$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/LZ2S-D9eDO9f6t2-NKj7kI2hjRQ.cer File: LZ2S-D9eDO9f6t2-NKj7kI2hjRQ.cer (raw, json) Hash identifier: C/y4K9C3fWszeXqovXc5cKhh/N0kwC+j9USsomR3+a0= Subject key identifier: 2D:9D:92:F8:3F:5E:0C:EF:5F:EA:DD:BE:34:A8:FB:90:8D:A1:8D:14 Authority key identifier: BA:44:12:B3:5F:5A:8A:71:47:BF:C6:67:B5:9B:52:0D:AA:C7:DA:8F Certificate issuer: /CN=A91A73810000/serialNumber=BA4412B35F5A8A7147BFC667B59B520DAAC7DA8F Certificate serial: 59A5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer Manifest: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30422/LZ2S-D9eDO9f6t2-NKj7kI2hjRQ.mft caRepository: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30422/ Notify URL: https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml Certificate not before: Mon 15 Sep 2025 01:42:38 +0000 Certificate not after: Tue 15 Sep 2026 01:30:02 +0000 Subordinate resources: IP: 2401:c20::/32 Validation: OK Signature path: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 15 Oct 2025 14:20:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22949 (0x59a5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A73810000, serialNumber=BA4412B35F5A8A7147BFC667B59B520DAAC7DA8F Validity Not Before: Sep 15 01:42:38 2025 GMT Not After : Sep 15 01:30:02 2026 GMT Subject: CN=2D9D92F83F5E0CEF5FEADDBE34A8FB908DA18D14 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:9f:ce:b1:bb:00:e5:97:95:9d:bd:6c:52:7d: 6a:fb:bf:19:47:9a:8d:de:1d:b5:e1:6f:ee:34:54: be:58:6b:4b:1a:18:cb:74:1d:71:c4:eb:e5:0e:09: fc:a8:50:10:6f:ab:49:bf:5d:1a:eb:e0:bc:f6:44: b4:34:9d:f0:86:52:36:32:78:86:22:8d:22:66:53: 32:e7:e5:d7:aa:a2:8f:25:b8:04:b7:25:4c:61:57: 16:27:df:9d:c9:2e:c9:81:28:fc:c3:44:ca:e8:7e: 57:57:c9:44:51:53:d7:ab:0d:49:8b:84:35:9f:f0: a6:f0:48:b7:9e:36:94:84:c4:7b:f2:e2:60:ad:8f: 61:ab:6c:36:96:e0:d6:51:91:b6:76:ab:00:b9:9e: 9a:c2:7b:6c:af:d4:89:f1:ed:d0:29:f8:9e:f1:17: 0a:bd:1a:4b:38:1c:ae:35:6d:f6:55:7b:f0:9e:50: 7b:ab:e2:27:9d:d4:76:25:d1:9d:70:68:7f:19:58: 37:f7:ef:f6:9b:34:8d:e0:33:19:3e:61:c1:34:65: 00:8d:96:30:50:ed:7f:06:1b:03:f5:42:ee:01:0d: ef:31:56:a5:8e:3a:a1:9d:a8:5b:43:7f:bc:94:df: bb:3f:ee:9a:77:6c:38:22:58:d5:3d:58:d7:a0:7a: 50:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:9D:92:F8:3F:5E:0C:EF:5F:EA:DD:BE:34:A8:FB:90:8D:A1:8D:14 X509v3 Authority Key Identifier: keyid:BA:44:12:B3:5F:5A:8A:71:47:BF:C6:67:B5:9B:52:0D:AA:C7:DA:8F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30422/ RPKI Manifest - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30422/LZ2S-D9eDO9f6t2-NKj7kI2hjRQ.mft RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml sbgp-ipAddrBlock: critical IPv6: 2401:c20::/32 Signature Algorithm: sha256WithRSAEncryption 79:e9:e1:c7:bc:8c:ed:cf:42:26:b7:13:dd:81:98:2a:d4:5c: 3e:5f:df:34:a7:30:71:af:c9:b9:ef:41:44:49:ba:ed:77:69: 63:bb:28:70:25:a6:84:23:bb:ef:2c:84:31:2a:63:4c:8f:b3: af:36:18:d6:0b:a1:2c:e5:46:5f:9f:76:61:f6:2a:bb:0b:85: 00:e4:af:70:a7:a9:2d:c9:a1:14:fe:73:37:39:f0:aa:fd:e7: 2d:6e:1c:7c:01:42:b1:0b:b5:c4:be:b9:65:49:7e:de:18:65: f2:08:3e:84:7e:1a:47:1d:b1:8a:02:83:dd:c3:ad:63:71:e4: 98:f1:4c:c8:6a:33:78:45:ef:ac:58:38:c1:20:45:c2:d8:9b: 98:24:0c:c3:e6:45:70:c6:0c:64:ea:bc:f6:63:67:0f:d7:0f: 6b:5e:f5:59:f4:5b:53:46:fc:d4:22:b3:82:31:3d:79:71:b0: 8c:f6:e0:e5:f8:7b:a7:b2:09:6e:e7:df:2e:0f:b6:95:78:f9: 0a:61:3b:84:1d:8f:f4:05:56:a4:a5:da:10:d3:33:91:a7:ac: 54:a8:e5:ff:5e:fc:80:3e:46:f4:c0:8c:18:0a:da:0b:1e:79: ff:8d:2d:2c:4c:28:4b:2f:10:b1:7a:7f:1c:26:79:3f:8a:bb: 17:df:bb:71 -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgICWaUwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx QTczODEwMDAwMTEwLwYDVQQFEyhCQTQ0MTJCMzVGNUE4QTcxNDdCRkM2NjdCNTlC NTIwREFBQzdEQThGMB4XDTI1MDkxNTAxNDIzOFoXDTI2MDkxNTAxMzAwMlowMzEx MC8GA1UEAxMoMkQ5RDkyRjgzRjVFMENFRjVGRUFEREJFMzRBOEZCOTA4REExOEQx NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM+fzrG7AOWXlZ29bFJ9 avu/GUeajd4dteFv7jRUvlhrSxoYy3QdccTr5Q4J/KhQEG+rSb9dGuvgvPZEtDSd 8IZSNjJ4hiKNImZTMufl16qijyW4BLclTGFXFiffnckuyYEo/MNEyuh+V1fJRFFT 16sNSYuENZ/wpvBIt542lITEe/LiYK2PYatsNpbg1lGRtnarALmemsJ7bK/UifHt 0Cn4nvEXCr0aSzgcrjVt9lV78J5Qe6viJ53UdiXRnXBofxlYN/fv9ps0jeAzGT5h wTRlAI2WMFDtfwYbA/VC7gEN7zFWpY46oZ2oW0N/vJTfuz/umndsOCJY1T1Y16B6 UCMCAwEAAaOCAowwggKIMB0GA1UdDgQWBBQtnZL4P14M71/q3b40qPuQjaGNFDAf BgNVHSMEGDAWgBS6RBKzX1qKcUe/xme1m1INqsfajzAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMGIGA1UdHwRbMFkwV6BVoFOGUXJzeW5jOi8vcnBraS1yZXBvc2l0 b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvdWtRU3MxOWFpbkZIdjhabnRa dFNEYXJIMm84LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5j Oi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0 NjhGN0M3MkZEMUZGMi91a1FTczE5YWluRkh2OFpudFp0U0RhckgybzguY2VyMA8G A1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMIIBAwYIKwYBBQUHAQsEgfYw gfMwRAYIKwYBBQUHMAWGOHJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q cC9hcC9BOTFBNzM4MTAwMDAvMzA0MjIvMGMGCCsGAQUFBzAKhldyc3luYzovL3Jw a2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTczODEwMDAwLzMwNDIyL0xa MlMtRDllRE85ZjZ0Mi1OS2o3a0kyaGpSUS5tZnQwRgYIKwYBBQUHMA2GOmh0dHBz Oi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9ycmRwL2FwL25vdGlmaWNhdGlv bi54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAQwgMA0GCSqGSIb3 DQEBCwUAA4IBAQB56eHHvIztz0ImtxPdgZgq1Fw+X980pzBxr8m570FESbrtd2lj uyhwJaaEI7vvLIQxKmNMj7OvNhjWC6Es5UZfn3Zh9iq7C4UA5K9wp6ktyaEU/nM3 OfCq/ectbhx8AUKxC7XEvrllSX7eGGXyCD6EfhpHHbGKAoPdw61jceSY8UzIajN4 Re+sWDjBIEXC2JuYJAzD5kVwxgxk6rz2Y2cP1w9rXvVZ9FtTRvzUIrOCMT15cbCM 9uDl+Hunsglu598uD7aVePkKYTuEHY/0BVakpdoQ0zORp6xUqOX/XvyAPkb0wIwY CtoLHnn/jS0sTChLLxCxen8cJnk/irsX37tx -----END CERTIFICATE-----Generated at Wed Oct 8 15:41:24 2025 by rpki-client