$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/s8ehmAT3KOj_XkW-yNpYIQWj2p0.cer File: s8ehmAT3KOj_XkW-yNpYIQWj2p0.cer (raw, json) Hash identifier: c9TBI8u17NiAeS+5rOXryBl1XJR3/1xocVi96rmNJ54= Subject key identifier: B3:C7:A1:98:04:F7:28:E8:FF:5E:45:BE:C8:DA:58:21:05:A3:DA:9D Authority key identifier: BA:44:12:B3:5F:5A:8A:71:47:BF:C6:67:B5:9B:52:0D:AA:C7:DA:8F Certificate issuer: /CN=A91A73810000/serialNumber=BA4412B35F5A8A7147BFC667B59B520DAAC7DA8F Certificate serial: 3EB7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer Manifest: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30073/s8ehmAT3KOj_XkW-yNpYIQWj2p0.mft caRepository: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30073/ Notify URL: https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml Certificate not before: Fri 15 Nov 2024 01:34:43 +0000 Certificate not after: Sat 15 Nov 2025 01:30:03 +0000 Subordinate resources: IP: 2001:380::/32 IP: 2400:4000::/22 Validation: OK Signature path: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 06:14:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16055 (0x3eb7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A73810000/serialNumber=BA4412B35F5A8A7147BFC667B59B520DAAC7DA8F Validity Not Before: Nov 15 01:34:43 2024 GMT Not After : Nov 15 01:30:03 2025 GMT Subject: CN=B3C7A19804F728E8FF5E45BEC8DA582105A3DA9D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:e6:35:89:19:e0:ad:c0:50:32:0f:b3:e1:21: cf:cb:2c:b4:5b:ad:32:fc:8a:90:8d:5c:58:42:89: 29:27:b8:72:10:ed:49:ff:1d:83:d2:fd:46:08:cb: 96:d3:77:aa:c9:0e:5b:ab:51:db:31:b8:bc:36:e6: bf:a5:25:c2:eb:5b:92:89:a7:2a:b3:0a:51:e8:99: 25:2d:3a:3e:6c:f1:22:ae:e8:42:16:16:4e:eb:e6: 71:b9:e8:e5:30:c1:30:0c:db:b4:d1:fc:7d:c8:b3: 90:2c:ae:18:7a:96:ce:22:d6:c5:3d:ba:5f:fe:ae: 4f:a1:6f:78:98:f6:68:a2:42:b9:0e:7d:3c:5a:5f: e6:20:eb:cd:c8:1a:48:20:56:90:07:2b:86:77:31: 0d:c8:84:45:ff:4b:c2:80:5d:82:1d:1b:dd:ec:3d: b1:e7:9b:10:d1:a4:83:ea:cf:bb:88:ad:02:43:bd: d6:1e:73:11:33:6b:66:89:6a:3f:b3:4a:98:b6:11: 5d:f6:0c:03:e1:11:97:7a:6e:2d:78:71:f0:79:1a: aa:a1:fc:43:7f:47:12:a2:d3:0d:2a:60:fd:a1:ea: b2:17:c5:df:65:a7:8b:d9:1b:45:28:d7:c7:4d:c5: 22:5a:c1:bc:4b:93:58:f2:a3:13:74:1b:1b:f1:f3: 89:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:C7:A1:98:04:F7:28:E8:FF:5E:45:BE:C8:DA:58:21:05:A3:DA:9D X509v3 Authority Key Identifier: keyid:BA:44:12:B3:5F:5A:8A:71:47:BF:C6:67:B5:9B:52:0D:AA:C7:DA:8F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30073/ RPKI Manifest - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30073/s8ehmAT3KOj_XkW-yNpYIQWj2p0.mft RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:380::/32 2400:4000::/22 Signature Algorithm: sha256WithRSAEncryption 9b:73:16:43:b6:27:7b:ff:e8:71:05:86:65:90:91:94:b7:76: 93:ec:18:5b:7a:52:7d:19:75:79:b8:a2:ee:3d:a9:2d:b0:a5: a1:78:7f:9a:a6:72:98:f4:3d:c8:5b:4e:2f:11:e8:b3:99:7a: 12:22:8b:00:54:31:4d:44:a0:a9:cb:ab:44:74:4d:58:5f:da: 18:be:05:b6:f1:20:96:9f:bb:1b:27:7d:a6:47:cf:79:17:dc: be:5f:c0:a7:49:60:b6:1a:28:e8:3a:99:8c:c2:52:4b:b9:b2: 4e:44:45:11:93:d3:4b:cd:07:7f:02:f0:04:f7:03:49:72:41: e2:d7:55:36:b5:7e:fd:95:1d:21:01:d1:60:80:e9:ad:d1:d4: f0:a4:29:2f:b4:c1:c3:70:e3:0f:14:a3:7f:9f:47:f7:79:15: 59:17:0b:3d:41:b2:12:63:62:a6:bd:f0:ea:ac:39:27:19:62: 8f:d1:2c:56:63:bc:52:e7:95:56:a0:1c:11:de:d4:ba:28:f2: a0:63:a2:b7:2c:69:1b:c2:e8:b4:c4:86:a5:97:6d:50:99:ab: d3:e4:09:88:dd:43:4f:71:29:98:9a:85:a6:8e:b1:fc:b0:b6: 7d:8f:ad:ac:c0:5b:ca:cb:7d:0a:6a:f4:8c:30:48:7e:01:9d: ee:78:7b:b4 -----BEGIN CERTIFICATE----- MIIFjTCCBHWgAwIBAgICPrcwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx QTczODEwMDAwMTEwLwYDVQQFEyhCQTQ0MTJCMzVGNUE4QTcxNDdCRkM2NjdCNTlC NTIwREFBQzdEQThGMB4XDTI0MTExNTAxMzQ0M1oXDTI1MTExNTAxMzAwM1owMzEx MC8GA1UEAxMoQjNDN0ExOTgwNEY3MjhFOEZGNUU0NUJFQzhEQTU4MjEwNUEzREE5 RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMLmNYkZ4K3AUDIPs+Eh z8sstFutMvyKkI1cWEKJKSe4chDtSf8dg9L9RgjLltN3qskOW6tR2zG4vDbmv6Ul wutbkomnKrMKUeiZJS06PmzxIq7oQhYWTuvmcbno5TDBMAzbtNH8fcizkCyuGHqW ziLWxT26X/6uT6FveJj2aKJCuQ59PFpf5iDrzcgaSCBWkAcrhncxDciERf9LwoBd gh0b3ew9seebENGkg+rPu4itAkO91h5zETNrZolqP7NKmLYRXfYMA+ERl3puLXhx 8HkaqqH8Q39HEqLTDSpg/aHqshfF32Wni9kbRSjXx03FIlrBvEuTWPKjE3QbG/Hz iVkCAwEAAaOCApIwggKOMB0GA1UdDgQWBBSzx6GYBPco6P9eRb7I2lghBaPanTAf BgNVHSMEGDAWgBS6RBKzX1qKcUe/xme1m1INqsfajzAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMGIGA1UdHwRbMFkwV6BVoFOGUXJzeW5jOi8vcnBraS1yZXBvc2l0 b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvdWtRU3MxOWFpbkZIdjhabnRa dFNEYXJIMm84LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5j Oi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0 NjhGN0M3MkZEMUZGMi91a1FTczE5YWluRkh2OFpudFp0U0RhckgybzguY2VyMA8G A1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMIIBAwYIKwYBBQUHAQsEgfYw gfMwRAYIKwYBBQUHMAWGOHJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q cC9hcC9BOTFBNzM4MTAwMDAvMzAwNzMvMGMGCCsGAQUFBzAKhldyc3luYzovL3Jw a2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTczODEwMDAwLzMwMDczL3M4 ZWhtQVQzS09qX1hrVy15TnBZSVFXajJwMC5tZnQwRgYIKwYBBQUHMA2GOmh0dHBz Oi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9ycmRwL2FwL25vdGlmaWNhdGlv bi54bWwwJgYIKwYBBQUHAQcBAf8EFzAVMBMEAgACMA0DBQAgAQOAAwQCJABAMA0G CSqGSIb3DQEBCwUAA4IBAQCbcxZDtid7/+hxBYZlkJGUt3aT7BhbelJ9GXV5uKLu PaktsKWheH+apnKY9D3IW04vEeizmXoSIosAVDFNRKCpy6tEdE1YX9oYvgW28SCW n7sbJ32mR895F9y+X8CnSWC2GijoOpmMwlJLubJOREURk9NLzQd/AvAE9wNJckHi 11U2tX79lR0hAdFggOmt0dTwpCkvtMHDcOMPFKN/n0f3eRVZFws9QbISY2KmvfDq rDknGWKP0SxWY7xS55VWoBwR3tS6KPKgY6K3LGkbwui0xIall21QmavT5AmI3UNP cSmYmoWmjrH8sLZ9j62swFvKy30KavSMMEh+AZ3ueHu0 -----END CERTIFICATE-----Generated at Fri Nov 22 09:41:09 2024 by rpki-client on console-ams.rpki-client.org