$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/nIZpvxizEBJxD0jJqN4Ltx18L2Y.cer File: nIZpvxizEBJxD0jJqN4Ltx18L2Y.cer (raw, json) Hash identifier: LYGVap2GOZTbKpdkxu+6JkUny37KK0GY9lLkuxC5DaA= Subject key identifier: 9C:86:69:BF:18:B3:10:12:71:0F:48:C9:A8:DE:0B:B7:1D:7C:2F:66 Authority key identifier: 6F:68:3E:AE:39:A1:73:8A:E6:C9:3F:DF:04:1F:11:48:E6:53:4D:F2 Certificate issuer: /CN=A91A73810000/serialNumber=6F683EAE39A1738AE6C93FDF041F1148E6534DF2 Certificate serial: 10D0 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b2g-rjmhc4rmyT_fBB8RSOZTTfI.cer Manifest: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/240/nIZpvxizEBJxD0jJqN4Ltx18L2Y.mft caRepository: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/240/ Notify URL: https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml Certificate not before: Fri 23 May 2025 10:01:16 +0000 Certificate not after: Sat 23 May 2026 09:51:00 +0000 Subordinate resources: IP: 158.199.128.0/17 IP: 192.50.199.0/24 Validation: OK Signature path: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b2g-rjmhc4rmyT_fBB8RSOZTTfI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 02:50:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4304 (0x10d0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A73810000, serialNumber=6F683EAE39A1738AE6C93FDF041F1148E6534DF2 Validity Not Before: May 23 10:01:16 2025 GMT Not After : May 23 09:51:00 2026 GMT Subject: CN=9C8669BF18B31012710F48C9A8DE0BB71D7C2F66 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:4c:53:14:7f:64:e1:b1:cf:c3:52:11:38:43: 4e:b4:6e:cf:09:31:27:c2:6b:b6:a1:c4:0f:d4:ca: 5e:54:5a:b1:4f:71:9e:ee:bd:b3:cc:7b:70:b2:5b: 07:a6:d4:7b:c2:9e:3d:84:d4:0f:c5:01:37:98:47: 91:86:70:86:c5:1b:c7:88:bc:cd:78:0c:be:01:7a: 7e:16:dc:63:e5:16:e3:30:07:f2:78:6f:e7:a0:73: bf:5f:47:54:f4:75:65:cc:cd:aa:a1:c4:8b:d6:e3: 67:96:10:44:05:70:43:57:db:4b:41:66:9f:e4:a1: 42:d4:7b:8c:5d:83:a6:8a:c6:34:36:ae:4c:40:14: dd:0d:3d:af:f1:a5:5a:df:f9:3c:1d:65:6c:02:52: dc:ee:16:fd:0e:5c:ec:e3:f7:cb:2f:f3:96:42:0f: eb:53:75:78:b1:23:c7:b5:df:d5:e2:cf:80:0a:31: 52:96:9f:db:13:4d:f6:21:0d:d7:4b:3a:db:57:94: 7d:5d:dd:b5:a8:d1:19:4b:85:0f:9d:d6:78:72:ba: 88:c5:36:6e:f1:fd:ab:56:16:2c:37:35:df:23:34: c4:77:3f:4c:ad:f0:8b:df:98:3b:07:3c:f3:d5:31: 83:26:8f:b7:e0:7d:7c:f1:e2:72:16:f0:34:bf:8f: 97:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:86:69:BF:18:B3:10:12:71:0F:48:C9:A8:DE:0B:B7:1D:7C:2F:66 X509v3 Authority Key Identifier: keyid:6F:68:3E:AE:39:A1:73:8A:E6:C9:3F:DF:04:1F:11:48:E6:53:4D:F2 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/b2g-rjmhc4rmyT_fBB8RSOZTTfI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b2g-rjmhc4rmyT_fBB8RSOZTTfI.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/240/ RPKI Manifest - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/240/nIZpvxizEBJxD0jJqN4Ltx18L2Y.mft RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml sbgp-ipAddrBlock: critical IPv4: 158.199.128.0/17 192.50.199.0/24 Signature Algorithm: sha256WithRSAEncryption 70:ce:ec:9b:50:3a:d3:96:64:bf:67:ec:26:ac:3b:df:e4:1c: 2e:6b:24:da:1d:e4:77:9c:9b:33:37:34:ab:8a:a9:55:f4:88: 64:54:f7:c0:08:19:5c:39:8d:dd:03:60:88:8c:9e:12:be:ce: 21:9c:4b:c4:49:69:05:0f:c2:b4:f8:2c:ae:f5:b2:2b:3a:86: 2b:64:c6:ad:e3:e6:65:1f:6f:14:8c:f9:3b:28:c4:3c:1a:fe: c1:45:cb:71:52:07:12:5d:4d:d9:ea:99:23:77:28:d1:9b:b4: 5d:46:8f:ca:8f:82:5a:ce:e6:16:26:2c:14:78:31:65:e7:42: 11:7c:4b:20:40:b7:02:eb:88:51:88:2e:c4:ba:77:7c:2a:e1: 51:ea:70:04:8d:03:23:e0:f8:83:d4:56:56:6e:1c:01:58:bf: 3d:bb:fc:dd:81:7b:cc:91:1f:10:84:4b:7f:b1:8b:ee:f4:ed: 6e:b9:c7:3c:5f:38:3f:2f:f0:3a:12:ab:c3:e0:82:b3:ed:b9: 57:64:5a:f3:cf:42:3a:c0:d2:2f:4a:60:17:86:9b:17:27:62: 77:50:f7:b2:28:93:f0:dc:5f:42:5d:2e:dc:db:16:77:54:3d: 28:df:15:a4:39:e2:00:ff:a0:bd:6a:5e:18:43:e4:43:05:79: 98:cc:7a:97 -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgICENAwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx QTczODEwMDAwMTEwLwYDVQQFEyg2RjY4M0VBRTM5QTE3MzhBRTZDOTNGREYwNDFG MTE0OEU2NTM0REYyMB4XDTI1MDUyMzEwMDExNloXDTI2MDUyMzA5NTEwMFowMzEx MC8GA1UEAxMoOUM4NjY5QkYxOEIzMTAxMjcxMEY0OEM5QThERTBCQjcxRDdDMkY2 NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAO5MUxR/ZOGxz8NSEThD TrRuzwkxJ8JrtqHED9TKXlRasU9xnu69s8x7cLJbB6bUe8KePYTUD8UBN5hHkYZw hsUbx4i8zXgMvgF6fhbcY+UW4zAH8nhv56Bzv19HVPR1ZczNqqHEi9bjZ5YQRAVw Q1fbS0Fmn+ShQtR7jF2DporGNDauTEAU3Q09r/GlWt/5PB1lbAJS3O4W/Q5c7OP3 yy/zlkIP61N1eLEjx7Xf1eLPgAoxUpaf2xNN9iEN10s621eUfV3dtajRGUuFD53W eHK6iMU2bvH9q1YWLDc13yM0xHc/TK3wi9+YOwc889UxgyaPt+B9fPHichbwNL+P l7kCAwEAAaOCAowwggKIMB0GA1UdDgQWBBSchmm/GLMQEnEPSMmo3gu3HXwvZjAf BgNVHSMEGDAWgBRvaD6uOaFziubJP98EHxFI5lNN8jAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMGIGA1UdHwRbMFkwV6BVoFOGUXJzeW5jOi8vcnBraS1yZXBvc2l0 b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvYjJnLXJqbWhjNHJteVRfZkJC OFJTT1pUVGZJLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5j Oi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFD ODgzN0M3MkZEMUZGMi9iMmctcmptaGM0cm15VF9mQkI4UlNPWlRUZkkuY2VyMA8G A1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMIH/BggrBgEFBQcBCwSB8jCB 7zBCBggrBgEFBQcwBYY2cnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpw L2FwL0E5MUE3MzgxMDAwMC8yNDAvMGEGCCsGAQUFBzAKhlVyc3luYzovL3Jwa2kt cmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTczODEwMDAwLzI0MC9uSVpwdnhp ekVCSnhEMGpKcU40THR4MThMMlkubWZ0MEYGCCsGAQUFBzANhjpodHRwczovL3Jw a2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvcnJkcC9hcC9ub3RpZmljYXRpb24ueG1s MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQHnseAAwQAwDLHMA0GCSqGSIb3 DQEBCwUAA4IBAQBwzuybUDrTlmS/Z+wmrDvf5BwuayTaHeR3nJszNzSriqlV9Ihk VPfACBlcOY3dA2CIjJ4Svs4hnEvESWkFD8K0+Cyu9bIrOoYrZMat4+ZlH28UjPk7 KMQ8Gv7BRctxUgcSXU3Z6pkjdyjRm7RdRo/Kj4JazuYWJiwUeDFl50IRfEsgQLcC 64hRiC7Eund8KuFR6nAEjQMj4PiD1FZWbhwBWL89u/zdgXvMkR8QhEt/sYvu9O1u ucc8Xzg/L/A6EqvD4IKz7blXZFrzz0I6wNIvSmAXhpsXJ2J3UPeyKJPw3F9CXS7c 2xZ3VD0o3xWkOeIA/6C9al4YQ+RDBXmYzHqX -----END CERTIFICATE-----Generated at Mon Jun 2 07:13:13 2025 by rpki-client