$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS209693.roa File: AS209693.roa (raw, json) Hash identifier: GQYQ11W8qKAA2Ee+F+ZE4R5jmc/DGq3/gghZ/DLAPvQ= Subject key identifier: 38:59:67:0B:B6:B1:80:10:54:F2:F6:40:1D:B6:F6:8F:BB:FE:88:D5 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 7283928AB5D2AA14797EC9204CB28A8C3BDC2854 Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS209693.roa Signing time: Wed 04 Feb 2026 15:27:18 +0000 ROA not before: Wed 04 Feb 2026 15:22:18 +0000 ROA not after: Wed 03 Feb 2027 15:27:18 +0000 asID: 209693 IP address blocks: 2a0f:6284:7000::/36 maxlen: 36 2a0f:6284:7000::/36 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Mar 2026 09:20:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:83:92:8a:b5:d2:aa:14:79:7e:c9:20:4c:b2:8a:8c:3b:dc:28:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Feb 4 15:22:18 2026 GMT Not After : Feb 3 15:27:18 2027 GMT Subject: CN=3859670BB6B1801054F2F6401DB6F68FBBFE88D5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:e7:15:c2:be:8e:af:68:91:e4:e2:a7:80:dd: d3:9f:d8:7c:cd:ef:b1:77:c5:49:de:87:a9:b0:dd: e7:44:53:88:da:d4:4e:a5:f5:b9:23:c8:b2:2d:b7: a6:6a:29:3d:e9:18:73:43:30:bf:53:67:7a:63:8c: a2:1a:c6:d8:8a:b3:2f:d1:ae:46:e9:63:f9:81:7e: 45:17:6c:f2:05:ba:04:3d:17:f4:81:2a:7b:54:80: 98:58:ea:b2:43:2d:6c:f7:e1:63:b3:de:9e:5a:01: e6:60:75:93:92:ec:c0:fc:59:9a:26:22:5c:98:5f: d5:fd:ec:4b:37:70:e2:63:90:6c:85:46:3e:e6:61: 87:c3:76:27:6f:5a:ff:98:d3:a8:80:09:87:47:45: 3d:23:ef:20:2f:ba:5c:dc:4d:1e:ae:b1:09:ff:ce: 72:21:50:0d:f0:6d:e9:e5:bb:a4:16:19:12:98:b4: 58:93:7e:14:f2:5f:85:95:e6:a0:ff:01:43:8e:8c: af:4c:bd:af:b6:c3:cb:ee:43:31:76:72:dc:9a:48: cc:f1:d7:1c:25:bd:4b:4b:32:0b:34:23:e4:be:15: 19:03:25:65:2b:a2:e8:96:ee:9c:f2:16:ad:fc:d7: 0f:18:4b:8a:97:f5:21:22:7b:fd:1f:8e:e8:a9:e9: a0:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:59:67:0B:B6:B1:80:10:54:F2:F6:40:1D:B6:F6:8F:BB:FE:88:D5 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS209693.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:6284:7000::/36 Signature Algorithm: sha256WithRSAEncryption 3a:b1:43:5b:e3:25:c5:f7:3d:3d:e5:31:8f:0d:1e:19:7e:a8: 7a:89:79:28:90:cf:b3:47:08:5c:52:ca:a8:c2:ae:22:3c:e8: 12:9f:8f:9a:ec:f4:66:90:4e:56:32:11:aa:9c:c6:0d:38:fd: a4:10:db:c8:fd:84:f7:c4:0b:ff:4d:fb:45:a1:0a:0f:51:73: 06:9e:99:29:40:bc:66:e1:f6:cc:5f:0c:f4:2f:22:be:7a:59: 2b:03:08:11:3d:ac:b9:2f:ce:7a:d7:33:6d:c7:36:7d:32:2e: c9:4e:f5:5b:f2:89:c8:6a:03:b3:b9:ba:af:ba:88:c7:11:9d: 06:02:ac:b6:ef:67:11:8e:94:9e:6a:84:db:04:42:54:f4:6e: 4b:4d:92:e9:b5:f2:cd:c8:e0:1c:d7:0c:62:b6:9f:ee:b8:82: 83:a6:2e:d8:ad:86:73:56:10:0a:4c:19:6c:e3:84:c3:da:1e: af:ca:13:d1:04:9e:bb:ce:80:71:08:d8:6b:c7:58:fc:5a:bf: ba:7a:1a:62:d2:72:24:2e:87:e5:8d:b1:02:87:ce:dd:38:40: 2a:6c:dd:c4:fc:93:bc:1a:b6:ce:7c:80:0f:9f:db:60:e9:01: 42:b4:28:ad:0a:48:fd:e6:86:4d:ff:f4:27:af:c2:9d:71:c2: 72:f4:7f:ba -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIUcoOSirXSqhR5fskgTLKKjDvcKFQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNjAyMDQxNTIyMThaFw0yNzAyMDMxNTI3MThaMDMxMTAvBgNV BAMTKDM4NTk2NzBCQjZCMTgwMTA1NEYyRjY0MDFEQjZGNjhGQkJGRTg4RDUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF5xXCvo6vaJHk4qeA3dOf2HzN 77F3xUneh6mw3edEU4ja1E6l9bkjyLItt6ZqKT3pGHNDML9TZ3pjjKIaxtiKsy/R rkbpY/mBfkUXbPIFugQ9F/SBKntUgJhY6rJDLWz34WOz3p5aAeZgdZOS7MD8WZom IlyYX9X97Es3cOJjkGyFRj7mYYfDdidvWv+Y06iACYdHRT0j7yAvulzcTR6usQn/ znIhUA3wbenlu6QWGRKYtFiTfhTyX4WV5qD/AUOOjK9Mva+2w8vuQzF2ctyaSMzx 1xwlvUtLMgs0I+S+FRkDJWUrouiW7pzyFq381w8YS4qX9SEie/0fjuip6aAVAgMB AAGjggHeMIIB2jAdBgNVHQ4EFgQUOFlnC7axgBBU8vZAHbb2j7v+iNUwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMDk2OTMucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgQq D2KEcDANBgkqhkiG9w0BAQsFAAOCAQEAOrFDW+Mlxfc9PeUxjw0eGX6oeol5KJDP s0cIXFLKqMKuIjzoEp+Pmuz0ZpBOVjIRqpzGDTj9pBDbyP2E98QL/037RaEKD1Fz Bp6ZKUC8ZuH2zF8M9C8ivnpZKwMIET2suS/Oetczbcc2fTIuyU71W/KJyGoDs7m6 r7qIxxGdBgKstu9nEY6UnmqE2wRCVPRuS02S6bXyzcjgHNcMYraf7riCg6Yu2K2G c1YQCkwZbOOEw9oer8oT0QSeu86AcQjYa8dY/Fq/unoaYtJyJC6H5Y2xAofO3ThA KmzdxPyTvBq2znyAD5/bYOkBQrQorQpI/eaGTf/0J6/CnXHCcvR/ug== -----END CERTIFICATE-----Generated at Sun Mar 1 18:12:45 2026 by rpki-client