$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS16509.roa File: AS16509.roa (raw, json) Hash identifier: 1c7QWHxGEXZj4ofOFSAppV3N+jsrdrGPa4IkNIQpufk= Subject key identifier: C1:05:8C:A9:19:93:A6:F5:61:85:FB:C0:BE:A6:39:A6:DD:1F:9A:BF Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 41B2B8220E996562EA93B72251A5C3200B5D9E59 Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS16509.roa Signing time: Fri 13 Feb 2026 15:55:57 +0000 ROA not before: Fri 13 Feb 2026 15:50:57 +0000 ROA not after: Fri 12 Feb 2027 15:55:57 +0000 asID: 16509 IP address blocks: 2a05:dfc3:f740::/44 maxlen: 44 2a05:dfc3:f750::/44 maxlen: 48 2a0f:6284:4c00::/40 maxlen: 48 2a0f:6284:4c50::/44 maxlen: 48 2a0f:6284:4c60::/44 maxlen: 48 2a0f:6284:4c70::/44 maxlen: 48 2a0f:6284:4c80::/44 maxlen: 48 2a0f:6284:4c90::/44 maxlen: 48 2a0f:6284:4cd0::/44 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Mar 2026 15:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:b2:b8:22:0e:99:65:62:ea:93:b7:22:51:a5:c3:20:0b:5d:9e:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Feb 13 15:50:57 2026 GMT Not After : Feb 12 15:55:57 2027 GMT Subject: CN=C1058CA91993A6F56185FBC0BEA639A6DD1F9ABF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:01:e4:f4:6e:01:e6:f9:b4:91:09:0f:8d:17: 90:be:c3:65:e3:bb:3a:15:85:bc:f3:bb:aa:3c:62: b7:be:b2:d6:22:d5:05:4b:fd:56:41:75:a1:ff:3e: d9:be:50:51:12:21:69:28:c2:f7:60:6c:a6:ff:32: 99:cc:83:24:59:4a:a4:11:f8:ab:f3:7f:64:7b:1e: 6e:19:9a:ce:57:54:ee:cc:b2:e8:c0:3c:07:97:59: 4a:6f:cf:dc:cc:0d:98:4b:b3:b2:67:84:06:aa:3d: 7f:37:b5:f8:68:6c:03:dc:e2:b6:21:de:5d:26:d4: 66:b9:ab:20:d3:49:dc:ed:73:1c:de:b1:c9:74:35: 31:07:b1:1a:51:e6:f4:b0:67:37:3e:1e:4a:5f:e3: fe:bc:9f:bd:31:12:da:ad:f6:19:09:8b:fc:ce:90: 41:cc:01:d8:d6:ea:df:43:eb:27:ca:fa:5d:eb:76: df:13:25:ba:c8:f1:48:dd:9f:ea:84:e5:4d:c1:b3: 4b:82:37:fe:19:78:e4:82:b6:6c:49:09:a2:8c:d4: a7:73:aa:89:21:2d:7a:0f:9a:55:39:29:51:07:9f: 31:60:2d:f6:c5:49:86:8f:8f:45:41:68:82:00:7e: 18:d0:14:c4:de:2d:6b:11:f7:66:77:dc:04:fe:ab: cb:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:05:8C:A9:19:93:A6:F5:61:85:FB:C0:BE:A6:39:A6:DD:1F:9A:BF X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS16509.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc3:f740::/43 2a0f:6284:4c00::/40 Signature Algorithm: sha256WithRSAEncryption 37:fe:f2:95:e7:47:e5:86:60:af:51:ff:d8:0f:35:66:62:04: 16:4e:91:ad:cc:10:ce:22:e3:8e:60:be:3a:88:69:b7:e1:ee: ef:54:1f:2b:95:f3:d2:ca:54:42:29:7f:f2:ca:6c:c0:d2:9a: 48:bb:4e:9e:96:45:e0:32:a2:84:14:3e:6c:4d:11:0a:4d:9e: b9:19:17:6f:6b:41:88:e1:34:75:e0:9a:cc:66:fd:08:ac:12: 8e:19:2d:7d:f7:80:64:be:91:2b:75:04:a7:44:cf:8c:b6:9f: 66:b7:5c:66:4d:fb:9c:2f:75:85:27:33:b4:1f:a0:f6:e0:27: 28:73:f4:1d:2f:b1:bf:9f:66:66:92:bc:e5:b4:d6:9c:3e:bc: 9e:40:df:d2:1c:e8:b0:27:bd:e6:dc:4b:57:b3:6c:1c:16:1e: 0b:cb:5e:ed:55:62:57:ae:03:2f:12:2d:d8:c7:bb:6b:98:ec: 9d:c1:54:b7:7b:18:48:c1:80:58:7a:84:13:69:3f:5d:eb:a4: 73:e7:73:98:ad:a0:cb:2a:c9:98:aa:05:4f:33:7f:61:d2:8a: c4:d0:86:e4:de:66:b6:ac:7b:fc:9c:8d:74:e9:94:8e:cf:04: 9a:39:2a:5b:92:6e:87:a8:cb:3c:e7:86:5d:ed:7e:cf:e9:8d: 8d:3b:74:79 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUQbK4Ig6ZZWLqk7ciUaXDIAtdnlkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNjAyMTMxNTUwNTdaFw0yNzAyMTIxNTU1NTdaMDMxMTAvBgNV BAMTKEMxMDU4Q0E5MTk5M0E2RjU2MTg1RkJDMEJFQTYzOUE2REQxRjlBQkYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKAeT0bgHm+bSRCQ+NF5C+w2Xj uzoVhbzzu6o8Yre+stYi1QVL/VZBdaH/Ptm+UFESIWkowvdgbKb/MpnMgyRZSqQR +Kvzf2R7Hm4Zms5XVO7MsujAPAeXWUpvz9zMDZhLs7JnhAaqPX83tfhobAPc4rYh 3l0m1Ga5qyDTSdztcxzescl0NTEHsRpR5vSwZzc+Hkpf4/68n70xEtqt9hkJi/zO kEHMAdjW6t9D6yfK+l3rdt8TJbrI8Ujdn+qE5U3Bs0uCN/4ZeOSCtmxJCaKM1Kdz qokhLXoPmlU5KVEHnzFgLfbFSYaPj0VBaIIAfhjQFMTeLWsR92Z33AT+q8stAgMB AAGjggHmMIIB4jAdBgNVHQ4EFgQUwQWMqRmTpvVhhfvAvqY5pt0fmr8wHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMxNjUwOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAqBggrBgEFBQcBBwEB/wQbMBkwFwQCAAIwEQMHBSoF 38P3QAMGACoPYoRMMA0GCSqGSIb3DQEBCwUAA4IBAQA3/vKV50flhmCvUf/YDzVm YgQWTpGtzBDOIuOOYL46iGm34e7vVB8rlfPSylRCKX/yymzA0ppIu06elkXgMqKE FD5sTREKTZ65GRdva0GI4TR14JrMZv0IrBKOGS1994BkvpErdQSnRM+Mtp9mt1xm TfucL3WFJzO0H6D24Ccoc/QdL7G/n2ZmkrzltNacPryeQN/SHOiwJ73m3EtXs2wc Fh4Ly17tVWJXrgMvEi3Yx7trmOydwVS3exhIwYBYeoQTaT9d66Rz53OYraDLKsmY qgVPM39h0orE0Ibk3ma2rHv8nI106ZSOzwSaOSpbkm6HqMs854Zd7X7P6Y2NO3R5 -----END CERTIFICATE-----Generated at Sun Mar 1 21:41:27 2026 by rpki-client