Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/524/wePQueBlW5OJTg_JXfpbDq3P_lY.roa
File:                     wePQueBlW5OJTg_JXfpbDq3P_lY.roa (raw, json)
Hash identifier:          TdRQDGpGt0ttUgPikNxxRIq2AXlMl3xGDxARR+pAobw=
Subject key identifier:   C1:E3:D0:B9:E0:65:5B:93:89:4E:0F:C9:5D:FA:5B:0E:AD:CF:FE:56
Certificate issuer:       /CN=EE13ACCF7E77B0292AE17B05340211C8F971760B
Certificate serial:       12
Authority key identifier: EE:13:AC:CF:7E:77:B0:29:2A:E1:7B:05:34:02:11:C8:F9:71:76:0B
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/7hOsz353sCkq4XsFNAIRyPlxdgs.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/524/wePQueBlW5OJTg_JXfpbDq3P_lY.roa
Signing time:             Tue 28 Nov 2023 04:59:26 +0000
ROA not before:           Tue 28 Nov 2023 04:59:26 +0000
ROA not after:            Thu 14 Nov 2024 01:30:03 +0000
asID:                     2516
IP address blocks:        106.72.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/524/7hOsz353sCkq4XsFNAIRyPlxdgs.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/524/7hOsz353sCkq4XsFNAIRyPlxdgs.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/7hOsz353sCkq4XsFNAIRyPlxdgs.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 21 Jun 2024 14:54:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18 (0x12)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EE13ACCF7E77B0292AE17B05340211C8F971760B
        Validity
            Not Before: Nov 28 04:59:26 2023 GMT
            Not After : Nov 14 01:30:03 2024 GMT
        Subject: CN=C1E3D0B9E0655B93894E0FC95DFA5B0EADCFFE56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:7d:81:b4:88:c0:ee:c2:c9:c5:87:a4:9e:06:
                    ad:df:d0:f4:82:80:1b:51:ee:b1:85:dc:04:f3:43:
                    05:f9:b5:0e:de:c1:c2:5e:92:00:25:f1:ed:8b:e2:
                    e7:02:08:60:ae:5c:ad:ae:e9:f1:1e:23:3b:0b:ed:
                    20:65:74:69:74:5b:19:b9:fb:1e:61:be:a0:b7:8a:
                    e3:01:61:a3:b6:ff:a8:e7:d7:b6:f9:e4:c8:d9:30:
                    97:b0:52:a4:5d:16:ab:a6:bb:2f:a5:1a:7d:f7:ca:
                    32:01:00:1e:ef:b4:e5:e9:c2:fd:83:84:a3:c5:cc:
                    02:8c:d4:9c:0a:c6:e4:70:ee:e8:61:c4:4e:6d:4e:
                    3c:e8:cc:00:ac:28:dc:e5:d6:9a:94:f7:fb:18:04:
                    2a:5d:2f:35:82:16:92:18:90:78:85:a7:4f:aa:b9:
                    16:52:d1:3a:c6:ed:5a:b3:3b:3e:59:5a:82:0e:ce:
                    5a:dc:e6:8c:f2:3d:aa:a8:83:37:dc:14:1f:d4:f6:
                    99:3d:90:b8:a5:91:69:79:de:dc:60:ef:1e:3d:07:
                    58:72:f0:10:f8:9a:7a:a8:5f:3e:b7:2f:5c:94:5f:
                    c1:05:42:3b:b9:5e:0f:92:9c:f1:e8:0f:c5:12:a5:
                    ea:60:84:ff:bf:06:3a:f5:de:94:68:48:8f:88:98:
                    e6:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:E3:D0:B9:E0:65:5B:93:89:4E:0F:C9:5D:FA:5B:0E:AD:CF:FE:56
            X509v3 Authority Key Identifier:
                keyid:EE:13:AC:CF:7E:77:B0:29:2A:E1:7B:05:34:02:11:C8:F9:71:76:0B

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/524/7hOsz353sCkq4XsFNAIRyPlxdgs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/7hOsz353sCkq4XsFNAIRyPlxdgs.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/524/wePQueBlW5OJTg_JXfpbDq3P_lY.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  106.72.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         5c:6f:2d:be:10:b8:0f:47:95:c0:dc:59:b0:1c:72:ac:1d:48:
         7f:d0:07:b9:4d:9b:21:b1:62:09:73:f7:09:17:9d:1b:a3:3b:
         d9:f8:d6:1c:5f:bd:a8:49:f6:c9:c0:1c:be:80:e5:f3:56:58:
         d8:f1:b2:cf:75:9e:e6:56:a7:bf:58:50:bc:4b:b1:71:df:7f:
         22:51:0c:a5:29:14:08:f5:bb:5c:5b:85:84:48:fe:27:11:36:
         21:23:3b:d4:2c:7b:39:06:42:89:50:55:55:f9:cf:05:b9:65:
         9b:6e:df:ed:90:7e:1d:7a:9a:8f:ab:14:cc:24:97:28:5b:23:
         af:54:27:88:45:c6:8c:28:fd:a2:86:d9:92:26:5e:73:06:f0:
         3b:38:66:1c:74:37:b2:2b:3f:3f:ac:0a:6c:40:e4:97:13:35:
         48:78:a5:99:d2:52:7f:6d:89:5b:c4:06:af:f8:ec:3f:3b:33:
         47:dc:c2:52:92:83:77:d4:7b:0e:47:b3:36:8d:45:86:52:fa:
         7c:ac:d5:19:f4:be:5f:6d:13:fe:a5:85:d1:6b:66:f4:2c:7f:
         ea:dc:92:92:39:2f:17:22:a1:4e:bf:07:7d:f5:ab:63:ab:8f:
         0a:9c:11:e2:03:5e:51:0b:67:d6:a8:4b:c5:fd:81:7e:7a:ca:
         99:56:7d:91
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIBEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhFRTEz
QUNDRjdFNzdCMDI5MkFFMTdCMDUzNDAyMTFDOEY5NzE3NjBCMB4XDTIzMTEyODA0
NTkyNloXDTI0MTExNDAxMzAwM1owMzExMC8GA1UEAxMoQzFFM0QwQjlFMDY1NUI5
Mzg5NEUwRkM5NURGQTVCMEVBRENGRkU1NjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKV9gbSIwO7CycWHpJ4Grd/Q9IKAG1HusYXcBPNDBfm1Dt7Bwl6S
ACXx7Yvi5wIIYK5cra7p8R4jOwvtIGV0aXRbGbn7HmG+oLeK4wFho7b/qOfXtvnk
yNkwl7BSpF0Wq6a7L6UafffKMgEAHu+05enC/YOEo8XMAozUnArG5HDu6GHETm1O
POjMAKwo3OXWmpT3+xgEKl0vNYIWkhiQeIWnT6q5FlLROsbtWrM7Pllagg7OWtzm
jPI9qqiDN9wUH9T2mT2QuKWRaXne3GDvHj0HWHLwEPiaeqhfPrcvXJRfwQVCO7le
D5Kc8egPxRKl6mCE/78GOvXelGhIj4iY5tMCAwEAAaOCAiMwggIfMB0GA1UdDgQW
BBTB49C54GVbk4lOD8ld+lsOrc/+VjAfBgNVHSMEGDAWgBTuE6zPfnewKSrhewU0
AhHI+XF2CzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvNTI0LzdoT3N6MzUzc0NrcTRYc0ZOQUlSeVBseGRncy5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwLzdoT3N6MzUzc0NrcTRYc0ZOQUlSeVBs
eGRncy5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC81MjQvd2VQUXVlQmxXNU9KVGdfSlhmcGJEcTNQX2xZLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEw
BQMDAGpIMA0GCSqGSIb3DQEBCwUAA4IBAQBcby2+ELgPR5XA3FmwHHKsHUh/0Ae5
TZshsWIJc/cJF50bozvZ+NYcX72oSfbJwBy+gOXzVljY8bLPdZ7mVqe/WFC8S7Fx
338iUQylKRQI9btcW4WESP4nETYhIzvULHs5BkKJUFVV+c8FuWWbbt/tkH4depqP
qxTMJJcoWyOvVCeIRcaMKP2ihtmSJl5zBvA7OGYcdDeyKz8/rApsQOSXEzVIeKWZ
0lJ/bYlbxAav+Ow/OzNH3MJSkoN31HsOR7M2jUWGUvp8rNUZ9L5fbRP+pYXRa2b0
LH/q3JKSOS8XIqFOvwd99atjq48KnBHiA15RC2fWqEvF/YF+esqZVn2R
-----END CERTIFICATE-----
Generated at Fri Jun 14 16:48:02 2024 by rpki-client on console-fra.rpki-client.org