Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/822/eCBHUN8g8yBiMjbv1XWj-9w4KDM.roa
File:                     eCBHUN8g8yBiMjbv1XWj-9w4KDM.roa (raw, json)
Hash identifier:          mWg2dDP9KyiakfzjeIuoQIHLC5cv/cba2XDNwpx/36g=
Subject key identifier:   78:20:47:50:DF:20:F3:20:62:32:36:EF:D5:75:A3:FB:DC:38:28:33
Certificate issuer:       /CN=55061B7BA6111F230BDB61E29781E46D0165E99E
Certificate serial:       33
Authority key identifier: 55:06:1B:7B:A6:11:1F:23:0B:DB:61:E2:97:81:E4:6D:01:65:E9:9E
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/VQYbe6YRHyML22Hil4HkbQFl6Z4.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/822/eCBHUN8g8yBiMjbv1XWj-9w4KDM.roa
Signing time:             Wed 14 Feb 2024 06:31:54 +0000
ROA not before:           Wed 14 Feb 2024 06:31:54 +0000
ROA not after:            Tue 14 Jan 2025 01:30:02 +0000
asID:                     9354
IP address blocks:        103.40.104.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/822/VQYbe6YRHyML22Hil4HkbQFl6Z4.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/822/VQYbe6YRHyML22Hil4HkbQFl6Z4.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/VQYbe6YRHyML22Hil4HkbQFl6Z4.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 51 (0x33)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=55061B7BA6111F230BDB61E29781E46D0165E99E
        Validity
            Not Before: Feb 14 06:31:54 2024 GMT
            Not After : Jan 14 01:30:02 2025 GMT
        Subject: CN=78204750DF20F320623236EFD575A3FBDC382833
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:2e:3c:da:80:9d:75:9c:8f:7b:ab:ec:90:f8:
                    19:02:bd:02:1e:d5:e3:1c:c9:94:0f:1c:b8:0f:17:
                    05:d0:76:82:1b:3a:08:19:bc:03:e3:b2:fd:3a:10:
                    52:52:94:c2:8a:34:16:eb:c7:8a:9d:58:47:89:77:
                    9b:b7:e6:83:e3:d3:aa:79:ac:6a:45:7c:30:11:e3:
                    57:d8:e6:38:99:8e:17:64:59:7f:e6:b9:dd:ee:71:
                    86:75:f5:d4:b9:64:93:b9:84:a9:1f:4d:d9:14:6d:
                    6c:a4:b6:d3:9c:28:fb:b7:dc:14:48:d3:d8:b4:30:
                    03:1a:48:dd:97:6f:d8:61:83:b3:d5:7b:6e:81:88:
                    6e:03:a0:88:b5:5b:00:66:40:2c:e5:24:41:7c:6d:
                    bb:b6:ba:a1:0a:e8:33:63:8c:22:29:1c:a7:df:08:
                    12:ef:00:44:48:79:96:79:2e:79:ed:0f:5c:be:1b:
                    28:ca:8a:39:43:b6:c4:9c:0e:6a:5d:a9:b4:7a:9b:
                    2e:b4:5e:7a:cc:05:48:01:72:50:86:87:c0:7b:16:
                    df:0c:84:0f:24:2d:15:33:28:2f:35:28:6b:1f:94:
                    3c:f1:9c:90:55:19:4a:e5:b9:7a:22:12:44:45:fd:
                    06:45:3d:e1:c5:b6:df:d9:59:c4:4d:dd:18:a6:46:
                    ac:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:20:47:50:DF:20:F3:20:62:32:36:EF:D5:75:A3:FB:DC:38:28:33
            X509v3 Authority Key Identifier:
                keyid:55:06:1B:7B:A6:11:1F:23:0B:DB:61:E2:97:81:E4:6D:01:65:E9:9E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/822/VQYbe6YRHyML22Hil4HkbQFl6Z4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/VQYbe6YRHyML22Hil4HkbQFl6Z4.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/822/eCBHUN8g8yBiMjbv1XWj-9w4KDM.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.40.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         69:e1:28:8b:14:2f:3d:22:05:2e:15:af:28:39:eb:d9:3e:95:
         6f:79:58:1a:6b:3a:b3:55:5a:84:d3:0f:33:2e:e3:4f:ba:53:
         ed:ef:92:91:43:dc:c5:e6:ae:63:b4:52:ab:7d:04:97:50:c4:
         40:16:9c:a7:2c:70:0a:7f:73:51:e2:b9:8b:3d:2f:fb:4a:62:
         89:84:b6:b6:e3:91:7b:13:7d:06:6d:0e:5d:ca:a5:a8:22:65:
         c3:81:06:bf:6e:f5:ea:f6:33:f4:00:5e:e9:f3:1e:22:5d:4f:
         06:d5:e3:38:6e:b8:fe:06:a1:1d:5c:6c:cd:c0:6d:7d:9f:85:
         e1:ef:9e:0a:f1:61:8a:90:eb:83:08:1e:0d:92:70:70:f0:87:
         de:58:35:3d:3b:6d:32:7d:bd:f5:91:89:d9:e7:c7:1a:4b:94:
         e0:3b:f6:80:4f:5e:48:07:15:6d:87:0d:97:e1:f3:bb:b5:ae:
         35:25:0d:e8:49:ad:b5:3e:2a:90:b1:e6:4f:13:62:c2:0e:2e:
         c5:06:d0:a2:5b:08:58:68:1d:30:22:6d:1e:ed:7d:7d:89:09:
         cf:cc:6e:8f:c1:2b:1c:4d:66:13:93:dc:1e:c7:ac:d7:d8:02:
         ce:d4:d7:49:95:ce:c2:88:03:de:58:ab:b7:4e:90:b8:ef:e1:
         ba:34:09:70
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBMzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1NTA2
MUI3QkE2MTExRjIzMEJEQjYxRTI5NzgxRTQ2RDAxNjVFOTlFMB4XDTI0MDIxNDA2
MzE1NFoXDTI1MDExNDAxMzAwMlowMzExMC8GA1UEAxMoNzgyMDQ3NTBERjIwRjMy
MDYyMzIzNkVGRDU3NUEzRkJEQzM4MjgzMzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMQuPNqAnXWcj3ur7JD4GQK9Ah7V4xzJlA8cuA8XBdB2ghs6CBm8
A+Oy/ToQUlKUwoo0FuvHip1YR4l3m7fmg+PTqnmsakV8MBHjV9jmOJmOF2RZf+a5
3e5xhnX11Llkk7mEqR9N2RRtbKS205wo+7fcFEjT2LQwAxpI3Zdv2GGDs9V7boGI
bgOgiLVbAGZALOUkQXxtu7a6oQroM2OMIikcp98IEu8AREh5lnkuee0PXL4bKMqK
OUO2xJwOal2ptHqbLrReeswFSAFyUIaHwHsW3wyEDyQtFTMoLzUoax+UPPGckFUZ
SuW5eiISREX9BkU94cW239lZxE3dGKZGrIMCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBR4IEdQ3yDzIGIyNu/VdaP73DgoMzAfBgNVHSMEGDAWgBRVBht7phEfIwvbYeKX
geRtAWXpnjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvODIyL1ZRWWJlNllSSHlNTDIySGlsNEhrYlFGbDZaNC5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL1ZRWWJlNllSSHlNTDIySGlsNEhrYlFG
bDZaNC5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC84MjIvZUNCSFVOOGc4eUJpTWpidjFYV2otOXc0S0RNLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmcoaDANBgkqhkiG9w0BAQsFAAOCAQEAaeEoixQvPSIFLhWvKDnr2T6Vb3lY
Gms6s1VahNMPMy7jT7pT7e+SkUPcxeauY7RSq30El1DEQBacpyxwCn9zUeK5iz0v
+0piiYS2tuORexN9Bm0OXcqlqCJlw4EGv2716vYz9ABe6fMeIl1PBtXjOG64/gah
HVxszcBtfZ+F4e+eCvFhipDrgwgeDZJwcPCH3lg1PTttMn299ZGJ2efHGkuU4Dv2
gE9eSAcVbYcNl+Hzu7WuNSUN6EmttT4qkLHmTxNiwg4uxQbQolsIWGgdMCJtHu19
fYkJz8xuj8ErHE1mE5PcHses19gCztTXSZXOwogD3lirt06QuO/hujQJcA==
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:32:01 2024 by rpki-client on console-ams.rpki-client.org