Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/394/nLiJUzumn4Y5eRfM8rwHEYTkVYU.roa
File:                     nLiJUzumn4Y5eRfM8rwHEYTkVYU.roa (raw, json)
Hash identifier:          qjlGg5gx7E6KQZPzEuHxEJPvE4bkIoKsH7xIWiMJc78=
Subject key identifier:   9C:B8:89:53:3B:A6:9F:86:39:79:17:CC:F2:BC:07:11:84:E4:55:85
Certificate issuer:       /CN=0D7125AE4CEAE1335FE5D429AA030CE9070DF19C
Certificate serial:       02AA
Authority key identifier: 0D:71:25:AE:4C:EA:E1:33:5F:E5:D4:29:AA:03:0C:E9:07:0D:F1:9C
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/DXElrkzq4TNf5dQpqgMM6QcN8Zw.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/394/nLiJUzumn4Y5eRfM8rwHEYTkVYU.roa
Signing time:             Fri 31 May 2024 01:41:36 +0000
ROA not before:           Fri 31 May 2024 01:41:36 +0000
ROA not after:            Thu 15 May 2025 01:30:03 +0000
asID:                     10013
IP address blocks:        153.120.192.0/20 maxlen: 20

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/394/DXElrkzq4TNf5dQpqgMM6QcN8Zw.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/394/DXElrkzq4TNf5dQpqgMM6QcN8Zw.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/DXElrkzq4TNf5dQpqgMM6QcN8Zw.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 02 Dec 2024 22:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 682 (0x2aa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0D7125AE4CEAE1335FE5D429AA030CE9070DF19C
        Validity
            Not Before: May 31 01:41:36 2024 GMT
            Not After : May 15 01:30:03 2025 GMT
        Subject: CN=9CB889533BA69F86397917CCF2BC071184E45585
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:c2:46:e9:56:e4:50:f9:01:03:33:a8:b1:61:
                    49:99:20:1b:87:1d:01:8d:d7:2f:e2:50:db:71:34:
                    9a:47:63:c5:ff:72:b6:6b:cf:61:08:06:e7:6d:9a:
                    69:f0:1d:74:32:e1:d7:8a:9f:c2:bc:0e:8f:9e:12:
                    ac:dd:21:b6:48:d9:3d:e2:d2:5c:58:8c:18:2c:e1:
                    b2:c5:ba:e4:67:1e:76:62:ab:de:15:0b:80:97:00:
                    bd:a2:f5:39:d0:12:87:20:94:61:5a:0b:00:3a:0f:
                    22:0d:6c:52:41:58:83:09:79:79:2f:17:fd:39:1f:
                    8c:57:f6:d5:5f:d0:0e:f8:d6:33:a7:2e:3a:fc:26:
                    e2:18:f2:ea:11:07:d9:9c:11:52:83:3e:93:6d:87:
                    03:1f:6c:9b:e1:98:03:05:8e:b8:ea:76:b7:77:73:
                    83:d4:c9:05:65:d9:d4:3a:93:d6:f7:05:e9:0c:96:
                    1d:17:ec:65:1f:3d:ec:a9:12:38:33:0a:92:da:7e:
                    3c:40:c9:eb:1d:70:8b:79:e6:9e:43:fc:ce:ae:f1:
                    38:93:8b:19:43:72:10:9e:51:49:35:3a:27:66:75:
                    49:f0:de:0e:b8:91:ad:5f:88:cb:26:be:69:cb:bb:
                    06:46:28:4f:f5:fa:17:7a:2c:84:68:ea:c0:8d:a8:
                    2a:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:B8:89:53:3B:A6:9F:86:39:79:17:CC:F2:BC:07:11:84:E4:55:85
            X509v3 Authority Key Identifier:
                keyid:0D:71:25:AE:4C:EA:E1:33:5F:E5:D4:29:AA:03:0C:E9:07:0D:F1:9C

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/394/DXElrkzq4TNf5dQpqgMM6QcN8Zw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/DXElrkzq4TNf5dQpqgMM6QcN8Zw.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/394/nLiJUzumn4Y5eRfM8rwHEYTkVYU.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  153.120.192.0/20

    Signature Algorithm: sha256WithRSAEncryption
         6e:3f:fb:b6:21:ff:ac:5a:21:bc:7c:e5:d5:0a:73:de:82:11:
         9c:ba:35:1e:bc:02:2f:0f:3d:73:3e:16:26:8e:8f:7d:57:a4:
         17:9f:71:8b:68:aa:2b:97:d6:90:08:71:fe:04:1d:71:30:fb:
         52:d8:8f:cb:56:00:34:32:60:8a:ca:d2:f1:7a:87:a3:dd:3b:
         48:98:34:98:cc:7c:6b:99:82:f1:bb:13:92:a6:91:85:da:28:
         99:b9:ba:a1:d9:cf:61:9a:d0:68:22:19:62:99:dd:cf:8f:ce:
         3f:0f:23:41:34:af:d1:84:5e:8d:ad:5a:7d:79:88:d4:93:35:
         c8:7d:16:4c:f8:e2:3e:8c:cc:9f:da:71:49:1c:04:0e:90:fe:
         91:4c:27:44:23:1c:c1:2d:3a:e1:50:80:64:00:74:15:07:35:
         1f:ea:9a:42:7e:13:90:3d:9b:2f:12:dc:b9:cb:5c:1c:3b:39:
         fe:b1:d0:db:86:a8:08:22:8b:b3:cd:c5:38:3a:e4:d1:dd:f0:
         36:a4:77:df:70:b0:d6:07:f0:58:54:4a:df:73:e2:42:a6:42:
         9e:21:af:7b:e1:f7:1a:97:c5:21:ca:71:02:7e:a6:15:cd:f9:
         77:11:1b:e2:72:0c:5c:36:4f:21:26:7b:32:47:9a:7b:e5:9f:
         9a:05:08:a7
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAqowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEQ3
MTI1QUU0Q0VBRTEzMzVGRTVENDI5QUEwMzBDRTkwNzBERjE5QzAeFw0yNDA1MzEw
MTQxMzZaFw0yNTA1MTUwMTMwMDNaMDMxMTAvBgNVBAMTKDlDQjg4OTUzM0JBNjlG
ODYzOTc5MTdDQ0YyQkMwNzExODRFNDU1ODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcwkbpVuRQ+QEDM6ixYUmZIBuHHQGN1y/iUNtxNJpHY8X/crZr
z2EIBudtmmnwHXQy4deKn8K8Do+eEqzdIbZI2T3i0lxYjBgs4bLFuuRnHnZiq94V
C4CXAL2i9TnQEocglGFaCwA6DyINbFJBWIMJeXkvF/05H4xX9tVf0A741jOnLjr8
JuIY8uoRB9mcEVKDPpNthwMfbJvhmAMFjrjqdrd3c4PUyQVl2dQ6k9b3BekMlh0X
7GUfPeypEjgzCpLafjxAyesdcIt55p5D/M6u8TiTixlDchCeUUk1OidmdUnw3g64
ka1fiMsmvmnLuwZGKE/1+hd6LIRo6sCNqCpZAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUnLiJUzumn4Y5eRfM8rwHEYTkVYUwHwYDVR0jBBgwFoAUDXElrkzq4TNf5dQp
qgMM6QcN8ZwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzM5NC9EWEVscmt6cTRUTmY1ZFFwcWdNTTZRY044WncuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9EWEVscmt6cTRUTmY1ZFFwcWdNTTZR
Y044WncuY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzk0L25MaUpVenVtbjRZNWVSZk04cndIRVlUa1ZZVS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBASZeMAwDQYJKoZIhvcNAQELBQADggEBAG4/+7Yh/6xaIbx85dUKc96CEZy6
NR68Ai8PPXM+FiaOj31XpBefcYtoqiuX1pAIcf4EHXEw+1LYj8tWADQyYIrK0vF6
h6PdO0iYNJjMfGuZgvG7E5KmkYXaKJm5uqHZz2Ga0GgiGWKZ3c+Pzj8PI0E0r9GE
Xo2tWn15iNSTNch9Fkz44j6MzJ/acUkcBA6Q/pFMJ0QjHMEtOuFQgGQAdBUHNR/q
mkJ+E5A9my8S3LnLXBw7Of6x0NuGqAgii7PNxTg65NHd8Dakd99wsNYH8FhUSt9z
4kKmQp4hr3vh9xqXxSHKcQJ+phXN+XcRG+JyDFw2TyEmezJHmnvln5oFCKc=
-----END CERTIFICATE-----
Generated at Mon Nov 25 23:54:44 2024 by rpki-client on console-ams.rpki-client.org