5:b1:cc:87:
                    92:32:57:78:38:e4:74:2b:19:3c:86:82:fd:c5:30:
                    a2:33:bd:4d:27:db:63:aa:92:c6:9f:05:a8:90:bc:
                    5c:d5:3d:bf:f3:a6:8e:73:26:0c:ee:8f:dc:17:78:
                    93:ac:f8:82:b2:82:01:e1:00:b9:55:a4:f8:91:a6:
                    34:ca:88:51:a9:08:b6:a1:a4:ad:7d:6d:cf:16:0c:
                    c1:3d:7c:a0:44:a1:c9:d3:e4:95:a3:a4:60:ec:62:
                    29:2a:62:d1:5b:bd:a5:c0:88:52:fe:24:2d:07:ec:
                    f4:4a:1a:65:8a:7f:e9:9c:8e:79:90:66:bb:05:30:
                    9a:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:F1:FC:86:7B:21:23:55:FC:C4:12:8E:2E:33:5E:FA:EB:CC:29:48
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/wPH8hnshI1X8xBKOLjNe-uvMKUg.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.73.64.0/21

    Signature Algorithm: sha256WithRSAEncryption
         4a:a6:75:08:9a:d6:7c:58:d7:ef:13:97:41:a5:81:a3:62:7b:
         10:b4:ec:17:56:a1:dc:3c:49:fd:2d:e5:e6:47:4b:0e:2d:c0:
         78:a9:91:c1:55:fc:d3:bf:50:a1:5b:67:b3:94:58:df:2c:be:
         f4:08:a6:2d:e6:9b:c9:c0:c8:a3:1f:27:73:8a:ba:65:6d:8a:
         bc:3a:8a:ab:8c:db:db:d8:30:eb:4f:d5:d7:bb:05:b2:60:85:
         0b:ce:9e:a4:db:33:63:99:fa:90:da:fc:5a:e1:cf:62:09:5d:
         5d:82:fa:c4:8e:b0:a8:ac:e0:c5:b4:91:18:6e:f1:62:7a:3e:
         4e:19:c3:b3:cb:3a:11:b0:f8:26:f8:99:63:b4:3b:f9:27:13:
         95:5c:67:d4:60:63:62:6d:dd:cd:00:b0:d1:eb:c0:9a:c8:05:
         fe:86:88:74:1b:2c:b3:5f:bd:f8:76:ff:73:75:8f:d9:9e:b2:
         15:b8:1e:b4:32:8a:c2:d1:03:20:ad:dc:d2:02:0d:b5:38:da:
         28:ed:02:d0:95:a7:36:3f:4d:10:64:a1:ca:87:99:42:70:1b:
         0d:47:ba:f8:93:b9:90:54:0e:05:25:86:99:27:5e:15:bf:10:
         b1:99:4c:5c:c1:b0:3a:d2:1b:5f:bc:87:57:3b:ff:ab:59:40:
         0c:69:dd:0d
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICB2EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MjAxMzlaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKEMwRjFGQzg2N0IyMTIz
NTVGQ0M0MTI4RTJFMzM1RUZBRUJDQzI5NDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCUDVNrBYff2bBdZa6D2bdB1VUPQoNkJa+wSkRHP+V1trxh3m0i
xWe50nNjF+LK2ADkSCdhs0i0hdGSFZqGZIUonecymJk+YfjscIpCWTy3Y416x3pI
HTqKvDHTw9gvvY5AKeLMyncrLBYttRr0I9+4xS9u3762RFC17y2zckrqB5CX1bHM
h5IyV3g45HQrGTyGgv3FMKIzvU0n22OqksafBaiQvFzVPb/zpo5zJgzuj9wXeJOs
+IKyggHhALlVpPiRpjTKiFGpCLahpK19bc8WDME9fKBEocnT5JWjpGDsYikqYtFb
vaXAiFL+JC0H7PRKGmWKf+mcjnmQZrsFMJrrAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUwPH8hnshI1X8xBKOLjNe+uvMKUgwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3dQSDhobnNoSTFYOHhCS09Mak5lLXV2TUtVZy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMBSUAwDQYJKoZIhvcNAQELBQADggEBAEqmdQia1nxY1+8Tl0GlgaNiexC0
7BdWodw8Sf0t5eZHSw4twHipkcFV/NO/UKFbZ7OUWN8svvQIpi3mm8nAyKMfJ3OK
umVtirw6iquM29vYMOtP1de7BbJghQvOnqTbM2OZ+pDa/Frhz2IJXV2C+sSOsKis
4MW0kRhu8WJ6Pk4Zw7PLOhGw+Cb4mWO0O/knE5VcZ9RgY2Jt3c0AsNHrwJrIBf6G
iHQbLLNfvfh2/3N1j9meshW4HrQyisLRAyCt3NICDbU42ijtAtCVpzY/TRBkocqH
mUJwGw1HuviTuZBUDgUlhpknXhW/ELGZTFzBsDrSG1+8h1c7/6tZQAxp3Q0=
-----END CERTIFICATE-----
Generated at Mon Jun 17 11:41:38 2024 by rpki-client on console-ams.rpki-client.org