Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/897/yGq5lVRWyGmJp9nZCJJwq-rBikE.roa
File:                     yGq5lVRWyGmJp9nZCJJwq-rBikE.roa (raw, json)
Hash identifier:          qRxbFANqtageQgUOgwI88h5wb/nVvbi0mtXHNaHEg0E=
Subject key identifier:   C8:6A:B9:95:54:56:C8:69:89:A7:D9:D9:08:92:70:AB:EA:C1:8A:41
Certificate issuer:       /CN=AA08097C6060710280CDAAA4E7E06C1F13CD16F2
Certificate serial:       69
Authority key identifier: AA:08:09:7C:60:60:71:02:80:CD:AA:A4:E7:E0:6C:1F:13:CD:16:F2
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/qggJfGBgcQKAzaqk5-BsHxPNFvI.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/897/yGq5lVRWyGmJp9nZCJJwq-rBikE.roa
Signing time:             Fri 01 Dec 2023 01:29:55 +0000
ROA not before:           Fri 01 Dec 2023 01:29:55 +0000
ROA not after:            Thu 14 Nov 2024 01:30:03 +0000
asID:                     9621
IP address blocks:        202.81.8.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/897/qggJfGBgcQKAzaqk5-BsHxPNFvI.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/897/qggJfGBgcQKAzaqk5-BsHxPNFvI.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/qggJfGBgcQKAzaqk5-BsHxPNFvI.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 22 Jun 2024 01:30:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 105 (0x69)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AA08097C6060710280CDAAA4E7E06C1F13CD16F2
        Validity
            Not Before: Dec  1 01:29:55 2023 GMT
            Not After : Nov 14 01:30:03 2024 GMT
        Subject: CN=C86AB9955456C86989A7D9D9089270ABEAC18A41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:77:26:50:21:de:08:12:43:3b:20:2e:37:ef:
                    5c:c9:5c:0a:6d:9d:03:06:85:e6:8a:f5:af:be:86:
                    a0:d5:db:0b:54:22:77:72:f7:d1:f7:04:09:2b:1b:
                    f4:93:77:e7:8b:dd:bd:76:19:50:b4:c0:95:ed:d2:
                    b1:c2:4d:1c:c9:4f:fc:9d:a1:1a:75:45:e1:fb:68:
                    b7:29:aa:1c:8f:f0:8e:c7:36:ba:fc:91:bf:86:b7:
                    6c:bb:97:ca:0d:b2:f9:94:5b:3c:59:39:b2:0c:7e:
                    1c:33:bb:ba:e5:7d:c6:a8:60:a9:a6:2f:b9:05:07:
                    22:68:7b:54:ba:0f:46:86:5b:95:5e:20:f0:e6:a2:
                    b0:0c:29:e3:41:35:fc:76:4d:dc:73:4f:6d:9f:03:
                    42:60:d1:4f:1a:34:49:72:aa:64:0d:ff:11:c2:74:
                    21:65:87:7c:83:ed:0e:b6:12:b9:7f:d3:e9:46:23:
                    5b:e3:00:33:a3:cd:0e:89:9f:ff:af:50:cb:6b:2b:
                    7a:5b:f6:ce:7a:9f:91:37:f1:60:ee:ff:6e:df:ef:
                    6d:79:d7:9b:c3:a5:7a:e7:1f:b5:fa:7c:22:bc:d5:
                    e8:85:89:b4:2d:89:22:e9:66:bc:d4:df:42:c9:9c:
                    fb:66:1a:e7:61:22:28:80:dd:b8:3d:5e:bd:ba:ca:
                    21:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:6A:B9:95:54:56:C8:69:89:A7:D9:D9:08:92:70:AB:EA:C1:8A:41
            X509v3 Authority Key Identifier:
                keyid:AA:08:09:7C:60:60:71:02:80:CD:AA:A4:E7:E0:6C:1F:13:CD:16:F2

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/897/qggJfGBgcQKAzaqk5-BsHxPNFvI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/qggJfGBgcQKAzaqk5-BsHxPNFvI.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/897/yGq5lVRWyGmJp9nZCJJwq-rBikE.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.81.8.0/21

    Signature Algorithm: sha256WithRSAEncryption
         8a:8b:df:d6:5c:b4:db:ad:bb:39:00:52:7c:d8:92:78:20:b4:
         a9:9e:36:f3:8a:bb:6f:d0:93:a7:7a:2b:55:e9:a6:b9:56:bd:
         01:82:d3:f8:2b:67:7a:61:51:4b:d7:1e:fe:3c:6c:8b:5b:5c:
         96:a1:dd:5f:b6:22:8b:c6:cc:1d:22:bb:cb:1a:6e:46:4f:84:
         14:df:07:d5:38:92:b1:0f:45:c2:ed:b1:ea:d5:a1:ff:da:f1:
         c3:ce:e9:d9:63:3a:46:ba:3b:ce:97:69:22:fe:cf:3e:98:7d:
         d9:c2:ce:50:4c:be:af:b9:be:3b:b5:9a:a5:fa:de:04:ca:a8:
         c8:5d:c3:0c:a0:17:7e:18:e2:81:1a:49:16:1c:e0:d4:86:3b:
         0e:8f:0a:e6:2a:6d:cb:52:70:88:a8:bf:8c:b7:8c:62:be:8e:
         d3:0e:1e:87:d6:d9:4e:33:ac:9b:da:35:aa:8b:bc:4e:a3:7a:
         a3:56:c5:d8:d8:b1:84:a5:ce:e0:6d:1d:26:41:39:65:cb:27:
         3b:73:61:2d:dd:4e:aa:88:cf:39:62:18:16:8c:b3:93:1f:cf:
         a3:df:45:ad:49:4f:ae:cd:3d:e3:97:ac:d4:62:ce:1d:f1:22:
         66:01:3e:e5:6d:ef:5a:43:ef:5d:61:e6:cc:32:73:d5:02:f2:
         44:4e:3d:9b
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBaTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhBQTA4
MDk3QzYwNjA3MTAyODBDREFBQTRFN0UwNkMxRjEzQ0QxNkYyMB4XDTIzMTIwMTAx
Mjk1NVoXDTI0MTExNDAxMzAwM1owMzExMC8GA1UEAxMoQzg2QUI5OTU1NDU2Qzg2
OTg5QTdEOUQ5MDg5MjcwQUJFQUMxOEE0MTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALF3JlAh3ggSQzsgLjfvXMlcCm2dAwaF5or1r76GoNXbC1Qid3L3
0fcECSsb9JN354vdvXYZULTAle3SscJNHMlP/J2hGnVF4ftotymqHI/wjsc2uvyR
v4a3bLuXyg2y+ZRbPFk5sgx+HDO7uuV9xqhgqaYvuQUHImh7VLoPRoZblV4g8Oai
sAwp40E1/HZN3HNPbZ8DQmDRTxo0SXKqZA3/EcJ0IWWHfIPtDrYSuX/T6UYjW+MA
M6PNDomf/69Qy2srelv2znqfkTfxYO7/bt/vbXnXm8Oleucftfp8IrzV6IWJtC2J
IulmvNTfQsmc+2Ya52EiKIDduD1evbrKIZ8CAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBTIarmVVFbIaYmn2dkIknCr6sGKQTAfBgNVHSMEGDAWgBSqCAl8YGBxAoDNqqTn
4GwfE80W8jAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvODk3L3FnZ0pmR0JnY1FLQXphcWs1LUJzSHhQTkZ2SS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL3FnZ0pmR0JnY1FLQXphcWs1LUJzSHhQ
TkZ2SS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC84OTcveUdxNWxWUld5R21KcDluWkNKSndxLXJCaWtFLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEA8pRCDANBgkqhkiG9w0BAQsFAAOCAQEAiovf1ly02627OQBSfNiSeCC0qZ42
84q7b9CTp3orVemmuVa9AYLT+CtnemFRS9ce/jxsi1tclqHdX7Yii8bMHSK7yxpu
Rk+EFN8H1TiSsQ9Fwu2x6tWh/9rxw87p2WM6Rro7zpdpIv7PPph92cLOUEy+r7m+
O7WapfreBMqoyF3DDKAXfhjigRpJFhzg1IY7Do8K5ipty1JwiKi/jLeMYr6O0w4e
h9bZTjOsm9o1qou8TqN6o1bF2NixhKXO4G0dJkE5ZcsnO3NhLd1OqojPOWIYFoyz
kx/Po99FrUlPrs0945es1GLOHfEiZgE+5W3vWkPvXWHmzDJz1QLyRE49mw==
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:01:47 2024 by rpki-client on console-fra.rpki-client.org