$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS16509.roa File: AS16509.roa (raw, json) Hash identifier: yfpfC2o2SevjJZnwIp616Eaz1U7Gbi+wqcuB8UhzmdU= Subject key identifier: 23:FC:2D:3A:3A:12:96:A1:9A:EB:DD:5D:56:84:3B:5C:49:BD:AE:8C Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 7AAEBB5EFBF00B2718F3A716958F9D822A1DAD65 Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS16509.roa Signing time: Wed 29 Oct 2025 14:57:23 +0000 ROA not before: Wed 29 Oct 2025 14:52:23 +0000 ROA not after: Wed 28 Oct 2026 14:57:23 +0000 asID: 16509 IP address blocks: 2a05:dfc3:f740::/44 maxlen: 44 2a05:dfc3:f750::/44 maxlen: 48 2a09:54c6:dfff::/48 maxlen: 48 2a0f:6284:41fe::/48 maxlen: 48 2a0f:6284:4c00::/40 maxlen: 48 2a0f:6284:4c50::/44 maxlen: 48 2a0f:6284:4c60::/44 maxlen: 48 2a0f:6284:4c80::/44 maxlen: 48 2a0f:6284:4c90::/44 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 05 Nov 2025 16:43:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:ae:bb:5e:fb:f0:0b:27:18:f3:a7:16:95:8f:9d:82:2a:1d:ad:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Oct 29 14:52:23 2025 GMT Not After : Oct 28 14:57:23 2026 GMT Subject: CN=23FC2D3A3A1296A19AEBDD5D56843B5C49BDAE8C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:19:e0:2f:e2:e9:4a:b6:19:4b:6b:ab:73:4f: 4f:2d:8a:74:00:ef:3b:e3:f8:7c:49:7d:fe:83:a0: fb:e3:34:47:d5:4a:8b:f8:1d:0b:c1:85:43:12:9b: 68:7a:bc:5b:04:b7:dc:30:30:ba:ed:78:1a:70:23: 31:c1:50:ce:82:cd:77:d8:e3:0d:44:a1:dc:0d:10: 35:be:37:73:56:d6:40:c0:62:b8:64:e6:f8:66:f8: c6:9b:7d:d1:f9:80:26:bb:95:ba:e9:59:0a:73:48: b5:8f:15:52:1e:cd:02:36:96:ac:3d:db:14:fd:6a: 15:23:55:08:d6:bf:97:ba:ba:6d:4e:d4:99:e8:19: c0:fb:c6:c6:63:73:06:53:1a:7a:3d:2d:e1:be:bb: 5a:3e:09:b0:f3:47:69:c9:3f:41:af:8c:6e:5c:df: 02:cd:b4:20:81:15:f0:be:83:de:31:69:9b:ed:a8: bf:f5:6f:3d:c9:b0:53:db:a2:85:07:55:d1:70:e6: be:cf:a2:ae:3b:58:d5:c4:1e:36:4e:12:82:d7:ad: b7:37:4a:58:cf:e2:ec:be:08:e4:9d:f4:b9:f9:28: a5:8b:19:a5:9a:d5:9d:2e:96:25:cd:7a:d8:8d:19: 04:7a:dc:24:a4:a1:95:ff:73:31:72:0b:e3:c8:81: 5a:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:FC:2D:3A:3A:12:96:A1:9A:EB:DD:5D:56:84:3B:5C:49:BD:AE:8C X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS16509.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc3:f740::/43 2a09:54c6:dfff::/48 2a0f:6284:41fe::/48 2a0f:6284:4c00::/40 Signature Algorithm: sha256WithRSAEncryption 6a:18:09:90:67:d7:89:e5:94:18:77:03:39:5a:34:01:d7:b5: b4:be:f2:3d:29:ce:02:db:48:da:ff:d0:d3:4f:a8:b8:7c:32: ed:65:09:a1:f1:fb:47:8d:1d:28:84:29:11:a7:a2:25:d4:7c: 85:52:91:24:e2:e9:b2:60:da:0c:16:bd:a0:14:b8:52:3d:a4: 53:46:88:27:97:e7:62:d4:cb:cf:58:48:cf:96:43:cd:bc:3d: 14:08:86:5e:d0:2f:92:48:54:c1:a1:d5:d2:89:01:fd:8f:c0: f6:fb:92:d1:25:8d:69:c9:8b:70:14:a7:91:02:83:8b:da:46: e9:73:27:47:25:2f:f7:f9:a3:83:cb:6c:1a:a8:4e:5a:db:5b: 12:ea:eb:27:cb:6f:58:0a:f1:bd:76:e4:07:a0:b6:61:44:63: 30:6e:6f:c4:3a:44:1f:1d:59:87:78:f6:96:2d:13:de:51:0d: 32:a9:c9:0c:53:7f:8f:3f:fd:12:43:10:6c:36:51:53:ea:92: 7f:03:98:2c:70:01:d4:1e:8c:48:f7:53:90:14:af:b6:9e:65: 71:80:2e:71:11:e8:22:5d:12:7d:bb:d9:af:af:23:0c:00:e9: 77:c1:2c:7d:19:b5:c0:31:e9:17:dc:02:58:3f:b4:b6:91:40: da:96:53:aa -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUeq67XvvwCycY86cWlY+dgiodrWUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNTEwMjkxNDUyMjNaFw0yNjEwMjgxNDU3MjNaMDMxMTAvBgNV BAMTKDIzRkMyRDNBM0ExMjk2QTE5QUVCREQ1RDU2ODQzQjVDNDlCREFFOEMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7GeAv4ulKthlLa6tzT08tinQA 7zvj+HxJff6DoPvjNEfVSov4HQvBhUMSm2h6vFsEt9wwMLrteBpwIzHBUM6CzXfY 4w1EodwNEDW+N3NW1kDAYrhk5vhm+MabfdH5gCa7lbrpWQpzSLWPFVIezQI2lqw9 2xT9ahUjVQjWv5e6um1O1JnoGcD7xsZjcwZTGno9LeG+u1o+CbDzR2nJP0GvjG5c 3wLNtCCBFfC+g94xaZvtqL/1bz3JsFPbooUHVdFw5r7Poq47WNXEHjZOEoLXrbc3 SljP4uy+COSd9Ln5KKWLGaWa1Z0uliXNetiNGQR63CSkoZX/czFyC+PIgVodAgMB AAGjggH4MIIB9DAdBgNVHQ4EFgQUI/wtOjoSlqGa691dVoQ7XEm9rowwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMxNjUwOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjA8BggrBgEFBQcBBwEB/wQtMCswKQQCAAIwIwMHBSoF 38P3QAMHACoJVMbf/wMHACoPYoRB/gMGACoPYoRMMA0GCSqGSIb3DQEBCwUAA4IB AQBqGAmQZ9eJ5ZQYdwM5WjQB17W0vvI9Kc4C20ja/9DTT6i4fDLtZQmh8ftHjR0o hCkRp6Il1HyFUpEk4umyYNoMFr2gFLhSPaRTRognl+di1MvPWEjPlkPNvD0UCIZe 0C+SSFTBodXSiQH9j8D2+5LRJY1pyYtwFKeRAoOL2kbpcydHJS/3+aODy2waqE5a 21sS6usny29YCvG9duQHoLZhRGMwbm/EOkQfHVmHePaWLRPeUQ0yqckMU3+PP/0S QxBsNlFT6pJ/A5gscAHUHoxI91OQFK+2nmVxgC5xEegiXRJ9u9mvryMMAOl3wSx9 GbXAMekX3AJYP7S2kUDallOq -----END CERTIFICATE-----Generated at Wed Nov 5 05:49:11 2025 by rpki-client