Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/354/1s8vlYv700BSuUGREnbsT9wCbCs.roa
File:                     1s8vlYv700BSuUGREnbsT9wCbCs.roa (raw, json)
Hash identifier:          uH6qku7qYdQbhP9X8mGIOZA6ft1eSY8MT1a2FQzkjWY=
Subject key identifier:   D6:CF:2F:95:8B:FB:D3:40:52:B9:41:91:12:76:EC:4F:DC:02:6C:2B
Certificate issuer:       /CN=86A0BE02D491F35A561CC4904BEB7EB1AD4EC2FF
Certificate serial:       3E
Authority key identifier: 86:A0:BE:02:D4:91:F3:5A:56:1C:C4:90:4B:EB:7E:B1:AD:4E:C2:FF
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/hqC-AtSR81pWHMSQS-t-sa1Owv8.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/354/1s8vlYv700BSuUGREnbsT9wCbCs.roa
Signing time:             Thu 29 Feb 2024 01:29:44 +0000
ROA not before:           Thu 29 Feb 2024 01:29:44 +0000
ROA not after:            Fri 14 Feb 2025 01:30:03 +0000
asID:                     9607
IP address blocks:        208.111.48.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/354/hqC-AtSR81pWHMSQS-t-sa1Owv8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/354/hqC-AtSR81pWHMSQS-t-sa1Owv8.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/hqC-AtSR81pWHMSQS-t-sa1Owv8.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b2g-rjmhc4rmyT_fBB8RSOZTTfI.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:52:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 62 (0x3e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86A0BE02D491F35A561CC4904BEB7EB1AD4EC2FF
        Validity
            Not Before: Feb 29 01:29:44 2024 GMT
            Not After : Feb 14 01:30:03 2025 GMT
        Subject: CN=D6CF2F958BFBD34052B941911276EC4FDC026C2B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:a7:a9:65:d4:07:df:56:0e:d4:2e:52:68:0a:
                    e1:89:06:ff:88:41:23:8d:2d:d4:91:33:a0:ac:ad:
                    0d:a7:7c:c7:6d:47:24:90:cf:1d:9a:55:8a:d2:80:
                    98:b2:96:a2:6e:84:1b:ce:af:43:73:a1:1b:75:69:
                    77:50:38:ca:85:20:60:75:37:b2:c3:b6:1e:88:2a:
                    1b:c8:ab:d7:44:6c:46:87:0a:82:de:d6:cf:6e:73:
                    ff:00:69:f5:f0:b0:5c:ea:66:76:76:9d:bd:42:a6:
                    a5:d5:4c:fe:3d:38:0a:6c:4e:ab:a4:b1:b5:4a:0a:
                    92:43:3b:54:80:20:d1:c1:ad:58:71:7a:12:cf:8f:
                    60:82:17:4a:dc:82:15:21:62:0c:9b:2a:ad:48:11:
                    8c:71:b7:72:a8:6d:f9:c5:b3:25:9a:64:06:88:20:
                    21:43:c4:bd:aa:37:ad:45:c6:7c:cc:2e:19:27:07:
                    01:4d:84:05:f9:b8:01:fc:1c:ae:24:a6:dd:86:df:
                    21:70:57:7a:38:58:22:bd:d9:df:a9:a1:73:de:59:
                    58:e1:2c:5a:b2:80:ac:37:35:7a:11:79:de:cb:d9:
                    af:f7:51:fb:21:b7:7f:94:2f:df:12:ae:c3:b8:33:
                    28:d9:09:88:c4:48:35:a3:11:d4:b9:87:8f:18:aa:
                    da:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:CF:2F:95:8B:FB:D3:40:52:B9:41:91:12:76:EC:4F:DC:02:6C:2B
            X509v3 Authority Key Identifier:
                keyid:86:A0:BE:02:D4:91:F3:5A:56:1C:C4:90:4B:EB:7E:B1:AD:4E:C2:FF

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/354/hqC-AtSR81pWHMSQS-t-sa1Owv8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/hqC-AtSR81pWHMSQS-t-sa1Owv8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/354/1s8vlYv700BSuUGREnbsT9wCbCs.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  208.111.48.0/21

    Signature Algorithm: sha256WithRSAEncryption
         6f:24:c1:f8:b1:d5:1b:db:76:07:45:6a:54:25:03:cf:b4:2b:
         1b:05:fa:7d:c6:7c:66:17:9b:55:73:08:aa:a9:bf:63:66:36:
         27:d9:86:c7:c3:9e:0e:cc:4b:b8:49:72:60:88:f3:62:d6:da:
         04:64:f7:5a:2e:25:0c:c7:97:49:5b:3d:9a:2a:56:e1:28:48:
         1e:71:80:62:f7:79:31:48:3a:84:69:30:f0:24:25:52:3c:55:
         c9:f5:b7:2d:26:3b:ff:3b:fc:be:4e:d6:02:de:49:82:6d:27:
         38:0d:47:54:09:7f:c8:9a:34:3f:93:65:41:f4:25:3f:ef:42:
         ad:45:a5:51:3b:70:a2:b1:3d:c3:1e:0f:5f:58:c8:35:b7:58:
         6b:31:2b:dc:5e:fc:7d:6f:63:c5:5f:f4:b5:d3:8d:c5:61:34:
         4f:aa:c3:f9:cb:f1:5b:4a:5f:a5:86:2e:2f:4e:43:7b:c8:f2:
         fd:78:78:2a:96:93:bc:19:f4:d7:87:8b:b8:29:33:1f:47:a3:
         3d:a5:0f:20:c5:65:32:13:e0:e5:60:f2:f8:9f:6d:05:43:ef:
         ea:7a:4c:e4:bc:91:8c:b8:2d:39:72:79:22:9c:97:63:6c:ed:
         42:6a:cb:fb:bd:f7:c1:21:d5:d8:13:53:00:93:42:f8:1e:6f:
         c1:7c:6e:a4
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBPjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4NkEw
QkUwMkQ0OTFGMzVBNTYxQ0M0OTA0QkVCN0VCMUFENEVDMkZGMB4XDTI0MDIyOTAx
Mjk0NFoXDTI1MDIxNDAxMzAwM1owMzExMC8GA1UEAxMoRDZDRjJGOTU4QkZCRDM0
MDUyQjk0MTkxMTI3NkVDNEZEQzAyNkMyQjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMSnqWXUB99WDtQuUmgK4YkG/4hBI40t1JEzoKytDad8x21HJJDP
HZpVitKAmLKWom6EG86vQ3OhG3Vpd1A4yoUgYHU3ssO2HogqG8ir10RsRocKgt7W
z25z/wBp9fCwXOpmdnadvUKmpdVM/j04CmxOq6SxtUoKkkM7VIAg0cGtWHF6Es+P
YIIXStyCFSFiDJsqrUgRjHG3cqht+cWzJZpkBoggIUPEvao3rUXGfMwuGScHAU2E
Bfm4AfwcriSm3YbfIXBXejhYIr3Z36mhc95ZWOEsWrKArDc1ehF53svZr/dR+yG3
f5Qv3xKuw7gzKNkJiMRINaMR1LmHjxiq2sMCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBTWzy+Vi/vTQFK5QZESduxP3AJsKzAfBgNVHSMEGDAWgBSGoL4C1JHzWlYcxJBL
636xrU7C/zAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzU0L2hxQy1BdFNSODFwV0hNU1FTLXQtc2ExT3d2OC5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL2hxQy1BdFNSODFwV0hNU1FTLXQtc2Ex
T3d2OC5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC8zNTQvMXM4dmxZdjcwMEJTdVVHUkVuYnNUOXdDYkNzLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEA9BvMDANBgkqhkiG9w0BAQsFAAOCAQEAbyTB+LHVG9t2B0VqVCUDz7QrGwX6
fcZ8ZhebVXMIqqm/Y2Y2J9mGx8OeDsxLuElyYIjzYtbaBGT3Wi4lDMeXSVs9mipW
4ShIHnGAYvd5MUg6hGkw8CQlUjxVyfW3LSY7/zv8vk7WAt5Jgm0nOA1HVAl/yJo0
P5NlQfQlP+9CrUWlUTtworE9wx4PX1jINbdYazEr3F78fW9jxV/0tdONxWE0T6rD
+cvxW0pfpYYuL05De8jy/Xh4KpaTvBn014eLuCkzH0ejPaUPIMVlMhPg5WDy+J9t
BUPv6npM5LyRjLgtOXJ5IpyXY2ztQmrL+733wSHV2BNTAJNC+B5vwXxupA==
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:57:23 2024 by rpki-client on console-fra.rpki-client.org