Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/39047/fQDM6Ok5TGY71iIPlr6XxOmMABw.roa
File:                     fQDM6Ok5TGY71iIPlr6XxOmMABw.roa (raw, json)
Hash identifier:          2hm0d+YYcGaLZ/UtUil4n6Z1oApzV1yxVSm0r8bgFqs=
Subject key identifier:   7D:00:CC:E8:E9:39:4C:66:3B:D6:22:0F:96:BE:97:C4:E9:8C:00:1C
Certificate issuer:       /CN=FDB1289227F2B8A6DB0D3386C1EC7510FFFDAE60
Certificate serial:       43
Authority key identifier: FD:B1:28:92:27:F2:B8:A6:DB:0D:33:86:C1:EC:75:10:FF:FD:AE:60
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/_bEokifyuKbbDTOGwex1EP_9rmA.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/39047/fQDM6Ok5TGY71iIPlr6XxOmMABw.roa
Signing time:             Thu 29 Feb 2024 01:30:18 +0000
ROA not before:           Thu 29 Feb 2024 01:30:18 +0000
ROA not after:            Fri 14 Feb 2025 01:30:03 +0000
asID:                     59128
IP address blocks:        2001:df0:8500::/48 maxlen: 128

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/39047/_bEokifyuKbbDTOGwex1EP_9rmA.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/39047/_bEokifyuKbbDTOGwex1EP_9rmA.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/_bEokifyuKbbDTOGwex1EP_9rmA.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 14:41:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 67 (0x43)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FDB1289227F2B8A6DB0D3386C1EC7510FFFDAE60
        Validity
            Not Before: Feb 29 01:30:18 2024 GMT
            Not After : Feb 14 01:30:03 2025 GMT
        Subject: CN=7D00CCE8E9394C663BD6220F96BE97C4E98C001C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:be:04:4e:4d:47:90:c3:1a:47:ec:0e:47:f3:
                    ed:28:07:0a:e0:fb:0f:7e:9b:76:1e:f3:33:a5:66:
                    37:42:1f:e2:b7:bd:f2:68:0b:34:59:02:08:69:5d:
                    78:36:00:89:93:3d:0a:3f:20:a3:54:b1:24:b1:dc:
                    77:ab:04:f8:18:b7:fa:b9:05:14:47:a4:f0:4e:bf:
                    fc:46:83:01:fe:b4:1e:e7:14:3b:69:0e:d6:a7:1f:
                    7d:74:02:82:03:73:42:35:0d:84:40:24:65:21:85:
                    e6:cd:37:0d:08:ed:76:50:e1:a0:54:49:6a:bc:58:
                    ef:5f:49:72:9e:f5:3c:6e:a0:41:01:1d:79:d2:52:
                    3a:db:40:23:7b:9d:0b:1f:f6:72:27:c5:b5:87:3d:
                    2c:42:69:55:a5:fe:d4:95:e0:5f:d9:4a:5b:9e:c9:
                    e1:8f:5e:43:4a:2b:e5:1b:67:cf:c7:12:8a:90:25:
                    53:15:22:7f:1b:c9:dc:c0:97:05:23:4c:55:3a:3c:
                    a0:fc:c1:7b:e5:1a:81:59:08:2f:1e:38:39:28:23:
                    c3:4f:fb:01:56:52:da:b1:0c:68:37:99:48:56:e3:
                    b2:52:ca:9f:96:a1:0a:ec:e1:35:37:7b:e0:1b:45:
                    d0:15:f2:7e:f1:97:e2:e8:78:4c:ce:ba:39:f0:e0:
                    0d:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:00:CC:E8:E9:39:4C:66:3B:D6:22:0F:96:BE:97:C4:E9:8C:00:1C
            X509v3 Authority Key Identifier:
                keyid:FD:B1:28:92:27:F2:B8:A6:DB:0D:33:86:C1:EC:75:10:FF:FD:AE:60

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/39047/_bEokifyuKbbDTOGwex1EP_9rmA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/_bEokifyuKbbDTOGwex1EP_9rmA.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/39047/fQDM6Ok5TGY71iIPlr6XxOmMABw.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df0:8500::/48

    Signature Algorithm: sha256WithRSAEncryption
         99:ee:e3:61:4c:01:82:2c:db:82:44:7e:86:56:43:2b:8b:90:
         36:a1:9a:6f:b8:b9:fa:60:1a:f8:84:58:59:6d:c4:b1:e8:07:
         05:36:0b:44:2f:4b:b5:1a:2d:b8:0c:75:96:65:7c:bb:59:b2:
         5f:98:2d:59:99:d7:9b:bb:b5:64:88:32:7e:eb:9d:dd:e4:90:
         65:89:9c:95:f6:58:d2:9e:a9:2a:d9:a4:48:53:46:8a:25:4e:
         1a:a7:53:b3:86:dc:8b:b8:af:9a:23:3f:ca:4d:f4:70:44:87:
         8b:93:fe:ce:bd:ba:dd:ca:df:bd:b6:c2:2d:e3:31:95:8c:99:
         48:1e:45:28:5e:da:c7:cd:82:b4:d9:bd:00:d0:9e:64:2f:1d:
         33:82:e5:63:4a:c7:72:81:a2:23:96:40:9e:cb:b5:c1:34:24:
         23:b3:59:01:9c:1f:3c:a2:c3:24:c3:35:fc:03:49:0c:39:5e:
         8d:c6:34:bc:b5:7c:db:bc:ef:d2:f5:9b:d5:1f:9a:20:48:59:
         36:d7:2f:3d:8b:4d:0d:94:e8:d0:26:c9:59:94:0a:94:c8:a4:
         93:6e:e7:47:d4:89:af:af:45:01:70:91:ea:7c:fd:26:59:7a:
         52:b5:db:21:af:b9:68:e5:69:fa:7f:5b:2a:65:a3:f2:aa:c5:
         f0:1a:95:77
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIBQzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGREIx
Mjg5MjI3RjJCOEE2REIwRDMzODZDMUVDNzUxMEZGRkRBRTYwMB4XDTI0MDIyOTAx
MzAxOFoXDTI1MDIxNDAxMzAwM1owMzExMC8GA1UEAxMoN0QwMENDRThFOTM5NEM2
NjNCRDYyMjBGOTZCRTk3QzRFOThDMDAxQzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALa+BE5NR5DDGkfsDkfz7SgHCuD7D36bdh7zM6VmN0If4re98mgL
NFkCCGldeDYAiZM9Cj8go1SxJLHcd6sE+Bi3+rkFFEek8E6//EaDAf60HucUO2kO
1qcffXQCggNzQjUNhEAkZSGF5s03DQjtdlDhoFRJarxY719Jcp71PG6gQQEdedJS
OttAI3udCx/2cifFtYc9LEJpVaX+1JXgX9lKW57J4Y9eQ0or5Rtnz8cSipAlUxUi
fxvJ3MCXBSNMVTo8oPzBe+UagVkILx44OSgjw0/7AVZS2rEMaDeZSFbjslLKn5ah
CuzhNTd74BtF0BXyfvGX4uh4TM66OfDgDa8CAwEAAaOCAiswggInMB0GA1UdDgQW
BBR9AMzo6TlMZjvWIg+WvpfE6YwAHDAfBgNVHSMEGDAWgBT9sSiSJ/K4ptsNM4bB
7HUQ//2uYDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGgGA1UdHwRhMF8wXaBb
oFmGV3JzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzkwNDcvX2JFb2tpZnl1S2JiRFRPR3dleDFFUF85cm1BLmNybDBtBggr
BgEFBQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5
Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvX2JFb2tpZnl1S2JiRFRPR3dleDFF
UF85cm1BLmNlcjAOBgNVHQ8BAf8EBAMCB4Awgb0GCCsGAQUFBwELBIGwMIGtMGMG
CCsGAQUFBzALhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAv
QTkxQTczODEwMDAwLzM5MDQ3L2ZRRE02T2s1VEdZNzFpSVBscjZYeE9tTUFCdy5y
b2EwRgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q
cC9ycmRwL2FwL25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAgAQ3whQAwDQYJKoZIhvcNAQELBQADggEBAJnu42FMAYIs24JEfoZW
QyuLkDahmm+4ufpgGviEWFltxLHoBwU2C0QvS7UaLbgMdZZlfLtZsl+YLVmZ15u7
tWSIMn7rnd3kkGWJnJX2WNKeqSrZpEhTRoolThqnU7OG3Iu4r5ojP8pN9HBEh4uT
/s69ut3K3722wi3jMZWMmUgeRShe2sfNgrTZvQDQnmQvHTOC5WNKx3KBoiOWQJ7L
tcE0JCOzWQGcHzyiwyTDNfwDSQw5Xo3GNLy1fNu879L1m9UfmiBIWTbXLz2LTQ2U
6NAmyVmUCpTIpJNu50fUia+vRQFwkep8/SZZelK12yGvuWjlafp/Wyplo/KqxfAa
lXc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 15:24:03 2024 by rpki-client on console-fra.rpki-client.org