Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/530/7u6uZPsgSCT8W6qMYDo1OcPaaQw.roa
File:                     7u6uZPsgSCT8W6qMYDo1OcPaaQw.roa (raw, json)
Hash identifier:          CGP6gqLMR2cUl0IokBLYzHR6wJOO7Pk/cP5tFt0xwKA=
Subject key identifier:   EE:EE:AE:64:FB:20:48:24:FC:5B:AA:8C:60:3A:35:39:C3:DA:69:0C
Certificate issuer:       /CN=40D220B9E4A6358E03CD47864517D9D300B06FF0
Certificate serial:       38
Authority key identifier: 40:D2:20:B9:E4:A6:35:8E:03:CD:47:86:45:17:D9:D3:00:B0:6F:F0
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/QNIgueSmNY4DzUeGRRfZ0wCwb_A.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/530/7u6uZPsgSCT8W6qMYDo1OcPaaQw.roa
Signing time:             Fri 01 Dec 2023 08:39:42 +0000
ROA not before:           Fri 01 Dec 2023 08:39:42 +0000
ROA not after:            Thu 14 Nov 2024 01:30:03 +0000
asID:                     131925
IP address blocks:        160.237.184.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/530/QNIgueSmNY4DzUeGRRfZ0wCwb_A.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/530/QNIgueSmNY4DzUeGRRfZ0wCwb_A.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/QNIgueSmNY4DzUeGRRfZ0wCwb_A.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b2g-rjmhc4rmyT_fBB8RSOZTTfI.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 16 Jun 2024 13:36:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 56 (0x38)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40D220B9E4A6358E03CD47864517D9D300B06FF0
        Validity
            Not Before: Dec  1 08:39:42 2023 GMT
            Not After : Nov 14 01:30:03 2024 GMT
        Subject: CN=EEEEAE64FB204824FC5BAA8C603A3539C3DA690C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:c7:4f:10:c5:65:c5:09:5f:59:f4:9a:8e:be:
                    9e:f3:c7:ac:aa:98:69:10:f7:36:c3:14:aa:91:34:
                    a6:15:ba:b8:ae:76:11:ec:8e:f1:b5:11:38:0a:9e:
                    fe:93:a2:2d:04:4d:f0:ce:61:93:c4:d2:92:3e:e2:
                    ca:3b:48:b4:11:f4:d3:ba:9b:85:7c:0b:57:05:42:
                    be:3d:6b:20:87:56:a3:e7:ed:1e:1d:70:d9:94:c7:
                    6c:1b:4d:bf:c3:d0:e8:7a:5d:8c:db:57:3e:43:93:
                    fd:eb:50:18:6d:ac:ed:ac:9d:11:ba:45:f1:d6:71:
                    55:4a:4a:43:7a:48:1f:bc:a8:86:cc:60:fc:3e:f9:
                    8d:93:c4:ae:77:55:56:46:d1:dd:3a:4b:fc:d2:9d:
                    55:0d:e1:97:b5:a0:3e:9e:19:df:99:c1:6d:c2:6c:
                    fa:26:6f:46:eb:c5:9d:9d:86:71:86:d1:4b:f4:3b:
                    68:c2:ce:f0:bc:e7:8a:19:86:44:f2:7d:35:5c:dc:
                    0f:cd:53:6a:4d:b1:af:f4:5b:4b:39:6a:2f:3c:4e:
                    1f:dd:64:17:5c:d9:19:d3:56:8a:ae:1e:d4:41:d2:
                    8d:6a:fe:b0:a7:a6:0e:89:1a:ea:9e:9d:c3:4d:3f:
                    87:8f:fc:80:b4:00:53:41:0e:53:72:ea:98:16:e5:
                    1e:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:EE:AE:64:FB:20:48:24:FC:5B:AA:8C:60:3A:35:39:C3:DA:69:0C
            X509v3 Authority Key Identifier:
                keyid:40:D2:20:B9:E4:A6:35:8E:03:CD:47:86:45:17:D9:D3:00:B0:6F:F0

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/530/QNIgueSmNY4DzUeGRRfZ0wCwb_A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/QNIgueSmNY4DzUeGRRfZ0wCwb_A.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/530/7u6uZPsgSCT8W6qMYDo1OcPaaQw.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.237.184.0/22

    Signature Algorithm: sha256WithRSAEncryption
         17:30:12:43:ba:0b:f2:99:84:40:12:34:dc:c3:a6:7b:a0:72:
         9b:8d:4e:67:3b:28:00:33:de:5f:3b:1f:fb:2a:13:5c:06:24:
         78:ff:91:58:d6:3e:ff:0f:e4:c7:fa:ad:2e:74:60:0a:92:40:
         43:88:60:ae:73:1f:9a:c8:fd:75:7d:6c:d0:cc:89:56:94:88:
         62:9c:aa:18:e1:22:57:81:dc:4b:c9:61:b1:08:61:10:7d:b9:
         af:b1:f9:4c:52:0c:4c:83:8d:b9:69:ba:d1:e4:45:63:ad:99:
         a0:f8:af:67:ab:8f:43:3c:0d:fa:a8:49:8e:02:5b:af:90:11:
         75:1a:56:ee:1c:2d:22:b4:0d:b0:6b:93:ac:68:3b:c4:b1:a7:
         de:b2:48:bc:4b:b4:e7:0b:58:d7:77:fe:cd:1e:06:59:5b:d3:
         c6:bc:55:6e:9f:33:cd:72:22:28:35:2b:5c:fe:fc:10:d8:e8:
         29:ce:92:f5:c5:86:97:d0:9f:7d:cb:de:d0:19:cb:d4:71:ac:
         38:70:db:d3:83:11:86:a4:63:9d:ba:62:b3:34:6c:8d:8c:15:
         38:1b:18:d6:44:b7:f6:b3:27:25:48:f2:81:24:d3:81:c5:10:
         4f:7f:ad:45:42:27:9a:65:81:ef:7e:4a:c6:18:16:84:2e:0f:
         01:a3:04:45
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBODANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0MEQy
MjBCOUU0QTYzNThFMDNDRDQ3ODY0NTE3RDlEMzAwQjA2RkYwMB4XDTIzMTIwMTA4
Mzk0MloXDTI0MTExNDAxMzAwM1owMzExMC8GA1UEAxMoRUVFRUFFNjRGQjIwNDgy
NEZDNUJBQThDNjAzQTM1MzlDM0RBNjkwQzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALnHTxDFZcUJX1n0mo6+nvPHrKqYaRD3NsMUqpE0phW6uK52EeyO
8bUROAqe/pOiLQRN8M5hk8TSkj7iyjtItBH007qbhXwLVwVCvj1rIIdWo+ftHh1w
2ZTHbBtNv8PQ6HpdjNtXPkOT/etQGG2s7aydEbpF8dZxVUpKQ3pIH7yohsxg/D75
jZPErndVVkbR3TpL/NKdVQ3hl7WgPp4Z35nBbcJs+iZvRuvFnZ2GcYbRS/Q7aMLO
8LznihmGRPJ9NVzcD81Tak2xr/RbSzlqLzxOH91kF1zZGdNWiq4e1EHSjWr+sKem
Doka6p6dw00/h4/8gLQAU0EOU3LqmBblHtcCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBTu7q5k+yBIJPxbqoxgOjU5w9ppDDAfBgNVHSMEGDAWgBRA0iC55KY1jgPNR4ZF
F9nTALBv8DAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvNTMwL1FOSWd1ZVNtTlk0RHpVZUdSUmZaMHdDd2JfQS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL1FOSWd1ZVNtTlk0RHpVZUdSUmZaMHdD
d2JfQS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC81MzAvN3U2dVpQc2dTQ1Q4VzZxTVlEbzFPY1BhYVF3LnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAqDtuDANBgkqhkiG9w0BAQsFAAOCAQEAFzASQ7oL8pmEQBI03MOme6Bym41O
ZzsoADPeXzsf+yoTXAYkeP+RWNY+/w/kx/qtLnRgCpJAQ4hgrnMfmsj9dX1s0MyJ
VpSIYpyqGOEiV4HcS8lhsQhhEH25r7H5TFIMTIONuWm60eRFY62ZoPivZ6uPQzwN
+qhJjgJbr5ARdRpW7hwtIrQNsGuTrGg7xLGn3rJIvEu05wtY13f+zR4GWVvTxrxV
bp8zzXIiKDUrXP78ENjoKc6S9cWGl9Cffcve0BnL1HGsOHDb04MRhqRjnbpiszRs
jYwVOBsY1kS39rMnJUjygSTTgcUQT3+tRUInmmWB735KxhgWhC4PAaMERQ==
-----END CERTIFICATE-----
Generated at Thu Jun 13 17:53:38 2024 by rpki-client on console-ams.rpki-client.org