Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/545/P9DllXNl_-Re_z_YrV6jScTYaKQ.roa
File:                     P9DllXNl_-Re_z_YrV6jScTYaKQ.roa (raw, json)
Hash identifier:          f+c53QnvTogVZAWf3pAYA0lcKKasimZ5ErySRI9ZX90=
Subject key identifier:   3F:D0:E5:95:73:65:FF:E4:5E:FF:3F:D8:AD:5E:A3:49:C4:D8:68:A4
Certificate issuer:       /CN=BBDCD526B09E7897F71FE04858BE75C06EC4F13A
Certificate serial:       04B2
Authority key identifier: BB:DC:D5:26:B0:9E:78:97:F7:1F:E0:48:58:BE:75:C0:6E:C4:F1:3A
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/u9zVJrCeeJf3H-BIWL51wG7E8To.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/545/P9DllXNl_-Re_z_YrV6jScTYaKQ.roa
Signing time:             Thu 29 Feb 2024 01:29:07 +0000
ROA not before:           Thu 29 Feb 2024 01:29:07 +0000
ROA not after:            Fri 14 Feb 2025 01:30:03 +0000
asID:                     10010
IP address blocks:        42.125.228.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/545/u9zVJrCeeJf3H-BIWL51wG7E8To.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/545/u9zVJrCeeJf3H-BIWL51wG7E8To.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/u9zVJrCeeJf3H-BIWL51wG7E8To.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 15:22:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1202 (0x4b2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BBDCD526B09E7897F71FE04858BE75C06EC4F13A
        Validity
            Not Before: Feb 29 01:29:07 2024 GMT
            Not After : Feb 14 01:30:03 2025 GMT
        Subject: CN=3FD0E5957365FFE45EFF3FD8AD5EA349C4D868A4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:04:b5:62:bd:0b:45:63:66:a8:9e:5a:af:2a:
                    b7:0a:d7:34:31:65:4c:ac:bc:fc:15:2e:d9:82:d2:
                    be:6d:f4:77:1e:d7:3d:e7:2e:4d:33:f2:aa:67:44:
                    d1:00:eb:42:5a:d2:c8:bb:30:b4:4d:11:be:fd:b9:
                    55:36:65:4f:8b:4d:91:9d:9e:14:e9:d1:ce:a3:13:
                    55:bd:20:b2:dc:f0:3d:6a:da:85:73:42:09:a3:7e:
                    01:b3:c6:88:bb:f1:50:5e:35:e4:99:5c:c4:fc:ea:
                    d4:20:16:a5:85:18:95:d7:96:fb:5f:8f:c7:18:4c:
                    1d:e7:82:b9:5d:b5:49:fc:a7:6c:47:38:d1:41:26:
                    b1:d0:ba:19:7a:52:07:20:55:3e:88:5a:c5:78:cf:
                    d9:64:b6:ea:8b:91:0b:55:9e:e4:93:30:43:50:3c:
                    83:b2:e1:a0:2f:ed:22:9b:5e:26:7e:8d:4a:cb:8a:
                    71:af:7c:9a:60:cb:44:64:20:02:65:8c:b6:2d:8f:
                    c4:a4:b3:f3:48:8d:06:a0:dc:9f:11:c5:21:ce:4e:
                    8a:53:58:d8:f6:18:d4:37:95:75:23:eb:a4:05:f7:
                    f0:ce:93:a5:d9:47:ac:a0:f9:ce:e3:8a:64:85:62:
                    15:95:9b:c0:a8:18:f1:51:a0:ad:c8:6e:55:b7:6a:
                    37:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:D0:E5:95:73:65:FF:E4:5E:FF:3F:D8:AD:5E:A3:49:C4:D8:68:A4
            X509v3 Authority Key Identifier:
                keyid:BB:DC:D5:26:B0:9E:78:97:F7:1F:E0:48:58:BE:75:C0:6E:C4:F1:3A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/545/u9zVJrCeeJf3H-BIWL51wG7E8To.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/u9zVJrCeeJf3H-BIWL51wG7E8To.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/545/P9DllXNl_-Re_z_YrV6jScTYaKQ.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  42.125.228.0/22

    Signature Algorithm: sha256WithRSAEncryption
         34:c6:7f:2d:3b:e1:e6:dd:18:61:7e:53:54:86:df:40:50:00:
         f0:10:47:6e:6c:9b:77:6a:88:aa:28:0f:4d:1a:35:d0:ab:a4:
         9e:a1:21:db:14:c5:03:e0:03:b2:3d:fd:75:47:e8:a3:c3:b9:
         d9:18:a6:c4:ad:55:2c:f8:b0:26:0a:35:95:fe:8d:d2:68:ed:
         f7:ba:8b:c0:a3:38:5b:fa:a2:62:64:1f:85:fc:47:52:d9:fa:
         9f:e6:ba:cf:81:c7:e6:6d:01:f7:a2:9c:19:53:5d:5d:4c:03:
         33:2e:4e:c7:bb:e0:1e:44:5f:a4:4d:3c:85:fd:cc:5d:28:76:
         f3:e5:5a:31:7e:70:6e:cf:e7:62:63:8a:51:b6:75:ad:96:0b:
         a7:ad:34:00:29:10:92:5e:40:5f:d6:58:40:a1:92:8b:e7:21:
         e0:e2:10:b1:81:a2:18:e7:43:82:da:36:2d:03:a2:17:96:27:
         0c:36:bb:b3:50:bf:03:57:a6:6f:43:7c:f4:31:76:9d:5f:e4:
         df:c0:22:08:66:76:a1:e2:29:5c:b2:da:17:13:b7:fb:82:34:
         71:67:36:0d:b7:59:31:9a:45:73:58:64:91:ca:e7:39:0b:59:
         98:4c:ec:40:2b:d9:52:9a:9c:b8:31:76:8e:46:c0:18:ea:92:
         ab:45:97:44
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBLIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkJE
Q0Q1MjZCMDlFNzg5N0Y3MUZFMDQ4NThCRTc1QzA2RUM0RjEzQTAeFw0yNDAyMjkw
MTI5MDdaFw0yNTAyMTQwMTMwMDNaMDMxMTAvBgNVBAMTKDNGRDBFNTk1NzM2NUZG
RTQ1RUZGM0ZEOEFENUVBMzQ5QzREODY4QTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrBLVivQtFY2aonlqvKrcK1zQxZUysvPwVLtmC0r5t9Hce1z3n
Lk0z8qpnRNEA60Ja0si7MLRNEb79uVU2ZU+LTZGdnhTp0c6jE1W9ILLc8D1q2oVz
QgmjfgGzxoi78VBeNeSZXMT86tQgFqWFGJXXlvtfj8cYTB3ngrldtUn8p2xHONFB
JrHQuhl6UgcgVT6IWsV4z9lktuqLkQtVnuSTMENQPIOy4aAv7SKbXiZ+jUrLinGv
fJpgy0RkIAJljLYtj8Sks/NIjQag3J8RxSHOTopTWNj2GNQ3lXUj66QF9/DOk6XZ
R6yg+c7jimSFYhWVm8CoGPFRoK3IblW3ajevAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUP9DllXNl/+Re/z/YrV6jScTYaKQwHwYDVR0jBBgwFoAUu9zVJrCeeJf3H+BI
WL51wG7E8TowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzU0NS91OXpWSnJDZWVKZjNILUJJV0w1MXdHN0U4VG8uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC91OXpWSnJDZWVKZjNILUJJV0w1MXdH
N0U4VG8uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvNTQ1L1A5RGxsWE5sXy1SZV96X1lyVjZqU2NUWWFLUS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIqfeQwDQYJKoZIhvcNAQELBQADggEBADTGfy074ebdGGF+U1SG30BQAPAQ
R25sm3dqiKooD00aNdCrpJ6hIdsUxQPgA7I9/XVH6KPDudkYpsStVSz4sCYKNZX+
jdJo7fe6i8CjOFv6omJkH4X8R1LZ+p/mus+Bx+ZtAfeinBlTXV1MAzMuTse74B5E
X6RNPIX9zF0odvPlWjF+cG7P52JjilG2da2WC6etNAApEJJeQF/WWEChkovnIeDi
ELGBohjnQ4LaNi0DoheWJww2u7NQvwNXpm9DfPQxdp1f5N/AIghmdqHiKVyy2hcT
t/uCNHFnNg23WTGaRXNYZJHK5zkLWZhM7EAr2VKanLgxdo5GwBjqkqtFl0Q=
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:45:45 2024 by rpki-client on console-ams.rpki-client.org