Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/373/GEu13tUBffXhCIWEfmZdxRxgG_U.roa
File:                     GEu13tUBffXhCIWEfmZdxRxgG_U.roa (raw, json)
Hash identifier:          u3Oqg8eGhvup18X+Y9VWE7kS3J3/yEBfZLFUyOIbFAg=
Subject key identifier:   18:4B:B5:DE:D5:01:7D:F5:E1:08:85:84:7E:66:5D:C5:1C:60:1B:F5
Certificate issuer:       /CN=89CF5C2AFA5B576577351C4199018D44CDC2D6DA
Certificate serial:       2D
Authority key identifier: 89:CF:5C:2A:FA:5B:57:65:77:35:1C:41:99:01:8D:44:CD:C2:D6:DA
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ic9cKvpbV2V3NRxBmQGNRM3C1to.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/373/GEu13tUBffXhCIWEfmZdxRxgG_U.roa
Signing time:             Sun 30 Jun 2024 01:32:28 +0000
ROA not before:           Sun 30 Jun 2024 01:32:28 +0000
ROA not after:            Tue 24 Jun 2025 10:46:45 +0000
asID:                     9615
IP address blocks:        119.63.112.0/20 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/373/ic9cKvpbV2V3NRxBmQGNRM3C1to.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/373/ic9cKvpbV2V3NRxBmQGNRM3C1to.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ic9cKvpbV2V3NRxBmQGNRM3C1to.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 15:22:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 45 (0x2d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89CF5C2AFA5B576577351C4199018D44CDC2D6DA
        Validity
            Not Before: Jun 30 01:32:28 2024 GMT
            Not After : Jun 24 10:46:45 2025 GMT
        Subject: CN=184BB5DED5017DF5E10885847E665DC51C601BF5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:90:a3:9d:ab:a1:4d:28:31:ae:b7:a4:d2:c2:
                    6b:e6:d1:35:d0:0e:43:50:c2:ab:79:09:e4:46:f0:
                    f2:29:1e:89:d8:21:97:50:ee:2f:ac:a1:61:a9:ad:
                    75:87:1f:66:c9:74:e8:1d:31:59:66:64:8b:c1:66:
                    77:d0:7e:87:e2:fd:97:c0:2a:ac:c8:26:5b:4c:d2:
                    5e:15:3e:08:f2:5c:36:ef:7a:e7:52:ac:9b:af:ce:
                    b7:1a:ed:93:7f:c8:44:d2:40:f2:94:a8:0b:99:63:
                    0a:bc:19:8a:e7:72:ea:f2:3c:75:6c:ce:d3:9c:a7:
                    76:87:4f:cf:93:20:c9:f3:24:6f:30:03:75:8a:fc:
                    bc:b5:42:94:6b:7a:b8:e1:af:e8:e3:e4:01:78:79:
                    36:09:3d:87:69:ed:97:dd:03:86:ac:d9:27:0a:e0:
                    b5:ca:6b:9a:2a:0d:57:c0:f7:22:dc:9e:61:86:83:
                    6c:1f:87:7b:1a:bc:c4:f2:b2:4c:30:2e:5b:ce:dc:
                    00:cf:56:f2:f2:f5:44:03:7c:53:02:69:ea:79:c4:
                    e6:28:6e:f7:f6:8d:1a:0c:78:0a:8b:72:ca:fa:4e:
                    20:c7:69:26:4a:b2:35:91:aa:fe:94:33:47:ec:4a:
                    5f:96:b1:a4:09:eb:28:49:07:3a:60:08:7b:30:77:
                    2a:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:4B:B5:DE:D5:01:7D:F5:E1:08:85:84:7E:66:5D:C5:1C:60:1B:F5
            X509v3 Authority Key Identifier:
                keyid:89:CF:5C:2A:FA:5B:57:65:77:35:1C:41:99:01:8D:44:CD:C2:D6:DA

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/373/ic9cKvpbV2V3NRxBmQGNRM3C1to.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ic9cKvpbV2V3NRxBmQGNRM3C1to.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/373/GEu13tUBffXhCIWEfmZdxRxgG_U.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  119.63.112.0/20

    Signature Algorithm: sha256WithRSAEncryption
         2a:b7:71:41:ac:b7:18:e1:bd:85:e2:3c:1c:38:b4:97:bf:a0:
         12:62:83:29:11:ae:21:ac:69:94:9f:6b:3a:1c:7c:43:ee:74:
         0b:8c:3f:4c:2d:70:9d:ec:35:70:be:44:71:c5:2a:61:97:36:
         f7:24:dd:21:89:d2:67:c6:3a:c1:ac:0d:ec:4b:6a:b5:b0:e4:
         3a:e7:19:3d:bd:eb:d6:e4:17:24:42:cf:a8:4a:bc:53:8c:17:
         22:e7:7d:3e:90:49:24:3b:52:3d:d7:56:ed:09:9c:96:e5:df:
         25:4b:6c:ce:ff:65:25:6f:2c:48:54:c2:3d:39:1a:fb:1f:00:
         0f:cc:54:85:3e:6f:9e:fb:43:94:23:6d:2a:15:b8:85:51:6f:
         17:ec:9a:8c:1e:f8:ce:54:19:57:27:26:05:ac:53:6f:c5:3b:
         9c:c6:b6:78:c2:ae:dd:d8:1c:4f:e0:ec:cc:93:ef:d6:a0:30:
         68:67:06:f3:cb:3d:5a:90:14:45:fe:a4:e3:13:5f:0f:56:7d:
         16:9b:ea:53:f8:9a:7f:26:75:3f:3b:33:99:3a:20:da:f3:53:
         b4:15:24:26:e4:fa:62:42:e6:04:11:d7:06:a1:f9:36:1e:80:
         dc:4f:b4:7d:99:ec:23:1f:4b:8f:55:1a:d2:7b:2c:3a:d9:f6:
         47:12:01:39
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBLTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4OUNG
NUMyQUZBNUI1NzY1NzczNTFDNDE5OTAxOEQ0NENEQzJENkRBMB4XDTI0MDYzMDAx
MzIyOFoXDTI1MDYyNDEwNDY0NVowMzExMC8GA1UEAxMoMTg0QkI1REVENTAxN0RG
NUUxMDg4NTg0N0U2NjVEQzUxQzYwMUJGNTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMKQo52roU0oMa63pNLCa+bRNdAOQ1DCq3kJ5Ebw8ikeidghl1Du
L6yhYamtdYcfZsl06B0xWWZki8Fmd9B+h+L9l8AqrMgmW0zSXhU+CPJcNu9651Ks
m6/Otxrtk3/IRNJA8pSoC5ljCrwZiudy6vI8dWzO05yndodPz5MgyfMkbzADdYr8
vLVClGt6uOGv6OPkAXh5Ngk9h2ntl90DhqzZJwrgtcprmioNV8D3ItyeYYaDbB+H
exq8xPKyTDAuW87cAM9W8vL1RAN8UwJp6nnE5ihu9/aNGgx4CotyyvpOIMdpJkqy
NZGq/pQzR+xKX5axpAnrKEkHOmAIezB3KlkCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBQYS7Xe1QF99eEIhYR+Zl3FHGAb9TAfBgNVHSMEGDAWgBSJz1wq+ltXZXc1HEGZ
AY1EzcLW2jAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzczL2ljOWNLdnBiVjJWM05SeEJtUUdOUk0zQzF0by5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL2ljOWNLdnBiVjJWM05SeEJtUUdOUk0z
QzF0by5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC8zNzMvR0V1MTN0VUJmZlhoQ0lXRWZtWmR4UnhnR19VLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBHc/cDANBgkqhkiG9w0BAQsFAAOCAQEAKrdxQay3GOG9heI8HDi0l7+gEmKD
KRGuIaxplJ9rOhx8Q+50C4w/TC1wnew1cL5EccUqYZc29yTdIYnSZ8Y6wawN7Etq
tbDkOucZPb3r1uQXJELPqEq8U4wXIud9PpBJJDtSPddW7QmcluXfJUtszv9lJW8s
SFTCPTka+x8AD8xUhT5vnvtDlCNtKhW4hVFvF+yajB74zlQZVycmBaxTb8U7nMa2
eMKu3dgcT+DszJPv1qAwaGcG88s9WpAURf6k4xNfD1Z9FpvqU/iafyZ1PzszmTog
2vNTtBUkJuT6YkLmBBHXBqH5Nh6A3E+0fZnsIx9Lj1Ua0nssOtn2RxIBOQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:45:42 2024 by rpki-client on console-ams.rpki-client.org