Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/yYPjYAa_DLqJ_RgFsUrhKTmfLhU.roa
File:                     yYPjYAa_DLqJ_RgFsUrhKTmfLhU.roa (raw, json)
Hash identifier:          ZIYBb8qIcFJyjnuKKApJtQ8E31eQF6DKPQmk0eWyGbY=
Subject key identifier:   C9:83:E3:60:06:BF:0C:BA:89:FD:18:05:B1:4A:E1:29:39:9F:2E:15
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0649
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/yYPjYAa_DLqJ_RgFsUrhKTmfLhU.roa
Signing time:             Tue 30 Apr 2024 01:31:31 +0000
ROA not before:           Tue 30 Apr 2024 01:31:31 +0000
ROA not after:            Tue 15 Apr 2025 01:30:02 +0000
asID:                     9605
IP address blocks:        110.163.12.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1609 (0x649)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Apr 30 01:31:31 2024 GMT
            Not After : Apr 15 01:30:02 2025 GMT
        Subject: CN=C983E36006BF0CBA89FD1805B14AE129399F2E15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:05:ad:4b:12:e5:79:7c:43:76:d9:4f:96:8d:
                    83:20:b6:06:c8:ed:5e:ba:9a:45:ff:ee:61:4e:88:
                    42:f5:3e:27:8e:8c:5d:b1:64:28:65:e6:7e:52:df:
                    83:d9:c5:0a:6c:25:74:e1:7e:36:1a:eb:7a:b3:9b:
                    3e:74:83:27:5a:ff:46:f2:71:c6:c9:ba:23:55:0e:
                    bc:ad:20:55:84:3a:fd:72:be:61:d2:7f:c6:29:2c:
                    d2:3c:08:d2:db:eb:24:1f:bb:a8:88:60:ac:53:93:
                    72:8f:0c:ea:a9:10:42:db:42:37:b7:46:66:22:99:
                    f8:07:22:de:fc:b8:25:d5:de:70:53:03:19:68:5f:
                    bd:b9:54:35:81:6a:91:ed:01:27:e7:67:59:75:5d:
                    c4:8f:2a:d6:4a:ca:63:3b:57:ab:b8:f6:8a:7b:30:
                    cd:b0:3b:84:6c:6e:b4:31:7d:f7:28:45:50:9d:83:
                    88:70:6a:cc:12:eb:a9:c4:f2:98:48:3c:4a:57:29:
                    32:d3:91:65:c3:db:cb:7d:19:cd:b7:05:f5:10:21:
                    a7:aa:f0:de:f4:d0:cf:02:11:5b:26:c0:31:fd:48:
                    56:71:04:ea:55:a8:ab:f2:2a:5a:6d:25:81:58:77:
                    cc:af:96:fa:8f:41:b1:42:64:bd:b2:40:d1:45:64:
                    e4:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:83:E3:60:06:BF:0C:BA:89:FD:18:05:B1:4A:E1:29:39:9F:2E:15
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/yYPjYAa_DLqJ_RgFsUrhKTmfLhU.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  110.163.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bf:6d:07:7f:45:6c:b3:42:d9:ae:7e:11:16:85:6d:2d:12:3f:
         dc:fd:98:99:9a:47:d5:af:14:55:51:23:f5:f7:16:7a:b8:42:
         5b:4c:1e:39:f4:29:d0:e0:04:e4:03:db:3f:fd:d9:c5:10:55:
         29:7b:41:74:ce:ea:0c:7f:18:fd:d3:d6:00:26:c0:8a:8e:3f:
         3a:d8:e6:33:5f:9a:78:91:53:70:72:70:bf:21:6a:3d:63:92:
         43:c4:14:75:86:90:7a:1c:25:61:2d:81:80:c7:62:e2:f7:64:
         51:9e:5e:3d:3b:67:84:7a:67:54:67:39:9b:63:29:fe:2b:8f:
         4e:43:9e:f7:76:7b:28:25:4e:28:13:4b:b1:d3:f3:ca:cd:de:
         29:d7:86:3a:1e:45:f7:53:1e:7c:4c:ad:bd:f4:2d:98:49:6e:
         9f:30:a2:89:c2:aa:47:18:21:a3:73:aa:0d:84:6f:78:86:4c:
         64:ca:79:c1:b4:62:a1:38:6c:42:78:33:93:21:f0:87:d8:90:
         59:42:85:ff:5b:bf:e5:5d:c7:ec:9b:01:e2:c2:ad:ab:82:fd:
         7e:30:27:7f:92:58:3b:5d:a9:5f:99:de:75:8c:bd:e0:b9:8d:
         dc:9e:8a:e1:2e:a1:f3:dc:4a:e7:64:fa:60:6b:1d:1f:aa:8e:
         6e:6e:90:d3
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBkkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNDA0MzAw
MTMxMzFaFw0yNTA0MTUwMTMwMDJaMDMxMTAvBgNVBAMTKEM5ODNFMzYwMDZCRjBD
QkE4OUZEMTgwNUIxNEFFMTI5Mzk5RjJFMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbBa1LEuV5fEN22U+WjYMgtgbI7V66mkX/7mFOiEL1PieOjF2x
ZChl5n5S34PZxQpsJXThfjYa63qzmz50gyda/0byccbJuiNVDrytIFWEOv1yvmHS
f8YpLNI8CNLb6yQfu6iIYKxTk3KPDOqpEELbQje3RmYimfgHIt78uCXV3nBTAxlo
X725VDWBapHtASfnZ1l1XcSPKtZKymM7V6u49op7MM2wO4RsbrQxffcoRVCdg4hw
aswS66nE8phIPEpXKTLTkWXD28t9Gc23BfUQIaeq8N700M8CEVsmwDH9SFZxBOpV
qKvyKlptJYFYd8yvlvqPQbFCZL2yQNFFZOQXAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUyYPjYAa/DLqJ/RgFsUrhKTmfLhUwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3lZUGpZQWFfRExxSl9SZ0ZzVXJoS1RtZkxoVS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABuowwwDQYJKoZIhvcNAQELBQADggEBAL9tB39FbLNC2a5+ERaFbS0SP9z9
mJmaR9WvFFVRI/X3Fnq4QltMHjn0KdDgBOQD2z/92cUQVSl7QXTO6gx/GP3T1gAm
wIqOPzrY5jNfmniRU3BycL8haj1jkkPEFHWGkHocJWEtgYDHYuL3ZFGeXj07Z4R6
Z1RnOZtjKf4rj05Dnvd2eyglTigTS7HT88rN3inXhjoeRfdTHnxMrb30LZhJbp8w
oonCqkcYIaNzqg2Eb3iGTGTKecG0YqE4bEJ4M5Mh8IfYkFlChf9bv+Vdx+ybAeLC
rauC/X4wJ3+SWDtdqV+Z3nWMveC5jdyeiuEuofPcSudk+mBrHR+qjm5ukNM=
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:57:23 2024 by rpki-client on console-fra.rpki-client.org