$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/iCKiqnYJs4OUr2S-VGEFKH4esYM.roa File: iCKiqnYJs4OUr2S-VGEFKH4esYM.roa (raw, json) Hash identifier: AKECvRBGhZEk/dQ8Qh6vkVp6SfI3nkIwHo+2XD44gJ8= Subject key identifier: 88:22:A2:AA:76:09:B3:83:94:AF:64:BE:54:61:05:28:7E:1E:B1:83 Certificate issuer: /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473 Certificate serial: 0F6C Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73 Authority info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer Subject info access: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/iCKiqnYJs4OUr2S-VGEFKH4esYM.roa Signing time: Tue 10 Jun 2025 11:32:32 +0000 ROA not before: Tue 10 Jun 2025 11:32:32 +0000 ROA not after: Sat 23 May 2026 09:51:00 +0000 asID: 9605 IP address blocks: 211.14.88.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Jun 2025 02:50:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3948 (0xf6c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473 Validity Not Before: Jun 10 11:32:32 2025 GMT Not After : May 23 09:51:00 2026 GMT Subject: CN=8822A2AA7609B38394AF64BE546105287E1EB183 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:6c:3b:0b:54:f3:7a:d6:8d:cb:a8:b7:d4:60: 33:f1:f3:a6:31:04:33:65:51:e1:d9:54:b0:5c:24: fa:0a:eb:d1:96:6a:78:6f:bb:b9:f2:c0:60:38:0d: 84:cf:c2:ff:39:5e:85:b9:1d:6c:ab:7f:53:23:76: 60:00:b2:29:71:78:58:e6:bb:d7:1e:e6:18:be:60: 45:57:81:5e:c6:b1:f9:6a:6b:e1:ad:71:c2:97:cf: 47:99:c0:ae:8b:a4:75:8b:59:e3:64:29:24:41:f4: da:a3:ca:12:c6:dd:01:72:a9:90:dd:03:3c:6f:b1: 55:b7:3c:b2:8d:69:33:1b:69:76:8e:d2:37:4e:fa: 05:4e:4f:90:a9:1c:3b:42:c9:f3:9e:b0:4c:9f:3a: ea:c9:67:86:d0:ba:a7:52:c3:ed:db:1c:46:64:8f: ec:66:fa:5e:97:ea:88:59:05:57:13:95:76:d7:dd: 3f:f8:75:82:47:88:54:d2:f5:4b:9b:4c:b5:35:16: d9:87:54:a5:7c:25:1c:c7:3f:a0:80:5b:f1:00:ba: 57:45:61:52:af:11:b0:06:19:66:5a:32:cb:b5:22: d7:d6:01:7b:0a:28:c8:22:2e:54:06:f2:ad:ee:9d: 9f:11:81:87:90:da:2d:39:fd:d5:04:85:e8:5f:66: e0:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:22:A2:AA:76:09:B3:83:94:AF:64:BE:54:61:05:28:7E:1E:B1:83 X509v3 Authority Key Identifier: keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl Authority Information Access: CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/iCKiqnYJs4OUr2S-VGEFKH4esYM.roa RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml sbgp-ipAddrBlock: critical IPv4: 211.14.88.0/23 Signature Algorithm: sha256WithRSAEncryption 7f:2f:f7:71:8d:94:da:7e:7b:d8:36:4d:1d:85:79:d9:6b:53: c2:ce:52:64:50:6d:ac:15:3d:26:f1:0b:45:e4:40:ae:06:3f: a5:e3:9e:7d:75:6f:c6:82:5a:a1:1c:9c:87:ef:e4:f5:b8:c5: 3a:9a:c2:36:11:1b:d9:a3:8f:be:09:aa:1c:b9:27:65:e1:33: 8c:4a:c2:72:52:44:db:80:6d:2c:86:c4:44:81:16:8f:8d:79: 87:00:d7:45:d8:cd:d2:db:a1:8d:52:56:5f:9b:ae:ac:13:0d: 18:02:85:af:ba:27:8e:6b:6f:ba:12:fb:10:10:2a:d7:9f:a5: d1:c1:02:fe:6a:42:31:a3:4f:90:18:46:8e:25:7f:71:82:6d: 98:12:41:0e:29:3b:7c:0e:39:af:1e:68:9b:44:29:79:4f:33: f9:d7:2d:83:f7:e6:7b:ff:e4:6e:c6:b3:95:b9:a1:37:fc:44: f6:35:63:52:33:4c:22:3b:ca:b7:75:70:d4:cd:03:bf:a2:96: c2:d9:39:f2:bd:63:04:37:7f:71:ff:ab:c5:b7:43:06:59:cc: ae:af:30:84:a7:03:b8:e8:50:8a:35:95:dc:4f:ce:40:6e:ac: 82:19:79:c5:5f:15:32:30:15:1c:61:af:fc:b5:75:2e:85:65: dd:6e:a1:ba -----BEGIN CERTIFICATE----- MIIFCDCCA/CgAwIBAgICD2wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2 NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yNTA2MTAx MTMyMzJaFw0yNjA1MjMwOTUxMDBaMDMxMTAvBgNVBAMTKDg4MjJBMkFBNzYwOUIz ODM5NEFGNjRCRTU0NjEwNTI4N0UxRUIxODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCkbDsLVPN61o3LqLfUYDPx86YxBDNlUeHZVLBcJPoK69GWanhv u7nywGA4DYTPwv85XoW5HWyrf1MjdmAAsilxeFjmu9ce5hi+YEVXgV7Gsflqa+Gt ccKXz0eZwK6LpHWLWeNkKSRB9NqjyhLG3QFyqZDdAzxvsVW3PLKNaTMbaXaO0jdO +gVOT5CpHDtCyfOesEyfOurJZ4bQuqdSw+3bHEZkj+xm+l6X6ohZBVcTlXbX3T/4 dYJHiFTS9UubTLU1FtmHVKV8JRzHP6CAW/EAuldFYVKvEbAGGWZaMsu1ItfWAXsK KMgiLlQG8q3unZ8RgYeQ2i05/dUEhehfZuBPAgMBAAGjggIkMIICIDAdBgNVHQ4E FgQUiCKiqnYJs4OUr2S+VGEFKH4esYMwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B OTFBNzM4MTAwMDAvMzA5L2lDS2lxbllKczRPVXIyUy1WR0VGS0g0ZXNZTS5yb2Ew RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAHTDlgwDQYJKoZIhvcNAQELBQADggEBAH8v93GNlNp+e9g2TR2FedlrU8LO UmRQbawVPSbxC0XkQK4GP6Xjnn11b8aCWqEcnIfv5PW4xTqawjYRG9mjj74Jqhy5 J2XhM4xKwnJSRNuAbSyGxESBFo+NeYcA10XYzdLboY1SVl+brqwTDRgCha+6J45r b7oS+xAQKtefpdHBAv5qQjGjT5AYRo4lf3GCbZgSQQ4pO3wOOa8eaJtEKXlPM/nX LYP35nv/5G7Gs5W5oTf8RPY1Y1IzTCI7yrd1cNTNA7+ilsLZOfK9YwQ3f3H/q8W3 QwZZzK6vMISnA7joUIo1ldxPzkBurIIZecVfFTIwFRxhr/y1dS6FZd1uobo= -----END CERTIFICATE-----Generated at Sun Jun 22 08:20:15 2025 by rpki-client