Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/yKoxkw4swVulPKnOVXh5goFUifA.roa
File:                     yKoxkw4swVulPKnOVXh5goFUifA.roa (raw, json)
Hash identifier:          3lu6wHUhmDYu7Kv5WxF/jvItI1KWTxAjRBWdVTi1s4s=
Subject key identifier:   C8:AA:31:93:0E:2C:C1:5B:A5:3C:A9:CE:55:78:79:82:81:54:89:F0
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0645
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/yKoxkw4swVulPKnOVXh5goFUifA.roa
Signing time:             Tue 30 Apr 2024 01:31:29 +0000
ROA not before:           Tue 30 Apr 2024 01:31:29 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        49.105.74.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 14:09:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1605 (0x645)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 01:31:29 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=C8AA31930E2CC15BA53CA9CE55787982815489F0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:42:96:47:de:c9:4a:e3:5a:da:51:8c:d7:42:
                    c4:43:97:ed:7b:9d:3f:9a:8d:d7:fc:eb:77:4d:74:
                    94:48:4a:7a:51:a7:bb:a2:1f:9f:94:0d:19:c1:5a:
                    78:58:95:80:f6:77:a3:3f:b1:39:a6:ef:41:11:2e:
                    1e:2a:a3:c6:b0:d4:ad:47:4e:a6:1a:37:3b:e9:d7:
                    0b:36:f1:50:72:86:9f:4f:b3:68:ff:9d:32:8e:93:
                    4f:14:f4:8c:01:fe:8d:e9:e0:3b:a5:8d:4d:96:df:
                    06:22:97:fe:43:aa:bf:ae:6b:53:77:e1:4b:c3:26:
                    fc:43:5f:f9:4d:be:7c:49:bd:fd:c1:84:73:db:91:
                    11:f4:a5:bd:a5:4a:63:b4:7d:26:7a:5e:b4:31:7a:
                    27:a8:6b:8d:bd:da:61:da:62:51:84:ad:f9:33:f2:
                    62:c8:bd:3d:32:34:52:e3:85:34:f9:92:47:b7:c0:
                    c0:c2:38:14:62:02:cf:e2:b3:7c:2e:30:1c:4e:b3:
                    1d:7a:6e:31:76:2b:7b:c5:d2:b4:3d:e7:e2:f0:66:
                    75:36:a7:59:30:ac:ab:b5:5c:64:9f:95:93:a6:f6:
                    48:83:fe:e5:6b:28:51:29:2d:41:b6:db:14:dd:dc:
                    a4:f4:b8:db:58:50:7c:60:67:6c:5b:81:ec:4c:69:
                    30:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:AA:31:93:0E:2C:C1:5B:A5:3C:A9:CE:55:78:79:82:81:54:89:F0
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/yKoxkw4swVulPKnOVXh5goFUifA.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.105.74.0/23

    Signature Algorithm: sha256WithRSAEncryption
         97:2b:55:63:04:e1:a6:ab:6d:1c:1b:22:62:be:df:b8:e5:b7:
         13:ec:4e:6b:72:a9:50:0b:3f:26:56:92:7a:3b:ac:07:db:ad:
         de:3e:e2:f8:ac:32:ad:01:f6:d6:7a:93:78:19:50:d1:bd:f6:
         d6:f5:f2:ec:19:9f:67:66:ab:30:8a:85:30:40:44:80:3c:04:
         d9:2d:d4:93:c6:c9:82:e4:7d:28:7e:92:e7:f3:3d:83:b7:e3:
         b7:8c:b4:13:02:87:00:b8:3b:4f:69:7f:61:14:16:95:c2:5d:
         a6:24:24:e8:49:bc:4f:0e:45:c2:c4:9b:b3:4b:26:ec:63:0a:
         d3:45:d9:a3:b7:f6:f7:4c:bb:72:ed:7d:b7:97:d5:5c:03:dd:
         8c:9f:08:28:e4:a7:87:11:35:1d:af:62:43:7e:2c:e2:d9:bf:
         a8:4c:10:ae:1f:65:60:8e:6c:19:ca:5b:59:e4:51:69:e7:dd:
         32:35:76:9c:42:2f:5d:b2:ee:cb:5e:11:e1:f9:f8:32:b6:52:
         ad:d1:4f:f5:1d:73:48:33:43:2a:72:d9:37:6e:59:cd:1d:4d:
         eb:ca:8e:4e:4c:44:48:8c:86:59:4e:a9:aa:5d:82:98:56:3e:
         c0:97:fd:f3:6d:57:e5:a2:41:ee:a1:e0:4a:ad:be:6d:80:29:
         5c:be:13:ce
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBkUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MTMxMjlaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKEM4QUEzMTkzMEUyQ0Mx
NUJBNTNDQTlDRTU1Nzg3OTgyODE1NDg5RjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCcQpZH3slK41raUYzXQsRDl+17nT+ajdf863dNdJRISnpRp7ui
H5+UDRnBWnhYlYD2d6M/sTmm70ERLh4qo8aw1K1HTqYaNzvp1ws28VByhp9Ps2j/
nTKOk08U9IwB/o3p4DuljU2W3wYil/5Dqr+ua1N34UvDJvxDX/lNvnxJvf3BhHPb
kRH0pb2lSmO0fSZ6XrQxeieoa4292mHaYlGErfkz8mLIvT0yNFLjhTT5kke3wMDC
OBRiAs/is3wuMBxOsx16bjF2K3vF0rQ95+LwZnU2p1kwrKu1XGSflZOm9kiD/uVr
KFEpLUG22xTd3KT0uNtYUHxgZ2xbgexMaTBlAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUyKoxkw4swVulPKnOVXh5goFUifAwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3lLb3hrdzRzd1Z1bFBLbk9WWGg1Z29GVWlmQS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAExaUowDQYJKoZIhvcNAQELBQADggEBAJcrVWME4aarbRwbImK+37jltxPs
TmtyqVALPyZWkno7rAfbrd4+4visMq0B9tZ6k3gZUNG99tb18uwZn2dmqzCKhTBA
RIA8BNkt1JPGyYLkfSh+kufzPYO347eMtBMChwC4O09pf2EUFpXCXaYkJOhJvE8O
RcLEm7NLJuxjCtNF2aO39vdMu3LtfbeX1VwD3YyfCCjkp4cRNR2vYkN+LOLZv6hM
EK4fZWCObBnKW1nkUWnn3TI1dpxCL12y7steEeH5+DK2Uq3RT/Udc0gzQypy2Tdu
Wc0dTevKjk5MREiMhllOqapdgphWPsCX/fNtV+WiQe6h4Eqtvm2AKVy+E84=
-----END CERTIFICATE-----
Generated at Mon Jun 17 11:39:13 2024 by rpki-client on console-fra.rpki-client.org