$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/iT9ld0RN1-zSW4EiP4Xd-pyEEh0.roa File: iT9ld0RN1-zSW4EiP4Xd-pyEEh0.roa (raw, json) Hash identifier: AcZ3WsrKQSW1Mg3XVeut35k76GVaGeQ+qfOpiCcA3Ro= Subject key identifier: 89:3F:65:77:44:4D:D7:EC:D2:5B:81:22:3F:85:DD:FA:9C:84:12:1D Certificate issuer: /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473 Certificate serial: 0B34 Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73 Authority info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer Subject info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/iT9ld0RN1-zSW4EiP4Xd-pyEEh0.roa Signing time: Fri 31 Jan 2025 01:38:07 +0000 ROA not before: Fri 31 Jan 2025 01:38:07 +0000 ROA not after: Thu 15 Jan 2026 01:30:03 +0000 asID: 9605 IP address blocks: 49.97.116.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2868 (0xb34) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473 Validity Not Before: Jan 31 01:38:07 2025 GMT Not After : Jan 15 01:30:03 2026 GMT Subject: CN=893F6577444DD7ECD25B81223F85DDFA9C84121D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:a9:7e:57:db:51:a7:b1:d8:9c:cb:ea:aa:c2: 6d:07:db:3d:b9:c3:ae:b3:66:17:9a:1b:ef:b8:7e: 9e:93:71:52:a0:c2:db:50:5e:51:9c:78:9a:ab:b2: 0f:e6:b3:fc:d4:89:37:f3:d3:03:70:e1:31:0a:cb: 6a:05:8a:9d:fc:53:f1:f9:0d:cc:3f:11:69:a6:24: 6a:c5:4e:78:3a:c4:23:43:35:2b:4f:04:3d:6b:c4: b2:0b:9b:2c:56:af:dd:48:ae:e3:68:2f:59:20:c2: 35:04:c0:f3:6e:a1:36:94:26:a0:ea:c1:0c:bd:2a: 39:3c:85:26:40:47:52:40:56:08:b8:af:84:2b:3f: ce:cf:69:65:81:2a:fe:6a:7e:98:07:f2:8e:d1:a6: ba:aa:f3:2c:c4:35:b4:75:40:62:5c:c3:7c:39:d6: e2:94:ec:6c:4d:ac:9d:58:53:d8:ab:bc:6c:0a:22: 3d:35:46:c5:81:b2:87:82:5d:48:59:66:94:e1:b1: 75:c7:8d:6b:db:44:76:6b:d8:7c:82:aa:e0:5e:81: fc:8d:91:94:9b:07:98:01:30:66:b6:2d:69:b5:7c: af:8a:3c:dc:5e:06:80:c1:c7:c3:19:99:76:de:b7: b0:8a:8b:af:94:4d:7d:8c:5c:5e:42:cc:91:4e:30: 1c:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:3F:65:77:44:4D:D7:EC:D2:5B:81:22:3F:85:DD:FA:9C:84:12:1D X509v3 Authority Key Identifier: keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl Authority Information Access: CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/iT9ld0RN1-zSW4EiP4Xd-pyEEh0.roa RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml sbgp-ipAddrBlock: critical IPv4: 49.97.116.0/22 Signature Algorithm: sha256WithRSAEncryption 36:b0:f0:15:d2:04:45:c3:43:f2:30:55:69:2a:c6:36:79:f5: b2:88:ef:31:c5:2d:c2:bc:14:b0:96:ec:10:c7:cb:ab:ad:5b: 5a:a8:84:1c:0e:01:df:1f:91:1f:93:25:5e:92:37:c3:84:de: 95:ad:0f:45:4f:de:20:58:2f:18:a9:96:27:65:a5:03:8e:ca: bf:cf:4b:9f:01:ee:3d:9d:ea:af:1a:f0:e1:a1:24:8a:ab:75: 58:9b:88:48:5a:4d:aa:78:7f:f8:5f:15:11:f0:04:a5:ab:33: 98:b8:96:1b:a3:6f:71:5f:67:8a:67:25:2a:9a:59:80:24:86: ae:ba:a4:59:dd:6e:0a:43:6c:d2:22:c0:65:ef:9d:49:5f:36: 24:ce:4c:d8:7e:12:a6:b5:16:8e:54:5c:0e:f4:e7:29:c5:cf: 82:a4:2b:11:43:e7:8e:ae:97:10:74:50:b0:62:05:b3:69:55: a1:33:1c:af:12:79:cf:1b:7a:ce:11:22:3d:dc:f2:9a:d0:7f: e2:a1:5c:b5:9e:c5:b9:4d:59:77:0e:37:f4:6c:ed:63:f1:be: 20:c4:74:7a:b8:d6:24:aa:80:e2:8b:45:c7:05:be:90:dc:ab: 90:9a:97:69:2f:36:12:34:ff:56:e4:78:da:d4:fa:4f:2c:b4: ca:79:08:10 -----BEGIN CERTIFICATE----- MIIFCDCCA/CgAwIBAgICCzQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2 NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNTAxMzEw MTM4MDdaFw0yNjAxMTUwMTMwMDNaMDMxMTAvBgNVBAMTKDg5M0Y2NTc3NDQ0REQ3 RUNEMjVCODEyMjNGODVEREZBOUM4NDEyMUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9qX5X21Gnsdicy+qqwm0H2z25w66zZheaG++4fp6TcVKgwttQ XlGceJqrsg/ms/zUiTfz0wNw4TEKy2oFip38U/H5Dcw/EWmmJGrFTng6xCNDNStP BD1rxLILmyxWr91IruNoL1kgwjUEwPNuoTaUJqDqwQy9Kjk8hSZAR1JAVgi4r4Qr P87PaWWBKv5qfpgH8o7Rprqq8yzENbR1QGJcw3w51uKU7GxNrJ1YU9irvGwKIj01 RsWBsoeCXUhZZpThsXXHjWvbRHZr2HyCquBegfyNkZSbB5gBMGa2LWm1fK+KPNxe BoDBx8MZmXbet7CKi6+UTX2MXF5CzJFOMBwNAgMBAAGjggIkMIICIDAdBgNVHQ4E FgQUiT9ld0RN1+zSW4EiP4Xd+pyEEh0wHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B OTFBNzM4MTAwMDAvMzA5L2lUOWxkMFJOMS16U1c0RWlQNFhkLXB5RUVoMC5yb2Ew RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAIxYXQwDQYJKoZIhvcNAQELBQADggEBADaw8BXSBEXDQ/IwVWkqxjZ59bKI 7zHFLcK8FLCW7BDHy6utW1qohBwOAd8fkR+TJV6SN8OE3pWtD0VP3iBYLxiplidl pQOOyr/PS58B7j2d6q8a8OGhJIqrdVibiEhaTap4f/hfFRHwBKWrM5i4lhujb3Ff Z4pnJSqaWYAkhq66pFndbgpDbNIiwGXvnUlfNiTOTNh+Eqa1Fo5UXA705ynFz4Kk KxFD546ulxB0ULBiBbNpVaEzHK8Sec8bes4RIj3c8prQf+KhXLWexblNWXcON/Rs 7WPxviDEdHq41iSqgOKLRccFvpDcq5Cal2kvNhI0/1bkeNrU+k8stMp5CBA= -----END CERTIFICATE-----Generated at Wed Feb 19 22:40:11 2025 by rpki-client