$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS213124.roa File: AS213124.roa (raw, json) Hash identifier: 0wR3gvp07g+/CSkit+bO3AKFV6ZIE6eQYMrEfZ75TY4= Subject key identifier: B9:49:1F:DF:62:44:AD:53:17:25:01:C5:04:88:88:8A:60:31:A0:05 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 6033D5B9A8315220B0A08EB00AEF29772CFF468B Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS213124.roa Signing time: Sun 12 Oct 2025 08:00:30 +0000 ROA not before: Sun 12 Oct 2025 07:55:30 +0000 ROA not after: Sun 11 Oct 2026 08:00:30 +0000 asID: 213124 IP address blocks: 2a0f:6284:8000::/36 maxlen: 36 2a0f:6284:9000::/36 maxlen: 36 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 20 Oct 2025 12:13:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:33:d5:b9:a8:31:52:20:b0:a0:8e:b0:0a:ef:29:77:2c:ff:46:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Oct 12 07:55:30 2025 GMT Not After : Oct 11 08:00:30 2026 GMT Subject: CN=B9491FDF6244AD53172501C50488888A6031A005 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:df:fc:64:cd:0e:80:61:e0:8b:64:26:4d:5f: 4e:fc:54:ab:f1:03:70:2a:e6:08:b4:71:10:5d:96: 0c:59:c2:30:fe:42:60:98:e2:7a:53:c8:44:7b:02: 58:e6:f0:c5:6e:72:a5:26:79:a9:d8:81:e8:05:96: 06:66:0b:11:5d:21:dc:c3:88:e6:95:d4:7c:73:fd: 2f:55:d7:6c:d7:ea:0c:fa:01:70:87:54:e3:80:70: f2:49:0a:c0:06:5b:eb:8d:7d:95:94:3b:48:b0:d7: 3b:8f:9d:26:79:25:35:99:41:30:66:7f:55:3c:4f: 1f:ca:b5:a2:cf:5f:c2:f4:d0:93:32:59:85:7a:38: 68:a2:de:cb:8f:60:28:bc:ea:55:29:60:3b:d8:fe: 8e:ec:25:f1:4b:1e:42:f4:e4:8b:8e:dd:36:cd:a6: f3:ce:e5:bb:a4:ba:f2:a3:14:b5:62:ca:1f:3b:dd: 52:86:fd:f3:98:12:84:8f:dc:ca:82:22:e4:7d:e6: f2:6a:1f:17:1b:b8:e9:16:14:91:44:6a:37:2f:a5: aa:bd:e0:97:71:fe:76:58:36:12:df:22:44:1a:57: 7c:bc:4c:9e:b8:9f:dc:c9:f9:b8:60:66:f2:5e:76: f5:8b:20:b6:22:eb:24:fd:e3:8a:14:5a:29:b2:ce: 7f:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:49:1F:DF:62:44:AD:53:17:25:01:C5:04:88:88:8A:60:31:A0:05 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS213124.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:6284:8000::/35 Signature Algorithm: sha256WithRSAEncryption 64:31:02:84:1b:3b:4f:e7:9e:81:0f:ca:a4:2e:5c:cf:24:d1: 80:82:b8:22:67:18:0c:55:95:94:cc:e4:f8:c2:5a:83:a7:fe: 7a:3d:39:0b:7f:cf:b7:30:06:2e:5e:bc:12:f5:6e:4d:6c:35: 43:6c:5e:26:02:b3:31:04:86:bd:be:17:6d:56:92:cc:70:3d: 77:a1:b3:97:6a:f9:6d:c4:8f:ba:61:32:51:a1:78:22:03:3a: 07:c5:53:f3:8e:78:f1:77:69:db:ed:82:0c:99:72:58:d5:63: 13:3c:fc:87:b0:f9:df:18:67:9b:fd:68:47:cf:e7:0b:af:3b: 5a:67:17:c4:7c:cc:aa:d6:b5:4e:7d:fc:13:5c:8d:e4:d1:5c: f4:2b:e3:88:08:04:54:73:ae:46:ec:ca:15:f3:89:59:89:24: be:1d:f1:70:09:ca:f7:55:a3:41:cd:27:92:56:58:49:4a:1e: 5a:fc:1a:32:29:15:d1:2e:32:56:4e:3c:e5:7f:91:7a:08:8d: 76:94:77:29:f6:19:b4:f0:2a:b1:66:aa:e7:19:d1:c9:a1:21: 9b:d6:1a:d4:61:82:8a:5f:e7:de:bb:a7:d8:29:ac:9f:99:a5: f2:2c:ba:85:c7:14:e8:c4:da:a4:ec:23:80:eb:73:23:46:2a: b0:fe:76:62 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIUYDPVuagxUiCwoI6wCu8pdyz/RoswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNTEwMTIwNzU1MzBaFw0yNjEwMTEwODAwMzBaMDMxMTAvBgNV BAMTKEI5NDkxRkRGNjI0NEFENTMxNzI1MDFDNTA0ODg4ODhBNjAzMUEwMDUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCg3/xkzQ6AYeCLZCZNX078VKvx A3Aq5gi0cRBdlgxZwjD+QmCY4npTyER7Aljm8MVucqUmeanYgegFlgZmCxFdIdzD iOaV1Hxz/S9V12zX6gz6AXCHVOOAcPJJCsAGW+uNfZWUO0iw1zuPnSZ5JTWZQTBm f1U8Tx/KtaLPX8L00JMyWYV6OGii3suPYCi86lUpYDvY/o7sJfFLHkL05IuO3TbN pvPO5bukuvKjFLViyh873VKG/fOYEoSP3MqCIuR95vJqHxcbuOkWFJFEajcvpaq9 4Jdx/nZYNhLfIkQaV3y8TJ64n9zJ+bhgZvJedvWLILYi6yT944oUWimyzn8DAgMB AAGjggHeMIIB2jAdBgNVHQ4EFgQUuUkf32JErVMXJQHFBIiIimAxoAUwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMTMxMjQucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgUq D2KEgDANBgkqhkiG9w0BAQsFAAOCAQEAZDEChBs7T+eegQ/KpC5czyTRgIK4ImcY DFWVlMzk+MJag6f+ej05C3/PtzAGLl68EvVuTWw1Q2xeJgKzMQSGvb4XbVaSzHA9 d6Gzl2r5bcSPumEyUaF4IgM6B8VT84548Xdp2+2CDJlyWNVjEzz8h7D53xhnm/1o R8/nC687WmcXxHzMqta1Tn38E1yN5NFc9CvjiAgEVHOuRuzKFfOJWYkkvh3xcAnK 91WjQc0nklZYSUoeWvwaMikV0S4yVk485X+RegiNdpR3KfYZtPAqsWaq5xnRyaEh m9Ya1GGCil/n3run2Cmsn5ml8iy6hccU6MTapOwjgOtzI0YqsP52Yg== -----END CERTIFICATE-----Generated at Sun Oct 19 22:29:19 2025 by rpki-client