$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS20473.roa File: AS20473.roa (raw, json) Hash identifier: ewkZ1ruDtzR77uOAt42TpdjZSzIaxQTqdDewa+N44uY= Subject key identifier: D7:1E:EB:EE:4C:F1:B4:EF:F6:41:83:EF:BE:2F:D9:20:15:92:A4:A9 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 650DE7E0CAF2A613EF44A3C86E323A37F62643DF Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS20473.roa Signing time: Wed 06 May 2026 08:00:15 +0000 ROA not before: Wed 06 May 2026 07:55:15 +0000 ROA not after: Wed 05 May 2027 08:00:15 +0000 asID: 20473 IP address blocks: 2a0a:6044:6600::/40 maxlen: 48 2a0a:6044:ac60::/44 maxlen: 48 2a0f:6284:52::/48 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 13 May 2026 14:18:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:0d:e7:e0:ca:f2:a6:13:ef:44:a3:c8:6e:32:3a:37:f6:26:43:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: May 6 07:55:15 2026 GMT Not After : May 5 08:00:15 2027 GMT Subject: CN=D71EEBEE4CF1B4EFF64183EFBE2FD9201592A4A9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:f2:d9:9c:b8:ae:14:0c:1b:6c:36:c7:f6:d6: 39:39:19:f8:2e:9f:5a:e6:dd:e2:8b:5b:0f:0d:29: c1:f2:66:b8:2c:fe:f3:69:22:7f:55:3c:38:83:ba: e6:23:64:9f:64:76:dd:19:e0:fd:49:24:16:2b:be: ff:6d:dd:27:9c:7e:3e:2f:e0:02:dc:bb:d3:c2:8b: 46:c4:34:ed:2c:e2:92:10:23:3d:e3:da:69:2e:b4: 4d:39:26:09:17:5f:de:af:1b:13:51:8e:86:11:95: 9d:6f:56:e5:41:4f:2a:d8:73:aa:27:21:0a:65:5f: c7:67:ab:b0:f8:dc:0f:aa:d1:09:70:5b:b6:d5:5a: fe:37:78:1f:fc:79:f5:45:9b:44:e7:d2:36:ac:d3: 26:b9:6b:c1:b1:74:fb:21:8b:9d:f4:7d:17:f0:01: d0:79:91:9b:e2:43:dd:2c:e9:a4:02:49:e4:f1:cb: b3:0c:b6:88:a6:38:a5:a8:72:91:18:e6:7c:f4:d7: eb:41:b0:a0:a9:0c:e5:d9:08:43:6f:f2:38:36:33: 56:95:88:ae:c1:d8:60:96:78:7a:03:7f:2b:8f:39: d9:e8:16:12:35:cc:ae:0a:9d:e0:97:a3:aa:32:b6: 89:9f:d6:e6:0b:46:3f:a6:be:1a:99:d0:b8:d8:e1: fa:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:1E:EB:EE:4C:F1:B4:EF:F6:41:83:EF:BE:2F:D9:20:15:92:A4:A9 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS20473.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0a:6044:6600::/40 2a0a:6044:ac60::/44 2a0f:6284:52::/48 Signature Algorithm: sha256WithRSAEncryption 26:96:61:a9:d8:ad:93:4e:d5:e8:73:19:bf:f9:2e:cc:85:44: 6f:37:09:30:b9:b5:9c:03:4e:50:17:13:d5:e6:d6:56:e7:47: 56:6b:82:f2:90:1f:0d:f0:f4:25:e7:7f:f1:64:9c:8f:60:dd: d5:63:a8:ae:19:ca:4e:d9:44:e6:75:ad:f2:60:3f:97:c0:b2: a7:e8:16:4f:c7:34:0f:72:04:41:70:c8:c9:87:ad:b6:05:d2: 80:8f:f3:20:d8:05:2a:c4:f7:cc:b8:22:c6:b3:18:d8:0b:9b: 35:59:ae:a8:15:47:f7:58:9c:19:09:42:56:28:c8:70:4c:8d: 82:69:33:6d:e3:7c:81:81:f6:a7:a7:58:87:27:71:31:b1:f3: cc:3a:65:8e:c0:0a:f3:7f:de:5c:16:e8:0e:2e:19:c1:a4:61: 2f:50:ca:60:c0:2a:bf:63:e4:ae:ee:3c:28:5b:d0:97:39:ff: 16:91:c9:e9:fa:92:e7:f6:28:fc:42:eb:55:a2:49:03:c8:45: 04:ad:8e:03:2d:0c:7a:cc:05:6e:82:ab:1c:bf:43:53:70:fd: 12:81:ad:c2:24:1b:57:33:13:f8:57:b3:98:d3:05:16:7c:47: 21:cd:1f:00:7e:30:ef:b3:b4:f0:e8:d6:b7:57:38:6c:05:bb: 49:4e:00:be -----BEGIN CERTIFICATE----- MIIE5TCCA82gAwIBAgIUZQ3n4MryphPvRKPIbjI6N/YmQ98wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNjA1MDYwNzU1MTVaFw0yNzA1MDUwODAwMTVaMDMxMTAvBgNV BAMTKEQ3MUVFQkVFNENGMUI0RUZGNjQxODNFRkJFMkZEOTIwMTU5MkE0QTkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCs8tmcuK4UDBtsNsf21jk5Gfgu n1rm3eKLWw8NKcHyZrgs/vNpIn9VPDiDuuYjZJ9kdt0Z4P1JJBYrvv9t3Secfj4v 4ALcu9PCi0bENO0s4pIQIz3j2mkutE05JgkXX96vGxNRjoYRlZ1vVuVBTyrYc6on IQplX8dnq7D43A+q0QlwW7bVWv43eB/8efVFm0Tn0jas0ya5a8GxdPshi530fRfw AdB5kZviQ90s6aQCSeTxy7MMtoimOKWocpEY5nz01+tBsKCpDOXZCENv8jg2M1aV iK7B2GCWeHoDfyuPOdnoFhI1zK4KneCXo6oytomf1uYLRj+mvhqZ0LjY4fo3AgMB AAGjggHvMIIB6zAdBgNVHQ4EFgQU1x7r7kzxtO/2QYPvvi/ZIBWSpKkwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMDQ3My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAzBggrBgEFBQcBBwEB/wQkMCIwIAQCAAIwGgMGACoK YERmAwcEKgpgRKxgAwcAKg9ihABSMA0GCSqGSIb3DQEBCwUAA4IBAQAmlmGp2K2T TtXocxm/+S7MhURvNwkwubWcA05QFxPV5tZW50dWa4LykB8N8PQl53/xZJyPYN3V Y6iuGcpO2UTmda3yYD+XwLKn6BZPxzQPcgRBcMjJh622BdKAj/Mg2AUqxPfMuCLG sxjYC5s1Wa6oFUf3WJwZCUJWKMhwTI2CaTNt43yBgfanp1iHJ3ExsfPMOmWOwArz f95cFugOLhnBpGEvUMpgwCq/Y+Su7jwoW9CXOf8Wkcnp+pLn9ij8QutVokkDyEUE rY4DLQx6zAVugqscv0NTcP0Sga3CJBtXMxP4V7OY0wUWfEchzR8AfjDvs7Tw6Na3 VzhsBbtJTgC+ -----END CERTIFICATE-----Generated at Tue May 12 22:21:56 2026 by rpki-client