Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/897/mQqczKKp9AcivFIXapJFTgQc5AY.roa
File:                     mQqczKKp9AcivFIXapJFTgQc5AY.roa (raw, json)
Hash identifier:          Bc6GMzoiKk0Q2bawcmxsLk7iGmGVG8pjtCo1PvbK9yI=
Subject key identifier:   99:0A:9C:CC:A2:A9:F4:07:22:BC:52:17:6A:92:45:4E:04:1C:E4:06
Certificate issuer:       /CN=AA08097C6060710280CDAAA4E7E06C1F13CD16F2
Certificate serial:       68
Authority key identifier: AA:08:09:7C:60:60:71:02:80:CD:AA:A4:E7:E0:6C:1F:13:CD:16:F2
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/qggJfGBgcQKAzaqk5-BsHxPNFvI.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/897/mQqczKKp9AcivFIXapJFTgQc5AY.roa
Signing time:             Fri 01 Dec 2023 01:29:54 +0000
ROA not before:           Fri 01 Dec 2023 01:29:54 +0000
ROA not after:            Thu 14 Nov 2024 01:30:03 +0000
asID:                     9621
IP address blocks:        218.40.160.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/897/qggJfGBgcQKAzaqk5-BsHxPNFvI.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/897/qggJfGBgcQKAzaqk5-BsHxPNFvI.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/qggJfGBgcQKAzaqk5-BsHxPNFvI.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 01:30:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 104 (0x68)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AA08097C6060710280CDAAA4E7E06C1F13CD16F2
        Validity
            Not Before: Dec  1 01:29:54 2023 GMT
            Not After : Nov 14 01:30:03 2024 GMT
        Subject: CN=990A9CCCA2A9F40722BC52176A92454E041CE406
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:fa:2a:55:e1:b1:b6:fd:1e:58:1b:f8:51:06:
                    94:ae:2a:e2:13:89:22:d5:f3:07:b7:5b:64:5c:6b:
                    41:41:2d:0c:b8:dd:a2:44:11:e1:ac:73:b9:05:4f:
                    d5:8c:c8:07:15:5d:50:c8:2e:7b:94:02:0b:cd:0b:
                    eb:19:e1:44:3a:a1:eb:4c:1f:0e:16:16:5a:c7:3a:
                    10:e3:c9:b1:1c:ee:f0:6b:79:d9:bd:a7:a6:4a:a0:
                    44:91:c9:bc:01:99:dd:e6:c5:a4:c6:28:d2:33:be:
                    75:59:b4:84:4f:75:1d:c1:77:23:b8:e5:95:10:fb:
                    68:17:03:d7:43:88:d8:29:7b:bb:85:d2:92:e2:59:
                    bd:83:2d:c7:a2:1c:60:fd:f7:64:d9:fd:8c:a6:e8:
                    57:80:f6:3e:a0:09:43:8f:56:94:8e:6d:20:e2:85:
                    c6:fb:b2:c5:5c:ca:c7:ac:97:0f:f5:d3:06:c4:67:
                    30:55:40:8c:30:88:12:e7:91:a7:33:aa:e3:65:e0:
                    76:ca:7b:cc:1a:f0:c4:e9:ab:f3:b3:79:14:64:da:
                    c7:ca:31:bc:15:1c:12:4a:a5:3b:c1:d4:da:d2:da:
                    84:45:e0:5e:dd:17:82:90:ca:ba:6e:6c:2d:b6:6a:
                    08:cd:3d:81:5e:3e:9c:96:7b:d2:60:a4:0a:6d:15:
                    ed:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:0A:9C:CC:A2:A9:F4:07:22:BC:52:17:6A:92:45:4E:04:1C:E4:06
            X509v3 Authority Key Identifier:
                keyid:AA:08:09:7C:60:60:71:02:80:CD:AA:A4:E7:E0:6C:1F:13:CD:16:F2

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/897/qggJfGBgcQKAzaqk5-BsHxPNFvI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/qggJfGBgcQKAzaqk5-BsHxPNFvI.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/897/mQqczKKp9AcivFIXapJFTgQc5AY.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  218.40.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         69:b4:35:41:0a:7a:dc:27:5e:ba:23:a0:a2:3b:09:da:95:fa:
         26:af:d9:9d:ba:4f:5d:4e:09:c3:8d:37:04:73:1b:a0:e2:6c:
         99:2f:01:bf:7a:53:bc:01:45:51:c0:4d:45:d3:34:5d:9e:37:
         65:05:1e:56:fb:00:e4:ee:7b:30:de:55:24:ff:38:fc:46:0d:
         85:05:90:40:59:e1:fc:3c:d0:58:bb:cf:87:2b:ff:89:84:29:
         5a:f1:df:4d:ad:9c:1d:e3:e1:48:ff:76:28:f2:82:94:74:e1:
         f9:cd:82:04:a9:0f:6c:79:af:53:ed:bc:e9:b5:3d:7b:cc:a0:
         1c:dc:8e:d8:c6:11:5c:d8:66:87:5d:6a:3c:76:f7:e0:1a:32:
         d4:81:ca:5e:80:08:ac:54:89:19:e7:01:5f:5a:10:52:8e:a0:
         89:cb:20:cd:3d:19:d1:d2:f3:3c:06:72:3a:98:3f:59:49:da:
         74:de:46:37:43:91:ba:bd:56:d2:a1:fb:ca:74:83:2b:57:37:
         e6:15:ea:5e:13:93:14:2c:ec:48:7d:e8:cf:7f:74:27:6b:1c:
         15:f5:f8:e4:1a:a4:3d:0b:26:7b:ce:61:3a:93:98:25:c5:0b:
         ea:f2:3a:ed:b2:72:78:c9:89:47:45:01:6d:6c:cd:0e:0e:ac:
         3a:c5:47:dc
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBaDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhBQTA4
MDk3QzYwNjA3MTAyODBDREFBQTRFN0UwNkMxRjEzQ0QxNkYyMB4XDTIzMTIwMTAx
Mjk1NFoXDTI0MTExNDAxMzAwM1owMzExMC8GA1UEAxMoOTkwQTlDQ0NBMkE5RjQw
NzIyQkM1MjE3NkE5MjQ1NEUwNDFDRTQwNjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAK76KlXhsbb9Hlgb+FEGlK4q4hOJItXzB7dbZFxrQUEtDLjdokQR
4axzuQVP1YzIBxVdUMgue5QCC80L6xnhRDqh60wfDhYWWsc6EOPJsRzu8Gt52b2n
pkqgRJHJvAGZ3ebFpMYo0jO+dVm0hE91HcF3I7jllRD7aBcD10OI2Cl7u4XSkuJZ
vYMtx6IcYP33ZNn9jKboV4D2PqAJQ49WlI5tIOKFxvuyxVzKx6yXD/XTBsRnMFVA
jDCIEueRpzOq42Xgdsp7zBrwxOmr87N5FGTax8oxvBUcEkqlO8HU2tLahEXgXt0X
gpDKum5sLbZqCM09gV4+nJZ70mCkCm0V7TsCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBSZCpzMoqn0ByK8UhdqkkVOBBzkBjAfBgNVHSMEGDAWgBSqCAl8YGBxAoDNqqTn
4GwfE80W8jAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvODk3L3FnZ0pmR0JnY1FLQXphcWs1LUJzSHhQTkZ2SS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL3FnZ0pmR0JnY1FLQXphcWs1LUJzSHhQ
TkZ2SS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC84OTcvbVFxY3pLS3A5QWNpdkZJWGFwSkZUZ1FjNUFZLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBdoooDANBgkqhkiG9w0BAQsFAAOCAQEAabQ1QQp63CdeuiOgojsJ2pX6Jq/Z
nbpPXU4Jw403BHMboOJsmS8Bv3pTvAFFUcBNRdM0XZ43ZQUeVvsA5O57MN5VJP84
/EYNhQWQQFnh/DzQWLvPhyv/iYQpWvHfTa2cHePhSP92KPKClHTh+c2CBKkPbHmv
U+286bU9e8ygHNyO2MYRXNhmh11qPHb34Boy1IHKXoAIrFSJGecBX1oQUo6gicsg
zT0Z0dLzPAZyOpg/WUnadN5GN0ORur1W0qH7ynSDK1c35hXqXhOTFCzsSH3oz390
J2scFfX45BqkPQsme85hOpOYJcUL6vI67bJyeMmJR0UBbWzNDg6sOsVH3A==
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:01:47 2024 by rpki-client on console-fra.rpki-client.org