$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/nIZpvxizEBJxD0jJqN4Ltx18L2Y.cer File: nIZpvxizEBJxD0jJqN4Ltx18L2Y.cer (raw, json) Hash identifier: 5ahYhyKIJ2SeX9izjZKxhtdArfunW0TLtBf354KqRpY= Subject key identifier: 9C:86:69:BF:18:B3:10:12:71:0F:48:C9:A8:DE:0B:B7:1D:7C:2F:66 Authority key identifier: 6F:68:3E:AE:39:A1:73:8A:E6:C9:3F:DF:04:1F:11:48:E6:53:4D:F2 Certificate issuer: /CN=A91A73810000/serialNumber=6F683EAE39A1738AE6C93FDF041F1148E6534DF2 Certificate serial: 0D34 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b2g-rjmhc4rmyT_fBB8RSOZTTfI.cer Manifest: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/240/nIZpvxizEBJxD0jJqN4Ltx18L2Y.mft caRepository: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/240/ Notify URL: https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml Certificate not before: Fri 15 Nov 2024 01:32:25 +0000 Certificate not after: Sat 15 Nov 2025 01:30:03 +0000 Subordinate resources: IP: 158.199.128.0/17 IP: 192.50.199.0/24 Validation: OK Signature path: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b2g-rjmhc4rmyT_fBB8RSOZTTfI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 05:23:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3380 (0xd34) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A73810000/serialNumber=6F683EAE39A1738AE6C93FDF041F1148E6534DF2 Validity Not Before: Nov 15 01:32:25 2024 GMT Not After : Nov 15 01:30:03 2025 GMT Subject: CN=9C8669BF18B31012710F48C9A8DE0BB71D7C2F66 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:4c:53:14:7f:64:e1:b1:cf:c3:52:11:38:43: 4e:b4:6e:cf:09:31:27:c2:6b:b6:a1:c4:0f:d4:ca: 5e:54:5a:b1:4f:71:9e:ee:bd:b3:cc:7b:70:b2:5b: 07:a6:d4:7b:c2:9e:3d:84:d4:0f:c5:01:37:98:47: 91:86:70:86:c5:1b:c7:88:bc:cd:78:0c:be:01:7a: 7e:16:dc:63:e5:16:e3:30:07:f2:78:6f:e7:a0:73: bf:5f:47:54:f4:75:65:cc:cd:aa:a1:c4:8b:d6:e3: 67:96:10:44:05:70:43:57:db:4b:41:66:9f:e4:a1: 42:d4:7b:8c:5d:83:a6:8a:c6:34:36:ae:4c:40:14: dd:0d:3d:af:f1:a5:5a:df:f9:3c:1d:65:6c:02:52: dc:ee:16:fd:0e:5c:ec:e3:f7:cb:2f:f3:96:42:0f: eb:53:75:78:b1:23:c7:b5:df:d5:e2:cf:80:0a:31: 52:96:9f:db:13:4d:f6:21:0d:d7:4b:3a:db:57:94: 7d:5d:dd:b5:a8:d1:19:4b:85:0f:9d:d6:78:72:ba: 88:c5:36:6e:f1:fd:ab:56:16:2c:37:35:df:23:34: c4:77:3f:4c:ad:f0:8b:df:98:3b:07:3c:f3:d5:31: 83:26:8f:b7:e0:7d:7c:f1:e2:72:16:f0:34:bf:8f: 97:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:86:69:BF:18:B3:10:12:71:0F:48:C9:A8:DE:0B:B7:1D:7C:2F:66 X509v3 Authority Key Identifier: keyid:6F:68:3E:AE:39:A1:73:8A:E6:C9:3F:DF:04:1F:11:48:E6:53:4D:F2 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b2g-rjmhc4rmyT_fBB8RSOZTTfI.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/240/ RPKI Manifest - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/240/nIZpvxizEBJxD0jJqN4Ltx18L2Y.mft RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml sbgp-ipAddrBlock: critical IPv4: 158.199.128.0/17 192.50.199.0/24 Signature Algorithm: sha256WithRSAEncryption 08:b6:e7:28:f5:ac:ac:50:61:c5:7f:f5:61:d7:6a:9a:1c:be: 50:e9:35:8c:4b:06:5d:68:02:36:57:75:e7:d1:57:76:47:e1: e5:3d:fc:68:d4:bb:60:b3:ec:e1:5d:e8:f4:23:2f:d2:f7:f7: c0:3a:66:9b:95:e5:8d:15:7a:dd:7e:40:76:36:39:35:77:e3: 84:b9:53:43:43:ae:e3:30:b6:cb:6c:9e:fb:d1:ca:32:33:62: b8:e2:34:10:2e:76:a7:31:22:4f:8b:5f:e1:97:7c:12:41:fe: 54:3d:72:bd:d8:eb:52:5f:fe:12:b7:7b:1a:de:27:39:7c:15: fe:8d:31:e0:67:9c:21:40:b5:37:74:49:22:78:e3:ea:37:45: 2b:f3:d7:bc:21:26:ed:9e:60:5f:e6:95:c5:57:5c:bc:3c:f8: ad:9d:dd:2e:d9:1a:99:38:d3:e7:8a:8f:98:4a:60:2d:fe:ba: ff:28:bc:d9:44:cf:dc:4a:f1:72:5d:17:1a:22:1b:86:15:1f: c2:5e:51:18:38:47:50:cf:e2:0b:6d:43:ff:53:09:a5:bd:60: eb:e9:af:12:a3:ee:8e:bb:3e:bc:a4:2e:2f:eb:f7:19:ac:ab: b8:b1:cc:10:02:ff:6d:a6:9c:2b:a2:65:6a:6f:43:1b:8b:00: 94:bc:86:0e -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgICDTQwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx QTczODEwMDAwMTEwLwYDVQQFEyg2RjY4M0VBRTM5QTE3MzhBRTZDOTNGREYwNDFG MTE0OEU2NTM0REYyMB4XDTI0MTExNTAxMzIyNVoXDTI1MTExNTAxMzAwM1owMzEx MC8GA1UEAxMoOUM4NjY5QkYxOEIzMTAxMjcxMEY0OEM5QThERTBCQjcxRDdDMkY2 NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAO5MUxR/ZOGxz8NSEThD TrRuzwkxJ8JrtqHED9TKXlRasU9xnu69s8x7cLJbB6bUe8KePYTUD8UBN5hHkYZw hsUbx4i8zXgMvgF6fhbcY+UW4zAH8nhv56Bzv19HVPR1ZczNqqHEi9bjZ5YQRAVw Q1fbS0Fmn+ShQtR7jF2DporGNDauTEAU3Q09r/GlWt/5PB1lbAJS3O4W/Q5c7OP3 yy/zlkIP61N1eLEjx7Xf1eLPgAoxUpaf2xNN9iEN10s621eUfV3dtajRGUuFD53W eHK6iMU2bvH9q1YWLDc13yM0xHc/TK3wi9+YOwc889UxgyaPt+B9fPHichbwNL+P l7kCAwEAAaOCAowwggKIMB0GA1UdDgQWBBSchmm/GLMQEnEPSMmo3gu3HXwvZjAf BgNVHSMEGDAWgBRvaD6uOaFziubJP98EHxFI5lNN8jAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMGIGA1UdHwRbMFkwV6BVoFOGUXJzeW5jOi8vcnBraS1yZXBvc2l0 b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvYjJnLXJqbWhjNHJteVRfZkJC OFJTT1pUVGZJLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5j Oi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFD ODgzN0M3MkZEMUZGMi9iMmctcmptaGM0cm15VF9mQkI4UlNPWlRUZkkuY2VyMA8G A1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMIH/BggrBgEFBQcBCwSB8jCB 7zBCBggrBgEFBQcwBYY2cnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpw L2FwL0E5MUE3MzgxMDAwMC8yNDAvMGEGCCsGAQUFBzAKhlVyc3luYzovL3Jwa2kt cmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTczODEwMDAwLzI0MC9uSVpwdnhp ekVCSnhEMGpKcU40THR4MThMMlkubWZ0MEYGCCsGAQUFBzANhjpodHRwczovL3Jw a2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvcnJkcC9hcC9ub3RpZmljYXRpb24ueG1s MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQHnseAAwQAwDLHMA0GCSqGSIb3 DQEBCwUAA4IBAQAItuco9aysUGHFf/Vh12qaHL5Q6TWMSwZdaAI2V3Xn0Vd2R+Hl Pfxo1Ltgs+zhXej0Iy/S9/fAOmableWNFXrdfkB2Njk1d+OEuVNDQ67jMLbLbJ77 0coyM2K44jQQLnanMSJPi1/hl3wSQf5UPXK92OtSX/4St3sa3ic5fBX+jTHgZ5wh QLU3dEkieOPqN0Ur89e8ISbtnmBf5pXFV1y8PPitnd0u2RqZONPnio+YSmAt/rr/ KLzZRM/cSvFyXRcaIhuGFR/CXlEYOEdQz+ILbUP/UwmlvWDr6a8So+6Ouz68pC4v 6/cZrKu4scwQAv9tppwromVqb0MbiwCUvIYO -----END CERTIFICATE-----Generated at Fri Nov 22 09:41:08 2024 by rpki-client on console-ams.rpki-client.org