Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/462/gDSvSXvG5LV11vKduwT7BgfvbBU.roa
File:                     gDSvSXvG5LV11vKduwT7BgfvbBU.roa (raw, json)
Hash identifier:          /IjULXusdJrgbW9nSgRD2RcbwA2OPbTS/Mdb4/EKCkM=
Subject key identifier:   80:34:AF:49:7B:C6:E4:B5:75:D6:F2:9D:BB:04:FB:06:07:EF:6C:15
Certificate issuer:       /CN=43917B23074524E9E6EA8E40FA4A0672C9620318
Certificate serial:       54
Authority key identifier: 43:91:7B:23:07:45:24:E9:E6:EA:8E:40:FA:4A:06:72:C9:62:03:18
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Q5F7IwdFJOnm6o5A-koGcsliAxg.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/462/gDSvSXvG5LV11vKduwT7BgfvbBU.roa
Signing time:             Sun 31 Mar 2024 01:30:05 +0000
ROA not before:           Sun 31 Mar 2024 01:30:05 +0000
ROA not after:            Sat 15 Mar 2025 01:30:02 +0000
asID:                     10019
IP address blocks:        218.45.32.0/20 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/462/Q5F7IwdFJOnm6o5A-koGcsliAxg.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/462/Q5F7IwdFJOnm6o5A-koGcsliAxg.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Q5F7IwdFJOnm6o5A-koGcsliAxg.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 84 (0x54)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43917B23074524E9E6EA8E40FA4A0672C9620318
        Validity
            Not Before: Mar 31 01:30:05 2024 GMT
            Not After : Mar 15 01:30:02 2025 GMT
        Subject: CN=8034AF497BC6E4B575D6F29DBB04FB0607EF6C15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:ba:96:fa:9f:1a:4b:69:fe:2f:a4:30:1c:5e:
                    f7:83:4c:07:25:de:03:b5:69:af:ff:66:5e:9b:9b:
                    f8:5c:87:8d:b6:9a:c2:a1:d9:44:8c:02:3b:1d:68:
                    8d:13:64:6a:09:7d:c1:68:f6:0c:73:3e:4c:bb:91:
                    99:8a:27:61:ef:87:b2:2c:d5:3c:96:d7:09:9d:55:
                    2b:66:68:1f:65:68:55:97:41:22:7f:fd:72:ca:95:
                    02:b3:b7:25:11:2a:68:c9:94:b8:af:88:89:98:26:
                    c6:5d:ee:d2:f4:f4:e1:89:7e:e2:1e:46:d2:78:ad:
                    8b:60:e6:49:94:f6:70:c1:80:73:7a:7d:e5:5d:54:
                    72:93:4e:38:59:99:2a:4f:53:a0:8a:e1:cd:39:9f:
                    27:91:39:ba:13:79:78:d5:4c:05:d9:90:97:ca:c0:
                    1c:f4:c9:fc:2a:30:8c:e4:e4:94:aa:fe:27:89:68:
                    78:9f:95:c6:1c:e8:d6:51:07:02:98:27:77:85:1c:
                    23:b6:1f:4e:81:b3:e1:bb:3c:40:49:84:2b:c5:99:
                    e5:3d:cd:a7:e4:cb:3b:9c:cb:f0:da:f2:db:3b:aa:
                    09:74:46:47:b9:56:5d:1a:8e:de:43:a1:ff:63:f0:
                    ad:39:56:cb:50:6a:bb:25:65:c7:bd:3b:e0:d9:1c:
                    7b:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:34:AF:49:7B:C6:E4:B5:75:D6:F2:9D:BB:04:FB:06:07:EF:6C:15
            X509v3 Authority Key Identifier:
                keyid:43:91:7B:23:07:45:24:E9:E6:EA:8E:40:FA:4A:06:72:C9:62:03:18

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/462/Q5F7IwdFJOnm6o5A-koGcsliAxg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Q5F7IwdFJOnm6o5A-koGcsliAxg.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/462/gDSvSXvG5LV11vKduwT7BgfvbBU.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  218.45.32.0/20

    Signature Algorithm: sha256WithRSAEncryption
         17:72:73:d2:ef:0e:d0:3f:3e:36:4d:a5:3b:cc:9c:1a:00:2d:
         c5:9d:e4:b6:88:77:02:6f:a8:4c:69:ac:1a:38:80:67:b8:db:
         2c:11:c6:b6:92:0d:f8:00:be:44:b8:75:e3:b7:73:42:08:57:
         76:1d:f3:27:cf:d6:a1:39:96:b2:23:26:29:ed:08:50:b6:5c:
         1b:cc:4a:2d:74:42:64:69:3a:7b:0c:4a:f1:1d:c2:c8:94:c0:
         c6:cf:41:ff:7b:8c:df:7d:69:f9:f3:fe:29:1b:d3:b0:d4:fa:
         07:e5:ff:b3:8a:17:15:c7:d3:c8:bc:53:53:98:9d:ad:ec:e9:
         cf:81:92:f3:35:c9:f7:21:4c:15:32:6d:be:95:37:22:81:04:
         ec:2e:5d:cf:5a:d1:5c:5a:e7:a6:08:e3:c6:93:d3:31:dd:a5:
         6b:d5:c7:78:52:8f:dc:27:03:3e:3d:15:99:ff:e9:d6:3e:92:
         36:94:0c:a3:86:18:89:f0:2d:17:97:49:22:23:8f:cd:93:4e:
         0d:28:4a:cf:be:a6:77:9e:f0:19:7c:c8:79:a9:2d:de:fb:d9:
         98:2e:7e:e6:1f:0a:0c:df:7e:85:79:a5:e9:5d:1a:45:bf:b9:
         ac:e4:f9:45:42:f8:38:12:2a:58:a5:1e:c1:2a:c7:60:e0:39:
         24:d6:6a:b9
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBVDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0Mzkx
N0IyMzA3NDUyNEU5RTZFQThFNDBGQTRBMDY3MkM5NjIwMzE4MB4XDTI0MDMzMTAx
MzAwNVoXDTI1MDMxNTAxMzAwMlowMzExMC8GA1UEAxMoODAzNEFGNDk3QkM2RTRC
NTc1RDZGMjlEQkIwNEZCMDYwN0VGNkMxNTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAK66lvqfGktp/i+kMBxe94NMByXeA7Vpr/9mXpub+FyHjbaawqHZ
RIwCOx1ojRNkagl9wWj2DHM+TLuRmYonYe+HsizVPJbXCZ1VK2ZoH2VoVZdBIn/9
csqVArO3JREqaMmUuK+IiZgmxl3u0vT04Yl+4h5G0niti2DmSZT2cMGAc3p95V1U
cpNOOFmZKk9ToIrhzTmfJ5E5uhN5eNVMBdmQl8rAHPTJ/CowjOTklKr+J4loeJ+V
xhzo1lEHApgnd4UcI7YfToGz4bs8QEmEK8WZ5T3Np+TLO5zL8Nry2zuqCXRGR7lW
XRqO3kOh/2PwrTlWy1BquyVlx7074Nkce0ECAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBSANK9Je8bktXXW8p27BPsGB+9sFTAfBgNVHSMEGDAWgBRDkXsjB0Uk6ebqjkD6
SgZyyWIDGDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvNDYyL1E1RjdJd2RGSk9ubTZvNUEta29HY3NsaUF4Zy5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL1E1RjdJd2RGSk9ubTZvNUEta29HY3Ns
aUF4Zy5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC80NjIvZ0RTdlNYdkc1TFYxMXZLZHV3VDdCZ2Z2YkJVLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBNotIDANBgkqhkiG9w0BAQsFAAOCAQEAF3Jz0u8O0D8+Nk2lO8ycGgAtxZ3k
toh3Am+oTGmsGjiAZ7jbLBHGtpIN+AC+RLh147dzQghXdh3zJ8/WoTmWsiMmKe0I
ULZcG8xKLXRCZGk6ewxK8R3CyJTAxs9B/3uM331p+fP+KRvTsNT6B+X/s4oXFcfT
yLxTU5idrezpz4GS8zXJ9yFMFTJtvpU3IoEE7C5dz1rRXFrnpgjjxpPTMd2la9XH
eFKP3CcDPj0Vmf/p1j6SNpQMo4YYifAtF5dJIiOPzZNODShKz76md57wGXzIeakt
3vvZmC5+5h8KDN9+hXml6V0aRb+5rOT5RUL4OBIqWKUewSrHYOA5JNZquQ==
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:31:58 2024 by rpki-client on console-ams.rpki-client.org