Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/826/n_rghTK1b7tJII8TnUBXmPRZnDc.roa
File:                     n_rghTK1b7tJII8TnUBXmPRZnDc.roa (raw, json)
Hash identifier:          ODhwtkaXMKVi+wkOQKdPpXZDG43xH0/7ARswzL3OU6M=
Subject key identifier:   9F:FA:E0:85:32:B5:6F:BB:49:20:8F:13:9D:40:57:98:F4:59:9C:37
Certificate issuer:       /CN=5E708E85B10AC603C06D785B42153DCFE1663AEA
Certificate serial:       26
Authority key identifier: 5E:70:8E:85:B1:0A:C6:03:C0:6D:78:5B:42:15:3D:CF:E1:66:3A:EA
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/XnCOhbEKxgPAbXhbQhU9z-FmOuo.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/826/n_rghTK1b7tJII8TnUBXmPRZnDc.roa
Signing time:             Thu 29 Feb 2024 01:34:28 +0000
ROA not before:           Thu 29 Feb 2024 01:34:28 +0000
ROA not after:            Fri 14 Feb 2025 01:30:03 +0000
asID:                     23618
IP address blocks:        223.29.244.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/826/XnCOhbEKxgPAbXhbQhU9z-FmOuo.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/826/XnCOhbEKxgPAbXhbQhU9z-FmOuo.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/XnCOhbEKxgPAbXhbQhU9z-FmOuo.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 01:30:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 38 (0x26)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5E708E85B10AC603C06D785B42153DCFE1663AEA
        Validity
            Not Before: Feb 29 01:34:28 2024 GMT
            Not After : Feb 14 01:30:03 2025 GMT
        Subject: CN=9FFAE08532B56FBB49208F139D405798F4599C37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:9a:67:96:45:a0:eb:19:b8:4d:a8:da:e8:4a:
                    e3:ba:57:4c:54:d5:2f:80:7f:d3:55:06:72:fc:9c:
                    75:56:b4:e0:34:32:20:1e:9e:3a:07:34:42:50:3d:
                    b5:dd:53:63:f3:21:88:8d:7e:58:ff:cb:ca:57:ad:
                    f0:e4:7d:ad:af:a4:03:a6:d3:51:fc:73:91:ea:14:
                    00:36:d2:52:80:ed:17:14:eb:ce:8c:49:d5:3d:20:
                    45:6c:5a:0c:89:ec:c8:61:2b:fd:e2:f3:c8:9b:dd:
                    37:a9:0f:fc:e6:5a:a7:30:4a:6e:6f:86:6b:ec:63:
                    cd:fa:25:48:7b:7e:73:44:0a:f4:26:91:d2:40:76:
                    1b:74:ce:87:5d:61:65:18:4f:1f:5b:ec:06:44:64:
                    10:1b:69:24:1d:b6:34:4b:3f:7d:05:37:5d:e2:97:
                    fa:90:18:a5:68:1a:eb:1b:d2:3c:4b:37:c7:a2:df:
                    45:46:76:60:b5:6d:90:a3:73:eb:fe:cd:4e:74:cf:
                    46:06:cf:58:97:be:5f:71:9a:9d:4d:30:ed:ae:79:
                    af:c7:ba:b8:34:4d:f1:0f:4f:78:67:1a:7d:77:8a:
                    6e:0b:4b:70:64:d9:61:aa:65:b9:eb:3f:16:28:85:
                    fa:74:f3:60:3f:59:23:51:e6:0a:29:34:38:6a:1a:
                    ae:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:FA:E0:85:32:B5:6F:BB:49:20:8F:13:9D:40:57:98:F4:59:9C:37
            X509v3 Authority Key Identifier:
                keyid:5E:70:8E:85:B1:0A:C6:03:C0:6D:78:5B:42:15:3D:CF:E1:66:3A:EA

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/826/XnCOhbEKxgPAbXhbQhU9z-FmOuo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/XnCOhbEKxgPAbXhbQhU9z-FmOuo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/826/n_rghTK1b7tJII8TnUBXmPRZnDc.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  223.29.244.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1e:ff:78:33:70:84:83:28:f5:58:07:03:45:00:03:33:a0:86:
         56:5f:49:32:d0:d8:ba:db:79:e7:9a:08:b8:79:79:1d:f4:1b:
         b6:e8:46:95:48:c0:82:e9:86:66:24:f2:94:c8:b8:84:a1:49:
         08:07:2b:93:28:b4:1f:4a:da:84:5c:67:f0:aa:3a:01:27:e0:
         16:66:cc:bf:5c:be:76:6e:ce:20:77:fd:ff:4d:fc:2c:e9:ab:
         93:d3:c6:78:fd:b9:74:6d:47:db:f2:48:aa:57:4b:68:08:ba:
         52:a7:3b:dd:33:eb:be:ab:29:67:7a:60:3a:d5:90:28:fa:da:
         8a:0a:dd:d3:57:4d:3f:69:b5:65:1a:b7:f5:25:c3:60:06:74:
         46:c3:6c:d2:bc:9c:d2:c4:4d:93:4f:52:fd:0b:9d:16:e6:5f:
         66:e3:66:b2:94:06:a8:32:10:7d:bd:35:4b:e0:5c:f5:f7:b9:
         ce:f2:d8:20:46:9d:1e:29:d6:0f:25:16:96:db:73:44:c1:b2:
         86:78:70:9f:42:69:68:ab:42:ea:e8:1c:e0:73:67:ed:46:00:
         9a:1d:35:74:25:70:1c:df:a7:ec:c7:b4:59:4e:12:a3:9e:9b:
         8f:34:b4:05:70:84:9f:ab:e8:2e:a7:32:40:80:0c:b8:23:bf:
         7a:5e:85:b4
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1RTcw
OEU4NUIxMEFDNjAzQzA2RDc4NUI0MjE1M0RDRkUxNjYzQUVBMB4XDTI0MDIyOTAx
MzQyOFoXDTI1MDIxNDAxMzAwM1owMzExMC8GA1UEAxMoOUZGQUUwODUzMkI1NkZC
QjQ5MjA4RjEzOUQ0MDU3OThGNDU5OUMzNzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAK+aZ5ZFoOsZuE2o2uhK47pXTFTVL4B/01UGcvycdVa04DQyIB6e
Ogc0QlA9td1TY/MhiI1+WP/Lylet8OR9ra+kA6bTUfxzkeoUADbSUoDtFxTrzoxJ
1T0gRWxaDInsyGEr/eLzyJvdN6kP/OZapzBKbm+Ga+xjzfolSHt+c0QK9CaR0kB2
G3TOh11hZRhPH1vsBkRkEBtpJB22NEs/fQU3XeKX+pAYpWga6xvSPEs3x6LfRUZ2
YLVtkKNz6/7NTnTPRgbPWJe+X3GanU0w7a55r8e6uDRN8Q9PeGcafXeKbgtLcGTZ
Yaplues/FiiF+nTzYD9ZI1HmCik0OGoarqkCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBSf+uCFMrVvu0kgjxOdQFeY9FmcNzAfBgNVHSMEGDAWgBRecI6FsQrGA8BteFtC
FT3P4WY66jAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvODI2L1huQ09oYkVLeGdQQWJYaGJRaFU5ei1GbU91by5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL1huQ09oYkVLeGdQQWJYaGJRaFU5ei1G
bU91by5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC84MjYvbl9yZ2hUSzFiN3RKSUk4VG5VQlhtUFJabkRjLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAt8d9DANBgkqhkiG9w0BAQsFAAOCAQEAHv94M3CEgyj1WAcDRQADM6CGVl9J
MtDYutt555oIuHl5HfQbtuhGlUjAgumGZiTylMi4hKFJCAcrkyi0H0rahFxn8Ko6
ASfgFmbMv1y+dm7OIHf9/038LOmrk9PGeP25dG1H2/JIqldLaAi6Uqc73TPrvqsp
Z3pgOtWQKPraigrd01dNP2m1ZRq39SXDYAZ0RsNs0ryc0sRNk09S/QudFuZfZuNm
spQGqDIQfb01S+Bc9fe5zvLYIEadHinWDyUWlttzRMGyhnhwn0JpaKtC6ugc4HNn
7UYAmh01dCVwHN+n7Me0WU4So56bjzS0BXCEn6voLqcyQIAMuCO/el6FtA==
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:01:47 2024 by rpki-client on console-fra.rpki-client.org