$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS200472.roa File: AS200472.roa (raw, json) Hash identifier: 6ctjOTSNfMNa+gTxVShLkGieT1HD4ZrrvLjz9VSh6I4= Subject key identifier: E0:6F:F8:0A:12:D5:B3:0D:62:39:05:28:C8:73:0E:9B:DF:8F:79:45 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 6A43F0D98CD5783FA40492C159D56E075273C203 Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS200472.roa Signing time: Thu 05 Mar 2026 17:04:40 +0000 ROA not before: Thu 05 Mar 2026 16:59:40 +0000 ROA not after: Thu 04 Mar 2027 17:04:40 +0000 asID: 200472 IP address blocks: 2a09:54c4::/32 maxlen: 32 2a0f:6282:2000::/36 maxlen: 36 2a0f:6282:3000::/36 maxlen: 36 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 27 Mar 2026 09:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:43:f0:d9:8c:d5:78:3f:a4:04:92:c1:59:d5:6e:07:52:73:c2:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Mar 5 16:59:40 2026 GMT Not After : Mar 4 17:04:40 2027 GMT Subject: CN=E06FF80A12D5B30D62390528C8730E9BDF8F7945 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:d8:99:27:f3:af:98:6b:45:ba:04:1a:8f:26: ca:b3:45:7b:33:b7:9f:d2:14:52:13:0d:35:2d:b9: ea:64:3e:92:8e:66:03:9f:4e:bf:af:1b:e5:cc:fb: 87:09:72:88:4c:a4:e4:c5:a1:d0:03:b6:d0:e4:e3: e3:25:e2:04:fc:0d:3d:8f:3d:e2:cd:9e:7d:4d:65: 2f:a9:4f:b8:dd:00:d8:e3:01:98:35:db:b6:fb:c8: 51:98:cb:bc:ce:a9:16:7d:a7:69:4f:06:10:50:e5: 5c:a4:cb:be:aa:c4:79:14:92:64:1c:32:50:e6:b5: c1:75:b5:83:e1:29:dc:66:ab:50:3c:fd:00:e0:ea: ea:45:94:b9:91:21:1e:04:79:67:80:10:ac:a9:68: 31:11:ee:97:41:09:e3:53:c1:46:b5:c9:65:b1:57: 1b:be:3d:02:81:fe:f8:db:64:12:54:7f:62:39:8d: e8:10:65:ee:02:6e:0f:f2:ec:0b:ee:fa:32:63:c1: 55:4b:08:86:d4:ed:59:ff:56:08:b8:ee:42:90:c4: c3:06:ec:a2:21:5e:51:2d:8d:e6:ed:0f:4a:7b:c7: 1b:12:b8:52:79:de:6b:cd:ce:e5:4a:ec:56:dc:39: dd:c0:9d:12:7a:e1:f6:62:66:42:a4:03:39:69:97: 2d:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:6F:F8:0A:12:D5:B3:0D:62:39:05:28:C8:73:0E:9B:DF:8F:79:45 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS200472.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a09:54c4::/32 2a0f:6282:2000::/35 Signature Algorithm: sha256WithRSAEncryption 83:dd:49:68:d5:27:9e:ff:b9:0e:5e:43:14:19:7c:5c:67:b2: ac:99:0f:66:ca:30:cd:9c:b2:31:3b:61:24:ee:cb:68:92:65: 35:b8:de:a7:5d:f5:60:eb:d7:19:71:54:7d:b8:fb:4b:13:0b: a7:cf:c3:3c:ac:e8:6b:81:32:f1:40:14:48:f6:ef:51:a2:25: 19:d4:1a:88:75:87:17:d4:20:d9:c6:9d:26:d3:c8:68:44:21: b9:95:25:3f:43:4b:8d:13:ea:8c:ab:d7:ce:f2:a1:91:e5:96: 5d:61:4b:9b:b5:20:25:68:e6:75:35:2a:9b:4b:71:6d:9f:4d: d6:30:d6:d4:48:9f:e9:a9:c9:c1:96:cf:63:3c:7a:1f:2c:aa: 06:20:53:a0:77:21:5d:b8:cd:0d:a3:2c:ea:68:94:83:2c:e3: 7a:02:9d:4f:21:d4:78:83:5c:4f:05:ec:80:4f:f3:ce:4e:cc: 31:ca:23:fc:b5:cd:4f:f0:39:8f:a4:83:14:1c:d5:d3:2d:48: 82:49:7b:7a:fb:0b:ee:50:45:b6:21:bb:67:27:c0:2d:c7:cd: a1:54:ca:a9:85:84:d8:26:bd:db:28:08:fe:a9:89:d3:04:b3: 8a:9c:47:e3:52:5b:89:b9:d8:08:cb:11:46:ef:50:49:a8:17: 47:76:a9:50 -----BEGIN CERTIFICATE----- MIIE2zCCA8OgAwIBAgIUakPw2YzVeD+kBJLBWdVuB1JzwgMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNjAzMDUxNjU5NDBaFw0yNzAzMDQxNzA0NDBaMDMxMTAvBgNV BAMTKEUwNkZGODBBMTJENUIzMEQ2MjM5MDUyOEM4NzMwRTlCREY4Rjc5NDUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv2Jkn86+Ya0W6BBqPJsqzRXsz t5/SFFITDTUtuepkPpKOZgOfTr+vG+XM+4cJcohMpOTFodADttDk4+Ml4gT8DT2P PeLNnn1NZS+pT7jdANjjAZg127b7yFGYy7zOqRZ9p2lPBhBQ5Vyky76qxHkUkmQc MlDmtcF1tYPhKdxmq1A8/QDg6upFlLmRIR4EeWeAEKypaDER7pdBCeNTwUa1yWWx Vxu+PQKB/vjbZBJUf2I5jegQZe4Cbg/y7Avu+jJjwVVLCIbU7Vn/Vgi47kKQxMMG 7KIhXlEtjebtD0p7xxsSuFJ53mvNzuVK7FbcOd3AnRJ64fZiZkKkAzlply3XAgMB AAGjggHlMIIB4TAdBgNVHQ4EFgQU4G/4ChLVsw1iOQUoyHMOm9+PeUUwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMDA0NzIucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwKAYIKwYBBQUHAQcBAf8EGTAXMBUEAgACMA8DBQAq CVTEAwYFKg9igiAwDQYJKoZIhvcNAQELBQADggEBAIPdSWjVJ57/uQ5eQxQZfFxn sqyZD2bKMM2csjE7YSTuy2iSZTW43qdd9WDr1xlxVH24+0sTC6fPwzys6GuBMvFA FEj271GiJRnUGoh1hxfUINnGnSbTyGhEIbmVJT9DS40T6oyr187yoZHlll1hS5u1 ICVo5nU1KptLcW2fTdYw1tRIn+mpycGWz2M8eh8sqgYgU6B3IV24zQ2jLOpolIMs 43oCnU8h1HiDXE8F7IBP885OzDHKI/y1zU/wOY+kgxQc1dMtSIJJe3r7C+5QRbYh u2cnwC3HzaFUyqmFhNgmvdsoCP6pidMEs4qcR+NSW4m52AjLEUbvUEmoF0d2qVA= -----END CERTIFICATE-----Generated at Thu Mar 26 14:04:54 2026 by rpki-client