$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/iy70QTMljch_73UbgpRE3UvHokQ.roa File: iy70QTMljch_73UbgpRE3UvHokQ.roa (raw, json) Hash identifier: INNmeeh+chiBRbB2+lAOSzaKpDU1I+TVBjR+ysvd35g= Subject key identifier: 8B:2E:F4:41:33:25:8D:C8:7F:EF:75:1B:82:94:44:DD:4B:C7:A2:44 Certificate issuer: /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473 Certificate serial: 0DDA Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73 Authority info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer Subject info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/iy70QTMljch_73UbgpRE3UvHokQ.roa Signing time: Tue 01 Apr 2025 02:27:26 +0000 ROA not before: Tue 01 Apr 2025 02:27:26 +0000 ROA not after: Sun 15 Mar 2026 01:30:03 +0000 asID: 9605 IP address blocks: 49.98.72.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 07:53:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3546 (0xdda) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473 Validity Not Before: Apr 1 02:27:26 2025 GMT Not After : Mar 15 01:30:03 2026 GMT Subject: CN=8B2EF44133258DC87FEF751B829444DD4BC7A244 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:81:ea:6e:06:de:59:62:76:1c:d4:95:41:79: 86:f7:99:ee:53:f8:27:8e:71:e1:4d:ff:40:44:40: 33:ad:e9:c0:ef:9c:34:6a:28:45:6d:f6:65:60:ee: 79:3e:35:67:d4:7c:9d:0c:28:70:31:ce:d2:96:b7: 22:34:9d:b5:1e:28:e8:91:3c:3c:f0:46:dc:4f:f2: 91:86:bf:a4:18:37:1d:6f:2c:b1:50:ad:c9:6f:cd: 3e:5c:25:9f:d1:b2:d9:68:90:59:aa:1d:b3:6c:e1: c5:fe:5a:c9:09:9c:50:cc:1e:3d:bf:4d:c2:f2:4f: 06:94:a7:b9:6a:28:0b:db:43:44:8c:f0:c2:36:77: 06:48:5a:e7:b7:37:e1:78:51:d5:24:01:e3:ad:0f: 4e:f7:96:a2:08:11:48:7d:71:2e:52:af:eb:41:5d: ea:8d:21:dd:3c:7d:3b:b4:75:f9:0a:8a:5a:8d:7d: 13:83:23:51:e4:f4:14:5c:3f:47:ac:0c:30:64:7e: 1d:1f:91:23:88:a7:83:0f:43:26:ca:a2:68:9a:8d: 16:6f:4f:6d:e3:32:c9:98:da:49:3e:2f:9b:d2:3b: 19:c9:0c:ef:26:e4:3e:e7:3f:9b:8b:52:35:05:5d: d7:d4:2d:3f:29:8c:8b:70:a1:e0:60:4d:6e:81:39: fb:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:2E:F4:41:33:25:8D:C8:7F:EF:75:1B:82:94:44:DD:4B:C7:A2:44 X509v3 Authority Key Identifier: keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl Authority Information Access: CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/iy70QTMljch_73UbgpRE3UvHokQ.roa RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml sbgp-ipAddrBlock: critical IPv4: 49.98.72.0/22 Signature Algorithm: sha256WithRSAEncryption 72:c8:0b:1b:c6:74:c0:04:ca:66:8e:69:3e:a3:ec:c0:0d:b7: 8d:b6:6a:72:44:4b:37:07:fb:05:b4:f9:15:b1:c0:72:24:48: 28:7a:bf:fb:9d:fd:2c:ad:f6:ce:0b:df:9a:b9:e4:51:8e:71: 1e:4b:14:ed:54:ca:ae:69:21:1b:02:fc:02:a5:f5:24:4b:d5: 02:78:7e:db:d9:20:3d:96:c5:87:57:1c:a1:7c:44:0c:35:f6: c7:31:78:4c:f3:63:a6:3d:78:94:42:ee:64:3d:c9:da:75:4a: 33:81:73:40:ea:27:49:77:15:c0:95:53:57:fb:53:6b:cd:02: 7a:84:d4:10:e3:e4:ac:b6:79:ab:e9:a3:6a:c6:84:ef:09:ce: b5:62:0b:d7:78:8c:23:0e:2c:ba:7a:62:de:34:b9:39:96:e4: 6d:b8:40:45:1f:d2:4d:96:71:4e:7f:20:cc:98:51:da:57:1d: 1d:d0:7a:35:6e:3a:8f:85:68:61:74:44:df:7c:c3:6e:a4:7f: 03:c5:8b:14:44:ff:ce:94:03:9e:2b:0d:11:5e:da:cf:9d:2e: da:3e:2e:b2:29:50:5d:ae:89:52:95:0e:1c:8a:5a:7e:ff:78: f9:01:44:98:0e:91:49:10:84:1b:55:39:d4:cc:fb:a6:90:02: a0:d3:64:a0 -----BEGIN CERTIFICATE----- MIIFCDCCA/CgAwIBAgICDdowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2 NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNTA0MDEw MjI3MjZaFw0yNjAzMTUwMTMwMDNaMDMxMTAvBgNVBAMTKDhCMkVGNDQxMzMyNThE Qzg3RkVGNzUxQjgyOTQ0NERENEJDN0EyNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9gepuBt5ZYnYc1JVBeYb3me5T+CeOceFN/0BEQDOt6cDvnDRq KEVt9mVg7nk+NWfUfJ0MKHAxztKWtyI0nbUeKOiRPDzwRtxP8pGGv6QYNx1vLLFQ rclvzT5cJZ/RstlokFmqHbNs4cX+WskJnFDMHj2/TcLyTwaUp7lqKAvbQ0SM8MI2 dwZIWue3N+F4UdUkAeOtD073lqIIEUh9cS5Sr+tBXeqNId08fTu0dfkKilqNfROD I1Hk9BRcP0esDDBkfh0fkSOIp4MPQybKomiajRZvT23jMsmY2kk+L5vSOxnJDO8m 5D7nP5uLUjUFXdfULT8pjItwoeBgTW6BOfshAgMBAAGjggIkMIICIDAdBgNVHQ4E FgQUiy70QTMljch/73UbgpRE3UvHokQwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B OTFBNzM4MTAwMDAvMzA5L2l5NzBRVE1samNoXzczVWJncFJFM1V2SG9rUS5yb2Ew RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAIxYkgwDQYJKoZIhvcNAQELBQADggEBAHLICxvGdMAEymaOaT6j7MANt422 anJESzcH+wW0+RWxwHIkSCh6v/ud/Syt9s4L35q55FGOcR5LFO1Uyq5pIRsC/AKl 9SRL1QJ4ftvZID2WxYdXHKF8RAw19scxeEzzY6Y9eJRC7mQ9ydp1SjOBc0DqJ0l3 FcCVU1f7U2vNAnqE1BDj5Ky2eavpo2rGhO8JzrViC9d4jCMOLLp6Yt40uTmW5G24 QEUf0k2WcU5/IMyYUdpXHR3QejVuOo+FaGF0RN98w26kfwPFixRE/86UA54rDRFe 2s+dLto+LrIpUF2uiVKVDhyKWn7/ePkBRJgOkUkQhBtVOdTM+6aQAqDTZKA= -----END CERTIFICATE-----Generated at Sat Apr 5 17:35:23 2025 by rpki-client