$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS31898.roa File: AS31898.roa (raw, json) Hash identifier: Z/IPF5yUnr7njZv+6e6ZfmnIBSzwQ//JV7q0D/gqSOs= Subject key identifier: D3:98:99:0C:B5:61:15:DB:47:D4:B5:DE:02:5D:7A:80:38:FF:59:95 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 57730D92DD67592EB4D5431F630A9D1369371FED Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS31898.roa Signing time: Wed 11 Mar 2026 17:26:03 +0000 ROA not before: Wed 11 Mar 2026 17:21:03 +0000 ROA not after: Wed 10 Mar 2027 17:26:03 +0000 asID: 31898 IP address blocks: 2a05:dfc3:f6ce::/48 maxlen: 48 2a05:dfc3:f760::/44 maxlen: 48 2a0a:6044:6d00::/48 maxlen: 48 2a0f:6284:4c10::/44 maxlen: 48 2a0f:6284:4c20::/44 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 26 Mar 2026 23:11:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:73:0d:92:dd:67:59:2e:b4:d5:43:1f:63:0a:9d:13:69:37:1f:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Mar 11 17:21:03 2026 GMT Not After : Mar 10 17:26:03 2027 GMT Subject: CN=D398990CB56115DB47D4B5DE025D7A8038FF5995 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:b7:cf:a1:2c:f8:8d:87:82:2b:28:ab:bd:78: c3:de:56:d1:e4:4c:92:af:cf:8a:22:a0:d3:ce:0c: fe:8d:48:8e:32:7e:72:a5:31:29:05:14:24:ad:f1: 39:c8:55:68:ed:b7:12:8b:b1:88:6d:04:54:91:c1: d0:9d:06:68:1b:0e:1b:70:6a:a2:4d:83:96:61:95: 2f:92:a8:f7:a0:ac:9e:2c:d1:41:9a:24:2a:fc:ed: e3:f2:b7:17:fa:83:0b:33:6d:08:cd:0f:d0:f0:df: 8f:cd:ed:8d:0b:04:a8:00:e5:69:0f:a0:87:91:32: 5b:e3:0e:bd:69:94:e1:62:13:52:c0:bb:50:ef:5f: c8:e9:61:30:4f:69:34:0b:12:32:68:71:da:68:ae: 1c:6e:92:03:68:22:f9:58:31:6a:4e:25:c1:35:9a: 9d:f9:16:d5:64:ec:a8:96:9f:83:3b:4e:f8:71:31: 16:7e:49:87:05:b3:a1:78:21:f4:b8:d9:e4:68:f6: d4:19:37:13:f0:c8:3b:3e:02:70:c7:4e:73:1b:27: 76:6b:f4:21:74:ef:49:12:c6:ad:63:fa:3c:82:ec: c2:4b:43:62:f4:f8:59:2d:e5:00:cc:b3:67:a6:1f: f7:db:35:92:54:da:49:c7:34:c1:e9:ac:a7:f7:81: 79:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:98:99:0C:B5:61:15:DB:47:D4:B5:DE:02:5D:7A:80:38:FF:59:95 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS31898.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc3:f6ce::/48 2a05:dfc3:f760::/44 2a0a:6044:6d00::/48 2a0f:6284:4c10::-2a0f:6284:4c2f:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 18:59:33:07:72:e6:91:a5:b7:9c:cb:95:8d:75:95:6d:10:c8: b1:6c:36:cf:aa:12:0b:1d:67:dd:5f:61:b6:31:3a:fe:de:a4: 98:70:12:1b:60:7b:be:98:28:ed:e3:06:d9:1e:6d:c0:78:ae: e5:e1:6b:00:cd:28:7a:c7:3c:f2:f1:2e:c3:0e:08:7f:b6:85: f3:38:69:fd:f1:87:60:81:f8:6f:10:d9:e2:e8:c9:47:76:9d: b8:01:32:c6:df:11:9e:4e:60:53:0e:6d:e4:15:1c:65:99:77: 76:44:0b:d0:bc:91:7b:e7:ed:36:00:48:f2:61:f6:fd:9b:67: 96:dc:aa:3a:bf:38:a2:b5:af:18:fa:be:7f:4b:bb:18:a3:df: 1e:3b:45:c3:9f:77:25:c3:5d:6d:f5:b4:be:d4:9a:32:09:ec: ab:81:11:7f:9a:12:61:d6:e9:93:3d:a5:81:58:16:9e:1e:48: be:3a:51:7e:b3:e5:5d:84:2d:73:c6:59:c1:2c:fc:c7:78:9d: ed:37:a6:89:b4:56:61:40:96:4b:bd:98:5d:d4:9a:04:15:e1: c3:52:8d:60:47:cf:75:fc:ca:b7:40:51:49:18:49:a7:79:c4: d3:87:df:29:d6:a8:7b:4b:6a:32:40:34:9f:91:8d:26:4e:8b: cc:32:02:36 -----BEGIN CERTIFICATE----- MIIE+jCCA+KgAwIBAgIUV3MNkt1nWS601UMfYwqdE2k3H+0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNjAzMTExNzIxMDNaFw0yNzAzMTAxNzI2MDNaMDMxMTAvBgNV BAMTKEQzOTg5OTBDQjU2MTE1REI0N0Q0QjVERTAyNUQ3QTgwMzhGRjU5OTUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCut8+hLPiNh4IrKKu9eMPeVtHk TJKvz4oioNPODP6NSI4yfnKlMSkFFCSt8TnIVWjttxKLsYhtBFSRwdCdBmgbDhtw aqJNg5ZhlS+SqPegrJ4s0UGaJCr87ePytxf6gwszbQjND9Dw34/N7Y0LBKgA5WkP oIeRMlvjDr1plOFiE1LAu1DvX8jpYTBPaTQLEjJocdporhxukgNoIvlYMWpOJcE1 mp35FtVk7KiWn4M7TvhxMRZ+SYcFs6F4IfS42eRo9tQZNxPwyDs+AnDHTnMbJ3Zr 9CF070kSxq1j+jyC7MJLQ2L0+Fkt5QDMs2emH/fbNZJU2knHNMHprKf3gXk/AgMB AAGjggIEMIICADAdBgNVHQ4EFgQU05iZDLVhFdtH1LXeAl16gDj/WZUwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMzMTg5OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjBIBggrBgEFBQcBBwEB/wQ5MDcwNQQCAAIwLwMHACoF 38P2zgMHBCoF38P3YAMHACoKYERtADASAwcEKg9ihEwQAwcEKg9ihEwgMA0GCSqG SIb3DQEBCwUAA4IBAQAYWTMHcuaRpbecy5WNdZVtEMixbDbPqhILHWfdX2G2MTr+ 3qSYcBIbYHu+mCjt4wbZHm3AeK7l4WsAzSh6xzzy8S7DDgh/toXzOGn98Ydggfhv ENni6MlHdp24ATLG3xGeTmBTDm3kFRxlmXd2RAvQvJF75+02AEjyYfb9m2eW3Ko6 vziita8Y+r5/S7sYo98eO0XDn3clw11t9bS+1JoyCeyrgRF/mhJh1umTPaWBWBae Hki+OlF+s+VdhC1zxlnBLPzHeJ3tN6aJtFZhQJZLvZhd1JoEFeHDUo1gR891/Mq3 QFFJGEmnecTTh98p1qh7S2oyQDSfkY0mTovMMgI2 -----END CERTIFICATE-----Generated at Thu Mar 26 09:16:15 2026 by rpki-client