$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/783/KHkAr1nlFF3_0BPZT_ad07kaUPQ.roa File: KHkAr1nlFF3_0BPZT_ad07kaUPQ.roa (raw, json) Hash identifier: VJXdAaIzDCwlfqLZm9rLbe5N4PczHgSTvA9SkKEakUQ= Subject key identifier: 28:79:00:AF:59:E5:14:5D:FF:D0:13:D9:4F:F6:9D:D3:B9:1A:50:F4 Certificate issuer: /CN=CB8300B20659BB951060F60B1F4BC6091AF27639 Certificate serial: 39 Authority key identifier: CB:83:00:B2:06:59:BB:95:10:60:F6:0B:1F:4B:C6:09:1A:F2:76:39 Authority info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/y4MAsgZZu5UQYPYLH0vGCRrydjk.cer Subject info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/783/KHkAr1nlFF3_0BPZT_ad07kaUPQ.roa Signing time: Fri 15 Sep 2023 06:50:49 +0000 ROA not before: Fri 15 Sep 2023 06:50:49 +0000 ROA not after: Sat 14 Sep 2024 01:30:03 +0000 asID: 18144 IP address blocks: 220.210.224.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/783/y4MAsgZZu5UQYPYLH0vGCRrydjk.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/783/y4MAsgZZu5UQYPYLH0vGCRrydjk.mft rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/y4MAsgZZu5UQYPYLH0vGCRrydjk.cer rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 30 Jun 2024 06:27:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57 (0x39) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CB8300B20659BB951060F60B1F4BC6091AF27639 Validity Not Before: Sep 15 06:50:49 2023 GMT Not After : Sep 14 01:30:03 2024 GMT Subject: CN=287900AF59E5145DFFD013D94FF69DD3B91A50F4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:1c:5e:8a:74:98:b2:c3:9f:9e:8a:9f:3b:c0: cc:10:40:aa:4e:36:16:0f:1b:21:c8:ee:ca:be:2d: 6b:1e:d0:6f:bc:a4:73:6c:06:52:91:60:fe:de:93: f4:64:50:f5:ba:92:0d:fb:e8:24:2b:b7:a2:ad:89: 9d:ae:a3:fe:d8:33:95:11:f5:c6:ac:e3:52:22:ad: e9:5c:b5:52:2e:ce:eb:44:12:39:e4:30:f9:1d:f5: a2:9f:b3:46:50:b7:5a:ce:e6:f3:d2:a7:1f:de:4e: 1c:f5:f1:43:e8:0b:54:71:a9:a7:6c:7b:95:74:0b: 50:ab:5e:d8:46:72:e5:a3:33:f1:f1:de:d2:4f:99: 5e:e1:95:6a:8b:ee:d9:47:c2:9e:57:af:03:9b:56: 03:a4:b1:bd:14:a3:d5:c6:9d:a9:cc:7b:bc:e3:16: 6b:d0:27:f4:2c:cf:46:b9:38:37:e6:0b:e2:34:52: c7:57:9f:27:5e:83:4b:3a:c9:5a:a7:ca:70:88:14: 3a:cb:7c:dc:ae:91:3d:c9:ee:50:31:cf:e0:9f:50: 65:bc:c4:7e:78:2e:fb:7e:72:3b:cc:50:99:15:39: 0d:51:50:76:a0:c1:f9:c8:06:a2:45:46:b2:94:6a: 90:c2:27:d9:a7:4f:04:1d:f6:d5:20:55:41:93:11: db:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:79:00:AF:59:E5:14:5D:FF:D0:13:D9:4F:F6:9D:D3:B9:1A:50:F4 X509v3 Authority Key Identifier: keyid:CB:83:00:B2:06:59:BB:95:10:60:F6:0B:1F:4B:C6:09:1A:F2:76:39 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/783/y4MAsgZZu5UQYPYLH0vGCRrydjk.crl Authority Information Access: CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/y4MAsgZZu5UQYPYLH0vGCRrydjk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/783/KHkAr1nlFF3_0BPZT_ad07kaUPQ.roa RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml sbgp-ipAddrBlock: critical IPv4: 220.210.224.0/19 Signature Algorithm: sha256WithRSAEncryption a4:ca:5e:1a:b3:9a:0d:ca:40:13:67:18:4b:74:de:b3:65:4a: 05:04:37:0f:ef:54:59:97:c6:3a:68:6e:5f:3a:b1:2b:39:ac: 71:8a:db:d1:63:b7:d3:7d:5c:03:41:d1:99:77:e8:a4:21:22: a5:e4:59:92:87:1c:99:66:07:ca:62:cb:4e:b7:5f:da:29:ca: b4:a4:38:10:f2:32:53:29:fa:f4:1e:cb:2e:49:2e:db:71:b4: d3:c5:c9:3d:af:c7:20:9a:74:a3:f7:35:2f:97:84:53:53:e2: f0:b2:01:e7:06:00:f7:6a:e4:35:4b:01:d1:38:60:54:9b:e6: 6b:93:63:57:30:52:76:e5:69:51:f6:70:8c:b4:94:a9:32:6c: dc:ff:3a:72:8d:69:dc:ae:7e:c4:34:fa:5a:8a:61:33:f7:fc: 17:39:d7:03:f9:d6:52:88:d9:4f:53:31:1d:eb:6e:35:14:39: 06:0a:26:9c:77:23:36:12:c4:3c:2b:4c:91:ec:76:92:c9:bd: 93:21:3a:ca:69:2f:8b:f8:90:aa:3f:76:5e:18:7d:b7:d8:07: 02:c3:ba:30:99:18:18:47:24:e7:12:5d:97:d7:90:18:63:ad: de:d6:3d:91:80:6d:22:dd:7d:18:dc:70:11:b0:28:31:2f:2a: 1b:03:57:9c -----BEGIN CERTIFICATE----- MIIFBzCCA++gAwIBAgIBOTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhDQjgz MDBCMjA2NTlCQjk1MTA2MEY2MEIxRjRCQzYwOTFBRjI3NjM5MB4XDTIzMDkxNTA2 NTA0OVoXDTI0MDkxNDAxMzAwM1owMzExMC8GA1UEAxMoMjg3OTAwQUY1OUU1MTQ1 REZGRDAxM0Q5NEZGNjlERDNCOTFBNTBGNDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAL4cXop0mLLDn56KnzvAzBBAqk42Fg8bIcjuyr4tax7Qb7ykc2wG UpFg/t6T9GRQ9bqSDfvoJCu3oq2Jna6j/tgzlRH1xqzjUiKt6Vy1Ui7O60QSOeQw +R31op+zRlC3Ws7m89KnH95OHPXxQ+gLVHGpp2x7lXQLUKte2EZy5aMz8fHe0k+Z XuGVaovu2UfCnlevA5tWA6SxvRSj1cadqcx7vOMWa9An9CzPRrk4N+YL4jRSx1ef J16DSzrJWqfKcIgUOst83K6RPcnuUDHP4J9QZbzEfngu+35yO8xQmRU5DVFQdqDB +cgGokVGspRqkMIn2adPBB321SBVQZMR22cCAwEAAaOCAiQwggIgMB0GA1UdDgQW BBQoeQCvWeUUXf/QE9lP9p3TuRpQ9DAfBgNVHSMEGDAWgBTLgwCyBlm7lRBg9gsf S8YJGvJ2OTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4 MTAwMDAvNzgzL3k0TUFzZ1padTVVUVlQWUxIMHZHQ1JyeWRqay5jcmwwbQYIKwYB BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL3k0TUFzZ1padTVVUVlQWUxIMHZHQ1Jy eWRqay5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5 MUE3MzgxMDAwMC83ODMvS0hrQXIxbmxGRjNfMEJQWlRfYWQwN2thVVBRLnJvYTBG BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBdzS4DANBgkqhkiG9w0BAQsFAAOCAQEApMpeGrOaDcpAE2cYS3Tes2VKBQQ3 D+9UWZfGOmhuXzqxKzmscYrb0WO3031cA0HRmXfopCEipeRZkoccmWYHymLLTrdf 2inKtKQ4EPIyUyn69B7LLkku23G008XJPa/HIJp0o/c1L5eEU1Pi8LIB5wYA92rk NUsB0ThgVJvma5NjVzBSduVpUfZwjLSUqTJs3P86co1p3K5+xDT6WophM/f8FznX A/nWUojZT1MxHetuNRQ5BgomnHcjNhLEPCtMkex2ksm9kyE6ymkvi/iQqj92Xhh9 t9gHAsO6MJkYGEck5xJdl9eQGGOt3tY9kYBtIt19GNxwEbAoMS8qGwNXnA== -----END CERTIFICATE-----Generated at Tue Jun 25 00:53:01 2024 by rpki-client on console-ams.rpki-client.org