$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS200950.roa File: AS200950.roa (raw, json) Hash identifier: S1+SOZ3qxLV8HqLugrgIgAVI+lLeLdncHoYquTfDpDQ= Subject key identifier: 9A:B4:96:A9:5B:98:49:95:59:39:B2:90:3E:52:EE:03:24:D8:CA:45 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 493074039E91D39A552E4A3D9F02B129982D41F3 Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS200950.roa Signing time: Mon 20 Apr 2026 15:58:08 +0000 ROA not before: Mon 20 Apr 2026 15:53:08 +0000 ROA not after: Mon 19 Apr 2027 15:58:08 +0000 asID: 200950 IP address blocks: 2a06:1281:70::/44 maxlen: 44 2a06:1281:70::/44 maxlen: 48 2a0f:6284:f00::/40 maxlen: 40 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 13 May 2026 14:18:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:30:74:03:9e:91:d3:9a:55:2e:4a:3d:9f:02:b1:29:98:2d:41:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Apr 20 15:53:08 2026 GMT Not After : Apr 19 15:58:08 2027 GMT Subject: CN=9AB496A95B9849955939B2903E52EE0324D8CA45 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:95:42:10:27:c4:81:0e:25:25:0f:9c:ce:5d: 4d:80:c0:88:b9:d0:8a:31:a2:dd:6f:5a:a0:03:d0: 59:34:fa:97:3d:ad:2f:5c:b8:a3:c8:05:a6:91:57: 3e:b5:a8:4d:ba:dc:9e:30:fd:56:92:91:ac:aa:b7: d1:b8:81:9e:2c:3b:d4:f7:2d:d6:c1:04:35:4f:87: 34:c8:43:c9:69:21:48:5a:49:5a:1b:8e:e8:7e:91: 32:c7:91:ba:e5:32:7c:50:8f:7a:d2:0b:a2:fe:ca: 75:ee:ca:8d:b4:d7:aa:ec:e5:9d:8c:81:f0:70:d8: e8:6b:33:de:d7:c6:23:dc:2f:b7:e8:5c:7f:aa:cd: 80:8f:28:54:33:7a:3b:55:ce:81:a7:18:2a:3a:ab: 68:92:a6:2c:e3:60:06:f0:78:26:14:28:a2:7e:91: d8:f3:de:37:1b:64:a9:55:1b:5d:91:71:9b:d5:18: c3:19:66:03:bf:c3:20:b3:62:1e:da:5b:30:e9:fe: 0e:97:b8:83:d8:83:04:c4:44:ec:f2:de:b1:42:0b: e9:4d:6e:41:cf:b2:79:62:b8:92:78:a9:b7:55:8a: 74:89:18:b8:2d:60:74:4e:1d:94:96:19:70:28:03: e1:bc:41:e8:3a:37:b8:4f:d0:43:4d:52:c4:10:2b: a3:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:B4:96:A9:5B:98:49:95:59:39:B2:90:3E:52:EE:03:24:D8:CA:45 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS200950.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a06:1281:70::/44 2a0f:6284:f00::/40 Signature Algorithm: sha256WithRSAEncryption 51:56:ed:7b:81:ec:e1:b6:79:44:38:dd:7e:20:be:7d:0f:b9: 67:99:13:42:1c:a0:46:0e:5e:8e:35:79:82:01:bd:78:d0:3a: 81:d4:18:bd:84:de:fa:89:27:8e:21:bd:0b:de:76:66:2f:fa: e8:3f:5d:b1:2a:3a:fe:1a:42:3b:0b:4e:1a:48:98:ae:93:10: a4:7d:41:f1:52:92:b5:7b:0c:e2:b5:d6:e6:46:a7:b8:e5:55: 5c:fc:ee:0b:14:56:ec:ce:80:ab:ad:7c:52:36:ba:e5:ee:df: 9e:5c:b0:a3:2f:2a:2c:69:ec:8c:eb:28:60:8f:c9:78:05:45: bd:c4:0b:08:c8:82:5f:19:97:0e:3a:64:23:37:01:04:5f:cb: bd:a7:c5:9c:98:ef:ea:98:cc:b7:7f:bd:78:b9:70:39:4f:a2: e3:76:33:bf:76:62:67:3f:5b:2e:9a:0b:65:d5:60:11:a9:63: f4:ae:5f:4d:3a:5e:d1:5e:41:0b:ee:47:65:40:28:4f:5b:41: b1:b1:78:cf:7f:1f:eb:ca:a1:ce:8b:60:ae:12:97:67:ca:b7: 66:a3:75:23:65:e8:57:45:19:36:35:81:aa:cc:a5:6f:62:0e: 9f:94:85:62:17:82:3e:de:69:66:e0:d3:82:73:9b:7c:5d:3e: 79:d2:c0:84 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUSTB0A56R05pVLko9nwKxKZgtQfMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNjA0MjAxNTUzMDhaFw0yNzA0MTkxNTU4MDhaMDMxMTAvBgNV BAMTKDlBQjQ5NkE5NUI5ODQ5OTU1OTM5QjI5MDNFNTJFRTAzMjREOENBNDUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqlUIQJ8SBDiUlD5zOXU2AwIi5 0Ioxot1vWqAD0Fk0+pc9rS9cuKPIBaaRVz61qE263J4w/VaSkayqt9G4gZ4sO9T3 LdbBBDVPhzTIQ8lpIUhaSVobjuh+kTLHkbrlMnxQj3rSC6L+ynXuyo2016rs5Z2M gfBw2OhrM97XxiPcL7foXH+qzYCPKFQzejtVzoGnGCo6q2iSpizjYAbweCYUKKJ+ kdjz3jcbZKlVG12RcZvVGMMZZgO/wyCzYh7aWzDp/g6XuIPYgwTEROzy3rFCC+lN bkHPsnliuJJ4qbdVinSJGLgtYHROHZSWGXAoA+G8Qeg6N7hP0ENNUsQQK6OpAgMB AAGjggHnMIIB4zAdBgNVHQ4EFgQUmrSWqVuYSZVZObKQPlLuAyTYykUwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMDA5NTAucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwKgYIKwYBBQUHAQcBAf8EGzAZMBcEAgACMBEDBwQq BhKBAHADBgAqD2KEDzANBgkqhkiG9w0BAQsFAAOCAQEAUVbte4Hs4bZ5RDjdfiC+ fQ+5Z5kTQhygRg5ejjV5ggG9eNA6gdQYvYTe+oknjiG9C952Zi/66D9dsSo6/hpC OwtOGkiYrpMQpH1B8VKStXsM4rXW5kanuOVVXPzuCxRW7M6Aq618Uja65e7fnlyw oy8qLGnsjOsoYI/JeAVFvcQLCMiCXxmXDjpkIzcBBF/LvafFnJjv6pjMt3+9eLlw OU+i43Yzv3ZiZz9bLpoLZdVgEalj9K5fTTpe0V5BC+5HZUAoT1tBsbF4z38f68qh zotgrhKXZ8q3ZqN1I2XoV0UZNjWBqsylb2IOn5SFYheCPt5pZuDTgnObfF0+edLA hA== -----END CERTIFICATE-----Generated at Tue May 12 22:55:00 2026 by rpki-client