$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/pimqiuskKhP7NxpEyl4fKVenDhs.cer File: pimqiuskKhP7NxpEyl4fKVenDhs.cer (raw, json) Hash identifier: x1PZtfVz1MowDN7qqWC2j1upe9priSXerfz3TVRmQFU= Subject key identifier: A6:29:AA:8A:EB:24:2A:13:FB:37:1A:44:CA:5E:1F:29:57:A7:0E:1B Authority key identifier: BA:44:12:B3:5F:5A:8A:71:47:BF:C6:67:B5:9B:52:0D:AA:C7:DA:8F Certificate issuer: /CN=A91A73810000/serialNumber=BA4412B35F5A8A7147BFC667B59B520DAAC7DA8F Certificate serial: 3F06 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer Manifest: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30017/pimqiuskKhP7NxpEyl4fKVenDhs.mft caRepository: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30017/ Notify URL: https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml Certificate not before: Fri 15 Nov 2024 01:36:26 +0000 Certificate not after: Sat 15 Nov 2025 01:30:03 +0000 Subordinate resources: IP: 2001:268::/32 IP: 2001:2a0::/32 IP: 2001:2c8::/32 IP: 240f::/23 Validation: OK Signature path: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 06:14:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16134 (0x3f06) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A73810000/serialNumber=BA4412B35F5A8A7147BFC667B59B520DAAC7DA8F Validity Not Before: Nov 15 01:36:26 2024 GMT Not After : Nov 15 01:30:03 2025 GMT Subject: CN=A629AA8AEB242A13FB371A44CA5E1F2957A70E1B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:da:16:94:24:d2:84:11:8c:5f:dc:a1:a2:61: 77:ac:ba:d9:45:2a:1a:53:ae:5d:80:25:b3:c4:ca: eb:40:26:b7:68:0d:24:a5:bc:30:3a:dc:25:6a:f7: e1:82:a5:4c:0f:d6:ab:3e:bf:d6:21:56:40:67:97: 3b:0a:d0:11:06:04:b1:ea:49:d7:f7:07:67:d0:3f: 02:80:b5:d0:6c:dd:f1:89:d2:98:d2:d7:76:f7:bc: ac:5d:87:4c:38:40:da:fa:d3:b6:45:00:e9:b1:57: 1e:a3:8d:98:c4:4f:9a:a2:cd:df:b5:d7:fa:e8:01: 89:a1:6e:f1:9e:c7:ab:46:fe:fd:5a:4c:7f:27:e9: 87:a5:52:99:f2:33:52:a8:a1:7f:c5:ce:33:32:a6: ad:05:8c:2b:03:df:f9:71:65:21:b3:8d:c7:b9:d0: 8a:37:cb:82:5f:b0:4e:fd:5d:25:7f:98:ba:61:8e: 90:c5:f5:dc:98:59:43:d4:a1:1e:a1:d0:12:de:72: 5c:f5:9c:5e:c3:f5:60:73:d5:23:7f:79:ae:df:c0: da:9b:3d:ce:bc:36:00:1c:b3:4a:52:77:68:03:33: 79:7a:43:ea:b3:ce:48:57:14:f2:79:46:7c:db:a2: ae:cb:46:d6:e6:c6:db:bc:07:81:05:e2:99:1e:93: 1c:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:29:AA:8A:EB:24:2A:13:FB:37:1A:44:CA:5E:1F:29:57:A7:0E:1B X509v3 Authority Key Identifier: keyid:BA:44:12:B3:5F:5A:8A:71:47:BF:C6:67:B5:9B:52:0D:AA:C7:DA:8F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30017/ RPKI Manifest - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30017/pimqiuskKhP7NxpEyl4fKVenDhs.mft RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:268::/32 2001:2a0::/32 2001:2c8::/32 240f::/23 Signature Algorithm: sha256WithRSAEncryption 8d:d4:73:f7:38:c8:15:d6:35:a6:fd:39:fb:d5:a7:a2:6b:6c: 46:72:09:b6:25:f6:47:fb:cd:f4:66:5c:fb:f8:1e:d7:b2:a7: 0a:a2:20:8b:f8:d2:d0:ad:60:6a:54:a0:87:4a:0f:ac:f0:0f: e3:db:66:5d:14:03:49:17:4e:4a:36:0d:a3:8c:8f:d0:8d:b8: bc:d9:d8:5f:ea:de:1f:d8:b0:18:99:02:d4:ba:7b:b9:ea:a5: d0:ee:6d:7e:0f:31:b9:ba:1c:80:3f:24:c7:f5:26:fe:f6:2e: d4:7d:71:98:5f:22:a1:67:eb:59:44:aa:9b:a8:62:8c:39:4d: 26:08:43:f9:09:36:d8:6d:32:44:48:79:42:6b:92:1e:76:43: 01:25:58:40:91:f7:c9:50:86:9b:6d:3e:0e:df:d0:f4:d8:81: d3:f4:c4:fc:0f:35:f1:81:3f:c7:97:e0:1f:69:d6:20:93:7b: b3:e2:98:61:18:fa:a9:c5:9f:81:73:0a:a0:28:b8:27:e1:8d: 81:5f:bc:23:f2:19:04:5d:14:3e:70:59:72:ee:07:ab:96:4a: 56:c8:54:56:22:7c:f8:54:58:37:ca:bb:91:75:cc:9f:13:53: 14:c1:9f:07:3f:c2:59:55:91:a8:7d:98:ef:71:eb:8c:43:5b: d3:07:bb:f7 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgICPwYwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx QTczODEwMDAwMTEwLwYDVQQFEyhCQTQ0MTJCMzVGNUE4QTcxNDdCRkM2NjdCNTlC NTIwREFBQzdEQThGMB4XDTI0MTExNTAxMzYyNloXDTI1MTExNTAxMzAwM1owMzEx MC8GA1UEAxMoQTYyOUFBOEFFQjI0MkExM0ZCMzcxQTQ0Q0E1RTFGMjk1N0E3MEUx QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALLaFpQk0oQRjF/coaJh d6y62UUqGlOuXYAls8TK60Amt2gNJKW8MDrcJWr34YKlTA/Wqz6/1iFWQGeXOwrQ EQYEsepJ1/cHZ9A/AoC10Gzd8YnSmNLXdve8rF2HTDhA2vrTtkUA6bFXHqONmMRP mqLN37XX+ugBiaFu8Z7Hq0b+/VpMfyfph6VSmfIzUqihf8XOMzKmrQWMKwPf+XFl IbONx7nQijfLgl+wTv1dJX+YumGOkMX13JhZQ9ShHqHQEt5yXPWcXsP1YHPVI395 rt/A2ps9zrw2AByzSlJ3aAMzeXpD6rPOSFcU8nlGfNuirstG1ubG27wHgQXimR6T HBsCAwEAAaOCAqAwggKcMB0GA1UdDgQWBBSmKaqK6yQqE/s3GkTKXh8pV6cOGzAf BgNVHSMEGDAWgBS6RBKzX1qKcUe/xme1m1INqsfajzAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMGIGA1UdHwRbMFkwV6BVoFOGUXJzeW5jOi8vcnBraS1yZXBvc2l0 b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvdWtRU3MxOWFpbkZIdjhabnRa dFNEYXJIMm84LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5j Oi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0 NjhGN0M3MkZEMUZGMi91a1FTczE5YWluRkh2OFpudFp0U0RhckgybzguY2VyMA8G A1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMIIBAwYIKwYBBQUHAQsEgfYw gfMwRAYIKwYBBQUHMAWGOHJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q cC9hcC9BOTFBNzM4MTAwMDAvMzAwMTcvMGMGCCsGAQUFBzAKhldyc3luYzovL3Jw a2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTczODEwMDAwLzMwMDE3L3Bp bXFpdXNrS2hQN054cEV5bDRmS1ZlbkRocy5tZnQwRgYIKwYBBQUHMA2GOmh0dHBz Oi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9ycmRwL2FwL25vdGlmaWNhdGlv bi54bWwwNAYIKwYBBQUHAQcBAf8EJTAjMCEEAgACMBsDBQAgAQJoAwUAIAECoAMF ACABAsgDBAEkDwAwDQYJKoZIhvcNAQELBQADggEBAI3Uc/c4yBXWNab9OfvVp6Jr bEZyCbYl9kf7zfRmXPv4HteypwqiIIv40tCtYGpUoIdKD6zwD+PbZl0UA0kXTko2 DaOMj9CNuLzZ2F/q3h/YsBiZAtS6e7nqpdDubX4PMbm6HIA/JMf1Jv72LtR9cZhf IqFn61lEqpuoYow5TSYIQ/kJNthtMkRIeUJrkh52QwElWECR98lQhpttPg7f0PTY gdP0xPwPNfGBP8eX4B9p1iCTe7PimGEY+qnFn4FzCqAouCfhjYFfvCPyGQRdFD5w WXLuB6uWSlbIVFYifPhUWDfKu5F1zJ8TUxTBnwc/wllVkah9mO9x64xDW9MHu/c= -----END CERTIFICATE-----Generated at Fri Nov 22 09:41:09 2024 by rpki-client on console-ams.rpki-client.org