$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/hS0p3LK6QkqRO4tFwwKrtE8ITNM.roa File: hS0p3LK6QkqRO4tFwwKrtE8ITNM.roa (raw, json) Hash identifier: NR+ElIQFCCdJOKnE2WC8gSaoiJ5AVtldEI9nNh5CEIY= Subject key identifier: 85:2D:29:DC:B2:BA:42:4A:91:3B:8B:45:C3:02:AB:B4:4F:08:4C:D3 Certificate issuer: /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473 Certificate serial: 0C96 Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73 Authority info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer Subject info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/hS0p3LK6QkqRO4tFwwKrtE8ITNM.roa Signing time: Tue 01 Apr 2025 02:03:24 +0000 ROA not before: Tue 01 Apr 2025 02:03:24 +0000 ROA not after: Sun 15 Mar 2026 01:30:03 +0000 asID: 9605 IP address blocks: 49.96.36.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 07:53:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3222 (0xc96) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473 Validity Not Before: Apr 1 02:03:24 2025 GMT Not After : Mar 15 01:30:03 2026 GMT Subject: CN=852D29DCB2BA424A913B8B45C302ABB44F084CD3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:6c:92:07:21:d6:1b:e9:9c:71:6d:ad:6c:a7: 40:fb:f4:c2:e0:d9:58:17:4d:b2:4a:c7:3d:4d:f4: 64:93:c8:cb:41:2c:b4:75:19:f1:63:d7:a3:91:2c: 3b:45:a8:2d:45:c2:ef:36:89:95:d4:59:fa:e3:35: 63:68:18:d4:10:d9:fd:f4:bf:1c:6a:e6:31:37:ff: c7:48:b1:1b:14:51:f0:d9:75:00:37:68:99:58:c0: 33:96:29:21:e6:a4:b1:f8:86:f3:fe:00:ce:db:51: 28:7c:d7:73:63:a8:3d:78:be:5d:9b:6e:7e:80:9f: 6e:f9:4f:c4:65:f4:13:cd:c0:6e:90:79:e2:25:19: bb:6c:14:dd:b5:ce:64:4f:20:04:80:fc:f2:2c:d1: 59:9a:28:cd:cb:9d:8b:5b:b0:98:52:c4:a2:3c:0c: a8:dc:e4:f0:97:66:39:12:76:b7:5a:82:fa:89:82: 05:bd:14:e8:c9:00:7d:e9:01:86:97:ab:3c:12:7d: b7:ec:c8:05:d8:72:27:92:ad:b8:d4:d3:59:c0:da: ec:19:75:f6:d0:fc:7a:0b:5b:c9:24:99:21:e4:c9: e2:a7:0b:6c:a5:83:2a:8e:c9:4e:a3:53:c4:e9:2c: 2e:25:01:63:3a:b4:d9:c2:ad:d7:2d:ac:f2:a2:19: df:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:2D:29:DC:B2:BA:42:4A:91:3B:8B:45:C3:02:AB:B4:4F:08:4C:D3 X509v3 Authority Key Identifier: keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl Authority Information Access: CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/hS0p3LK6QkqRO4tFwwKrtE8ITNM.roa RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml sbgp-ipAddrBlock: critical IPv4: 49.96.36.0/22 Signature Algorithm: sha256WithRSAEncryption 0f:c4:b0:39:62:7d:5c:9e:1a:56:f9:9c:c0:df:d5:17:5f:30: d8:66:6d:54:6d:8d:28:0b:64:b3:7f:96:ce:32:17:dc:d9:67: c7:9e:17:db:06:bd:45:ff:20:fd:24:c8:6a:3b:5a:7a:4e:27: 84:e1:2f:9d:13:5d:4c:7e:82:be:6b:85:57:55:eb:6c:af:5e: 46:74:f6:ce:53:fe:9b:f5:db:b3:80:d1:1d:34:1f:2a:6c:84: 0c:c7:7b:09:ec:8e:73:96:37:b7:27:03:99:7d:3a:8b:b3:9a: 65:0f:3f:ae:16:a9:b0:23:9f:d9:06:04:30:1d:e0:f4:2e:68: d7:f7:fb:32:65:d9:f0:09:65:08:70:04:e3:19:f2:af:94:d8: b9:07:68:3b:f9:0a:11:79:df:c1:f2:59:ed:eb:ce:0a:02:1c: c9:d4:20:c9:b6:db:88:4b:73:8f:41:a9:37:9c:5c:b1:14:96: 81:13:42:a0:10:35:c0:16:a4:7e:a4:6e:72:e6:30:70:f2:5b: 1d:af:cf:60:0e:b8:20:b5:36:4a:18:38:e0:da:23:aa:77:9b: 8e:84:b1:91:e2:24:9c:bb:3f:95:5e:86:f8:bf:fb:bc:ae:90: a0:f7:1c:ca:64:d0:b6:28:0b:06:32:28:66:b9:db:78:4a:6f: 3b:c7:c4:b6 -----BEGIN CERTIFICATE----- MIIFCDCCA/CgAwIBAgICDJYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2 NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNTA0MDEw MjAzMjRaFw0yNjAzMTUwMTMwMDNaMDMxMTAvBgNVBAMTKDg1MkQyOURDQjJCQTQy NEE5MTNCOEI0NUMzMDJBQkI0NEYwODRDRDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC2bJIHIdYb6Zxxba1sp0D79MLg2VgXTbJKxz1N9GSTyMtBLLR1 GfFj16ORLDtFqC1Fwu82iZXUWfrjNWNoGNQQ2f30vxxq5jE3/8dIsRsUUfDZdQA3 aJlYwDOWKSHmpLH4hvP+AM7bUSh813NjqD14vl2bbn6An275T8Rl9BPNwG6QeeIl GbtsFN21zmRPIASA/PIs0VmaKM3LnYtbsJhSxKI8DKjc5PCXZjkSdrdagvqJggW9 FOjJAH3pAYaXqzwSfbfsyAXYcieSrbjU01nA2uwZdfbQ/HoLW8kkmSHkyeKnC2yl gyqOyU6jU8TpLC4lAWM6tNnCrdctrPKiGd9bAgMBAAGjggIkMIICIDAdBgNVHQ4E FgQUhS0p3LK6QkqRO4tFwwKrtE8ITNMwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B OTFBNzM4MTAwMDAvMzA5L2hTMHAzTEs2UWtxUk80dEZ3d0tydEU4SVROTS5yb2Ew RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAIxYCQwDQYJKoZIhvcNAQELBQADggEBAA/EsDlifVyeGlb5nMDf1RdfMNhm bVRtjSgLZLN/ls4yF9zZZ8eeF9sGvUX/IP0kyGo7WnpOJ4ThL50TXUx+gr5rhVdV 62yvXkZ09s5T/pv127OA0R00HypshAzHewnsjnOWN7cnA5l9OouzmmUPP64WqbAj n9kGBDAd4PQuaNf3+zJl2fAJZQhwBOMZ8q+U2LkHaDv5ChF538HyWe3rzgoCHMnU IMm224hLc49BqTecXLEUloETQqAQNcAWpH6kbnLmMHDyWx2vz2AOuCC1NkoYOODa I6p3m46EsZHiJJy7P5Vehvi/+7yukKD3HMpk0LYoCwYyKGa523hKbzvHxLY= -----END CERTIFICATE-----Generated at Sat Apr 5 17:35:21 2025 by rpki-client