$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/3Bk0i5ZZWAbxIdQeSyXpWysWo1w.roa File: 3Bk0i5ZZWAbxIdQeSyXpWysWo1w.roa (raw, json) Hash identifier: FsX0UoKbXtIiqEqc4xEr31PT7Dmqmyyrk5rr5+Q4FbM= Subject key identifier: DC:19:34:8B:96:59:58:06:F1:21:D4:1E:4B:25:E9:5B:2B:16:A3:5C Certificate issuer: /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473 Certificate serial: 0BA8 Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73 Authority info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer Subject info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/3Bk0i5ZZWAbxIdQeSyXpWysWo1w.roa Signing time: Tue 01 Apr 2025 01:39:56 +0000 ROA not before: Tue 01 Apr 2025 01:39:56 +0000 ROA not after: Sun 15 Mar 2026 01:30:03 +0000 asID: 9605 IP address blocks: 49.96.4.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 07:53:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2984 (0xba8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473 Validity Not Before: Apr 1 01:39:56 2025 GMT Not After : Mar 15 01:30:03 2026 GMT Subject: CN=DC19348B96595806F121D41E4B25E95B2B16A35C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:fb:85:11:35:9a:79:e5:f0:1b:f3:ca:ee:28: e3:f8:cc:21:a8:1c:fe:f4:40:c7:27:35:ae:df:66: bd:02:77:bb:f8:22:73:c9:33:98:8c:d6:74:ff:36: f4:d1:be:64:d4:75:d7:e0:bd:b2:6b:13:21:2b:04: 32:fa:ee:58:8b:7a:d0:f5:3b:28:f9:fa:a8:77:eb: d1:5b:5f:c1:b9:ac:09:44:e7:40:0a:e8:c7:96:ce: 50:cf:ff:77:36:e0:b5:d4:2e:72:8c:fc:a7:3f:94: 75:b4:80:01:76:26:7a:14:45:c0:46:8a:62:61:fd: e1:5d:bd:3c:84:71:41:fc:ba:61:9d:7c:b8:bb:f6: 91:64:07:ed:4e:e4:37:d4:04:66:44:c1:97:62:f2: d1:78:ef:25:2a:f1:08:7d:b6:fb:77:96:04:35:8b: 3c:77:e4:51:2c:2d:32:87:8b:0d:45:9d:bb:70:e8: ca:fa:6f:1a:63:c0:43:51:3c:1c:37:14:30:e0:80: 1c:2a:18:ab:15:2e:97:76:98:33:aa:43:ad:dc:dc: 36:e8:fb:e8:c4:6f:fb:92:a0:d2:60:71:fd:3b:2f: 05:72:6a:c4:c0:52:54:d9:4c:24:19:b5:79:35:47: 0b:8b:6e:dd:54:16:7e:b1:25:a1:0a:ae:02:b6:04: 35:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:19:34:8B:96:59:58:06:F1:21:D4:1E:4B:25:E9:5B:2B:16:A3:5C X509v3 Authority Key Identifier: keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl Authority Information Access: CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/3Bk0i5ZZWAbxIdQeSyXpWysWo1w.roa RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml sbgp-ipAddrBlock: critical IPv4: 49.96.4.0/23 Signature Algorithm: sha256WithRSAEncryption 41:ec:ea:b6:2c:ed:59:b0:50:37:6e:6d:da:b7:78:a1:99:ab: 81:cc:14:c0:40:60:62:d2:eb:3e:4f:a8:a1:11:e9:81:9a:2d: 3b:0e:51:dc:ca:99:f5:72:0a:ca:50:b7:26:e3:e1:d4:13:b1: 11:6a:96:11:5d:f4:e1:b3:a7:d6:96:6c:3a:74:5f:f1:71:67: f6:67:5f:f6:f0:c1:29:1f:04:66:47:3d:b3:24:36:74:a4:cc: 76:9a:19:8f:9c:87:af:cd:c2:d0:81:09:2f:99:ee:e6:70:8b: eb:4b:cb:da:f2:9e:a8:9a:bb:41:7f:54:fd:e5:56:cf:e3:b7: 84:6a:c2:9e:30:22:b9:ed:30:79:d4:38:d0:a6:6d:04:0d:25: 97:85:dd:c3:9f:28:a9:9d:a0:b8:80:bc:73:e0:9b:ff:96:a0: e7:75:1e:15:c1:63:e3:00:d0:ca:65:61:6e:5a:bd:a9:eb:f8: 11:fe:27:ca:f2:dc:d3:39:07:2a:5e:df:78:8d:4e:a6:3c:ae: ae:c1:0d:81:b1:5f:9e:1f:0e:8a:12:50:fb:e7:1e:ac:b2:b9: 0d:7b:d9:b4:9a:66:c9:07:4f:c3:97:a8:33:d0:9d:95:10:38: 30:ac:a8:ef:db:93:f2:5e:76:d0:f3:67:9e:5f:ca:f2:b9:dd: 01:4a:7d:47 -----BEGIN CERTIFICATE----- MIIFCDCCA/CgAwIBAgICC6gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2 NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNTA0MDEw MTM5NTZaFw0yNjAzMTUwMTMwMDNaMDMxMTAvBgNVBAMTKERDMTkzNDhCOTY1OTU4 MDZGMTIxRDQxRTRCMjVFOTVCMkIxNkEzNUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDK+4URNZp55fAb88ruKOP4zCGoHP70QMcnNa7fZr0Cd7v4InPJ M5iM1nT/NvTRvmTUddfgvbJrEyErBDL67liLetD1Oyj5+qh369FbX8G5rAlE50AK 6MeWzlDP/3c24LXULnKM/Kc/lHW0gAF2JnoURcBGimJh/eFdvTyEcUH8umGdfLi7 9pFkB+1O5DfUBGZEwZdi8tF47yUq8Qh9tvt3lgQ1izx35FEsLTKHiw1Fnbtw6Mr6 bxpjwENRPBw3FDDggBwqGKsVLpd2mDOqQ63c3Dbo++jEb/uSoNJgcf07LwVyasTA UlTZTCQZtXk1RwuLbt1UFn6xJaEKrgK2BDURAgMBAAGjggIkMIICIDAdBgNVHQ4E FgQU3Bk0i5ZZWAbxIdQeSyXpWysWo1wwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B OTFBNzM4MTAwMDAvMzA5LzNCazBpNVpaV0FieElkUWVTeVhwV3lzV28xdy5yb2Ew RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAExYAQwDQYJKoZIhvcNAQELBQADggEBAEHs6rYs7VmwUDdubdq3eKGZq4HM FMBAYGLS6z5PqKER6YGaLTsOUdzKmfVyCspQtybj4dQTsRFqlhFd9OGzp9aWbDp0 X/FxZ/ZnX/bwwSkfBGZHPbMkNnSkzHaaGY+ch6/NwtCBCS+Z7uZwi+tLy9rynqia u0F/VP3lVs/jt4Rqwp4wIrntMHnUONCmbQQNJZeF3cOfKKmdoLiAvHPgm/+WoOd1 HhXBY+MA0MplYW5avanr+BH+J8ry3NM5Bype33iNTqY8rq7BDYGxX54fDooSUPvn HqyyuQ172bSaZskHT8OXqDPQnZUQODCsqO/bk/JedtDzZ55fyvK53QFKfUc= -----END CERTIFICATE-----Generated at Sat Apr 5 17:48:32 2025 by rpki-client