$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/4Vt4-pw2MlFOgjZMLMIdD5QxWsQ.roa File: 4Vt4-pw2MlFOgjZMLMIdD5QxWsQ.roa (raw, json) Hash identifier: tg6xYu+xMw9FNntdoiZdWkww67gDp+I5Ssq6UQdJRig= Subject key identifier: E1:5B:78:FA:9C:36:32:51:4E:82:36:4C:2C:C2:1D:0F:94:31:5A:C4 Certificate issuer: /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473 Certificate serial: 0B11 Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73 Authority info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer Subject info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/4Vt4-pw2MlFOgjZMLMIdD5QxWsQ.roa Signing time: Fri 31 Jan 2025 01:34:26 +0000 ROA not before: Fri 31 Jan 2025 01:34:26 +0000 ROA not after: Thu 15 Jan 2026 01:30:03 +0000 asID: 9605 IP address blocks: 1.72.4.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 26 Feb 2025 20:50:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2833 (0xb11) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473 Validity Not Before: Jan 31 01:34:26 2025 GMT Not After : Jan 15 01:30:03 2026 GMT Subject: CN=E15B78FA9C3632514E82364C2CC21D0F94315AC4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:33:fd:67:e5:64:78:d5:9e:44:f0:2b:30:d9: d8:32:19:39:0e:31:8c:9b:97:7c:0a:79:3e:4f:25: 1f:fb:f9:57:26:7f:a6:5d:a2:90:28:bb:68:c1:64: 46:65:65:c4:cb:35:dc:fc:f2:f1:89:ad:2b:01:54: 38:37:50:27:b0:5c:a1:ee:c9:94:4d:4a:19:3e:6b: d3:64:1e:03:84:53:21:cb:56:56:39:2c:7b:a1:99: cc:1b:09:cc:c8:b5:f3:80:c5:a5:97:09:40:a5:4c: 6b:1e:25:79:4b:14:d1:32:80:73:f7:40:0b:fe:c1: 20:95:fe:14:a4:e7:23:78:7b:15:84:2f:72:36:79: ac:ed:fb:17:cd:85:3f:5a:7f:c8:f5:1c:5c:9a:df: 19:9c:e3:80:55:65:12:fe:48:fd:42:be:40:90:47: 21:ee:70:f2:64:95:ae:2d:36:25:f6:16:f1:fc:71: bf:cf:5e:d4:eb:a0:af:89:41:80:88:60:fa:22:c3: c9:db:7e:64:ce:84:2e:8b:78:14:2a:69:f8:41:cf: a0:5c:35:59:e1:75:89:13:3c:b9:aa:1c:d9:ec:cd: b6:d3:32:59:bf:64:a1:0d:54:e6:ca:57:73:a0:4e: 85:fb:5e:fc:d9:67:99:d8:8e:49:5c:7a:86:5c:12: e5:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:5B:78:FA:9C:36:32:51:4E:82:36:4C:2C:C2:1D:0F:94:31:5A:C4 X509v3 Authority Key Identifier: keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl Authority Information Access: CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/4Vt4-pw2MlFOgjZMLMIdD5QxWsQ.roa RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml sbgp-ipAddrBlock: critical IPv4: 1.72.4.0/23 Signature Algorithm: sha256WithRSAEncryption 28:2a:13:bf:39:69:f6:6a:8d:79:6a:ac:82:c5:51:1c:f9:e2: 20:82:e9:c6:9a:7c:48:e5:96:6d:3e:16:44:d3:ee:06:de:f5: c3:c6:ad:c7:30:8e:06:c8:87:f9:08:78:cb:32:50:c4:79:42: 6a:6c:ab:37:59:16:f6:7b:0f:60:8b:18:f1:e4:45:a2:7f:e8: 1e:53:f7:d6:27:69:35:c9:2b:bd:47:30:c4:a8:37:f4:ac:09: f3:41:37:e3:6e:55:0c:8a:16:c8:91:8c:90:ed:c5:99:f4:3d: 50:8f:f5:c8:11:17:5c:8e:bf:71:04:bb:cb:fe:9e:ce:20:22: 1e:b8:a0:a7:4e:79:7a:8f:67:2a:64:45:d0:77:73:64:1f:fc: 39:ec:62:65:de:a9:14:64:d6:26:68:31:b6:80:af:a9:5e:d3: 35:ec:f4:e5:76:15:e4:a4:e1:d4:3c:ad:88:bd:1a:e3:06:2b: 06:3b:ac:63:24:64:7e:7d:7c:ac:75:d0:52:a9:25:23:49:13: 16:80:aa:b3:be:71:44:0b:e2:19:cf:5b:7c:cd:31:2c:4a:18: 3b:32:48:f5:cf:d0:6c:85:1c:08:05:43:5e:71:ea:7d:ee:f8: e9:2a:1a:14:e1:b1:42:4b:58:60:2b:07:33:d2:02:4c:9e:ba: 71:62:36:01 -----BEGIN CERTIFICATE----- MIIFCDCCA/CgAwIBAgICCxEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2 NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNTAxMzEw MTM0MjZaFw0yNjAxMTUwMTMwMDNaMDMxMTAvBgNVBAMTKEUxNUI3OEZBOUMzNjMy NTE0RTgyMzY0QzJDQzIxRDBGOTQzMTVBQzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCnM/1n5WR41Z5E8Csw2dgyGTkOMYybl3wKeT5PJR/7+Vcmf6Zd opAou2jBZEZlZcTLNdz88vGJrSsBVDg3UCewXKHuyZRNShk+a9NkHgOEUyHLVlY5 LHuhmcwbCczItfOAxaWXCUClTGseJXlLFNEygHP3QAv+wSCV/hSk5yN4exWEL3I2 eazt+xfNhT9af8j1HFya3xmc44BVZRL+SP1CvkCQRyHucPJkla4tNiX2FvH8cb/P XtTroK+JQYCIYPoiw8nbfmTOhC6LeBQqafhBz6BcNVnhdYkTPLmqHNnszbbTMlm/ ZKENVObKV3OgToX7XvzZZ5nYjklceoZcEuWjAgMBAAGjggIkMIICIDAdBgNVHQ4E FgQU4Vt4+pw2MlFOgjZMLMIdD5QxWsQwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B OTFBNzM4MTAwMDAvMzA5LzRWdDQtcHcyTWxGT2dqWk1MTUlkRDVReFdzUS5yb2Ew RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAEBSAQwDQYJKoZIhvcNAQELBQADggEBACgqE785afZqjXlqrILFURz54iCC 6caafEjllm0+FkTT7gbe9cPGrccwjgbIh/kIeMsyUMR5QmpsqzdZFvZ7D2CLGPHk RaJ/6B5T99YnaTXJK71HMMSoN/SsCfNBN+NuVQyKFsiRjJDtxZn0PVCP9cgRF1yO v3EEu8v+ns4gIh64oKdOeXqPZypkRdB3c2Qf/DnsYmXeqRRk1iZoMbaAr6le0zXs 9OV2FeSk4dQ8rYi9GuMGKwY7rGMkZH59fKx10FKpJSNJExaAqrO+cUQL4hnPW3zN MSxKGDsySPXP0GyFHAgFQ15x6n3u+OkqGhThsUJLWGArBzPSAkyeunFiNgE= -----END CERTIFICATE-----Generated at Wed Feb 19 22:46:02 2025 by rpki-client