$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS11117.roa File: AS11117.roa (raw, json) Hash identifier: 7lkcHELnhAfVL3MwoYnHpfsmuTTy3uWzmd1sqYhFEds= Subject key identifier: 4D:7B:D5:E9:42:96:96:8F:D4:BE:EE:16:88:21:29:EF:77:E5:6F:A8 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 7DBDDB1FCEA4CF85F727E4AD902C174BBFC4A682 Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS11117.roa Signing time: Wed 30 Jul 2025 06:59:43 +0000 ROA not before: Wed 30 Jul 2025 06:54:43 +0000 ROA not after: Wed 29 Jul 2026 06:59:43 +0000 asID: 11117 IP address blocks: 2a05:dfc3:f910::/44 maxlen: 44 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 06 Aug 2025 23:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:bd:db:1f:ce:a4:cf:85:f7:27:e4:ad:90:2c:17:4b:bf:c4:a6:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Jul 30 06:54:43 2025 GMT Not After : Jul 29 06:59:43 2026 GMT Subject: CN=4D7BD5E94296968FD4BEEE16882129EF77E56FA8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:24:4d:18:3c:33:61:13:4d:b9:d8:fc:e2:3d: ab:bd:ea:59:9b:d1:e4:2b:52:7c:6e:82:3a:04:60: eb:0c:31:d4:33:80:63:27:72:b7:8b:98:af:d8:21: bc:b7:ae:c8:29:d9:f2:b5:34:37:4e:16:ea:1c:16: 52:4d:02:ef:7c:e5:ad:66:e8:93:17:30:e8:5d:61: fc:53:aa:68:e9:a9:f9:d6:04:ca:b3:2f:95:f3:ba: 2d:67:84:01:62:d2:40:56:d1:a9:e7:eb:f5:09:a5: 11:dc:03:c5:1f:49:82:48:1c:e7:43:a4:d9:02:91: 40:e2:93:a5:b5:28:92:4e:89:b8:df:e2:ea:f1:68: ea:e3:ae:68:0a:ce:9b:c1:c7:f4:82:70:0b:c2:9f: fc:da:c2:e5:0a:90:dc:dc:53:51:e4:8d:07:5c:94: 64:b6:70:0b:0f:e6:0e:85:c6:3d:a5:a5:17:7f:5b: 81:a4:a2:c2:a6:9e:3d:5c:e2:3c:0f:f3:a7:b1:e0: f8:fe:ae:03:34:9d:f8:ee:7c:5a:1c:09:89:5f:9c: 19:28:8e:fc:7c:f8:35:a1:af:ee:15:6f:d1:c2:e4: c4:d9:3b:e7:f0:67:a1:3b:fd:6e:df:ec:10:19:31: a3:3d:63:f5:7e:46:32:41:1f:13:a0:35:25:c6:f7: 6b:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:7B:D5:E9:42:96:96:8F:D4:BE:EE:16:88:21:29:EF:77:E5:6F:A8 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS11117.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc3:f910::/44 Signature Algorithm: sha256WithRSAEncryption 91:59:95:cf:fe:d9:0f:85:07:d5:6c:7b:bb:dc:91:d5:d0:a9: a9:08:f1:ec:f9:1f:47:2b:97:d2:bf:7c:67:0e:38:13:1d:ba: d0:bf:4c:90:e7:be:56:eb:81:33:cd:91:84:a5:75:28:ef:e8: d9:6b:4f:09:5c:98:cd:cb:25:dc:6f:33:eb:a5:ad:a6:e0:0f: 70:a7:17:31:5d:d9:5e:e0:fa:48:53:dc:82:2d:e8:81:10:ab: 6e:e0:06:5e:42:ac:57:20:35:88:5e:7a:b2:53:8e:ad:9d:06: d5:ff:6c:3e:2f:c6:02:cc:18:65:29:1f:14:49:0e:c0:24:40: f3:ba:4e:f6:23:88:ec:46:a4:1a:e2:af:2b:51:e4:e8:a7:e8: 5e:0c:5a:db:e2:d4:ae:21:0e:d8:46:fc:59:83:6d:b1:b1:e9: 6f:2e:83:99:63:4b:f5:da:14:6a:b8:a7:a2:41:c1:c7:bf:75: e3:14:32:4f:11:f5:d6:ea:85:8c:bb:3b:de:c9:dc:f5:d0:34: 46:59:52:dc:b3:84:df:cb:36:ce:20:3e:7b:75:cc:98:f9:ff: 54:2a:d3:d5:e7:90:c2:72:ae:a7:cf:4a:fe:df:7e:3d:6b:83: 7e:53:f3:3a:9b:52:1a:7c:e7:0f:7a:69:ba:8e:a4:b6:08:fe: c1:e2:1a:75 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIUfb3bH86kz4X3J+StkCwXS7/EpoIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNTA3MzAwNjU0NDNaFw0yNjA3MjkwNjU5NDNaMDMxMTAvBgNV BAMTKDREN0JENUU5NDI5Njk2OEZENEJFRUUxNjg4MjEyOUVGNzdFNTZGQTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6JE0YPDNhE0252PziPau96lmb 0eQrUnxugjoEYOsMMdQzgGMncreLmK/YIby3rsgp2fK1NDdOFuocFlJNAu985a1m 6JMXMOhdYfxTqmjpqfnWBMqzL5Xzui1nhAFi0kBW0ann6/UJpRHcA8UfSYJIHOdD pNkCkUDik6W1KJJOibjf4urxaOrjrmgKzpvBx/SCcAvCn/zawuUKkNzcU1HkjQdc lGS2cAsP5g6Fxj2lpRd/W4GkosKmnj1c4jwP86ex4Pj+rgM0nfjufFocCYlfnBko jvx8+DWhr+4Vb9HC5MTZO+fwZ6E7/W7f7BAZMaM9Y/V+RjJBHxOgNSXG92vfAgMB AAGjggHeMIIB2jAdBgNVHQ4EFgQUTXvV6UKWlo/Uvu4WiCEp73flb6gwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMxMTExNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoF 38P5EDANBgkqhkiG9w0BAQsFAAOCAQEAkVmVz/7ZD4UH1Wx7u9yR1dCpqQjx7Pkf RyuX0r98Zw44Ex260L9MkOe+VuuBM82RhKV1KO/o2WtPCVyYzcsl3G8z66WtpuAP cKcXMV3ZXuD6SFPcgi3ogRCrbuAGXkKsVyA1iF56slOOrZ0G1f9sPi/GAswYZSkf FEkOwCRA87pO9iOI7EakGuKvK1Hk6KfoXgxa2+LUriEO2Eb8WYNtsbHpby6DmWNL 9doUarinokHBx7914xQyTxH11uqFjLs73snc9dA0RllS3LOE38s2ziA+e3XMmPn/ VCrT1eeQwnKup89K/t9+PWuDflPzOptSGnznD3ppuo6ktgj+weIadQ== -----END CERTIFICATE-----Generated at Wed Aug 6 05:26:10 2025 by rpki-client