Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/440/NI_2xJ7qy8E_bJPEOLUGJsR5oYw.roa
File:                     NI_2xJ7qy8E_bJPEOLUGJsR5oYw.roa (raw, json)
Hash identifier:          UQJi3KgvGvIknVZxGx1QZ1Qe+ve31uib9sMSEWqqwT4=
Subject key identifier:   34:8F:F6:C4:9E:EA:CB:C1:3F:6C:93:C4:38:B5:06:26:C4:79:A1:8C
Certificate issuer:       /CN=E62338DE332C6F4B9E2596EE5DC379A25EFE58CF
Certificate serial:       4E
Authority key identifier: E6:23:38:DE:33:2C:6F:4B:9E:25:96:EE:5D:C3:79:A2:5E:FE:58:CF
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/5iM43jMsb0ueJZbuXcN5ol7-WM8.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/440/NI_2xJ7qy8E_bJPEOLUGJsR5oYw.roa
Signing time:             Mon 01 Jan 2024 01:30:55 +0000
ROA not before:           Mon 01 Jan 2024 01:30:55 +0000
ROA not after:            Sat 14 Dec 2024 01:30:03 +0000
asID:                     17676
IP address blocks:        210.143.128.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/440/5iM43jMsb0ueJZbuXcN5ol7-WM8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/440/5iM43jMsb0ueJZbuXcN5ol7-WM8.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/5iM43jMsb0ueJZbuXcN5ol7-WM8.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 78 (0x4e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E62338DE332C6F4B9E2596EE5DC379A25EFE58CF
        Validity
            Not Before: Jan  1 01:30:55 2024 GMT
            Not After : Dec 14 01:30:03 2024 GMT
        Subject: CN=348FF6C49EEACBC13F6C93C438B50626C479A18C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:1e:01:aa:32:e2:8e:91:80:6e:2d:53:58:e6:
                    5c:98:f7:ac:a5:78:4b:8e:30:59:9d:b5:a0:bb:29:
                    c7:d9:2e:c5:59:27:07:9e:32:56:e2:c7:8a:db:c4:
                    59:46:98:68:7e:01:0b:cc:3d:48:0d:0c:cf:f4:7a:
                    5e:3d:6d:e4:98:7b:63:0c:57:2b:19:4c:27:92:e4:
                    ed:dc:48:54:5d:5f:04:28:15:6e:cf:53:59:e8:a4:
                    99:93:14:24:7b:5d:37:a2:41:8a:e3:c0:54:7c:c5:
                    4a:3d:3c:e7:31:f5:ae:84:2f:40:4e:17:da:76:ba:
                    01:a8:86:2a:47:b4:d5:a7:98:98:e7:cf:46:64:40:
                    58:1c:34:3c:82:23:c4:57:df:64:aa:ee:ec:10:98:
                    f5:68:3d:f8:da:a2:13:c9:ed:cd:20:db:0f:c3:76:
                    23:2e:97:9c:d4:32:be:fc:81:bd:d5:9f:31:00:27:
                    18:18:f6:86:b2:f5:e5:cb:d1:af:c9:41:f2:55:04:
                    32:24:47:97:10:59:16:85:da:5e:d9:0b:b9:3a:cd:
                    4d:03:ba:73:23:73:62:50:80:70:bf:fc:93:84:78:
                    8b:f7:a6:2d:d2:74:35:6a:ae:13:04:15:8a:0c:56:
                    22:ed:e1:12:12:8d:4d:d5:50:45:07:21:0c:74:2e:
                    90:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:8F:F6:C4:9E:EA:CB:C1:3F:6C:93:C4:38:B5:06:26:C4:79:A1:8C
            X509v3 Authority Key Identifier:
                keyid:E6:23:38:DE:33:2C:6F:4B:9E:25:96:EE:5D:C3:79:A2:5E:FE:58:CF

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/440/5iM43jMsb0ueJZbuXcN5ol7-WM8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/5iM43jMsb0ueJZbuXcN5ol7-WM8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/440/NI_2xJ7qy8E_bJPEOLUGJsR5oYw.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.143.128.0/20

    Signature Algorithm: sha256WithRSAEncryption
         d4:d6:d9:f6:16:47:42:46:45:4d:c8:12:f0:0f:20:fe:fb:ad:
         73:fb:a7:2d:81:f3:73:3f:9d:00:f6:94:ff:c7:49:fb:d2:00:
         45:de:94:63:fc:60:c3:e2:c4:3a:a2:6b:2e:c8:dc:84:dd:d8:
         64:d1:23:7b:3f:cf:f9:9d:7c:e2:60:48:d0:28:44:44:a2:6c:
         26:11:4c:a3:ee:36:6b:14:ba:6a:79:1c:0d:4c:54:85:13:a8:
         12:bc:5e:26:b0:cf:59:3c:b3:e8:f4:11:5a:ad:57:80:b7:f8:
         f1:0d:bb:89:56:38:b1:cd:c8:62:d5:92:ea:0c:c7:1c:ec:3e:
         ae:7e:6b:42:9b:71:a1:5c:5f:55:44:31:6a:9d:81:c6:3d:ab:
         d1:6d:35:76:2e:04:40:8e:8d:45:ea:1a:12:66:04:45:30:a0:
         f7:eb:f5:04:f5:dd:40:58:99:50:42:39:70:a1:c9:6d:b5:9f:
         0b:b2:b6:39:5c:85:1c:c4:12:6b:c2:09:7f:ee:da:4d:5a:8f:
         5e:ec:e3:57:6c:7c:8b:5e:22:16:ea:50:30:ad:01:df:bc:8a:
         87:88:07:fb:28:38:01:38:3f:9b:79:32:9a:f3:d9:12:bc:02:
         9f:e1:13:45:31:18:fd:6e:41:1e:00:09:42:76:a8:27:b8:27:
         7b:b3:f9:e2
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhFNjIz
MzhERTMzMkM2RjRCOUUyNTk2RUU1REMzNzlBMjVFRkU1OENGMB4XDTI0MDEwMTAx
MzA1NVoXDTI0MTIxNDAxMzAwM1owMzExMC8GA1UEAxMoMzQ4RkY2QzQ5RUVBQ0JD
MTNGNkM5M0M0MzhCNTA2MjZDNDc5QTE4QzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALIeAaoy4o6RgG4tU1jmXJj3rKV4S44wWZ21oLspx9kuxVknB54y
VuLHitvEWUaYaH4BC8w9SA0Mz/R6Xj1t5Jh7YwxXKxlMJ5Lk7dxIVF1fBCgVbs9T
WeikmZMUJHtdN6JBiuPAVHzFSj085zH1roQvQE4X2na6AaiGKke01aeYmOfPRmRA
WBw0PIIjxFffZKru7BCY9Wg9+NqiE8ntzSDbD8N2Iy6XnNQyvvyBvdWfMQAnGBj2
hrL15cvRr8lB8lUEMiRHlxBZFoXaXtkLuTrNTQO6cyNzYlCAcL/8k4R4i/emLdJ0
NWquEwQVigxWIu3hEhKNTdVQRQchDHQukA8CAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBQ0j/bEnurLwT9sk8Q4tQYmxHmhjDAfBgNVHSMEGDAWgBTmIzjeMyxvS54llu5d
w3miXv5YzzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvNDQwLzVpTTQzak1zYjB1ZUpaYnVYY041b2w3LVdNOC5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwLzVpTTQzak1zYjB1ZUpaYnVYY041b2w3
LVdNOC5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC80NDAvTklfMnhKN3F5OEVfYkpQRU9MVUdKc1I1b1l3LnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBNKPgDANBgkqhkiG9w0BAQsFAAOCAQEA1NbZ9hZHQkZFTcgS8A8g/vutc/un
LYHzcz+dAPaU/8dJ+9IARd6UY/xgw+LEOqJrLsjchN3YZNEjez/P+Z184mBI0ChE
RKJsJhFMo+42axS6ankcDUxUhROoErxeJrDPWTyz6PQRWq1XgLf48Q27iVY4sc3I
YtWS6gzHHOw+rn5rQptxoVxfVUQxap2Bxj2r0W01di4EQI6NReoaEmYERTCg9+v1
BPXdQFiZUEI5cKHJbbWfC7K2OVyFHMQSa8IJf+7aTVqPXuzjV2x8i14iFupQMK0B
37yKh4gH+yg4ATg/m3kymvPZErwCn+ETRTEY/W5BHgAJQnaoJ7gne7P54g==
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:31:57 2024 by rpki-client on console-ams.rpki-client.org