Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/y2WaHf-UCUrgd05L-FtLYTegas4.roa
File:                     y2WaHf-UCUrgd05L-FtLYTegas4.roa (raw, json)
Hash identifier:          5BXiLc55D9s7kdmVnjMMsJnAiZtfbGkQBayOE8YrqTo=
Subject key identifier:   CB:65:9A:1D:FF:94:09:4A:E0:77:4E:4B:F8:5B:4B:61:37:A0:6A:CE
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0697
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/y2WaHf-UCUrgd05L-FtLYTegas4.roa
Signing time:             Tue 30 Apr 2024 01:43:10 +0000
ROA not before:           Tue 30 Apr 2024 01:43:10 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        49.106.168.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1687 (0x697)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 01:43:10 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=CB659A1DFF94094AE0774E4BF85B4B6137A06ACE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:9a:a3:6f:4c:79:19:73:6a:72:c1:ae:be:21:
                    35:51:24:54:2f:de:e3:d0:14:eb:14:ce:3b:f3:03:
                    6d:d0:91:fd:75:c1:b9:f0:60:35:96:f1:96:96:cb:
                    cf:49:d5:9c:58:6a:cc:90:e3:74:e5:fb:69:45:26:
                    4c:9f:b7:5d:a8:ac:10:21:8a:f3:e5:e7:c2:3d:9b:
                    a0:ab:0f:61:74:45:05:ac:4d:1f:10:2c:87:78:66:
                    b7:c1:57:c4:c4:e0:1a:ba:90:02:b3:2f:55:3b:47:
                    cb:83:0b:42:59:58:fa:6c:e6:18:c5:4f:38:1b:81:
                    43:a6:13:12:bf:44:65:25:f7:83:a8:2b:6a:85:7a:
                    e6:22:53:f6:08:ce:79:36:87:f7:c0:8b:3b:7f:cd:
                    86:2c:d0:11:df:a0:ba:7e:21:bb:05:87:92:d5:01:
                    e9:34:17:2c:c9:5b:15:5e:0c:12:c4:13:73:25:cb:
                    7d:63:a8:80:6a:93:2f:36:90:86:af:c0:37:2f:67:
                    ec:83:b7:0b:de:b2:cc:dd:5e:02:70:68:92:8c:53:
                    9d:27:43:c1:86:3f:f7:9a:02:57:8a:ed:0d:e0:7d:
                    fc:62:29:e4:74:28:eb:81:10:bf:ae:68:dc:4e:3f:
                    df:5f:62:4f:de:6e:0e:04:a3:e6:36:40:82:1f:db:
                    af:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:65:9A:1D:FF:94:09:4A:E0:77:4E:4B:F8:5B:4B:61:37:A0:6A:CE
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/y2WaHf-UCUrgd05L-FtLYTegas4.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.106.168.0/23

    Signature Algorithm: sha256WithRSAEncryption
         de:69:42:ef:65:5c:7b:90:3b:80:0b:2b:76:e8:ad:2c:99:b1:
         d7:7a:78:fb:20:70:27:9f:e9:71:fe:0a:e0:06:d5:92:09:49:
         4e:f5:ad:cc:35:47:af:29:8d:29:dd:25:b5:e3:d7:db:5f:d9:
         25:6d:f4:df:f2:da:7e:98:5f:28:24:72:a6:d3:90:9e:1c:c2:
         91:b9:f6:11:d7:a1:b0:99:b9:41:ec:d3:75:25:3a:0e:aa:ad:
         ec:c4:00:73:51:b0:4e:1f:e5:f9:cb:05:19:ef:93:9c:27:d5:
         95:be:2e:15:ff:57:f7:fa:3f:e6:05:a9:b4:23:bf:4f:ee:1a:
         59:13:1c:ac:28:7b:55:5d:38:c3:b9:69:98:cd:f1:b5:82:9c:
         91:40:7d:0b:5d:a5:3f:b8:65:18:d7:45:57:9d:e2:96:68:8f:
         7f:2f:2c:ca:a5:3b:59:bf:a8:89:97:ba:c2:2e:54:fd:1a:f1:
         fb:c3:ab:81:6d:81:1e:fc:58:4e:f0:35:5d:e5:ad:4f:ad:d8:
         cf:f8:16:20:83:ae:5c:69:eb:38:fa:6a:a9:68:96:81:b6:1f:
         0c:96:f7:4d:03:12:54:6a:45:a2:25:21:06:d2:46:f7:94:65:
         c3:9a:56:50:b3:5d:c0:6c:ac:5d:75:b5:a6:8d:38:68:79:61:
         d3:77:2c:5e
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBpcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MTQzMTBaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKENCNjU5QTFERkY5NDA5
NEFFMDc3NEU0QkY4NUI0QjYxMzdBMDZBQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhmqNvTHkZc2pywa6+ITVRJFQv3uPQFOsUzjvzA23Qkf11wbnw
YDWW8ZaWy89J1ZxYasyQ43Tl+2lFJkyft12orBAhivPl58I9m6CrD2F0RQWsTR8Q
LId4ZrfBV8TE4Bq6kAKzL1U7R8uDC0JZWPps5hjFTzgbgUOmExK/RGUl94OoK2qF
euYiU/YIznk2h/fAizt/zYYs0BHfoLp+IbsFh5LVAek0FyzJWxVeDBLEE3Mly31j
qIBqky82kIavwDcvZ+yDtwvesszdXgJwaJKMU50nQ8GGP/eaAleK7Q3gffxiKeR0
KOuBEL+uaNxOP99fYk/ebg4Eo+Y2QIIf268pAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUy2WaHf+UCUrgd05L+FtLYTegas4wHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3kyV2FIZi1VQ1VyZ2QwNUwtRnRMWVRlZ2FzNC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAExaqgwDQYJKoZIhvcNAQELBQADggEBAN5pQu9lXHuQO4ALK3borSyZsdd6
ePsgcCef6XH+CuAG1ZIJSU71rcw1R68pjSndJbXj19tf2SVt9N/y2n6YXygkcqbT
kJ4cwpG59hHXobCZuUHs03UlOg6qrezEAHNRsE4f5fnLBRnvk5wn1ZW+LhX/V/f6
P+YFqbQjv0/uGlkTHKwoe1VdOMO5aZjN8bWCnJFAfQtdpT+4ZRjXRVed4pZoj38v
LMqlO1m/qImXusIuVP0a8fvDq4FtgR78WE7wNV3lrU+t2M/4FiCDrlxp6zj6aqlo
loG2HwyW900DElRqRaIlIQbSRveUZcOaVlCzXcBsrF11taaNOGh5YdN3LF4=
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:57:23 2024 by rpki-client on console-fra.rpki-client.org