Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/43/JFeKNuNrR1YbiCKXv3zuyF5tdPU.roa
File:                     JFeKNuNrR1YbiCKXv3zuyF5tdPU.roa (raw, json)
Hash identifier:          b0k85Gqz2VOIawlj1zm0aEXnc1IfsuaO3QXIl42ioC4=
Subject key identifier:   24:57:8A:36:E3:6B:47:56:1B:88:22:97:BF:7C:EE:C8:5E:6D:74:F5
Certificate issuer:       /CN=095A182FA18D458233284AA8DC88BD075E5D702D
Certificate serial:       0131
Authority key identifier: 09:5A:18:2F:A1:8D:45:82:33:28:4A:A8:DC:88:BD:07:5E:5D:70:2D
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/CVoYL6GNRYIzKEqo3Ii9B15dcC0.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/43/JFeKNuNrR1YbiCKXv3zuyF5tdPU.roa
Signing time:             Mon 01 Jan 2024 01:30:26 +0000
ROA not before:           Mon 01 Jan 2024 01:30:26 +0000
ROA not after:            Sat 14 Dec 2024 01:30:03 +0000
asID:                     2527
IP address blocks:        219.104.192.0/18 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/43/CVoYL6GNRYIzKEqo3Ii9B15dcC0.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/43/CVoYL6GNRYIzKEqo3Ii9B15dcC0.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/CVoYL6GNRYIzKEqo3Ii9B15dcC0.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 02 Dec 2024 22:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 305 (0x131)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=095A182FA18D458233284AA8DC88BD075E5D702D
        Validity
            Not Before: Jan  1 01:30:26 2024 GMT
            Not After : Dec 14 01:30:03 2024 GMT
        Subject: CN=24578A36E36B47561B882297BF7CEEC85E6D74F5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:98:97:93:6f:37:43:e6:3a:68:b7:f8:93:3a:
                    86:61:f8:59:a1:60:13:34:37:78:02:b6:cd:4d:c1:
                    4b:d6:c3:0f:1f:0c:28:42:00:0a:33:93:f6:b4:b9:
                    db:98:ff:d6:b1:43:f2:e8:0a:55:ca:74:fc:97:4e:
                    d0:f2:e5:e2:9e:dc:b1:cc:fe:1f:55:3e:77:31:7f:
                    5a:ed:04:7e:3f:b8:f3:11:57:96:47:04:68:13:32:
                    b2:ab:3e:62:43:3f:72:92:dd:22:6e:5a:37:d5:eb:
                    1d:b2:d8:13:c2:b6:bc:ed:21:37:49:52:d1:30:ad:
                    f6:81:1d:01:3a:0f:38:67:f2:d9:55:ea:70:69:64:
                    ad:ee:fd:8f:a4:d5:6a:ef:ec:d2:7f:67:60:45:72:
                    56:a5:00:eb:d0:7a:9d:a7:00:ad:ec:4d:94:e4:0b:
                    bc:b2:ab:53:de:13:e8:6d:7b:cc:50:5f:a0:84:f0:
                    2d:3e:e5:30:63:ad:f3:70:de:c8:dd:32:86:bb:eb:
                    45:f5:2e:42:35:ff:f7:bf:59:59:f3:24:2a:52:99:
                    25:74:55:2e:71:67:b6:62:db:70:4a:48:ed:de:ec:
                    01:fe:d4:46:7d:2c:fa:39:17:de:24:14:e4:a1:0d:
                    d2:e9:0c:39:bd:50:1e:f9:4c:27:57:4e:48:fd:c8:
                    68:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:57:8A:36:E3:6B:47:56:1B:88:22:97:BF:7C:EE:C8:5E:6D:74:F5
            X509v3 Authority Key Identifier:
                keyid:09:5A:18:2F:A1:8D:45:82:33:28:4A:A8:DC:88:BD:07:5E:5D:70:2D

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/43/CVoYL6GNRYIzKEqo3Ii9B15dcC0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/CVoYL6GNRYIzKEqo3Ii9B15dcC0.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/43/JFeKNuNrR1YbiCKXv3zuyF5tdPU.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  219.104.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         63:7e:58:aa:6b:df:08:0b:7f:4b:19:4d:84:30:96:4b:05:3f:
         89:f4:23:f6:0d:4f:b3:e9:6b:64:9d:f6:57:ff:31:2d:8d:d1:
         a6:8f:7a:17:94:d6:38:be:be:af:23:39:48:cf:e9:e0:bd:b6:
         46:e4:fb:da:a5:17:85:42:89:4f:97:be:91:ce:f5:21:c2:a7:
         ea:29:9b:d3:84:97:dd:d4:66:e8:ae:c4:b0:e0:39:38:c2:6b:
         1a:c7:7c:06:54:d0:fb:e8:d2:f7:ca:6c:9c:48:b9:30:e4:b5:
         26:52:7a:25:7b:a8:5a:b3:34:e3:cd:74:2c:df:5b:64:c6:c6:
         3e:cc:ce:c9:90:08:6c:c9:84:da:ec:45:54:09:1f:cf:2a:3c:
         6b:a8:7f:d6:ae:4c:38:9b:7e:5c:08:46:26:41:1a:e7:46:fc:
         a7:b5:45:7d:b5:19:2e:2d:36:73:7b:3c:59:80:4a:d7:a2:d4:
         1b:c2:b9:59:de:01:2b:fb:fd:bd:59:10:12:f2:c4:d5:b3:a2:
         4b:05:0d:5a:e7:d1:9a:0d:e2:85:00:a0:9a:70:aa:36:79:dd:
         4a:1a:22:87:49:49:25:75:76:9e:75:3d:98:af:78:86:17:43:
         d8:cb:db:cf:95:8e:43:d0:f2:fb:77:a8:56:7f:79:89:98:28:
         21:d9:d8:eb
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgICATEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDk1
QTE4MkZBMThENDU4MjMzMjg0QUE4REM4OEJEMDc1RTVENzAyRDAeFw0yNDAxMDEw
MTMwMjZaFw0yNDEyMTQwMTMwMDNaMDMxMTAvBgNVBAMTKDI0NTc4QTM2RTM2QjQ3
NTYxQjg4MjI5N0JGN0NFRUM4NUU2RDc0RjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDImJeTbzdD5jpot/iTOoZh+FmhYBM0N3gCts1NwUvWww8fDChC
AAozk/a0uduY/9axQ/LoClXKdPyXTtDy5eKe3LHM/h9VPncxf1rtBH4/uPMRV5ZH
BGgTMrKrPmJDP3KS3SJuWjfV6x2y2BPCtrztITdJUtEwrfaBHQE6Dzhn8tlV6nBp
ZK3u/Y+k1Wrv7NJ/Z2BFclalAOvQep2nAK3sTZTkC7yyq1PeE+hte8xQX6CE8C0+
5TBjrfNw3sjdMoa760X1LkI1//e/WVnzJCpSmSV0VS5xZ7Zi23BKSO3e7AH+1EZ9
LPo5F94kFOShDdLpDDm9UB75TCdXTkj9yGidAgMBAAGjggIiMIICHjAdBgNVHQ4E
FgQUJFeKNuNrR1YbiCKXv3zuyF5tdPUwHwYDVR0jBBgwFoAUCVoYL6GNRYIzKEqo
3Ii9B15dcC0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBlBgNVHR8EXjBcMFqg
WKBWhlRyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzQzL0NWb1lMNkdOUllJektFcW8zSWk5QjE1ZGNDMC5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL0NWb1lMNkdOUllJektFcW8zSWk5QjE1
ZGNDMC5jZXIwDgYDVR0PAQH/BAQDAgeAMIG6BggrBgEFBQcBCwSBrTCBqjBgBggr
BgEFBQcwC4ZUcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC80My9KRmVLTnVOclIxWWJpQ0tYdjN6dXlGNXRkUFUucm9hMEYG
CCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvcnJk
cC9hcC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQG22jAMA0GCSqGSIb3DQEBCwUAA4IBAQBjfliqa98IC39LGU2EMJZLBT+J9CP2
DU+z6WtknfZX/zEtjdGmj3oXlNY4vr6vIzlIz+ngvbZG5PvapReFQolPl76RzvUh
wqfqKZvThJfd1GborsSw4Dk4wmsax3wGVND76NL3ymycSLkw5LUmUnole6haszTj
zXQs31tkxsY+zM7JkAhsyYTa7EVUCR/PKjxrqH/Wrkw4m35cCEYmQRrnRvyntUV9
tRkuLTZzezxZgErXotQbwrlZ3gEr+/29WRAS8sTVs6JLBQ1a59GaDeKFAKCacKo2
ed1KGiKHSUkldXaedT2Yr3iGF0PYy9vPlY5D0PL7d6hWf3mJmCgh2djr
-----END CERTIFICATE-----
Generated at Mon Nov 25 23:59:14 2024 by rpki-client on console-fra.rpki-client.org