Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/yO1l3yiZqGiJNu_RZBbcPmnXCHI.roa
File:                     yO1l3yiZqGiJNu_RZBbcPmnXCHI.roa (raw, json)
Hash identifier:          Qi9cGLzj5lWMUxvVcaL6S7NtMITkHHz23nmWIo2zhkU=
Subject key identifier:   C8:ED:65:DF:28:99:A8:68:89:36:EF:D1:64:16:DC:3E:69:D7:08:72
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       070A
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/yO1l3yiZqGiJNu_RZBbcPmnXCHI.roa
Signing time:             Tue 30 Apr 2024 01:52:55 +0000
ROA not before:           Tue 30 Apr 2024 01:52:55 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        1.79.12.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 14:09:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1802 (0x70a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 01:52:55 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=C8ED65DF2899A8688936EFD16416DC3E69D70872
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:f4:04:93:a6:a6:2f:b9:ec:1c:08:1c:d6:56:
                    3b:a8:df:68:33:a9:23:7f:a2:15:72:38:b4:59:85:
                    12:63:33:f6:60:14:4f:b8:ab:ce:3e:e1:29:45:6f:
                    9d:bb:49:c0:88:90:2b:47:2f:1d:a1:7c:b6:63:2e:
                    34:ce:73:f1:b8:d0:fb:cd:f4:b5:b8:cb:c9:29:73:
                    22:06:7b:72:d7:28:b6:c6:42:c4:a9:f8:c3:3d:28:
                    75:8c:4f:c0:f1:70:b6:e1:b4:7d:4b:44:0f:86:95:
                    33:3a:ec:ac:ca:50:6c:85:b9:89:fc:49:e1:cf:8e:
                    48:6f:45:7d:1f:c6:78:28:53:22:b2:d8:b2:5b:1a:
                    ef:16:fb:12:1f:ce:8a:64:1c:24:78:ad:81:76:58:
                    73:99:a2:e9:c7:52:2c:ab:76:7d:35:37:a6:41:33:
                    df:ff:7b:43:c2:e4:3e:b2:99:81:7c:1e:79:0c:b5:
                    90:5a:43:60:cf:ac:fd:c1:43:aa:9b:9a:53:c1:45:
                    ad:01:d6:ba:3c:e3:aa:21:d6:05:e1:9b:6c:1b:be:
                    fa:17:5c:4f:a8:ed:1b:84:64:4f:2a:2b:b5:79:c1:
                    02:6d:f0:4f:de:7b:05:c7:8f:c9:b1:6e:a6:33:a6:
                    57:f2:89:10:de:1c:ca:56:c4:0c:b3:75:6e:96:18:
                    d2:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:ED:65:DF:28:99:A8:68:89:36:EF:D1:64:16:DC:3E:69:D7:08:72
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/yO1l3yiZqGiJNu_RZBbcPmnXCHI.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.79.12.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c0:e1:b1:7a:95:7b:74:3e:e2:a3:17:fb:c2:5b:e1:a4:79:3e:
         67:7c:ee:5b:0a:45:67:73:51:06:01:42:b3:2b:16:54:0b:60:
         48:44:5b:63:7d:9e:96:da:47:52:36:06:39:80:e9:d9:47:e1:
         05:31:e2:a5:3f:9d:91:b4:b3:f7:a6:4b:f2:44:5b:b0:76:08:
         a0:89:4f:14:17:b5:23:ed:ab:02:02:dc:58:8f:7f:9a:b4:f4:
         75:89:66:6c:a9:04:7c:5b:34:19:39:72:0f:99:b5:3b:ee:0c:
         b6:34:16:7d:ed:dc:6e:6c:ab:ad:c7:2d:fd:90:68:67:ce:7c:
         00:9d:b0:c9:4d:87:3a:6c:08:e1:41:95:b8:7d:86:90:68:f6:
         05:95:f3:d5:49:91:34:81:ed:06:29:e3:30:0b:6d:fd:05:26:
         63:8b:76:8f:c3:62:f2:4b:be:dc:f7:0d:ef:13:93:b4:ee:87:
         4c:f8:82:8c:57:6c:a0:c0:19:3b:8a:aa:f3:ff:d1:32:90:6c:
         90:91:b9:1f:0c:24:94:72:fd:7a:2b:19:b9:b6:d3:59:f0:26:
         f6:a3:83:a2:b8:58:d0:8c:c4:3a:d7:68:31:4d:27:5b:06:d8:
         f9:fd:f3:b5:04:1b:de:71:e3:7a:04:b8:37:0f:ee:4f:6e:59:
         36:59:23:83
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBwowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MTUyNTVaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKEM4RUQ2NURGMjg5OUE4
Njg4OTM2RUZEMTY0MTZEQzNFNjlENzA4NzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/9ASTpqYvuewcCBzWVjuo32gzqSN/ohVyOLRZhRJjM/ZgFE+4
q84+4SlFb527ScCIkCtHLx2hfLZjLjTOc/G40PvN9LW4y8kpcyIGe3LXKLbGQsSp
+MM9KHWMT8DxcLbhtH1LRA+GlTM67KzKUGyFuYn8SeHPjkhvRX0fxngoUyKy2LJb
Gu8W+xIfzopkHCR4rYF2WHOZounHUiyrdn01N6ZBM9//e0PC5D6ymYF8HnkMtZBa
Q2DPrP3BQ6qbmlPBRa0B1ro846oh1gXhm2wbvvoXXE+o7RuEZE8qK7V5wQJt8E/e
ewXHj8mxbqYzplfyiRDeHMpWxAyzdW6WGNKLAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUyO1l3yiZqGiJNu/RZBbcPmnXCHIwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3lPMWwzeWlacUdpSk51X1JaQmJjUG1uWENISS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIBTwwwDQYJKoZIhvcNAQELBQADggEBAMDhsXqVe3Q+4qMX+8Jb4aR5Pmd8
7lsKRWdzUQYBQrMrFlQLYEhEW2N9npbaR1I2BjmA6dlH4QUx4qU/nZG0s/emS/JE
W7B2CKCJTxQXtSPtqwIC3FiPf5q09HWJZmypBHxbNBk5cg+ZtTvuDLY0Fn3t3G5s
q63HLf2QaGfOfACdsMlNhzpsCOFBlbh9hpBo9gWV89VJkTSB7QYp4zALbf0FJmOL
do/DYvJLvtz3De8Tk7Tuh0z4goxXbKDAGTuKqvP/0TKQbJCRuR8MJJRy/XorGbm2
01nwJvajg6K4WNCMxDrXaDFNJ1sG2Pn987UEG95x43oEuDcP7k9uWTZZI4M=
-----END CERTIFICATE-----
Generated at Mon Jun 17 11:39:13 2024 by rpki-client on console-fra.rpki-client.org