$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/KQWj7o-cNhq9lxsMqXJt-Dz6a_g.cer File: KQWj7o-cNhq9lxsMqXJt-Dz6a_g.cer (raw, json) Hash identifier: PoDYUjzh+819euj2IBiH8LpH5AliOiyUY70dCB6n2s8= Subject key identifier: 29:05:A3:EE:8F:9C:36:1A:BD:97:1B:0C:A9:72:6D:F8:3C:FA:6B:F8 Authority key identifier: BA:44:12:B3:5F:5A:8A:71:47:BF:C6:67:B5:9B:52:0D:AA:C7:DA:8F Certificate issuer: /CN=A91A73810000/serialNumber=BA4412B35F5A8A7147BFC667B59B520DAAC7DA8F Certificate serial: 53A5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer Manifest: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30016/KQWj7o-cNhq9lxsMqXJt-Dz6a_g.mft caRepository: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30016/ Notify URL: https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml Certificate not before: Tue 15 Jul 2025 01:40:52 +0000 Certificate not after: Wed 15 Jul 2026 01:30:01 +0000 Subordinate resources: IP: 2001:240::/32 IP: 2001:300::/32 Validation: OK Signature path: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 14:50:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21413 (0x53a5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A73810000, serialNumber=BA4412B35F5A8A7147BFC667B59B520DAAC7DA8F Validity Not Before: Jul 15 01:40:52 2025 GMT Not After : Jul 15 01:30:01 2026 GMT Subject: CN=2905A3EE8F9C361ABD971B0CA9726DF83CFA6BF8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:af:77:a9:da:3a:c4:f9:6e:b7:22:96:4e:90: 4d:98:c1:a0:94:8a:12:f7:0f:72:dd:d1:d9:79:ce: a9:63:ee:7a:11:2b:10:98:a9:2b:b0:ab:32:04:cd: 93:92:d0:fc:cd:66:21:40:e6:4e:5b:97:9e:0f:eb: 00:5a:89:4e:a5:1e:7d:cc:48:ea:8a:15:19:d8:21: 48:79:6d:10:19:2d:6a:54:1b:b9:73:42:95:23:f5: a8:f0:58:b5:b9:be:24:2b:e1:d4:6c:9c:3f:29:db: 78:f9:63:dc:46:6d:ad:8f:ec:a8:9b:c2:7d:2a:4a: 40:b5:ba:70:5f:47:8f:17:15:c9:68:cb:dc:87:4e: a1:f6:b7:04:8f:68:5e:b5:40:08:60:bb:e9:13:3d: d2:d4:1b:c5:2d:aa:16:56:dd:bb:ec:83:1c:9f:3f: 07:ba:61:4b:af:05:00:71:62:bb:d0:28:af:98:5f: 32:55:8f:86:97:0c:3a:d1:2b:0d:bf:e8:79:93:5e: ca:71:92:1f:e5:31:d4:60:b0:03:52:9f:69:ca:92: 03:6d:85:66:dd:18:5c:d8:34:ac:ac:3e:ae:1e:1f: 58:67:ea:71:b9:c2:99:0e:73:b5:c6:56:e4:b2:88: 9e:cf:c6:59:af:a5:c7:e8:fb:df:78:de:d0:63:68: 8f:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:05:A3:EE:8F:9C:36:1A:BD:97:1B:0C:A9:72:6D:F8:3C:FA:6B:F8 X509v3 Authority Key Identifier: keyid:BA:44:12:B3:5F:5A:8A:71:47:BF:C6:67:B5:9B:52:0D:AA:C7:DA:8F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30016/ RPKI Manifest - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30016/KQWj7o-cNhq9lxsMqXJt-Dz6a_g.mft RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:240::/32 2001:300::/32 Signature Algorithm: sha256WithRSAEncryption 0a:e9:44:51:8c:77:d4:b9:8b:55:f2:2a:94:0a:a0:46:39:44: 5c:bd:98:a8:2f:49:b0:9c:a0:b3:f6:08:64:96:bd:34:fc:2c: fb:be:7b:58:68:e2:d6:c1:70:c8:ff:b7:08:e5:ab:ff:2b:20: 85:e9:78:49:62:29:8b:0d:34:6e:24:ff:ce:00:6e:b4:cd:7c: 47:5f:9f:3b:3a:43:33:c1:b9:0b:d7:57:dd:e2:26:fe:76:12: 0b:2d:3b:ee:7d:43:ff:84:82:56:d2:b1:49:c6:ff:32:2c:b1: 2d:c8:48:5e:1e:f0:d6:9a:c9:78:35:ed:1d:4c:09:0d:54:ce: 95:5b:d3:e5:20:0b:dd:9d:a7:47:a1:bd:e6:19:ff:97:23:d7: a7:be:fa:fb:0c:2b:5e:bc:cb:d1:3a:d0:56:e2:2c:5f:45:96: 5f:8a:01:ca:b0:c4:37:56:6e:28:1a:d7:89:20:f8:f4:f6:89: 17:f2:4d:58:1c:75:a9:fe:bb:c4:9b:3b:00:56:26:e1:a3:10: 0e:75:7d:46:6d:67:4b:05:f3:4f:9f:3c:4c:4f:93:ed:d7:d8: 74:e0:26:49:c2:4c:2d:a8:e2:14:73:13:b5:bd:9b:23:19:15: 13:b6:6d:9d:53:cf:0e:79:57:75:05:44:c0:96:a3:10:c1:fd: c7:e4:81:db -----BEGIN CERTIFICATE----- MIIFjjCCBHagAwIBAgICU6UwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx QTczODEwMDAwMTEwLwYDVQQFEyhCQTQ0MTJCMzVGNUE4QTcxNDdCRkM2NjdCNTlC NTIwREFBQzdEQThGMB4XDTI1MDcxNTAxNDA1MloXDTI2MDcxNTAxMzAwMVowMzEx MC8GA1UEAxMoMjkwNUEzRUU4RjlDMzYxQUJEOTcxQjBDQTk3MjZERjgzQ0ZBNkJG ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMevd6naOsT5brcilk6Q TZjBoJSKEvcPct3R2XnOqWPuehErEJipK7CrMgTNk5LQ/M1mIUDmTluXng/rAFqJ TqUefcxI6ooVGdghSHltEBktalQbuXNClSP1qPBYtbm+JCvh1GycPynbePlj3EZt rY/sqJvCfSpKQLW6cF9HjxcVyWjL3IdOofa3BI9oXrVACGC76RM90tQbxS2qFlbd u+yDHJ8/B7phS68FAHFiu9Aor5hfMlWPhpcMOtErDb/oeZNeynGSH+Ux1GCwA1Kf acqSA22FZt0YXNg0rKw+rh4fWGfqcbnCmQ5ztcZW5LKIns/GWa+lx+j733je0GNo j+MCAwEAAaOCApMwggKPMB0GA1UdDgQWBBQpBaPuj5w2Gr2XGwypcm34PPpr+DAf BgNVHSMEGDAWgBS6RBKzX1qKcUe/xme1m1INqsfajzAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMGIGA1UdHwRbMFkwV6BVoFOGUXJzeW5jOi8vcnBraS1yZXBvc2l0 b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvdWtRU3MxOWFpbkZIdjhabnRa dFNEYXJIMm84LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5j Oi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0 NjhGN0M3MkZEMUZGMi91a1FTczE5YWluRkh2OFpudFp0U0RhckgybzguY2VyMA8G A1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMIIBAwYIKwYBBQUHAQsEgfYw gfMwRAYIKwYBBQUHMAWGOHJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q cC9hcC9BOTFBNzM4MTAwMDAvMzAwMTYvMGMGCCsGAQUFBzAKhldyc3luYzovL3Jw a2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTczODEwMDAwLzMwMDE2L0tR V2o3by1jTmhxOWx4c01xWEp0LUR6NmFfZy5tZnQwRgYIKwYBBQUHMA2GOmh0dHBz Oi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9ycmRwL2FwL25vdGlmaWNhdGlv bi54bWwwJwYIKwYBBQUHAQcBAf8EGDAWMBQEAgACMA4DBQAgAQJAAwUAIAEDADAN BgkqhkiG9w0BAQsFAAOCAQEACulEUYx31LmLVfIqlAqgRjlEXL2YqC9JsJygs/YI ZJa9NPws+757WGji1sFwyP+3COWr/ysghel4SWIpiw00biT/zgButM18R1+fOzpD M8G5C9dX3eIm/nYSCy077n1D/4SCVtKxScb/MiyxLchIXh7w1prJeDXtHUwJDVTO lVvT5SAL3Z2nR6G95hn/lyPXp776+wwrXrzL0TrQVuIsX0WWX4oByrDEN1ZuKBrX iSD49PaJF/JNWBx1qf67xJs7AFYm4aMQDnV9Rm1nSwXzT588TE+T7dfYdOAmScJM LajiFHMTtb2bIxkVE7ZtnVPPDnlXdQVEwJajEMH9x+SB2w== -----END CERTIFICATE-----Generated at Sun Jul 20 19:05:50 2025 by rpki-client