$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/XK27YQbALggyDrz_TnxO9IeFVSk.roa File: XK27YQbALggyDrz_TnxO9IeFVSk.roa (raw, json) Hash identifier: KXu53UX7jx5DXJTplR5S5tfstyjeY+ZUqWXj0FpDYOY= Subject key identifier: 5C:AD:BB:61:06:C0:2E:08:32:0E:BC:FF:4E:7C:4E:F4:87:85:55:29 Certificate issuer: /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473 Certificate serial: 0B74 Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73 Authority info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer Subject info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/XK27YQbALggyDrz_TnxO9IeFVSk.roa Signing time: Tue 01 Apr 2025 01:36:46 +0000 ROA not before: Tue 01 Apr 2025 01:36:46 +0000 ROA not after: Sun 15 Mar 2026 01:30:03 +0000 asID: 9605 IP address blocks: 49.98.8.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 03 May 2025 15:43:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2932 (0xb74) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473 Validity Not Before: Apr 1 01:36:46 2025 GMT Not After : Mar 15 01:30:03 2026 GMT Subject: CN=5CADBB6106C02E08320EBCFF4E7C4EF487855529 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:c5:4d:ba:40:90:55:a2:4a:8c:fc:2c:15:8e: 23:c7:82:39:81:fd:94:33:80:60:d4:e1:a4:98:ad: ab:96:ff:ac:59:1f:bb:be:6a:ac:75:c1:36:63:55: db:57:99:c7:35:b7:85:15:dc:e3:87:22:da:e8:01: b2:71:43:bb:da:56:43:e1:4f:6f:00:6f:be:14:76: 60:44:7b:5c:3c:11:0f:55:83:00:af:ef:68:12:c4: 6f:2a:73:4a:80:0e:9d:69:81:8a:dd:34:23:46:16: bb:79:4a:de:d3:a9:08:3b:d7:81:f2:d2:27:dc:9e: ca:6d:aa:77:15:d8:ca:ec:e1:2e:14:c1:f1:e0:4a: 5c:89:3f:00:78:1d:0a:f2:5d:7f:c6:70:97:c5:a5: 14:f3:32:d6:5a:dd:72:d3:e6:70:bc:6d:75:40:03: f5:ad:98:49:bd:3e:f9:c2:cc:c5:cd:7d:96:b6:d3: 06:8d:2c:64:74:57:0f:35:0f:fd:27:42:de:5d:d2: 7f:98:11:39:f9:6c:68:e5:bc:ec:10:c1:7e:c2:e2: 46:78:8a:2c:49:0a:e8:a3:8b:85:7a:29:45:24:32: 5d:85:6e:26:54:0f:dc:1f:ad:7d:30:46:7c:54:31: 0a:3b:ad:2f:9a:62:e8:98:2d:d0:e9:df:c4:63:53: a4:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:AD:BB:61:06:C0:2E:08:32:0E:BC:FF:4E:7C:4E:F4:87:85:55:29 X509v3 Authority Key Identifier: keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl Authority Information Access: CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/XK27YQbALggyDrz_TnxO9IeFVSk.roa RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml sbgp-ipAddrBlock: critical IPv4: 49.98.8.0/22 Signature Algorithm: sha256WithRSAEncryption 1a:83:64:06:4b:11:66:0c:da:5d:2d:2f:fb:54:76:68:5d:b2: 9c:ee:d5:20:9c:fb:10:67:37:2a:40:c2:33:0a:36:ea:8c:5f: a8:f4:b9:db:f3:44:00:18:ab:2c:4a:9f:03:88:14:3b:e6:c5: ef:87:b1:11:ca:1f:6a:0d:83:3a:29:08:31:8b:73:9c:91:b9: 82:49:60:38:b5:c2:bd:86:34:86:ed:c3:0e:32:3f:cf:32:13: 48:78:49:4f:f9:62:9b:8e:54:85:fb:5a:fa:96:6a:92:31:b0: 01:14:52:e4:65:4a:e7:c2:b0:fa:a1:dd:fe:e1:32:e9:45:43: 4f:00:00:83:74:26:4c:b5:dc:3f:94:31:fd:c2:cc:69:f1:93: b1:5a:8f:73:4c:d0:25:a4:7d:86:38:c3:74:3b:e6:ce:a0:0a: 8a:d9:9a:d6:09:40:3b:2a:7a:8a:4f:80:3e:be:e2:b8:f7:1d: 6c:21:30:c4:0a:ef:cb:93:81:82:0c:e9:ac:f6:18:2e:a2:2d: 78:06:bc:06:44:77:fe:41:1d:97:29:93:54:ed:d4:8f:39:7e: cf:99:64:8d:7b:69:5d:f5:7c:10:ce:e1:c0:42:d7:db:b6:33: fd:63:0e:a6:8c:6d:32:95:ed:85:c9:8e:97:b6:3a:5c:0f:84: b2:b5:b1:b0 -----BEGIN CERTIFICATE----- MIIFCDCCA/CgAwIBAgICC3QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2 NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNTA0MDEw MTM2NDZaFw0yNjAzMTUwMTMwMDNaMDMxMTAvBgNVBAMTKDVDQURCQjYxMDZDMDJF MDgzMjBFQkNGRjRFN0M0RUY0ODc4NTU1MjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDrxU26QJBVokqM/CwVjiPHgjmB/ZQzgGDU4aSYrauW/6xZH7u+ aqx1wTZjVdtXmcc1t4UV3OOHItroAbJxQ7vaVkPhT28Ab74UdmBEe1w8EQ9VgwCv 72gSxG8qc0qADp1pgYrdNCNGFrt5St7TqQg714Hy0ifcnsptqncV2Mrs4S4UwfHg SlyJPwB4HQryXX/GcJfFpRTzMtZa3XLT5nC8bXVAA/WtmEm9PvnCzMXNfZa20waN LGR0Vw81D/0nQt5d0n+YETn5bGjlvOwQwX7C4kZ4iixJCuiji4V6KUUkMl2FbiZU D9wfrX0wRnxUMQo7rS+aYuiYLdDp38RjU6QzAgMBAAGjggIkMIICIDAdBgNVHQ4E FgQUXK27YQbALggyDrz/TnxO9IeFVSkwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B OTFBNzM4MTAwMDAvMzA5L1hLMjdZUWJBTGdneURyel9UbnhPOUllRlZTay5yb2Ew RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAIxYggwDQYJKoZIhvcNAQELBQADggEBABqDZAZLEWYM2l0tL/tUdmhdspzu 1SCc+xBnNypAwjMKNuqMX6j0udvzRAAYqyxKnwOIFDvmxe+HsRHKH2oNgzopCDGL c5yRuYJJYDi1wr2GNIbtww4yP88yE0h4SU/5YpuOVIX7WvqWapIxsAEUUuRlSufC sPqh3f7hMulFQ08AAIN0Jky13D+UMf3CzGnxk7Faj3NM0CWkfYY4w3Q75s6gCorZ mtYJQDsqeopPgD6+4rj3HWwhMMQK78uTgYIM6az2GC6iLXgGvAZEd/5BHZcpk1Tt 1I85fs+ZZI17aV31fBDO4cBC19u2M/1jDqaMbTKV7YXJjpe2OlwPhLK1sbA= -----END CERTIFICATE-----Generated at Sat Apr 26 18:24:26 2025 by rpki-client