$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS395878.roa File: AS395878.roa (raw, json) Hash identifier: EZQVyeve9Ud1wZAMd73LXRZfUdS4XXM3yPZWc/pweVg= Subject key identifier: 31:4E:30:43:39:99:D5:7C:BC:04:7B:10:36:C8:0C:D4:D9:84:52:9B Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 11E3851925772764ADDD652E3244520F2991B0B2 Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS395878.roa Signing time: Sat 11 Oct 2025 19:17:21 +0000 ROA not before: Sat 11 Oct 2025 19:12:21 +0000 ROA not after: Sat 10 Oct 2026 19:17:21 +0000 asID: 395878 IP address blocks: 2a0f:6283:8000::/34 maxlen: 34 2a0f:6287:4000::/34 maxlen: 34 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 20 Oct 2025 13:44:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:e3:85:19:25:77:27:64:ad:dd:65:2e:32:44:52:0f:29:91:b0:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Oct 11 19:12:21 2025 GMT Not After : Oct 10 19:17:21 2026 GMT Subject: CN=314E30433999D57CBC047B1036C80CD4D984529B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:d7:de:ed:ea:e7:af:cf:21:49:bb:dd:c2:6f: 1e:31:fb:3b:fc:46:8d:78:0c:11:57:65:79:3f:a1: 28:e7:7b:01:92:3d:9d:e4:44:8e:6f:d2:bb:34:6f: 8d:34:30:76:eb:42:5f:6c:c5:80:c0:0a:83:8d:08: 4a:23:b8:9c:98:28:3f:d7:f9:24:1f:79:9a:83:e2: 91:9c:f8:f6:2a:3d:73:8f:c4:33:21:ee:17:31:be: 28:9b:fa:5b:5b:af:cd:07:18:fe:b4:24:2d:9a:f7: dc:d9:20:e2:55:0b:3e:6b:82:39:3f:ef:90:17:49: 6f:56:4b:43:da:28:a9:8b:dc:71:42:9a:19:e2:28: 7f:d1:9f:6a:6b:b6:51:d5:91:ae:76:19:cc:a9:a3: db:d7:a6:a7:7c:b7:d4:79:15:0e:67:49:f7:17:f8: f8:c6:17:44:c5:da:d9:58:b0:c0:b8:bd:73:6a:7c: 13:09:6d:23:da:0c:7f:94:a6:b3:59:22:30:3d:d4: 88:63:b8:ed:f2:37:77:7e:04:d6:8c:a9:95:e0:22: e7:cc:20:6f:47:6b:e9:02:28:d1:a3:0e:56:97:b5: 6a:a1:a4:d0:02:43:7a:25:2c:64:08:66:13:b5:55: b8:29:85:86:af:c5:1a:42:e7:53:23:b0:6d:39:e6: e0:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:4E:30:43:39:99:D5:7C:BC:04:7B:10:36:C8:0C:D4:D9:84:52:9B X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS395878.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:6283:8000::/34 2a0f:6287:4000::/34 Signature Algorithm: sha256WithRSAEncryption 25:77:e0:cd:86:a2:46:65:d2:80:a9:2a:35:6a:66:71:d0:0a: e5:12:f6:ff:59:29:27:3c:af:66:5e:c5:4b:69:1c:81:29:2c: a1:65:c8:b5:e8:d1:60:82:a6:58:36:32:0a:69:20:0a:e5:9b: fd:de:86:fd:86:2e:64:dc:d5:95:54:76:61:1b:bf:41:2e:8b: 9f:3b:38:5b:14:75:be:05:49:56:bb:bc:cc:b1:0e:b5:25:7f: 1e:83:fc:c8:2c:b1:1a:44:4d:50:53:7e:85:92:2f:c4:71:9e: 34:19:a7:78:d5:5e:42:45:27:44:73:8b:60:99:15:70:cc:51: c2:ab:c0:05:79:ce:61:b1:86:cc:36:ed:53:04:cf:c0:46:0e: 30:a2:04:0d:1c:75:78:9a:21:39:e0:0e:58:f8:b7:93:16:0f: 68:12:5b:fa:fa:66:7e:19:8c:c0:56:88:72:23:c4:d7:ab:68: 70:da:4e:75:ba:c5:9a:eb:60:90:f3:0d:9e:74:9b:42:33:81: 54:5e:49:e9:6d:5e:70:70:2b:71:f5:7e:36:3b:97:ee:a3:ff: 72:c8:c6:2b:07:ab:ff:a2:a9:19:16:a6:6e:5a:bd:f5:c2:f2: 35:6a:1e:11:19:86:11:79:bb:94:94:15:b1:73:fc:a6:99:54: 0f:ce:03:fa -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUEeOFGSV3J2St3WUuMkRSDymRsLIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNTEwMTExOTEyMjFaFw0yNjEwMTAxOTE3MjFaMDMxMTAvBgNV BAMTKDMxNEUzMDQzMzk5OUQ1N0NCQzA0N0IxMDM2QzgwQ0Q0RDk4NDUyOUIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDu197t6uevzyFJu93Cbx4x+zv8 Ro14DBFXZXk/oSjnewGSPZ3kRI5v0rs0b400MHbrQl9sxYDACoONCEojuJyYKD/X +SQfeZqD4pGc+PYqPXOPxDMh7hcxviib+ltbr80HGP60JC2a99zZIOJVCz5rgjk/ 75AXSW9WS0PaKKmL3HFCmhniKH/Rn2prtlHVka52Gcypo9vXpqd8t9R5FQ5nSfcX +PjGF0TF2tlYsMC4vXNqfBMJbSPaDH+UprNZIjA91IhjuO3yN3d+BNaMqZXgIufM IG9Ha+kCKNGjDlaXtWqhpNACQ3olLGQIZhO1VbgphYavxRpC51MjsG055uDzAgMB AAGjggHmMIIB4jAdBgNVHQ4EFgQUMU4wQzmZ1Xy8BHsQNsgM1NmEUpswHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMzOTU4Nzgucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwKQYIKwYBBQUHAQcBAf8EGjAYMBYEAgACMBADBgYq D2KDgAMGBioPYodAMA0GCSqGSIb3DQEBCwUAA4IBAQAld+DNhqJGZdKAqSo1amZx 0ArlEvb/WSknPK9mXsVLaRyBKSyhZci16NFggqZYNjIKaSAK5Zv93ob9hi5k3NWV VHZhG79BLoufOzhbFHW+BUlWu7zMsQ61JX8eg/zILLEaRE1QU36Fki/EcZ40Gad4 1V5CRSdEc4tgmRVwzFHCq8AFec5hsYbMNu1TBM/ARg4wogQNHHV4miE54A5Y+LeT Fg9oElv6+mZ+GYzAVohyI8TXq2hw2k51usWa62CQ8w2edJtCM4FUXknpbV5wcCtx 9X42O5fuo/9yyMYrB6v/oqkZFqZuWr31wvI1ah4RGYYRebuUlBWxc/ymmVQPzgP6 -----END CERTIFICATE-----Generated at Mon Oct 20 06:50:57 2025 by rpki-client