$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS16509.roa File: AS16509.roa (raw, json) Hash identifier: qwWhUegS47K+0FasYZ6kH+xsKvsW6sZPqID3y9D2ov0= Subject key identifier: 91:3F:E1:A2:13:E6:AF:AF:9D:98:7A:A1:D3:44:11:A5:A4:E0:7F:85 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 2A3DB81DA9A8E36F56AD96DEB62C1796FC076F2A Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS16509.roa Signing time: Sun 20 Jul 2025 06:06:29 +0000 ROA not before: Sun 20 Jul 2025 06:01:29 +0000 ROA not after: Sun 19 Jul 2026 06:06:29 +0000 asID: 16509 IP address blocks: 2a05:dfc3:f740::/44 maxlen: 44 2a05:dfc3:f750::/44 maxlen: 48 2a09:54c6:dfff::/48 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 08 Aug 2025 11:11:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:3d:b8:1d:a9:a8:e3:6f:56:ad:96:de:b6:2c:17:96:fc:07:6f:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Jul 20 06:01:29 2025 GMT Not After : Jul 19 06:06:29 2026 GMT Subject: CN=913FE1A213E6AFAF9D987AA1D34411A5A4E07F85 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:e0:03:58:02:40:57:22:f7:2c:62:7c:7f:e1: a0:2d:3d:a7:4c:a4:18:79:83:9f:ad:4f:0a:6d:56: 79:f4:9b:ea:d9:9e:e8:6e:50:2a:13:62:09:c6:eb: ed:98:9a:92:d4:f4:14:6a:de:ab:d3:7a:4c:27:91: a3:bd:2d:9d:3e:b3:dc:e4:fc:ea:4a:f1:77:8f:11: ed:ba:e1:f6:b5:98:8f:40:8a:4a:97:51:49:17:7f: 13:8b:a4:f1:8a:4d:ba:d3:f7:02:50:c8:ca:f9:a2: 10:82:9b:bc:71:88:2b:e5:63:b1:84:00:3e:38:e8: 07:44:11:84:1f:65:0c:84:59:04:9c:0d:88:55:2a: 6f:ec:5f:1f:a3:04:27:05:55:c7:21:b2:60:b5:d6: 51:08:d2:87:fb:55:f3:c7:3f:9b:7a:d1:7f:4a:5f: 8d:fd:83:9d:36:9a:3f:3c:00:6b:e8:05:f9:98:5c: 06:f1:7a:db:88:a7:2c:29:57:47:ff:ac:9c:c9:ba: d8:83:9b:d5:4b:2c:cc:92:55:1c:b7:08:00:dc:13: cb:22:93:dd:01:cf:7d:73:bb:c0:93:bd:aa:7e:9f: e6:3a:41:90:ab:75:8a:07:41:01:f9:9d:40:55:5d: 6b:dc:4e:25:4d:84:a3:8e:02:77:11:39:3e:f4:49: c6:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:3F:E1:A2:13:E6:AF:AF:9D:98:7A:A1:D3:44:11:A5:A4:E0:7F:85 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS16509.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc3:f740::/43 2a09:54c6:dfff::/48 Signature Algorithm: sha256WithRSAEncryption 23:97:15:6e:79:3a:41:26:ba:30:25:07:de:87:d3:ae:21:6b: 44:f6:80:17:83:1e:7a:93:b0:4c:58:06:c9:9b:fd:b8:2c:22: 78:08:62:f5:6b:d8:d8:80:91:eb:89:b8:14:42:79:cf:85:42: 1f:6f:1e:70:3c:42:2d:0c:78:a2:b9:81:dc:05:a9:94:2f:ac: 65:64:b2:4f:a2:d3:4a:0b:94:da:25:df:dd:26:31:6d:0b:14: 6d:86:ea:83:bf:cc:9c:b7:5f:03:4e:e3:4c:e3:5d:6e:5f:57: f6:93:f5:bb:c5:7f:ac:3d:a8:55:ed:59:bc:3e:fd:f5:e3:a4: d6:1e:2a:88:5a:7e:5d:32:fa:84:29:0a:f9:a6:14:81:0d:76: 1f:ea:5d:b1:2e:e3:85:7f:bf:2a:72:9c:d4:e6:84:4c:4d:6e: 38:d8:6e:32:ea:01:c6:d5:f6:33:af:7b:4d:54:60:1f:17:06: 61:d9:c3:29:74:ad:dd:f3:d6:ea:ea:13:49:5d:ff:aa:e6:a8: b4:5c:b2:85:1b:6a:6e:ea:75:75:a3:2a:7f:0a:2b:f0:ec:34: 1d:50:8e:6a:31:ae:45:12:6c:0e:91:d7:f4:86:53:dd:75:f7: fd:a1:46:c9:eb:b7:95:38:bb:b9:85:fa:92:2f:6d:73:31:6f: 1f:2f:25:d9 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUKj24Hamo429WrZbetiwXlvwHbyowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNTA3MjAwNjAxMjlaFw0yNjA3MTkwNjA2MjlaMDMxMTAvBgNV BAMTKDkxM0ZFMUEyMTNFNkFGQUY5RDk4N0FBMUQzNDQxMUE1QTRFMDdGODUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDE4ANYAkBXIvcsYnx/4aAtPadM pBh5g5+tTwptVnn0m+rZnuhuUCoTYgnG6+2YmpLU9BRq3qvTekwnkaO9LZ0+s9zk /OpK8XePEe264fa1mI9AikqXUUkXfxOLpPGKTbrT9wJQyMr5ohCCm7xxiCvlY7GE AD446AdEEYQfZQyEWQScDYhVKm/sXx+jBCcFVcchsmC11lEI0of7VfPHP5t60X9K X439g502mj88AGvoBfmYXAbxetuIpywpV0f/rJzJutiDm9VLLMySVRy3CADcE8si k90Bz31zu8CTvap+n+Y6QZCrdYoHQQH5nUBVXWvcTiVNhKOOAncROT70ScZzAgMB AAGjggHnMIIB4zAdBgNVHQ4EFgQUkT/hohPmr6+dmHqh00QRpaTgf4UwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMxNjUwOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHBSoF 38P3QAMHACoJVMbf/zANBgkqhkiG9w0BAQsFAAOCAQEAI5cVbnk6QSa6MCUH3ofT riFrRPaAF4MeepOwTFgGyZv9uCwieAhi9WvY2ICR64m4FEJ5z4VCH28ecDxCLQx4 ormB3AWplC+sZWSyT6LTSguU2iXf3SYxbQsUbYbqg7/MnLdfA07jTONdbl9X9pP1 u8V/rD2oVe1ZvD799eOk1h4qiFp+XTL6hCkK+aYUgQ12H+pdsS7jhX+/KnKc1OaE TE1uONhuMuoBxtX2M697TVRgHxcGYdnDKXSt3fPW6uoTSV3/quaotFyyhRtqbup1 daMqfwor8Ow0HVCOajGuRRJsDpHX9IZT3XX3/aFGyeu3lTi7uYX6ki9tczFvHy8l 2Q== -----END CERTIFICATE-----Generated at Fri Aug 8 00:44:59 2025 by rpki-client