Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/462/vnULoDDBxyUDM8n535GqM3H0m90.roa
File:                     vnULoDDBxyUDM8n535GqM3H0m90.roa (raw, json)
Hash identifier:          jaDl/AgNnXqbK1SRz3ULX9pmtL/SUF5mUSnCgWrQXcM=
Subject key identifier:   BE:75:0B:A0:30:C1:C7:25:03:33:C9:F9:DF:91:AA:33:71:F4:9B:DD
Certificate issuer:       /CN=43917B23074524E9E6EA8E40FA4A0672C9620318
Certificate serial:       4E
Authority key identifier: 43:91:7B:23:07:45:24:E9:E6:EA:8E:40:FA:4A:06:72:C9:62:03:18
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Q5F7IwdFJOnm6o5A-koGcsliAxg.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/462/vnULoDDBxyUDM8n535GqM3H0m90.roa
Signing time:             Sun 31 Mar 2024 01:30:02 +0000
ROA not before:           Sun 31 Mar 2024 01:30:02 +0000
ROA not after:            Sat 15 Mar 2025 01:30:02 +0000
asID:                     10019
IP address blocks:        61.122.208.0/20 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/462/Q5F7IwdFJOnm6o5A-koGcsliAxg.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/462/Q5F7IwdFJOnm6o5A-koGcsliAxg.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Q5F7IwdFJOnm6o5A-koGcsliAxg.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 01:30:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 78 (0x4e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43917B23074524E9E6EA8E40FA4A0672C9620318
        Validity
            Not Before: Mar 31 01:30:02 2024 GMT
            Not After : Mar 15 01:30:02 2025 GMT
        Subject: CN=BE750BA030C1C7250333C9F9DF91AA3371F49BDD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:3b:1f:0a:cf:85:9e:05:f7:7c:b9:c4:06:a2:
                    a4:09:8c:59:2e:f6:cd:4c:08:1b:10:3e:34:ce:33:
                    77:07:4e:52:13:20:76:93:20:51:ba:41:40:22:c2:
                    02:f0:08:40:0f:33:fb:1a:9d:a6:b2:71:88:e2:ea:
                    80:f4:e3:c4:92:31:bc:f2:2f:bb:31:65:b6:f0:43:
                    2b:e7:38:72:a2:92:a2:82:18:2e:3d:74:ec:95:18:
                    31:7f:53:64:51:b8:e3:4a:74:6f:8c:ff:c9:fe:ed:
                    00:42:b0:b3:27:2c:79:2e:27:a8:5e:7c:67:3d:40:
                    68:a6:e1:d9:62:b2:b6:b3:23:71:7f:c7:67:e8:ed:
                    46:51:cb:70:03:ff:5a:99:68:29:16:3f:c9:e0:fb:
                    28:ce:31:27:b7:9a:07:17:a1:3d:80:55:55:c6:35:
                    d2:f4:aa:f0:53:47:3f:8a:cb:25:e9:1d:d5:78:be:
                    4e:dc:e3:c5:4d:54:8a:25:b5:88:75:3e:d2:46:c4:
                    70:b6:5a:49:e7:03:f9:30:71:9f:12:5b:2a:cd:c6:
                    82:a0:bd:f6:36:cc:0e:c8:04:0e:e3:0a:fe:da:29:
                    12:9a:ec:b5:05:80:79:9d:e5:26:7b:e7:34:63:cc:
                    f8:5d:5a:bc:83:a9:af:25:ed:a5:fc:15:84:36:51:
                    ee:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:75:0B:A0:30:C1:C7:25:03:33:C9:F9:DF:91:AA:33:71:F4:9B:DD
            X509v3 Authority Key Identifier:
                keyid:43:91:7B:23:07:45:24:E9:E6:EA:8E:40:FA:4A:06:72:C9:62:03:18

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/462/Q5F7IwdFJOnm6o5A-koGcsliAxg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Q5F7IwdFJOnm6o5A-koGcsliAxg.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/462/vnULoDDBxyUDM8n535GqM3H0m90.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.122.208.0/20

    Signature Algorithm: sha256WithRSAEncryption
         65:85:30:93:ce:90:d7:7c:7b:6a:d0:6b:c6:d0:96:b5:b9:f4:
         48:59:35:84:f4:24:62:9c:66:a0:8c:76:8e:f9:28:da:2c:b5:
         a9:55:86:df:20:17:42:b8:f6:84:41:79:6b:f7:45:6e:68:6f:
         23:08:57:26:80:3f:3f:ed:b0:d0:cf:61:89:e9:11:6d:07:58:
         06:e6:ce:75:7a:02:ae:cc:a4:b3:ab:04:5b:45:35:85:b0:a0:
         b0:ed:a6:b0:a3:8a:f4:fb:94:b0:f6:c0:03:a8:33:7d:ca:db:
         ea:2d:c3:cb:f3:2b:68:bf:3b:a0:a7:1e:b0:61:c0:98:8c:e9:
         52:b9:4c:79:ce:f9:39:f5:b2:07:db:82:c2:d1:fe:86:62:1b:
         09:d9:c8:7e:1b:30:1f:43:39:6a:c7:40:6d:79:6f:83:df:5b:
         7b:45:0c:5f:06:a1:e8:b2:8a:4f:bd:7e:ce:3e:9e:9d:5e:0a:
         6d:75:95:8b:00:fb:82:5f:5c:89:78:fd:1b:f9:ba:5e:34:ce:
         06:c1:3d:37:a5:a4:f1:c1:4d:dc:ce:f8:76:99:d7:51:b8:4b:
         82:53:6d:80:89:ad:da:57:d6:5a:09:ba:84:e9:91:4b:80:bc:
         21:7f:4c:cf:96:9c:85:08:6c:0e:94:9a:8b:0a:83:6d:6a:26:
         91:66:ac:9d
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0Mzkx
N0IyMzA3NDUyNEU5RTZFQThFNDBGQTRBMDY3MkM5NjIwMzE4MB4XDTI0MDMzMTAx
MzAwMloXDTI1MDMxNTAxMzAwMlowMzExMC8GA1UEAxMoQkU3NTBCQTAzMEMxQzcy
NTAzMzNDOUY5REY5MUFBMzM3MUY0OUJERDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALw7HwrPhZ4F93y5xAaipAmMWS72zUwIGxA+NM4zdwdOUhMgdpMg
UbpBQCLCAvAIQA8z+xqdprJxiOLqgPTjxJIxvPIvuzFltvBDK+c4cqKSooIYLj10
7JUYMX9TZFG440p0b4z/yf7tAEKwsycseS4nqF58Zz1AaKbh2WKytrMjcX/HZ+jt
RlHLcAP/WploKRY/yeD7KM4xJ7eaBxehPYBVVcY10vSq8FNHP4rLJekd1Xi+Ttzj
xU1UiiW1iHU+0kbEcLZaSecD+TBxnxJbKs3GgqC99jbMDsgEDuMK/topEprstQWA
eZ3lJnvnNGPM+F1avIOpryXtpfwVhDZR7hkCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBS+dQugMMHHJQMzyfnfkaozcfSb3TAfBgNVHSMEGDAWgBRDkXsjB0Uk6ebqjkD6
SgZyyWIDGDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvNDYyL1E1RjdJd2RGSk9ubTZvNUEta29HY3NsaUF4Zy5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL1E1RjdJd2RGSk9ubTZvNUEta29HY3Ns
aUF4Zy5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC80NjIvdm5VTG9EREJ4eVVETThuNTM1R3FNM0gwbTkwLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBD160DANBgkqhkiG9w0BAQsFAAOCAQEAZYUwk86Q13x7atBrxtCWtbn0SFk1
hPQkYpxmoIx2jvko2iy1qVWG3yAXQrj2hEF5a/dFbmhvIwhXJoA/P+2w0M9hiekR
bQdYBubOdXoCrsyks6sEW0U1hbCgsO2msKOK9PuUsPbAA6gzfcrb6i3Dy/MraL87
oKcesGHAmIzpUrlMec75OfWyB9uCwtH+hmIbCdnIfhswH0M5asdAbXlvg99be0UM
Xwah6LKKT71+zj6enV4KbXWViwD7gl9ciXj9G/m6XjTOBsE9N6Wk8cFN3M74dpnX
UbhLglNtgImt2lfWWgm6hOmRS4C8IX9Mz5achQhsDpSaiwqDbWomkWasnQ==
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:01:44 2024 by rpki-client on console-fra.rpki-client.org