$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/KQWj7o-cNhq9lxsMqXJt-Dz6a_g.cer File: KQWj7o-cNhq9lxsMqXJt-Dz6a_g.cer (raw, json) Hash identifier: fmVps/kTnR5mjxzmP+2cO4EHnBczfwlgIad960tR5tE= Subject key identifier: 29:05:A3:EE:8F:9C:36:1A:BD:97:1B:0C:A9:72:6D:F8:3C:FA:6B:F8 Authority key identifier: BA:44:12:B3:5F:5A:8A:71:47:BF:C6:67:B5:9B:52:0D:AA:C7:DA:8F Certificate issuer: /CN=A91A73810000/serialNumber=BA4412B35F5A8A7147BFC667B59B520DAAC7DA8F Certificate serial: 3DE4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer Manifest: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30016/KQWj7o-cNhq9lxsMqXJt-Dz6a_g.mft caRepository: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30016/ Notify URL: https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml Certificate not before: Fri 15 Nov 2024 01:30:24 +0000 Certificate not after: Sat 15 Nov 2025 01:30:03 +0000 Subordinate resources: IP: 2001:240::/32 IP: 2001:300::/32 Validation: OK Signature path: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 06:14:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15844 (0x3de4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A73810000/serialNumber=BA4412B35F5A8A7147BFC667B59B520DAAC7DA8F Validity Not Before: Nov 15 01:30:24 2024 GMT Not After : Nov 15 01:30:03 2025 GMT Subject: CN=2905A3EE8F9C361ABD971B0CA9726DF83CFA6BF8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:af:77:a9:da:3a:c4:f9:6e:b7:22:96:4e:90: 4d:98:c1:a0:94:8a:12:f7:0f:72:dd:d1:d9:79:ce: a9:63:ee:7a:11:2b:10:98:a9:2b:b0:ab:32:04:cd: 93:92:d0:fc:cd:66:21:40:e6:4e:5b:97:9e:0f:eb: 00:5a:89:4e:a5:1e:7d:cc:48:ea:8a:15:19:d8:21: 48:79:6d:10:19:2d:6a:54:1b:b9:73:42:95:23:f5: a8:f0:58:b5:b9:be:24:2b:e1:d4:6c:9c:3f:29:db: 78:f9:63:dc:46:6d:ad:8f:ec:a8:9b:c2:7d:2a:4a: 40:b5:ba:70:5f:47:8f:17:15:c9:68:cb:dc:87:4e: a1:f6:b7:04:8f:68:5e:b5:40:08:60:bb:e9:13:3d: d2:d4:1b:c5:2d:aa:16:56:dd:bb:ec:83:1c:9f:3f: 07:ba:61:4b:af:05:00:71:62:bb:d0:28:af:98:5f: 32:55:8f:86:97:0c:3a:d1:2b:0d:bf:e8:79:93:5e: ca:71:92:1f:e5:31:d4:60:b0:03:52:9f:69:ca:92: 03:6d:85:66:dd:18:5c:d8:34:ac:ac:3e:ae:1e:1f: 58:67:ea:71:b9:c2:99:0e:73:b5:c6:56:e4:b2:88: 9e:cf:c6:59:af:a5:c7:e8:fb:df:78:de:d0:63:68: 8f:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:05:A3:EE:8F:9C:36:1A:BD:97:1B:0C:A9:72:6D:F8:3C:FA:6B:F8 X509v3 Authority Key Identifier: keyid:BA:44:12:B3:5F:5A:8A:71:47:BF:C6:67:B5:9B:52:0D:AA:C7:DA:8F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30016/ RPKI Manifest - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30016/KQWj7o-cNhq9lxsMqXJt-Dz6a_g.mft RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:240::/32 2001:300::/32 Signature Algorithm: sha256WithRSAEncryption 6c:f8:09:15:82:30:b5:eb:93:39:56:fc:af:b9:99:8d:f1:7e: a1:f8:56:61:86:1d:b3:4e:30:19:2f:41:bf:26:5d:6b:3e:b6: bd:7c:aa:9c:a8:41:19:52:d0:37:8a:f0:de:54:bc:82:c3:33: 26:dc:ec:60:4e:09:05:c6:ec:35:e9:28:b3:32:72:51:a5:bf: 14:e3:86:15:67:30:e9:1c:f8:b6:a5:35:66:b2:9d:17:97:89: 29:c9:f2:99:e9:bc:d9:c1:47:f3:27:12:64:fe:84:c8:98:fe: e4:a2:e3:1f:a5:b8:52:c7:8f:d5:93:bc:b3:55:56:ef:e2:a3: a4:65:fb:51:7e:c4:53:5c:42:b3:78:d5:49:ba:08:93:96:d7: 00:87:55:73:42:d4:ca:f9:1a:f2:d4:c0:88:48:4a:f0:18:3a: be:83:a7:04:e9:35:88:49:ea:11:63:e4:28:50:c4:5a:38:47: dc:18:ee:7f:37:9d:5b:f4:da:96:2b:ce:08:9e:b7:a8:07:4e: f6:2d:55:e5:c6:58:91:99:36:a2:0e:80:4f:5b:2b:23:6c:a4: 73:db:ae:b6:0a:61:e1:17:b2:64:25:5c:24:48:d0:de:72:79: 43:7b:b0:82:d1:12:f2:22:bd:6d:f4:af:56:bb:76:d7:51:c3: 39:a6:d6:9a -----BEGIN CERTIFICATE----- MIIFjjCCBHagAwIBAgICPeQwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx QTczODEwMDAwMTEwLwYDVQQFEyhCQTQ0MTJCMzVGNUE4QTcxNDdCRkM2NjdCNTlC NTIwREFBQzdEQThGMB4XDTI0MTExNTAxMzAyNFoXDTI1MTExNTAxMzAwM1owMzEx MC8GA1UEAxMoMjkwNUEzRUU4RjlDMzYxQUJEOTcxQjBDQTk3MjZERjgzQ0ZBNkJG ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMevd6naOsT5brcilk6Q TZjBoJSKEvcPct3R2XnOqWPuehErEJipK7CrMgTNk5LQ/M1mIUDmTluXng/rAFqJ TqUefcxI6ooVGdghSHltEBktalQbuXNClSP1qPBYtbm+JCvh1GycPynbePlj3EZt rY/sqJvCfSpKQLW6cF9HjxcVyWjL3IdOofa3BI9oXrVACGC76RM90tQbxS2qFlbd u+yDHJ8/B7phS68FAHFiu9Aor5hfMlWPhpcMOtErDb/oeZNeynGSH+Ux1GCwA1Kf acqSA22FZt0YXNg0rKw+rh4fWGfqcbnCmQ5ztcZW5LKIns/GWa+lx+j733je0GNo j+MCAwEAAaOCApMwggKPMB0GA1UdDgQWBBQpBaPuj5w2Gr2XGwypcm34PPpr+DAf BgNVHSMEGDAWgBS6RBKzX1qKcUe/xme1m1INqsfajzAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMGIGA1UdHwRbMFkwV6BVoFOGUXJzeW5jOi8vcnBraS1yZXBvc2l0 b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvdWtRU3MxOWFpbkZIdjhabnRa dFNEYXJIMm84LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5j Oi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0 NjhGN0M3MkZEMUZGMi91a1FTczE5YWluRkh2OFpudFp0U0RhckgybzguY2VyMA8G A1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMIIBAwYIKwYBBQUHAQsEgfYw gfMwRAYIKwYBBQUHMAWGOHJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q cC9hcC9BOTFBNzM4MTAwMDAvMzAwMTYvMGMGCCsGAQUFBzAKhldyc3luYzovL3Jw a2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTczODEwMDAwLzMwMDE2L0tR V2o3by1jTmhxOWx4c01xWEp0LUR6NmFfZy5tZnQwRgYIKwYBBQUHMA2GOmh0dHBz Oi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9ycmRwL2FwL25vdGlmaWNhdGlv bi54bWwwJwYIKwYBBQUHAQcBAf8EGDAWMBQEAgACMA4DBQAgAQJAAwUAIAEDADAN BgkqhkiG9w0BAQsFAAOCAQEAbPgJFYIwteuTOVb8r7mZjfF+ofhWYYYds04wGS9B vyZdaz62vXyqnKhBGVLQN4rw3lS8gsMzJtzsYE4JBcbsNekoszJyUaW/FOOGFWcw 6Rz4tqU1ZrKdF5eJKcnymem82cFH8ycSZP6EyJj+5KLjH6W4UseP1ZO8s1VW7+Kj pGX7UX7EU1xCs3jVSboIk5bXAIdVc0LUyvka8tTAiEhK8Bg6voOnBOk1iEnqEWPk KFDEWjhH3BjufzedW/TalivOCJ63qAdO9i1V5cZYkZk2og6AT1srI2ykc9uutgph 4ReyZCVcJEjQ3nJ5Q3uwgtES8iK9bfSvVrt211HDOabWmg== -----END CERTIFICATE-----Generated at Fri Nov 22 08:01:51 2024 by rpki-client on console-ams.rpki-client.org