$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/tDA3ec85Lbs-U0Giq3XxWns9iQE.roa File: tDA3ec85Lbs-U0Giq3XxWns9iQE.roa (raw, json) Hash identifier: BIx40/dc0aVtUoBwxXjkq+xhzOqj04HR5M1LCK6KkNk= Subject key identifier: B4:30:37:79:CF:39:2D:BB:3E:53:41:A2:AB:75:F1:5A:7B:3D:89:01 Certificate issuer: /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473 Certificate serial: 0CB6 Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73 Authority info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer Subject info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/tDA3ec85Lbs-U0Giq3XxWns9iQE.roa Signing time: Tue 01 Apr 2025 02:05:45 +0000 ROA not before: Tue 01 Apr 2025 02:05:45 +0000 ROA not after: Sun 15 Mar 2026 01:30:03 +0000 asID: 9605 IP address blocks: 220.210.68.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 07:53:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3254 (0xcb6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473 Validity Not Before: Apr 1 02:05:45 2025 GMT Not After : Mar 15 01:30:03 2026 GMT Subject: CN=B4303779CF392DBB3E5341A2AB75F15A7B3D8901 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:89:ff:6c:7a:19:89:9a:33:12:19:4d:72:c1: 80:3b:9c:a1:94:94:21:db:ec:7b:a0:26:7e:fb:20: 7f:92:c9:f0:d9:ab:2b:1f:19:38:07:f0:a3:b7:f1: e5:dd:73:fb:ea:54:3a:a3:ee:25:0a:88:e9:dc:09: cb:64:39:07:ed:84:f6:6c:f2:ba:a7:0a:d4:65:aa: da:d4:10:15:de:1b:53:73:1e:44:0c:50:83:e9:cf: 56:1c:03:eb:f8:3d:3a:27:fe:5a:42:ce:7d:90:0a: ad:82:1d:a6:e7:27:c2:1d:af:da:63:69:58:78:d8: ba:1f:2e:60:d4:af:c7:7c:b6:c8:87:cc:3c:b4:88: 23:bb:da:b0:7c:f5:b6:b4:9a:de:c2:f8:e0:c5:8f: 4e:93:31:26:d3:be:5e:9f:e5:76:fb:07:25:ad:8e: 41:de:e6:56:19:32:09:f7:ed:1d:af:0a:01:90:dc: c8:29:79:80:e9:43:3c:33:10:cd:ee:e5:af:dc:81: 54:96:ad:10:a7:5f:07:b5:53:5d:64:0f:01:e5:7b: b2:e7:1e:ad:6e:58:90:fc:e6:6b:75:77:bd:f4:2b: d8:3f:74:22:eb:93:31:1c:04:1a:c8:7a:bd:df:89: b2:cc:e8:cf:ab:80:8c:6e:ab:a2:d9:8a:ec:14:04: bb:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:30:37:79:CF:39:2D:BB:3E:53:41:A2:AB:75:F1:5A:7B:3D:89:01 X509v3 Authority Key Identifier: keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl Authority Information Access: CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/tDA3ec85Lbs-U0Giq3XxWns9iQE.roa RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml sbgp-ipAddrBlock: critical IPv4: 220.210.68.0/23 Signature Algorithm: sha256WithRSAEncryption d8:28:43:c5:6a:a0:cf:d2:cc:e4:26:18:c2:78:01:ec:d2:49: c7:81:ce:25:49:0e:c1:d0:74:87:53:5c:a9:69:9d:54:f8:62: bf:77:1e:05:fd:76:37:84:27:92:b9:c3:4c:4e:b1:20:e7:6e: 1f:92:5a:cc:14:46:5c:0a:5a:2d:e4:16:11:cd:89:4d:a8:ec: 43:ed:36:52:da:bc:f2:f5:25:d7:18:22:d7:b2:6a:86:0b:b3: 5b:3d:30:49:a5:7d:be:22:67:c0:35:4b:4e:71:fc:40:4d:a8: d6:bc:36:82:de:bd:03:02:cf:e8:03:77:16:6d:42:80:04:f2: 50:e2:08:64:41:7b:1b:c9:30:7c:72:03:39:68:fb:0d:23:fa: 83:df:25:10:86:21:bc:c3:9c:bc:97:83:d1:95:b1:c4:1b:07: ba:e2:54:36:0f:0b:24:7a:85:a5:1c:9a:79:af:c6:1f:30:99: e3:d2:f2:31:79:7d:89:71:4c:1b:90:2d:ff:65:1c:2b:9a:70: 63:ae:e6:bd:85:2c:99:43:89:9f:eb:a1:f5:f7:81:3d:ce:0a: 8a:b4:20:04:5b:d4:1b:6c:50:cf:e9:47:e9:60:68:84:7d:c2: fc:c1:b8:00:3f:b9:e7:23:3d:3c:6b:db:02:29:73:86:1e:72: 1a:3c:b9:57 -----BEGIN CERTIFICATE----- MIIFCDCCA/CgAwIBAgICDLYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2 NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNTA0MDEw MjA1NDVaFw0yNjAzMTUwMTMwMDNaMDMxMTAvBgNVBAMTKEI0MzAzNzc5Q0YzOTJE QkIzRTUzNDFBMkFCNzVGMTVBN0IzRDg5MDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7if9sehmJmjMSGU1ywYA7nKGUlCHb7HugJn77IH+SyfDZqysf GTgH8KO38eXdc/vqVDqj7iUKiOncCctkOQfthPZs8rqnCtRlqtrUEBXeG1NzHkQM UIPpz1YcA+v4PTon/lpCzn2QCq2CHabnJ8Idr9pjaVh42LofLmDUr8d8tsiHzDy0 iCO72rB89ba0mt7C+ODFj06TMSbTvl6f5Xb7ByWtjkHe5lYZMgn37R2vCgGQ3Mgp eYDpQzwzEM3u5a/cgVSWrRCnXwe1U11kDwHle7LnHq1uWJD85mt1d730K9g/dCLr kzEcBBrIer3fibLM6M+rgIxuq6LZiuwUBLu1AgMBAAGjggIkMIICIDAdBgNVHQ4E FgQUtDA3ec85Lbs+U0Giq3XxWns9iQEwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B OTFBNzM4MTAwMDAvMzA5L3REQTNlYzg1TGJzLVUwR2lxM1h4V25zOWlRRS5yb2Ew RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAHc0kQwDQYJKoZIhvcNAQELBQADggEBANgoQ8VqoM/SzOQmGMJ4AezSSceB ziVJDsHQdIdTXKlpnVT4Yr93HgX9djeEJ5K5w0xOsSDnbh+SWswURlwKWi3kFhHN iU2o7EPtNlLavPL1JdcYIteyaoYLs1s9MEmlfb4iZ8A1S05x/EBNqNa8NoLevQMC z+gDdxZtQoAE8lDiCGRBexvJMHxyAzlo+w0j+oPfJRCGIbzDnLyXg9GVscQbB7ri VDYPCyR6haUcmnmvxh8wmePS8jF5fYlxTBuQLf9lHCuacGOu5r2FLJlDiZ/rofX3 gT3OCoq0IARb1BtsUM/pR+lgaIR9wvzBuAA/uecjPTxr2wIpc4Yecho8uVc= -----END CERTIFICATE-----Generated at Sat Apr 5 17:42:13 2025 by rpki-client