$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/CaH5Xxy2m7Q1G8dKEXYeIEU0FdA.roa File: CaH5Xxy2m7Q1G8dKEXYeIEU0FdA.roa (raw, json) Hash identifier: YNbCFAUboFsSuw9A1Ivov4dFIlQIxCpJnXRJjfWmjH8= Subject key identifier: 09:A1:F9:5F:1C:B6:9B:B4:35:1B:C7:4A:11:76:1E:20:45:34:15:D0 Certificate issuer: /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473 Certificate serial: 0E45 Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73 Authority info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer Subject info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/CaH5Xxy2m7Q1G8dKEXYeIEU0FdA.roa Signing time: Sun 01 Jun 2025 01:30:20 +0000 ROA not before: Sun 01 Jun 2025 01:30:20 +0000 ROA not after: Sat 23 May 2026 09:51:00 +0000 asID: 9605 IP address blocks: 49.96.192.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 20:15:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3653 (0xe45) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473 Validity Not Before: Jun 1 01:30:20 2025 GMT Not After : May 23 09:51:00 2026 GMT Subject: CN=09A1F95F1CB69BB4351BC74A11761E20453415D0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:6f:60:54:fe:f4:ff:2a:52:b5:d0:e4:c4:c1: a8:0b:55:60:fe:a2:18:84:97:64:3d:cf:7e:f1:8b: 45:85:82:9d:9d:56:6e:94:6f:d1:a9:7b:0c:82:3f: 2b:13:52:61:2b:f4:49:84:cf:26:fb:b8:d1:5e:12: 02:c2:ec:af:58:26:6c:b1:02:a0:c9:b2:01:f1:70: 9a:a2:15:df:3f:04:86:ab:36:85:cb:96:5f:14:ad: 26:6b:fd:50:75:f9:67:0b:15:b2:83:78:3c:9f:b7: de:8f:9d:54:9d:45:59:3b:0b:07:11:76:82:10:ad: 9e:8d:f8:9f:cb:94:57:d6:03:84:23:82:95:83:e1: 03:69:ee:29:b9:1f:e3:fb:32:8e:0b:9a:88:0b:63: 3e:4d:80:52:b1:03:40:11:79:63:fe:0e:81:3f:11: 9c:e4:6f:d4:88:e9:11:88:f5:de:4c:e2:12:1e:bd: 94:c4:b5:28:15:fa:4d:c1:5b:ad:c3:59:bc:9a:a4: e9:1f:3b:e2:5f:f6:db:1d:32:9b:9d:ac:90:dc:51: 6f:96:eb:fb:ab:01:4e:75:6a:4f:78:ed:bf:7e:22: 7f:fa:94:ab:d8:98:e4:4d:30:a4:32:4a:16:d2:31: fe:26:26:c8:ea:59:f0:e0:bd:42:b2:3b:ea:46:b0: 28:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:A1:F9:5F:1C:B6:9B:B4:35:1B:C7:4A:11:76:1E:20:45:34:15:D0 X509v3 Authority Key Identifier: keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl Authority Information Access: CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/CaH5Xxy2m7Q1G8dKEXYeIEU0FdA.roa RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml sbgp-ipAddrBlock: critical IPv4: 49.96.192.0/21 Signature Algorithm: sha256WithRSAEncryption 98:a8:9f:f6:07:e9:c5:66:dd:6a:7d:4d:80:a4:65:b1:b5:15: 85:8b:7d:7a:e7:d0:26:4e:a2:6d:b8:68:78:a3:fb:60:94:6c: a1:12:08:da:d4:41:15:45:da:de:e4:d6:3f:94:2e:e7:f4:c9: 69:b1:ea:60:bd:70:40:d4:cc:27:63:b6:a9:b9:bb:28:af:4d: 3f:07:bb:70:7f:3a:45:78:4f:3d:5a:64:d7:c2:09:77:87:3c: ea:92:a0:7f:7c:db:42:91:58:4d:0f:d8:92:c9:2e:f0:56:8e: c5:18:e1:fb:6b:d4:7c:07:ec:70:fe:8b:5b:50:71:1c:cb:43: ea:e3:cf:2b:0d:d7:a1:48:73:31:c2:86:3d:b8:3e:b2:c2:ce: 05:f8:4d:b6:c0:1e:6c:75:7f:59:c8:8e:de:1e:8c:e7:a7:20: 77:e4:27:a1:1b:c2:da:9c:38:c1:0d:69:17:ba:4b:bc:95:49: 57:f1:87:aa:e8:99:10:c6:31:7d:8b:8c:f9:f9:52:26:5b:c1: be:94:02:37:02:28:99:f7:5d:36:fa:87:f3:9a:9d:1e:5e:98: 0d:34:63:38:2c:d4:2a:1c:39:fa:f6:78:14:4b:1e:d5:c5:a6: 68:8a:38:46:94:13:8e:99:df:5c:4f:24:e3:9f:f4:87:cf:d8: 1d:f9:0c:c0 -----BEGIN CERTIFICATE----- MIIFCDCCA/CgAwIBAgICDkUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2 NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNTA2MDEw MTMwMjBaFw0yNjA1MjMwOTUxMDBaMDMxMTAvBgNVBAMTKDA5QTFGOTVGMUNCNjlC QjQzNTFCQzc0QTExNzYxRTIwNDUzNDE1RDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7b2BU/vT/KlK10OTEwagLVWD+ohiEl2Q9z37xi0WFgp2dVm6U b9GpewyCPysTUmEr9EmEzyb7uNFeEgLC7K9YJmyxAqDJsgHxcJqiFd8/BIarNoXL ll8UrSZr/VB1+WcLFbKDeDyft96PnVSdRVk7CwcRdoIQrZ6N+J/LlFfWA4QjgpWD 4QNp7im5H+P7Mo4LmogLYz5NgFKxA0AReWP+DoE/EZzkb9SI6RGI9d5M4hIevZTE tSgV+k3BW63DWbyapOkfO+Jf9tsdMpudrJDcUW+W6/urAU51ak947b9+In/6lKvY mORNMKQyShbSMf4mJsjqWfDgvUKyO+pGsCilAgMBAAGjggIkMIICIDAdBgNVHQ4E FgQUCaH5Xxy2m7Q1G8dKEXYeIEU0FdAwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B OTFBNzM4MTAwMDAvMzA5L0NhSDVYeHkybTdRMUc4ZEtFWFllSUVVMEZkQS5yb2Ew RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAMxYMAwDQYJKoZIhvcNAQELBQADggEBAJion/YH6cVm3Wp9TYCkZbG1FYWL fXrn0CZOom24aHij+2CUbKESCNrUQRVF2t7k1j+ULuf0yWmx6mC9cEDUzCdjtqm5 uyivTT8Hu3B/OkV4Tz1aZNfCCXeHPOqSoH9820KRWE0P2JLJLvBWjsUY4ftr1HwH 7HD+i1tQcRzLQ+rjzysN16FIczHChj24PrLCzgX4TbbAHmx1f1nIjt4ejOenIHfk J6EbwtqcOMENaRe6S7yVSVfxh6romRDGMX2LjPn5UiZbwb6UAjcCKJn3XTb6h/Oa nR5emA00Yzgs1CocOfr2eBRLHtXFpmiKOEaUE46Z31xPJOOf9IfP2B35DMA= -----END CERTIFICATE-----Generated at Wed Nov 5 21:43:56 2025 by rpki-client