$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/Q8TakR08jJ8a-sBVJTcbQLGMeGs.roa File: Q8TakR08jJ8a-sBVJTcbQLGMeGs.roa (raw, json) Hash identifier: 89umhGYLR6NPVs/jOIAOnoRrHEvBecH8xvpTxy3Di1o= Subject key identifier: 43:C4:DA:91:1D:3C:8C:9F:1A:FA:C0:55:25:37:1B:40:B1:8C:78:6B Certificate issuer: /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473 Certificate serial: 0AF2 Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73 Authority info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer Subject info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/Q8TakR08jJ8a-sBVJTcbQLGMeGs.roa Signing time: Fri 31 Jan 2025 01:28:34 +0000 ROA not before: Fri 31 Jan 2025 01:28:34 +0000 ROA not after: Thu 15 Jan 2026 01:30:03 +0000 asID: 9605 IP address blocks: 1.66.105.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2802 (0xaf2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473 Validity Not Before: Jan 31 01:28:34 2025 GMT Not After : Jan 15 01:30:03 2026 GMT Subject: CN=43C4DA911D3C8C9F1AFAC05525371B40B18C786B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:9c:4f:20:e1:70:74:47:4f:e5:ba:5f:8c:19: 0f:cf:3e:b3:c3:f7:ad:3c:7e:33:65:ff:6a:50:21: 82:d5:8c:8c:84:03:4a:0d:0b:83:d3:54:ae:bb:dc: fb:8d:45:18:66:12:57:29:eb:69:52:b7:eb:4b:c6: 2d:95:0d:f4:1e:25:0b:47:38:4c:e7:50:36:9f:0c: 7d:13:20:46:d1:6e:04:63:93:73:6f:80:9f:bf:41: cf:69:00:4f:3a:7f:02:ff:be:0b:79:d0:b4:be:b2: e0:5f:8c:5d:91:d4:e6:d0:de:22:5a:55:b8:2f:26: 59:79:b5:12:16:1f:6f:86:14:f6:f1:42:67:81:db: f3:9d:b7:7b:b2:1c:b0:37:d9:4d:52:f3:87:8d:32: bd:82:d6:49:12:82:4e:f4:c7:fb:71:53:70:a9:89: 03:d9:b9:85:c8:0d:e6:3d:40:fd:58:ee:ab:d4:fb: 14:c7:64:59:ee:ef:2c:39:f8:28:93:39:36:7b:72: 6c:d4:36:cc:fa:e8:65:88:a2:f2:d5:5b:95:b2:3a: a1:da:f1:af:91:82:63:5d:e5:e3:8a:38:11:98:f8: 39:1f:6c:e8:6f:59:54:37:14:9c:93:b3:41:94:ee: 77:52:35:25:0a:33:dc:0d:17:d6:71:fc:4d:6f:3d: ad:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:C4:DA:91:1D:3C:8C:9F:1A:FA:C0:55:25:37:1B:40:B1:8C:78:6B X509v3 Authority Key Identifier: keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl Authority Information Access: CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/Q8TakR08jJ8a-sBVJTcbQLGMeGs.roa RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml sbgp-ipAddrBlock: critical IPv4: 1.66.105.0/24 Signature Algorithm: sha256WithRSAEncryption 80:2e:8d:3c:4f:82:6d:a5:48:9a:09:0d:b0:2a:76:6a:a3:50: bb:21:64:3b:ab:61:c0:70:0c:34:be:64:11:30:1b:40:f4:64: ad:dd:1a:e9:64:33:8f:a1:f7:90:ee:67:54:d9:13:b7:20:c6: e9:d4:be:d7:1f:20:98:4d:a1:24:ed:65:09:78:16:a0:c8:2f: 09:ed:88:9f:ec:4c:25:54:96:5b:ae:4b:e6:f0:5e:22:29:8f: 67:63:26:cc:e4:8d:1a:1a:4a:35:35:dd:54:b4:ff:63:70:b8: 62:17:b8:83:4f:9f:79:83:69:70:9c:ee:10:28:3c:0d:6f:6a: e2:f1:f6:a2:91:40:2a:a0:19:7e:b1:63:aa:25:ff:f7:2b:fa: b0:53:d5:a3:c0:2d:58:d7:39:a4:3f:b9:17:0c:55:21:83:52: b7:d5:ab:a4:74:0a:ac:eb:74:fc:2f:26:d8:a1:95:93:ec:f7: 86:dc:39:d8:a2:24:52:b7:79:11:8f:54:6a:1b:b5:7b:18:1b: ca:95:0c:1c:5c:45:6d:9e:15:06:8a:f9:05:45:af:da:e7:17: cb:f2:41:b0:5a:53:16:c3:0d:60:eb:9c:f5:0d:60:1d:8b:5d: 58:67:8e:9e:16:6c:df:62:8e:d5:1a:87:c3:a0:6e:af:44:ad: 6f:22:27:37 -----BEGIN CERTIFICATE----- MIIFCDCCA/CgAwIBAgICCvIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2 NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNTAxMzEw MTI4MzRaFw0yNjAxMTUwMTMwMDNaMDMxMTAvBgNVBAMTKDQzQzREQTkxMUQzQzhD OUYxQUZBQzA1NTI1MzcxQjQwQjE4Qzc4NkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDMnE8g4XB0R0/lul+MGQ/PPrPD9608fjNl/2pQIYLVjIyEA0oN C4PTVK673PuNRRhmElcp62lSt+tLxi2VDfQeJQtHOEznUDafDH0TIEbRbgRjk3Nv gJ+/Qc9pAE86fwL/vgt50LS+suBfjF2R1ObQ3iJaVbgvJll5tRIWH2+GFPbxQmeB 2/Odt3uyHLA32U1S84eNMr2C1kkSgk70x/txU3CpiQPZuYXIDeY9QP1Y7qvU+xTH ZFnu7yw5+CiTOTZ7cmzUNsz66GWIovLVW5WyOqHa8a+RgmNd5eOKOBGY+DkfbOhv WVQ3FJyTs0GU7ndSNSUKM9wNF9Zx/E1vPa2RAgMBAAGjggIkMIICIDAdBgNVHQ4E FgQUQ8TakR08jJ8a+sBVJTcbQLGMeGswHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B OTFBNzM4MTAwMDAvMzA5L1E4VGFrUjA4ako4YS1zQlZKVGNiUUxHTWVHcy5yb2Ew RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAABQmkwDQYJKoZIhvcNAQELBQADggEBAIAujTxPgm2lSJoJDbAqdmqjULsh ZDurYcBwDDS+ZBEwG0D0ZK3dGulkM4+h95DuZ1TZE7cgxunUvtcfIJhNoSTtZQl4 FqDILwntiJ/sTCVUlluuS+bwXiIpj2djJszkjRoaSjU13VS0/2NwuGIXuINPn3mD aXCc7hAoPA1vauLx9qKRQCqgGX6xY6ol//cr+rBT1aPALVjXOaQ/uRcMVSGDUrfV q6R0CqzrdPwvJtihlZPs94bcOdiiJFK3eRGPVGobtXsYG8qVDBxcRW2eFQaK+QVF r9rnF8vyQbBaUxbDDWDrnPUNYB2LXVhnjp4WbN9ijtUah8Ogbq9ErW8iJzc= -----END CERTIFICATE-----Generated at Wed Feb 19 22:34:23 2025 by rpki-client