$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS153997.roa File: AS153997.roa (raw, json) Hash identifier: waxEzU5ofvSyGF4MIz5BMRV1/DuXd09ZgPwm+vjNYuk= Subject key identifier: A0:C5:4F:0C:BF:12:EE:07:F7:B8:A9:CF:50:C2:F6:75:07:D9:E2:74 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 0DDCB3398665C4D689287D7E475F626F8136CE68 Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS153997.roa Signing time: Thu 05 Mar 2026 03:02:41 +0000 ROA not before: Thu 05 Mar 2026 02:57:41 +0000 ROA not after: Thu 04 Mar 2027 03:02:41 +0000 asID: 153997 IP address blocks: 2a0f:6284:e::/48 maxlen: 48 2a0f:6284:33ff::/48 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 27 Mar 2026 09:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:dc:b3:39:86:65:c4:d6:89:28:7d:7e:47:5f:62:6f:81:36:ce:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Mar 5 02:57:41 2026 GMT Not After : Mar 4 03:02:41 2027 GMT Subject: CN=A0C54F0CBF12EE07F7B8A9CF50C2F67507D9E274 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:b5:a2:88:a7:3c:1d:9b:12:95:40:a7:b2:8c: 01:5c:4d:f4:0c:5f:b4:55:66:6c:ef:29:0a:27:4e: 85:db:de:a4:c8:c5:d0:7c:38:55:6a:6c:f9:ac:8d: da:5a:16:cd:ba:d5:75:a4:78:09:ec:70:59:94:c0: 10:82:11:12:3f:f7:b5:2a:2e:45:24:4e:96:7b:44: 36:a6:06:dd:3e:24:7b:1c:fb:bb:be:5e:7e:9f:ec: 32:66:55:4b:50:48:95:73:52:9a:83:08:b3:c2:10: 32:76:67:a0:64:bc:24:53:30:a8:a9:af:2b:1f:1e: 1d:f9:73:cd:2f:9f:46:9f:aa:e9:22:67:e3:0c:1a: 20:32:2c:a5:2f:f8:d7:b2:57:10:15:05:b1:7b:2e: bc:e3:87:e2:fa:5d:57:25:41:d2:76:25:aa:cf:2f: 27:02:48:e0:b7:3f:53:27:87:50:9c:11:88:f6:f2: ec:67:d7:a7:74:9f:d2:1f:0a:42:38:23:da:47:4b: 4f:6c:2d:2c:15:7f:f0:a3:df:51:6a:34:3c:ab:c0: 23:91:d1:27:f0:57:d2:fe:7c:a7:a8:98:48:ea:05: 3e:c9:9e:2d:a4:4a:e0:e6:da:da:c2:d4:e0:5a:e7: 46:69:78:78:e8:da:7b:f9:db:03:cd:00:50:71:9f: c5:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:C5:4F:0C:BF:12:EE:07:F7:B8:A9:CF:50:C2:F6:75:07:D9:E2:74 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS153997.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:6284:e::/48 2a0f:6284:33ff::/48 Signature Algorithm: sha256WithRSAEncryption 7c:4e:aa:39:dd:87:e1:f1:de:a3:9b:9c:29:4c:14:db:5a:d6: 9e:75:52:fb:91:08:4f:ab:67:ca:b6:95:46:20:95:43:39:f4: 14:1e:23:73:8b:29:73:e2:52:43:26:93:c5:f4:99:1f:79:df: c5:fd:d8:d2:5b:43:e6:63:cb:e5:82:fe:59:4f:c0:56:aa:a6: 90:7f:c3:b9:36:11:fa:97:e5:0f:8a:91:18:a9:8b:68:8b:0c: b5:12:40:8a:a5:2e:b5:8e:a6:39:8e:c1:9f:b1:41:96:4f:e8: ef:0e:5c:47:99:65:60:d7:22:30:0d:76:38:7b:48:d8:60:a8: 51:19:a2:28:9b:1b:77:41:cb:d7:11:e6:9c:05:50:54:23:86: 2e:f1:ef:c6:cc:92:f3:75:90:98:4f:89:f8:24:42:6a:63:2d: 62:2b:2c:c4:c1:9d:d4:99:5a:32:73:c8:f3:3b:4d:db:e8:e1: 23:37:20:70:3c:d7:5e:39:70:3c:60:44:21:96:47:d0:8c:52: 2b:47:30:a4:88:a3:b5:fc:cc:15:d3:f3:68:7f:cd:82:9a:db: ee:1d:5a:58:31:b8:c8:5d:15:8d:96:8d:f2:61:4e:df:eb:b7: 05:3d:0f:97:cd:18:65:0b:2e:dd:96:76:45:ac:a7:6b:ea:9b: 5a:91:37:36 -----BEGIN CERTIFICATE----- MIIE3jCCA8agAwIBAgIUDdyzOYZlxNaJKH1+R19ib4E2zmgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNjAzMDUwMjU3NDFaFw0yNzAzMDQwMzAyNDFaMDMxMTAvBgNV BAMTKEEwQzU0RjBDQkYxMkVFMDdGN0I4QTlDRjUwQzJGNjc1MDdEOUUyNzQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFtaKIpzwdmxKVQKeyjAFcTfQM X7RVZmzvKQonToXb3qTIxdB8OFVqbPmsjdpaFs261XWkeAnscFmUwBCCERI/97Uq LkUkTpZ7RDamBt0+JHsc+7u+Xn6f7DJmVUtQSJVzUpqDCLPCEDJ2Z6BkvCRTMKip rysfHh35c80vn0afqukiZ+MMGiAyLKUv+NeyVxAVBbF7Lrzjh+L6XVclQdJ2JarP LycCSOC3P1Mnh1CcEYj28uxn16d0n9IfCkI4I9pHS09sLSwVf/Cj31FqNDyrwCOR 0SfwV9L+fKeomEjqBT7Jni2kSuDm2trC1OBa50ZpeHjo2nv52wPNAFBxn8XrAgMB AAGjggHoMIIB5DAdBgNVHQ4EFgQUoMVPDL8S7gf3uKnPUML2dQfZ4nQwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMxNTM5OTcucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgACMBIDBwAq D2KEAA4DBwAqD2KEM/8wDQYJKoZIhvcNAQELBQADggEBAHxOqjndh+Hx3qObnClM FNta1p51UvuRCE+rZ8q2lUYglUM59BQeI3OLKXPiUkMmk8X0mR9538X92NJbQ+Zj y+WC/llPwFaqppB/w7k2EfqX5Q+KkRipi2iLDLUSQIqlLrWOpjmOwZ+xQZZP6O8O XEeZZWDXIjANdjh7SNhgqFEZoiibG3dBy9cR5pwFUFQjhi7x78bMkvN1kJhPifgk QmpjLWIrLMTBndSZWjJzyPM7Tdvo4SM3IHA81145cDxgRCGWR9CMUitHMKSIo7X8 zBXT82h/zYKa2+4dWlgxuMhdFY2WjfJhTt/rtwU9D5fNGGULLt2WdkWsp2vqm1qR NzY= -----END CERTIFICATE-----Generated at Thu Mar 26 14:04:54 2026 by rpki-client