$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS214040.roa File: AS214040.roa (raw, json) Hash identifier: Ae9mgHR3bAk9TNa86Hn29umwDYC43Jr4uFlmKTXyhMU= Subject key identifier: 21:2A:46:81:B1:06:F0:3C:44:16:E9:8D:87:73:19:3C:AF:54:A0:B9 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 08333D040DDE7217EC80092D000E342E0424DC2B Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS214040.roa Signing time: Mon 16 Mar 2026 23:35:23 +0000 ROA not before: Mon 16 Mar 2026 23:30:23 +0000 ROA not after: Mon 15 Mar 2027 23:35:23 +0000 asID: 214040 IP address blocks: 2a06:1281:8000::/36 maxlen: 36 2a0f:6283:2000::/36 maxlen: 36 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 26 Mar 2026 23:11:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:33:3d:04:0d:de:72:17:ec:80:09:2d:00:0e:34:2e:04:24:dc:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Mar 16 23:30:23 2026 GMT Not After : Mar 15 23:35:23 2027 GMT Subject: CN=212A4681B106F03C4416E98D8773193CAF54A0B9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:1d:14:95:46:33:06:23:dc:cd:57:75:8e:d6: e8:8c:68:57:b3:7c:d7:6d:a1:59:a8:73:c1:65:03: 25:42:6d:d7:b5:ec:c5:aa:6c:fb:7a:a6:1d:a4:1a: 18:c7:17:51:02:79:b4:16:d1:6c:0c:25:c6:48:26: 5e:ca:23:4f:41:1b:cb:0b:7d:33:d6:4e:52:78:1a: d3:e4:5b:80:ef:dd:91:36:e2:c6:5c:77:11:ff:9c: fc:a8:95:c5:c9:1d:5f:5f:8d:b3:c4:38:e7:bb:42: 66:29:a1:8f:25:f3:5a:fa:44:e3:6b:b0:a4:07:0e: e9:48:6f:6b:50:07:92:e4:c0:ed:ed:4f:bf:78:01: 98:84:57:75:55:fc:e8:c1:07:c6:b6:60:b1:68:51: d0:97:9e:7d:33:02:a0:e8:d4:f3:89:6e:8e:81:59: cc:d9:4f:db:3b:bc:12:18:8f:63:d2:ac:49:7c:1a: 49:85:1d:f3:05:e7:ea:d5:e8:e8:78:fa:0a:51:0e: f5:ea:27:3a:ae:31:16:29:bb:1a:4d:55:c5:f0:b8: f4:bc:bd:06:d4:7b:0f:48:52:c9:55:13:88:2c:61: c5:8e:0e:38:b4:96:70:ae:1e:2c:8b:95:f6:6b:cf: 40:7d:e8:27:91:f8:87:09:89:ff:89:2b:88:3e:9a: 5e:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:2A:46:81:B1:06:F0:3C:44:16:E9:8D:87:73:19:3C:AF:54:A0:B9 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS214040.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a06:1281:8000::/36 2a0f:6283:2000::/36 Signature Algorithm: sha256WithRSAEncryption 65:87:c0:d7:cf:4d:41:c6:c2:e8:8c:dd:22:e4:35:ac:9d:f6: 3e:94:f8:cc:b5:7e:93:3a:09:f8:cc:98:39:5d:a7:5a:62:a3: f9:b0:ea:12:17:76:f2:11:df:d2:c8:65:5b:a3:7f:6f:46:35: 67:bc:df:8e:2e:7b:fe:bc:d4:ef:e1:80:76:d6:99:6f:b3:64: 43:18:fa:cd:95:30:bf:bd:4b:42:d4:f1:d0:50:8f:87:f5:2e: 29:9d:fb:64:fb:06:15:c9:55:b5:ef:03:11:ff:88:e9:c6:bf: 06:a6:02:d4:b8:34:db:98:75:09:f2:71:a5:d5:5e:f3:61:b9: 0a:b0:03:4c:d0:eb:32:bf:2b:65:30:a5:db:d3:d5:a0:17:e9: f7:7e:a1:fe:46:a7:7a:63:e2:76:98:ee:4c:b7:c8:99:46:56: 9a:cc:77:e2:b2:3f:21:c3:b7:47:72:05:d3:22:6d:fd:41:8f: 70:26:37:79:e2:61:63:f6:7e:14:7d:43:c0:ef:ff:26:62:02: 35:08:52:8d:0e:43:d1:0d:54:b6:b7:1a:c5:ef:eb:56:31:a4: f7:d4:9e:4c:89:24:9e:d7:29:6f:ad:1f:6b:7d:a3:40:64:4f: 75:3d:77:77:e9:10:61:11:67:e1:c4:7e:30:1b:44:d0:e5:6e: fc:a3:fc:66 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUCDM9BA3echfsgAktAA40LgQk3CswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNjAzMTYyMzMwMjNaFw0yNzAzMTUyMzM1MjNaMDMxMTAvBgNV BAMTKDIxMkE0NjgxQjEwNkYwM0M0NDE2RTk4RDg3NzMxOTNDQUY1NEEwQjkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClHRSVRjMGI9zNV3WO1uiMaFez fNdtoVmoc8FlAyVCbde17MWqbPt6ph2kGhjHF1ECebQW0WwMJcZIJl7KI09BG8sL fTPWTlJ4GtPkW4Dv3ZE24sZcdxH/nPyolcXJHV9fjbPEOOe7QmYpoY8l81r6RONr sKQHDulIb2tQB5LkwO3tT794AZiEV3VV/OjBB8a2YLFoUdCXnn0zAqDo1POJbo6B WczZT9s7vBIYj2PSrEl8GkmFHfMF5+rV6Oh4+gpRDvXqJzquMRYpuxpNVcXwuPS8 vQbUew9IUslVE4gsYcWODji0lnCuHiyLlfZrz0B96CeR+IcJif+JK4g+ml6/AgMB AAGjggHmMIIB4jAdBgNVHQ4EFgQUISpGgbEG8DxEFumNh3MZPK9UoLkwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMTQwNDAucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwKQYIKwYBBQUHAQcBAf8EGjAYMBYEAgACMBADBgQq BhKBgAMGBCoPYoMgMA0GCSqGSIb3DQEBCwUAA4IBAQBlh8DXz01BxsLojN0i5DWs nfY+lPjMtX6TOgn4zJg5XadaYqP5sOoSF3byEd/SyGVbo39vRjVnvN+OLnv+vNTv 4YB21plvs2RDGPrNlTC/vUtC1PHQUI+H9S4pnftk+wYVyVW17wMR/4jpxr8GpgLU uDTbmHUJ8nGl1V7zYbkKsANM0OsyvytlMKXb09WgF+n3fqH+Rqd6Y+J2mO5Mt8iZ RlaazHfisj8hw7dHcgXTIm39QY9wJjd54mFj9n4UfUPA7/8mYgI1CFKNDkPRDVS2 txrF7+tWMaT31J5MiSSe1ylvrR9rfaNAZE91PXd36RBhEWfhxH4wG0TQ5W78o/xm -----END CERTIFICATE-----Generated at Thu Mar 26 05:30:37 2026 by rpki-client