Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/354/y2JsUpNhRugXNnY_cLNe8Dztetc.roa
File:                     y2JsUpNhRugXNnY_cLNe8Dztetc.roa (raw, json)
Hash identifier:          aFAHB+viTREQ1oj0DIQBi8+mG7liy39cmbSO25mmalc=
Subject key identifier:   CB:62:6C:52:93:61:46:E8:17:36:76:3F:70:B3:5E:F0:3C:ED:7A:D7
Certificate issuer:       /CN=0A5ACAC2990BD8F8655C0C721BACFF030A59D1FC
Certificate serial:       E4
Authority key identifier: 0A:5A:CA:C2:99:0B:D8:F8:65:5C:0C:72:1B:AC:FF:03:0A:59:D1:FC
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ClrKwpkL2PhlXAxyG6z_AwpZ0fw.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/354/y2JsUpNhRugXNnY_cLNe8Dztetc.roa
Signing time:             Thu 29 Feb 2024 01:29:42 +0000
ROA not before:           Thu 29 Feb 2024 01:29:42 +0000
ROA not after:            Fri 14 Feb 2025 01:30:03 +0000
asID:                     9607
IP address blocks:        211.14.16.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/354/ClrKwpkL2PhlXAxyG6z_AwpZ0fw.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/354/ClrKwpkL2PhlXAxyG6z_AwpZ0fw.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ClrKwpkL2PhlXAxyG6z_AwpZ0fw.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 228 (0xe4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0A5ACAC2990BD8F8655C0C721BACFF030A59D1FC
        Validity
            Not Before: Feb 29 01:29:42 2024 GMT
            Not After : Feb 14 01:30:03 2025 GMT
        Subject: CN=CB626C52936146E81736763F70B35EF03CED7AD7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:d8:94:02:12:1e:ed:b4:7e:bd:86:fe:09:42:
                    f1:55:90:0a:f0:75:90:9c:0f:2c:bc:88:e8:42:07:
                    7b:92:95:47:36:ee:47:9f:81:0c:5c:c9:ec:72:84:
                    50:fe:db:04:b8:50:67:98:f7:fe:f5:df:81:49:be:
                    3c:36:e9:55:57:c5:77:55:3b:11:f7:1a:e7:d5:bf:
                    02:e3:b8:1d:9c:a0:c1:f1:8a:aa:12:b4:a7:9d:46:
                    82:c8:dd:e6:04:00:91:5c:61:62:3c:67:93:14:5f:
                    3e:3e:2e:c8:75:c4:da:64:48:a4:ec:57:b6:fa:c7:
                    18:08:b2:02:31:c3:29:cc:2a:98:72:8a:ed:a2:a6:
                    47:79:31:0f:50:6e:a9:fb:2e:b7:c1:b5:b7:3a:f9:
                    fd:8a:25:c1:09:78:e1:1a:29:54:8f:69:3f:8e:23:
                    13:e5:e6:68:7b:61:7c:85:bd:8a:85:dd:38:b8:30:
                    9b:63:30:9f:6f:28:f0:4b:a8:91:42:09:43:e8:10:
                    84:df:9d:b2:79:9f:c7:36:0a:27:87:61:6d:d2:b5:
                    26:06:c5:67:cd:49:45:8f:18:b8:75:51:e8:d2:cf:
                    f8:0b:66:1e:b9:e2:91:d4:8f:0b:9c:d3:f8:c1:80:
                    ae:9a:60:7d:a9:7f:ae:37:0f:f6:66:83:15:c0:0f:
                    9d:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:62:6C:52:93:61:46:E8:17:36:76:3F:70:B3:5E:F0:3C:ED:7A:D7
            X509v3 Authority Key Identifier:
                keyid:0A:5A:CA:C2:99:0B:D8:F8:65:5C:0C:72:1B:AC:FF:03:0A:59:D1:FC

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/354/ClrKwpkL2PhlXAxyG6z_AwpZ0fw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ClrKwpkL2PhlXAxyG6z_AwpZ0fw.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/354/y2JsUpNhRugXNnY_cLNe8Dztetc.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  211.14.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         97:d1:d2:18:9e:22:4e:d1:6c:db:58:b9:05:37:90:65:3f:96:
         9d:79:7d:ac:36:b9:9c:bc:72:a9:47:52:ae:74:b8:6b:2f:62:
         eb:30:29:1f:91:9a:db:a3:e5:7b:f6:d1:06:e5:53:47:c7:f3:
         f2:5a:24:46:27:5c:06:f0:e5:94:bf:a2:84:5b:14:9e:44:6c:
         cc:9a:8c:78:e1:75:fd:71:1b:6f:c2:cc:1c:79:ce:c9:d3:38:
         b2:39:ce:a7:48:9b:cf:bc:00:f0:ff:4f:1a:56:9e:cb:c4:11:
         87:1a:1e:c6:58:de:70:49:15:ae:c0:6c:7d:2c:70:49:08:d3:
         6f:be:cd:f8:7b:2d:21:3d:46:2d:14:f7:c2:58:03:e3:a1:d3:
         0b:34:e6:29:f7:09:03:6d:ed:1e:a6:b2:76:95:4a:e9:7b:41:
         aa:c0:ce:28:13:ed:04:86:02:fe:01:72:09:63:bd:25:be:ca:
         6d:68:8d:b2:8d:77:3c:f6:3a:5e:82:b8:48:83:3d:2a:ff:78:
         d9:ce:ce:a4:db:60:cd:3c:57:d7:92:ad:29:ed:5d:5e:85:b3:
         0f:bc:0a:09:5a:ae:47:88:32:48:f9:ad:69:d4:c7:b9:19:a8:
         74:9a:69:23:d7:b6:df:93:b4:d2:b0:ae:32:90:d5:e2:ac:c0:
         15:d6:92:16
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAOQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEE1
QUNBQzI5OTBCRDhGODY1NUMwQzcyMUJBQ0ZGMDMwQTU5RDFGQzAeFw0yNDAyMjkw
MTI5NDJaFw0yNTAyMTQwMTMwMDNaMDMxMTAvBgNVBAMTKENCNjI2QzUyOTM2MTQ2
RTgxNzM2NzYzRjcwQjM1RUYwM0NFRDdBRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCj2JQCEh7ttH69hv4JQvFVkArwdZCcDyy8iOhCB3uSlUc27kef
gQxcyexyhFD+2wS4UGeY9/7134FJvjw26VVXxXdVOxH3GufVvwLjuB2coMHxiqoS
tKedRoLI3eYEAJFcYWI8Z5MUXz4+Lsh1xNpkSKTsV7b6xxgIsgIxwynMKphyiu2i
pkd5MQ9Qbqn7LrfBtbc6+f2KJcEJeOEaKVSPaT+OIxPl5mh7YXyFvYqF3Ti4MJtj
MJ9vKPBLqJFCCUPoEITfnbJ5n8c2CieHYW3StSYGxWfNSUWPGLh1UejSz/gLZh65
4pHUjwuc0/jBgK6aYH2pf643D/ZmgxXAD52zAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUy2JsUpNhRugXNnY/cLNe8DztetcwHwYDVR0jBBgwFoAUClrKwpkL2PhlXAxy
G6z/AwpZ0fwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzM1NC9DbHJLd3BrTDJQaGxYQXh5RzZ6X0F3cFowZncuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9DbHJLd3BrTDJQaGxYQXh5RzZ6X0F3
cFowZncuY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzU0L3kySnNVcE5oUnVnWE5uWV9jTE5lOER6dGV0Yy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALTDhAwDQYJKoZIhvcNAQELBQADggEBAJfR0hieIk7RbNtYuQU3kGU/lp15
faw2uZy8cqlHUq50uGsvYuswKR+Rmtuj5Xv20QblU0fH8/JaJEYnXAbw5ZS/ooRb
FJ5EbMyajHjhdf1xG2/CzBx5zsnTOLI5zqdIm8+8APD/TxpWnsvEEYcaHsZY3nBJ
Fa7AbH0scEkI02++zfh7LSE9Ri0U98JYA+Oh0ws05in3CQNt7R6msnaVSul7QarA
zigT7QSGAv4BcgljvSW+ym1ojbKNdzz2Ol6CuEiDPSr/eNnOzqTbYM08V9eSrSnt
XV6Fsw+8CglarkeIMkj5rWnUx7kZqHSaaSPXtt+TtNKwrjKQ1eKswBXWkhY=
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:31:56 2024 by rpki-client on console-ams.rpki-client.org