Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/394/BHtDnAbwq8D8QZ88IAK03HxdYEU.roa
File:                     BHtDnAbwq8D8QZ88IAK03HxdYEU.roa (raw, json)
Hash identifier:          9EJiBTQyLnXHmhNz2LxrUOUSYKfMNSNFeshAU3Yq2ek=
Subject key identifier:   04:7B:43:9C:06:F0:AB:C0:FC:41:9F:3C:20:02:B4:DC:7C:5D:60:45
Certificate issuer:       /CN=0D7125AE4CEAE1335FE5D429AA030CE9070DF19C
Certificate serial:       02CB
Authority key identifier: 0D:71:25:AE:4C:EA:E1:33:5F:E5:D4:29:AA:03:0C:E9:07:0D:F1:9C
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/DXElrkzq4TNf5dQpqgMM6QcN8Zw.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/394/BHtDnAbwq8D8QZ88IAK03HxdYEU.roa
Signing time:             Sun 30 Jun 2024 01:32:14 +0000
ROA not before:           Sun 30 Jun 2024 01:32:14 +0000
ROA not after:            Tue 24 Jun 2025 10:46:45 +0000
asID:                     10013
IP address blocks:        124.255.64.0/18 maxlen: 18

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/394/DXElrkzq4TNf5dQpqgMM6QcN8Zw.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/394/DXElrkzq4TNf5dQpqgMM6QcN8Zw.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/DXElrkzq4TNf5dQpqgMM6QcN8Zw.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 15:22:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 715 (0x2cb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0D7125AE4CEAE1335FE5D429AA030CE9070DF19C
        Validity
            Not Before: Jun 30 01:32:14 2024 GMT
            Not After : Jun 24 10:46:45 2025 GMT
        Subject: CN=047B439C06F0ABC0FC419F3C2002B4DC7C5D6045
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:30:98:e0:f2:a8:85:6c:29:1b:29:60:f2:89:
                    5d:08:d5:bc:a5:48:ec:67:d8:2c:68:3c:ee:b7:4d:
                    04:7c:c2:15:0a:47:48:0e:8f:2e:8e:b4:1a:d1:8e:
                    85:53:63:08:02:7a:ab:46:87:1f:18:56:6f:1d:86:
                    a0:93:f2:59:42:9b:8f:74:b8:5a:7f:1b:36:2e:8a:
                    a2:0c:67:31:83:f8:0a:3d:df:04:0a:ac:68:74:10:
                    a5:2a:b7:3a:14:4c:0b:f9:62:fb:4a:96:71:57:d0:
                    5c:04:0c:e2:e6:8e:ac:97:3d:e3:8b:fe:08:27:d0:
                    3b:3e:ab:0a:e9:b3:f5:3e:c3:60:1c:20:22:bc:ad:
                    2b:3d:2a:2d:56:ba:34:f1:95:98:f8:ba:1e:78:59:
                    a4:db:50:ac:a9:51:95:c0:e9:11:53:5d:b0:b5:17:
                    5c:2c:8b:c4:12:26:da:19:30:8b:88:08:65:81:40:
                    0c:43:78:47:ee:e8:89:32:4b:3e:36:9b:d9:b9:e8:
                    57:cc:50:d2:26:65:63:b4:d6:52:c4:18:bc:e6:26:
                    6b:5c:d5:da:de:5e:a0:2e:5f:73:02:27:fe:f3:c9:
                    92:f7:44:48:a8:da:d6:10:34:4e:80:54:6c:27:be:
                    c4:3b:8e:ff:7a:1a:01:75:05:a4:3d:36:aa:06:6c:
                    09:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:7B:43:9C:06:F0:AB:C0:FC:41:9F:3C:20:02:B4:DC:7C:5D:60:45
            X509v3 Authority Key Identifier:
                keyid:0D:71:25:AE:4C:EA:E1:33:5F:E5:D4:29:AA:03:0C:E9:07:0D:F1:9C

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/394/DXElrkzq4TNf5dQpqgMM6QcN8Zw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/DXElrkzq4TNf5dQpqgMM6QcN8Zw.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/394/BHtDnAbwq8D8QZ88IAK03HxdYEU.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  124.255.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         6c:ad:9e:14:24:ca:8c:e6:93:6a:a3:8a:14:45:ab:10:6b:c7:
         98:61:a1:dd:5d:51:4c:39:34:63:ca:78:c6:df:b4:e1:89:fd:
         df:51:93:59:2e:5f:f6:52:ea:64:10:7d:a2:86:ec:f7:17:31:
         1c:2d:fe:20:bf:ed:cd:8d:f7:ec:3a:cf:b7:98:f0:74:5a:3c:
         0a:85:9a:7d:fb:d3:e2:d5:35:2f:15:7a:83:04:91:4e:df:5b:
         ba:a8:4d:9f:13:90:eb:cd:07:fd:32:31:79:65:76:e7:e7:77:
         ba:f9:e5:ed:4d:31:93:08:bb:40:79:6e:1a:45:e5:5c:18:7a:
         30:47:c5:ec:1c:43:0a:f9:a5:db:9c:be:68:1b:ab:0b:5f:4d:
         09:45:57:c9:f4:cd:8b:52:73:6c:52:7f:69:c8:16:da:15:47:
         54:e2:d5:be:c5:2e:40:27:19:36:bc:02:a2:5d:80:d3:98:fa:
         c9:54:32:3c:0f:7b:5b:02:41:d5:5f:a0:ee:7b:1d:12:f7:21:
         76:c1:c1:9f:8c:cc:6a:fe:b1:51:0a:bc:d1:67:5f:99:cf:05:
         b5:f7:e0:47:ac:a1:85:6a:0b:f6:95:c1:88:a7:6c:5b:1f:d4:
         d9:42:6d:1c:95:5b:4f:4a:04:33:1d:73:cd:36:90:5e:62:20:
         cc:38:dd:64
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAsswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEQ3
MTI1QUU0Q0VBRTEzMzVGRTVENDI5QUEwMzBDRTkwNzBERjE5QzAeFw0yNDA2MzAw
MTMyMTRaFw0yNTA2MjQxMDQ2NDVaMDMxMTAvBgNVBAMTKDA0N0I0MzlDMDZGMEFC
QzBGQzQxOUYzQzIwMDJCNERDN0M1RDYwNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7MJjg8qiFbCkbKWDyiV0I1bylSOxn2CxoPO63TQR8whUKR0gO
jy6OtBrRjoVTYwgCeqtGhx8YVm8dhqCT8llCm490uFp/GzYuiqIMZzGD+Ao93wQK
rGh0EKUqtzoUTAv5YvtKlnFX0FwEDOLmjqyXPeOL/ggn0Ds+qwrps/U+w2AcICK8
rSs9Ki1WujTxlZj4uh54WaTbUKypUZXA6RFTXbC1F1wsi8QSJtoZMIuICGWBQAxD
eEfu6IkySz42m9m56FfMUNImZWO01lLEGLzmJmtc1dreXqAuX3MCJ/7zyZL3REio
2tYQNE6AVGwnvsQ7jv96GgF1BaQ9NqoGbAmtAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUBHtDnAbwq8D8QZ88IAK03HxdYEUwHwYDVR0jBBgwFoAUDXElrkzq4TNf5dQp
qgMM6QcN8ZwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzM5NC9EWEVscmt6cTRUTmY1ZFFwcWdNTTZRY044WncuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9EWEVscmt6cTRUTmY1ZFFwcWdNTTZR
Y044WncuY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzk0L0JIdERuQWJ3cThEOFFaODhJQUswM0h4ZFlFVS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZ8/0AwDQYJKoZIhvcNAQELBQADggEBAGytnhQkyozmk2qjihRFqxBrx5hh
od1dUUw5NGPKeMbftOGJ/d9Rk1kuX/ZS6mQQfaKG7PcXMRwt/iC/7c2N9+w6z7eY
8HRaPAqFmn370+LVNS8VeoMEkU7fW7qoTZ8TkOvNB/0yMXlldufnd7r55e1NMZMI
u0B5bhpF5VwYejBHxewcQwr5pducvmgbqwtfTQlFV8n0zYtSc2xSf2nIFtoVR1Ti
1b7FLkAnGTa8AqJdgNOY+slUMjwPe1sCQdVfoO57HRL3IXbBwZ+MzGr+sVEKvNFn
X5nPBbX34EesoYVqC/aVwYinbFsf1NlCbRyVW09KBDMdc802kF5iIMw43WQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:45:44 2024 by rpki-client on console-ams.rpki-client.org