$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS20473.roa File: AS20473.roa (raw, json) Hash identifier: V30hXsKkYM6F1N2KMyZ1/rF1W1dwbB76iPzE8qgHETg= Subject key identifier: 4A:53:24:CC:B0:1B:1D:AC:9E:18:05:47:62:B9:91:93:F2:B5:66:06 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 2E910A56D70EF25CFBD265EFE461057A8A7AC9ED Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS20473.roa Signing time: Mon 16 Mar 2026 14:35:33 +0000 ROA not before: Mon 16 Mar 2026 14:30:33 +0000 ROA not after: Mon 15 Mar 2027 14:35:33 +0000 asID: 20473 IP address blocks: 2a05:dfc3:f900::/40 maxlen: 40 2a0a:6044:6600::/40 maxlen: 48 2a0a:6044:ac60::/44 maxlen: 48 2a0f:6284:52::/48 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 26 Mar 2026 23:11:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:91:0a:56:d7:0e:f2:5c:fb:d2:65:ef:e4:61:05:7a:8a:7a:c9:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Mar 16 14:30:33 2026 GMT Not After : Mar 15 14:35:33 2027 GMT Subject: CN=4A5324CCB01B1DAC9E18054762B99193F2B56606 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:b1:40:58:29:25:70:df:f8:95:f1:c9:34:ea: 21:f0:92:c0:0a:aa:01:9a:f1:05:68:b4:7c:65:b7: 51:ef:a9:86:06:98:be:ab:c9:6b:c1:48:11:37:bb: a8:d9:30:82:a2:a8:36:ae:94:27:84:33:7b:24:5f: d7:82:2a:62:0a:5a:ee:05:47:c3:d5:f0:1b:25:69: 74:a3:d7:58:c6:5b:5c:c7:db:2d:ed:a0:a4:48:33: 0b:76:40:4f:57:a8:fd:32:2d:15:fb:ba:13:9e:cf: 08:32:fc:cf:3d:37:63:40:ef:7d:21:f3:a2:c1:84: ac:6d:a9:fc:98:6f:89:85:28:87:f1:14:16:25:03: 7d:c8:48:f6:52:0d:11:42:cd:67:ff:c7:ec:e0:fc: 8b:b2:02:d8:e5:93:21:c6:17:14:6d:4c:c6:39:54: ef:b8:a8:9b:ae:a3:1f:b3:98:d1:9e:b0:04:af:36: a4:8f:15:ca:89:fc:a3:83:e4:68:24:73:b4:bc:76: 52:bc:13:b7:d6:22:b8:0d:7e:f2:07:44:40:ad:1a: 64:8d:66:e5:b7:36:f4:45:e7:36:a3:a6:42:2e:aa: 74:99:3c:3c:08:8f:6c:2a:60:ec:4c:f1:91:16:fb: b6:9a:d2:a2:74:a2:5e:aa:04:1e:54:b4:7f:20:d3: db:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:53:24:CC:B0:1B:1D:AC:9E:18:05:47:62:B9:91:93:F2:B5:66:06 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS20473.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc3:f900::/40 2a0a:6044:6600::/40 2a0a:6044:ac60::/44 2a0f:6284:52::/48 Signature Algorithm: sha256WithRSAEncryption 4a:d9:26:1e:29:7d:91:6d:45:64:d1:79:6f:c2:e0:0a:6f:b2: ca:88:c3:cb:f9:d1:11:a9:27:5b:03:43:67:ca:11:01:98:74: 6c:72:7e:ab:15:ab:86:60:1a:24:59:9a:ed:1a:90:d3:f3:6f: c7:2c:c1:ac:ec:bc:2f:1d:4b:4a:d2:38:66:ee:c3:87:b2:cb: fd:ee:fe:d2:54:80:84:9f:ee:c8:d9:b8:eb:aa:ef:41:06:e2: 6f:ce:60:16:66:e5:1f:a3:28:bd:4a:19:e1:39:1a:08:7e:40: 6a:7b:3b:71:3a:af:f0:74:6a:b1:de:f8:b5:36:79:55:d1:6b: 59:d4:f1:ac:94:c3:3f:c1:dc:b0:cb:b9:a9:a2:9e:ae:7c:85: bf:a5:26:1c:45:4b:bd:cf:70:1b:5c:ba:0b:97:21:7c:03:de: a7:23:4d:dc:df:88:69:c3:60:f8:48:76:a5:23:19:8b:61:e3: 31:81:44:ac:b1:89:46:31:c7:ce:7f:22:ab:c7:b7:e3:62:fa: 13:c5:7e:6c:7c:39:95:e6:42:29:10:3a:9f:e5:92:cd:9c:8c: a6:d8:0d:d9:1c:fd:86:e3:73:bb:c3:6f:64:2a:80:54:49:c4: df:d1:0e:5d:65:44:2a:57:7d:85:03:f9:8c:f2:51:d0:16:7b: f3:06:a3:92 -----BEGIN CERTIFICATE----- MIIE7TCCA9WgAwIBAgIULpEKVtcO8lz70mXv5GEFeop6ye0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNjAzMTYxNDMwMzNaFw0yNzAzMTUxNDM1MzNaMDMxMTAvBgNV BAMTKDRBNTMyNENDQjAxQjFEQUM5RTE4MDU0NzYyQjk5MTkzRjJCNTY2MDYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbsUBYKSVw3/iV8ck06iHwksAK qgGa8QVotHxlt1HvqYYGmL6ryWvBSBE3u6jZMIKiqDaulCeEM3skX9eCKmIKWu4F R8PV8BslaXSj11jGW1zH2y3toKRIMwt2QE9XqP0yLRX7uhOezwgy/M89N2NA730h 86LBhKxtqfyYb4mFKIfxFBYlA33ISPZSDRFCzWf/x+zg/IuyAtjlkyHGFxRtTMY5 VO+4qJuuox+zmNGesASvNqSPFcqJ/KOD5Ggkc7S8dlK8E7fWIrgNfvIHRECtGmSN ZuW3NvRF5zajpkIuqnSZPDwIj2wqYOxM8ZEW+7aa0qJ0ol6qBB5UtH8g09tJAgMB AAGjggH3MIIB8zAdBgNVHQ4EFgQUSlMkzLAbHayeGAVHYrmRk/K1ZgYwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMDQ3My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjA7BggrBgEFBQcBBwEB/wQsMCowKAQCAAIwIgMGACoF 38P5AwYAKgpgRGYDBwQqCmBErGADBwAqD2KEAFIwDQYJKoZIhvcNAQELBQADggEB AErZJh4pfZFtRWTReW/C4ApvssqIw8v50RGpJ1sDQ2fKEQGYdGxyfqsVq4ZgGiRZ mu0akNPzb8cswazsvC8dS0rSOGbuw4eyy/3u/tJUgISf7sjZuOuq70EG4m/OYBZm 5R+jKL1KGeE5Ggh+QGp7O3E6r/B0arHe+LU2eVXRa1nU8ayUwz/B3LDLuaminq58 hb+lJhxFS73PcBtcuguXIXwD3qcjTdzfiGnDYPhIdqUjGYth4zGBRKyxiUYxx85/ IqvHt+Ni+hPFfmx8OZXmQikQOp/lks2cjKbYDdkc/Ybjc7vDb2QqgFRJxN/RDl1l RCpXfYUD+YzyUdAWe/MGo5I= -----END CERTIFICATE-----Generated at Thu Mar 26 08:45:21 2026 by rpki-client