Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/545/AYM5E-t3hVTdOXxnfFOwfW5-Pic.roa
File:                     AYM5E-t3hVTdOXxnfFOwfW5-Pic.roa (raw, json)
Hash identifier:          BKETti+knqB7vD4k0nyptyX2sShs90DWDMxBvU62Xk8=
Subject key identifier:   01:83:39:13:EB:77:85:54:DD:39:7C:67:7C:53:B0:7D:6E:7E:3E:27
Certificate issuer:       /CN=BBDCD526B09E7897F71FE04858BE75C06EC4F13A
Certificate serial:       04C5
Authority key identifier: BB:DC:D5:26:B0:9E:78:97:F7:1F:E0:48:58:BE:75:C0:6E:C4:F1:3A
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/u9zVJrCeeJf3H-BIWL51wG7E8To.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/545/AYM5E-t3hVTdOXxnfFOwfW5-Pic.roa
Signing time:             Thu 29 Feb 2024 01:33:11 +0000
ROA not before:           Thu 29 Feb 2024 01:33:11 +0000
ROA not after:            Fri 14 Feb 2025 01:30:03 +0000
asID:                     10010
IP address blocks:        116.68.218.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/545/u9zVJrCeeJf3H-BIWL51wG7E8To.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/545/u9zVJrCeeJf3H-BIWL51wG7E8To.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/u9zVJrCeeJf3H-BIWL51wG7E8To.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 01:30:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1221 (0x4c5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BBDCD526B09E7897F71FE04858BE75C06EC4F13A
        Validity
            Not Before: Feb 29 01:33:11 2024 GMT
            Not After : Feb 14 01:30:03 2025 GMT
        Subject: CN=01833913EB778554DD397C677C53B07D6E7E3E27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:36:78:ae:e0:8d:3e:18:ea:35:53:b5:21:2d:
                    da:e7:ee:f8:58:34:64:1d:84:f4:ec:bd:de:e3:81:
                    74:fc:86:97:c5:08:49:55:6d:a7:8c:c2:d2:9e:66:
                    bd:61:bc:d1:f9:aa:f2:d7:43:44:22:66:86:b3:b4:
                    34:38:a8:c6:28:1b:d5:ca:f6:71:0e:d8:52:5c:b8:
                    43:1c:82:2b:80:ce:66:ea:38:01:11:5a:aa:d3:d1:
                    91:37:19:8b:71:af:ee:29:b9:95:74:28:db:a2:70:
                    85:14:eb:9c:77:2f:bd:b0:06:ab:b6:a5:71:ee:0b:
                    b6:f2:5a:cb:15:52:87:d8:7b:fb:33:c2:6f:b6:95:
                    71:8d:49:b4:ac:f9:2d:d1:13:15:e8:49:4e:49:cf:
                    4a:89:2e:41:4d:29:20:0f:af:b3:74:4e:cf:5a:cb:
                    7b:42:d2:43:d7:c5:16:fb:f5:8a:f8:89:70:f8:ba:
                    88:c9:01:7d:8e:f8:16:c0:f1:d1:05:36:4c:4d:ff:
                    3f:71:75:c9:b7:18:f3:db:24:ca:d4:b6:07:eb:3f:
                    69:8d:88:1c:fd:67:e3:8a:23:11:ca:e4:2d:3e:05:
                    75:20:a0:1e:b0:56:3e:4f:19:f2:99:c8:64:b0:4e:
                    f7:7e:54:88:53:92:1a:b2:e7:7a:48:cd:72:93:aa:
                    c7:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:83:39:13:EB:77:85:54:DD:39:7C:67:7C:53:B0:7D:6E:7E:3E:27
            X509v3 Authority Key Identifier:
                keyid:BB:DC:D5:26:B0:9E:78:97:F7:1F:E0:48:58:BE:75:C0:6E:C4:F1:3A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/545/u9zVJrCeeJf3H-BIWL51wG7E8To.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/u9zVJrCeeJf3H-BIWL51wG7E8To.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/545/AYM5E-t3hVTdOXxnfFOwfW5-Pic.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  116.68.218.0/23

    Signature Algorithm: sha256WithRSAEncryption
         07:41:f6:07:04:ca:97:e5:49:86:5a:f6:46:de:07:b6:a4:aa:
         41:b9:00:49:3a:38:f2:8a:3c:d4:f3:28:fe:2d:79:55:27:69:
         2d:7a:83:c8:59:2c:61:d3:5c:61:dc:28:05:5d:de:16:8f:44:
         a9:89:a8:a7:7e:09:05:d3:d3:bf:10:f6:67:58:d4:5e:16:45:
         33:83:e7:88:1f:15:96:e2:ba:76:3b:80:e7:a1:81:a7:a1:da:
         ad:16:f6:c1:1f:f6:de:a6:13:2f:c9:f9:86:4b:a6:e0:47:ce:
         ae:06:aa:35:44:db:2e:ca:c5:39:a5:00:c7:01:63:35:de:98:
         3d:02:28:c0:37:5f:15:dd:cd:f5:9d:be:2e:10:de:de:26:df:
         15:a3:88:e6:6d:c8:28:a8:76:5e:6f:d7:e3:fd:b3:2b:86:aa:
         58:77:b5:b2:bc:33:1a:29:d5:fa:4e:cd:c1:e1:bd:98:99:1b:
         7b:a7:5d:31:58:91:fd:79:c1:00:bf:44:4c:fe:34:94:74:9d:
         d9:41:24:43:62:df:3e:fe:ef:6b:e0:96:92:a7:70:e2:d7:95:
         d1:17:0b:c4:2d:50:bf:1a:6e:bc:44:13:db:8a:88:7e:3c:b1:
         65:eb:18:ee:f9:6c:9c:a0:53:9f:e0:7e:7a:7b:ec:cd:db:79:
         c2:24:d4:30
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBMUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkJE
Q0Q1MjZCMDlFNzg5N0Y3MUZFMDQ4NThCRTc1QzA2RUM0RjEzQTAeFw0yNDAyMjkw
MTMzMTFaFw0yNTAyMTQwMTMwMDNaMDMxMTAvBgNVBAMTKDAxODMzOTEzRUI3Nzg1
NTRERDM5N0M2NzdDNTNCMDdENkU3RTNFMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyNniu4I0+GOo1U7UhLdrn7vhYNGQdhPTsvd7jgXT8hpfFCElV
baeMwtKeZr1hvNH5qvLXQ0QiZoaztDQ4qMYoG9XK9nEO2FJcuEMcgiuAzmbqOAER
WqrT0ZE3GYtxr+4puZV0KNuicIUU65x3L72wBqu2pXHuC7byWssVUofYe/szwm+2
lXGNSbSs+S3RExXoSU5Jz0qJLkFNKSAPr7N0Ts9ay3tC0kPXxRb79Yr4iXD4uojJ
AX2O+BbA8dEFNkxN/z9xdcm3GPPbJMrUtgfrP2mNiBz9Z+OKIxHK5C0+BXUgoB6w
Vj5PGfKZyGSwTvd+VIhTkhqy53pIzXKTqsdvAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUAYM5E+t3hVTdOXxnfFOwfW5+PicwHwYDVR0jBBgwFoAUu9zVJrCeeJf3H+BI
WL51wG7E8TowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzU0NS91OXpWSnJDZWVKZjNILUJJV0w1MXdHN0U4VG8uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC91OXpWSnJDZWVKZjNILUJJV0w1MXdH
N0U4VG8uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvNTQ1L0FZTTVFLXQzaFZUZE9YeG5mRk93Zlc1LVBpYy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAF0RNowDQYJKoZIhvcNAQELBQADggEBAAdB9gcEypflSYZa9kbeB7akqkG5
AEk6OPKKPNTzKP4teVUnaS16g8hZLGHTXGHcKAVd3haPRKmJqKd+CQXT078Q9mdY
1F4WRTOD54gfFZbiunY7gOehgaeh2q0W9sEf9t6mEy/J+YZLpuBHzq4GqjVE2y7K
xTmlAMcBYzXemD0CKMA3XxXdzfWdvi4Q3t4m3xWjiOZtyCiodl5v1+P9syuGqlh3
tbK8Mxop1fpOzcHhvZiZG3unXTFYkf15wQC/REz+NJR0ndlBJENi3z7+72vglpKn
cOLXldEXC8QtUL8abrxEE9uKiH48sWXrGO75bJygU5/gfnp77M3becIk1DA=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:01:45 2024 by rpki-client on console-fra.rpki-client.org