$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/cZHLn0xCLTs9Z1NxsYqNrdroeY0.cer File: cZHLn0xCLTs9Z1NxsYqNrdroeY0.cer (raw, json) Hash identifier: +qS7D74IkPFQUGF9jDrMNhzzJHyMFl+//JNtjCl4KI8= Subject key identifier: 71:91:CB:9F:4C:42:2D:3B:3D:67:53:71:B1:8A:8D:AD:DA:E8:79:8D Authority key identifier: 6F:68:3E:AE:39:A1:73:8A:E6:C9:3F:DF:04:1F:11:48:E6:53:4D:F2 Certificate issuer: /CN=A91A73810000/serialNumber=6F683EAE39A1738AE6C93FDF041F1148E6534DF2 Certificate serial: 10D3 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b2g-rjmhc4rmyT_fBB8RSOZTTfI.cer Manifest: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1937/cZHLn0xCLTs9Z1NxsYqNrdroeY0.mft caRepository: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1937/ Notify URL: https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml Certificate not before: Fri 23 May 2025 10:02:12 +0000 Certificate not after: Sat 23 May 2026 09:51:00 +0000 Subordinate resources: IP: 132.182.0.0/16 IP: 137.40.0.0/16 IP: 157.8.0.0/16 Validation: OK Signature path: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b2g-rjmhc4rmyT_fBB8RSOZTTfI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 02:50:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4307 (0x10d3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A73810000, serialNumber=6F683EAE39A1738AE6C93FDF041F1148E6534DF2 Validity Not Before: May 23 10:02:12 2025 GMT Not After : May 23 09:51:00 2026 GMT Subject: CN=7191CB9F4C422D3B3D675371B18A8DADDAE8798D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:0a:77:49:f2:6f:b0:f2:a8:fe:33:f0:5e:4e: 9e:5e:b0:c2:f5:ea:cc:61:b1:cf:25:72:47:a7:d0: dd:b4:a1:72:f3:0e:d7:2c:c7:9f:36:11:79:c0:65: 75:97:a8:d1:ed:eb:5a:49:7f:e2:5a:19:39:7d:a0: e5:15:fc:e0:c7:b3:28:d1:61:f7:ec:79:9a:a9:4e: aa:fa:56:8c:f9:70:10:08:f9:3c:47:fc:0a:d6:b0: 24:a1:30:ba:8c:c4:c6:48:92:16:5b:ec:ff:ff:5b: 2b:78:84:6c:49:6b:7d:28:74:50:cf:45:54:74:95: f4:01:fb:ca:43:02:30:a6:70:d3:b9:cd:e6:86:c2: 8c:57:20:d6:2b:ff:12:6d:43:84:02:f3:24:b7:63: 2c:10:ce:9b:ba:9c:7f:5b:dd:74:36:01:ee:5f:db: e9:8f:15:3d:1f:56:d8:f3:33:ec:07:05:1d:bf:ed: fd:12:a2:c4:6d:de:97:e0:79:13:37:93:f4:66:8c: 41:dc:b6:37:b4:83:fb:0a:7a:9a:57:61:05:76:89: 82:cf:b3:c7:ef:9f:7b:bc:18:71:64:ee:75:73:de: c1:31:92:57:9c:61:97:d1:4b:91:79:54:0e:8b:3c: ac:21:28:e9:eb:ed:fe:2d:30:6f:60:1c:6d:28:1f: 26:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:91:CB:9F:4C:42:2D:3B:3D:67:53:71:B1:8A:8D:AD:DA:E8:79:8D X509v3 Authority Key Identifier: keyid:6F:68:3E:AE:39:A1:73:8A:E6:C9:3F:DF:04:1F:11:48:E6:53:4D:F2 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b2g-rjmhc4rmyT_fBB8RSOZTTfI.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1937/ RPKI Manifest - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1937/cZHLn0xCLTs9Z1NxsYqNrdroeY0.mft RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml sbgp-ipAddrBlock: critical IPv4: 132.182.0.0/16 137.40.0.0/16 157.8.0.0/16 Signature Algorithm: sha256WithRSAEncryption 22:d0:5a:6d:31:82:0c:7e:d1:3d:09:4b:bb:a9:5a:e0:09:14: fb:0d:96:31:7c:87:87:67:96:d6:ca:f7:af:dc:aa:44:5a:77: 32:c0:d7:ac:07:74:20:5d:5f:83:c2:94:5d:ff:65:b9:e4:b7: 47:66:92:c0:34:e2:1e:c7:33:b1:e4:16:c4:e1:9b:37:5c:02: 8a:dd:1a:2b:76:bb:81:91:24:76:2b:10:3a:b4:2f:32:ec:94: 2c:f3:6e:e5:b9:60:65:eb:66:81:36:50:81:8b:c2:2c:9c:23: 0d:78:58:e2:a2:f2:a6:b6:0f:63:98:f0:b7:35:81:c8:1b:8c: 7b:31:2d:e5:b3:76:e1:71:c8:65:28:97:2f:5d:39:10:24:27: 23:e4:cb:fc:60:f7:5b:e3:77:16:81:cf:ff:5c:8a:a8:c9:9e: 99:1b:c8:c7:f3:17:4a:9a:12:50:e1:89:5a:74:e0:68:a0:a9: 9e:9c:9b:90:e9:60:54:17:af:ae:a3:b6:6f:b9:a3:ed:66:8c: 83:1d:bc:71:53:d6:b5:c8:ef:12:b0:36:7d:13:b2:fa:9d:6e: a9:0e:aa:d5:f8:84:0a:d4:dd:c5:7d:ba:e8:7a:00:7b:36:df: e7:58:4e:64:54:37:c1:fc:8d:33:d9:4a:27:12:3a:e9:4e:9e: 40:d2:1d:29 -----BEGIN CERTIFICATE----- MIIFjTCCBHWgAwIBAgICENMwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx QTczODEwMDAwMTEwLwYDVQQFEyg2RjY4M0VBRTM5QTE3MzhBRTZDOTNGREYwNDFG MTE0OEU2NTM0REYyMB4XDTI1MDUyMzEwMDIxMloXDTI2MDUyMzA5NTEwMFowMzEx MC8GA1UEAxMoNzE5MUNCOUY0QzQyMkQzQjNENjc1MzcxQjE4QThEQUREQUU4Nzk4 RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKAKd0nyb7DyqP4z8F5O nl6wwvXqzGGxzyVyR6fQ3bShcvMO1yzHnzYRecBldZeo0e3rWkl/4loZOX2g5RX8 4MezKNFh9+x5mqlOqvpWjPlwEAj5PEf8CtawJKEwuozExkiSFlvs//9bK3iEbElr fSh0UM9FVHSV9AH7ykMCMKZw07nN5obCjFcg1iv/Em1DhALzJLdjLBDOm7qcf1vd dDYB7l/b6Y8VPR9W2PMz7AcFHb/t/RKixG3el+B5EzeT9GaMQdy2N7SD+wp6mldh BXaJgs+zx++fe7wYcWTudXPewTGSV5xhl9FLkXlUDos8rCEo6evt/i0wb2AcbSgf Jt8CAwEAAaOCApIwggKOMB0GA1UdDgQWBBRxkcufTEItOz1nU3Gxio2t2uh5jTAf BgNVHSMEGDAWgBRvaD6uOaFziubJP98EHxFI5lNN8jAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMGIGA1UdHwRbMFkwV6BVoFOGUXJzeW5jOi8vcnBraS1yZXBvc2l0 b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvYjJnLXJqbWhjNHJteVRfZkJC OFJTT1pUVGZJLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5j Oi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFD ODgzN0M3MkZEMUZGMi9iMmctcmptaGM0cm15VF9mQkI4UlNPWlRUZkkuY2VyMA8G A1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMIIBAQYIKwYBBQUHAQsEgfQw gfEwQwYIKwYBBQUHMAWGN3JzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q cC9hcC9BOTFBNzM4MTAwMDAvMTkzNy8wYgYIKwYBBQUHMAqGVnJzeW5jOi8vcnBr aS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvMTkzNy9jWkhM bjB4Q0xUczlaMU54c1lxTnJkcm9lWTAubWZ0MEYGCCsGAQUFBzANhjpodHRwczov L3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvcnJkcC9hcC9ub3RpZmljYXRpb24u eG1sMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAATAPAwMAhLYDAwCJKAMDAJ0IMA0G CSqGSIb3DQEBCwUAA4IBAQAi0FptMYIMftE9CUu7qVrgCRT7DZYxfIeHZ5bWyvev 3KpEWncywNesB3QgXV+DwpRd/2W55LdHZpLANOIexzOx5BbE4Zs3XAKK3RordruB kSR2KxA6tC8y7JQs827luWBl62aBNlCBi8IsnCMNeFjiovKmtg9jmPC3NYHIG4x7 MS3ls3bhcchlKJcvXTkQJCcj5Mv8YPdb43cWgc//XIqoyZ6ZG8jH8xdKmhJQ4Yla dOBooKmenJuQ6WBUF6+uo7ZvuaPtZoyDHbxxU9a1yO8SsDZ9E7L6nW6pDqrV+IQK 1N3FfbroegB7Nt/nWE5kVDfB/I0z2UonEjrpTp5A0h0p -----END CERTIFICATE-----Generated at Mon Jun 2 07:19:38 2025 by rpki-client