$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS213866.roa File: AS213866.roa (raw, json) Hash identifier: NwUJqMUnIBZSFg15uHkvAtLc1h55zSEDWTGlCZbTHks= Subject key identifier: 64:DE:10:87:E2:03:2E:A7:A8:7D:54:02:C4:33:85:4B:47:70:F7:B3 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 3E50AB5F560201FDD769DDA01577281F99E3AAE5 Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS213866.roa Signing time: Wed 28 Jan 2026 10:46:53 +0000 ROA not before: Wed 28 Jan 2026 10:41:53 +0000 ROA not after: Wed 27 Jan 2027 10:46:53 +0000 asID: 213866 IP address blocks: 2a06:1281:a1::/48 maxlen: 48 2a06:1281:a2::/48 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Mar 2026 15:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:50:ab:5f:56:02:01:fd:d7:69:dd:a0:15:77:28:1f:99:e3:aa:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Jan 28 10:41:53 2026 GMT Not After : Jan 27 10:46:53 2027 GMT Subject: CN=64DE1087E2032EA7A87D5402C433854B4770F7B3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:31:d2:c9:50:9f:62:a5:e0:f6:70:fc:c0:33: c9:5d:45:18:02:5d:34:08:ce:66:a6:a3:b6:ba:0e: f2:a6:ac:da:0b:d1:d9:c9:f1:aa:7b:17:35:24:45: 1a:95:a2:1a:cc:70:2d:80:0b:fd:8e:9c:24:70:81: 9e:71:5c:69:b6:8c:b2:a3:19:50:b9:f5:4e:da:8a: fe:c5:9f:1b:0f:96:66:16:82:f7:73:f5:92:fe:61: e0:79:7f:2a:7b:bd:47:80:51:b4:ab:8c:b0:e7:8d: 3a:02:e1:f8:bc:8e:e1:1e:8e:9d:4b:1f:16:7b:4c: 05:b8:2f:cc:58:59:be:37:ac:01:95:c1:d7:c4:a1: 8c:4f:65:95:78:1d:29:6d:68:03:c9:86:0d:3b:96: fb:53:22:09:33:ec:a1:2f:a0:98:23:20:04:25:7e: fd:7f:bb:19:f2:f6:eb:5f:8e:ee:e6:54:6e:3f:ab: b3:f2:6d:d2:c7:8c:50:e0:66:85:16:df:46:07:08: f5:5c:eb:1b:46:d0:bd:e1:e0:d5:ed:3e:f7:0a:23: af:b2:2d:75:33:af:14:d8:b6:f2:9e:2d:be:56:4b: 02:00:0c:b5:8c:12:0c:9e:a7:f2:ec:86:64:b6:47: b3:0c:c1:12:b3:2e:88:55:53:64:cc:96:6d:6d:ad: 3f:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:DE:10:87:E2:03:2E:A7:A8:7D:54:02:C4:33:85:4B:47:70:F7:B3 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS213866.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a06:1281:a1::-2a06:1281:a2:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 3d:07:32:4a:4f:3a:d4:2e:24:cb:79:f9:8e:70:61:9c:e3:35: b5:05:84:8c:c3:c8:d1:0d:a1:c3:bf:e5:d5:d7:75:d1:98:4e: 0c:34:bc:3c:fa:46:3f:37:06:02:ca:31:a6:15:cc:c0:5e:a4: 44:63:75:43:9c:bf:13:33:6b:da:84:de:27:0d:f7:74:8f:b7: 2d:65:05:81:ca:ec:ac:82:11:d5:4f:3c:91:04:f5:4e:fb:05: 0e:c7:6c:b6:a9:49:c5:bd:52:db:b6:ee:08:22:6c:34:9a:64: 9b:69:77:63:92:66:18:4e:f5:d8:30:d6:25:7d:b2:b7:35:88: c6:c3:55:80:6c:b9:14:93:fc:8e:f9:3a:c4:22:20:2f:b7:a2: 99:66:b4:79:bf:69:e9:80:bd:4e:1e:1f:96:5e:bc:d0:68:6e: bb:a2:6f:4c:27:cf:ce:cc:da:ec:95:f3:28:f4:76:10:67:54: e3:eb:3f:24:3f:e8:38:b8:fb:49:34:fb:ec:bc:78:3f:e2:91: 64:e2:9a:97:62:23:8a:de:20:e9:9d:dc:f1:31:17:09:1a:28: 8c:12:d8:4b:f2:52:86:7e:78:5c:cd:aa:ba:39:b8:29:2a:a9: 57:09:7a:35:bb:0d:fa:6e:7b:90:e4:f5:4a:3e:73:73:45:95: b7:36:e9:40 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUPlCrX1YCAf3Xad2gFXcoH5njquUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNjAxMjgxMDQxNTNaFw0yNzAxMjcxMDQ2NTNaMDMxMTAvBgNV BAMTKDY0REUxMDg3RTIwMzJFQTdBODdENTQwMkM0MzM4NTRCNDc3MEY3QjMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtMdLJUJ9ipeD2cPzAM8ldRRgC XTQIzmamo7a6DvKmrNoL0dnJ8ap7FzUkRRqVohrMcC2AC/2OnCRwgZ5xXGm2jLKj GVC59U7aiv7FnxsPlmYWgvdz9ZL+YeB5fyp7vUeAUbSrjLDnjToC4fi8juEejp1L HxZ7TAW4L8xYWb43rAGVwdfEoYxPZZV4HSltaAPJhg07lvtTIgkz7KEvoJgjIAQl fv1/uxny9utfju7mVG4/q7PybdLHjFDgZoUW30YHCPVc6xtG0L3h4NXtPvcKI6+y LXUzrxTYtvKeLb5WSwIADLWMEgyep/LshmS2R7MMwRKzLohVU2TMlm1trT8fAgMB AAGjggHqMIIB5jAdBgNVHQ4EFgQUZN4Qh+IDLqeofVQCxDOFS0dw97MwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMTM4NjYucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwLQYIKwYBBQUHAQcBAf8EHjAcMBoEAgACMBQwEgMH ACoGEoEAoQMHACoGEoEAojANBgkqhkiG9w0BAQsFAAOCAQEAPQcySk861C4ky3n5 jnBhnOM1tQWEjMPI0Q2hw7/l1dd10ZhODDS8PPpGPzcGAsoxphXMwF6kRGN1Q5y/ EzNr2oTeJw33dI+3LWUFgcrsrIIR1U88kQT1TvsFDsdstqlJxb1S27buCCJsNJpk m2l3Y5JmGE712DDWJX2ytzWIxsNVgGy5FJP8jvk6xCIgL7eimWa0eb9p6YC9Th4f ll680Ghuu6JvTCfPzsza7JXzKPR2EGdU4+s/JD/oOLj7STT77Lx4P+KRZOKal2Ij it4g6Z3c8TEXCRoojBLYS/JShn54XM2qujm4KSqpVwl6NbsN+m57kOT1Sj5zc0WV tzbpQA== -----END CERTIFICATE-----Generated at Sun Mar 1 21:41:38 2026 by rpki-client