$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS16509.roa File: AS16509.roa (raw, json) Hash identifier: r8qlF4iC62pyTqtZYo0hAL2/2MBCQQvtcDWMN43G+DQ= Subject key identifier: 4B:66:C0:D0:C5:B2:C9:45:15:DC:86:9C:44:5F:53:9A:8A:39:27:9E Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 4D2668D5EE94DC5BE5693EE9ABA1A2BA96850F41 Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS16509.roa Signing time: Thu 03 Jul 2025 15:53:10 +0000 ROA not before: Thu 03 Jul 2025 15:48:10 +0000 ROA not after: Thu 02 Jul 2026 15:53:10 +0000 asID: 16509 IP address blocks: 2a05:dfc3:f740::/44 maxlen: 44 2a05:dfc3:f750::/44 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Jul 2025 17:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:26:68:d5:ee:94:dc:5b:e5:69:3e:e9:ab:a1:a2:ba:96:85:0f:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Jul 3 15:48:10 2025 GMT Not After : Jul 2 15:53:10 2026 GMT Subject: CN=4B66C0D0C5B2C94515DC869C445F539A8A39279E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:6b:ad:0f:df:bf:61:f8:6e:b8:2d:35:15:55: 8c:8d:53:c2:97:5f:5c:91:0e:b0:ec:30:31:e3:7f: f6:75:4e:a5:d6:44:27:95:bb:b3:f0:9c:ee:f2:fc: ba:ff:49:c6:5e:38:55:69:c7:eb:d8:d6:e2:cb:7b: 3c:13:19:92:91:f9:ae:22:10:ca:43:f7:08:1b:db: dd:50:2c:17:51:e3:bf:6e:b2:af:ea:ad:04:42:42: f4:92:51:86:78:c4:b2:e1:9f:97:35:17:c5:d1:a3: 09:8e:37:5a:a5:84:9a:01:fb:29:ba:84:26:8e:02: 77:d7:6e:a9:7e:a3:36:5c:3b:54:9e:23:a5:47:72: ac:21:91:17:c1:0a:05:31:ba:ab:71:69:20:68:23: 95:5a:a5:17:83:21:59:7c:aa:fc:8b:ff:f5:52:bb: 66:f0:dc:e4:93:0f:fe:ea:87:07:0d:f9:fc:d8:95: e8:62:ca:50:3a:51:a6:4c:35:5b:26:0c:7c:7a:81: 68:6e:a6:13:68:84:01:16:63:d3:97:43:9e:71:5c: 32:d9:f7:4f:f6:64:58:b4:6e:ef:48:79:30:ae:f2: 59:67:19:3c:bc:7d:b9:ff:84:ef:ee:e8:fc:84:08: 5f:4c:8c:cf:e2:47:11:bd:0a:03:ff:91:db:31:e5: c4:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:66:C0:D0:C5:B2:C9:45:15:DC:86:9C:44:5F:53:9A:8A:39:27:9E X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS16509.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc3:f740::/43 Signature Algorithm: sha256WithRSAEncryption 20:a8:46:f7:4c:9f:eb:87:fc:af:9c:a9:e9:d7:31:a6:eb:a8: 9b:aa:49:fb:e6:47:d7:82:ef:fe:41:8e:e6:82:49:29:46:8a: 64:78:f0:ee:51:fe:23:82:d9:80:8f:c7:a7:24:14:88:69:a5: 07:bf:b1:62:6d:61:68:62:e7:98:51:46:c1:a0:95:19:50:1b: 87:e9:3f:30:a8:de:99:43:56:c6:3d:09:0f:b9:33:74:67:2a: b3:dd:aa:bc:0a:21:ac:7f:0d:0d:bf:e5:de:8f:4e:07:36:3f: 37:b9:21:80:0f:6d:3e:36:3f:a9:34:42:86:76:dd:d2:e2:dd: c7:93:7b:a7:8f:85:ad:80:fa:ff:23:f3:fb:dc:cd:4b:99:36: 89:e9:81:ed:92:4c:fa:bd:5e:08:24:8b:12:6e:37:a3:e3:8e: 69:9f:7a:63:61:24:a9:1f:6e:f2:78:8e:ad:64:03:a1:f5:9d: 8e:71:a2:f0:e6:a7:49:05:4f:35:cb:7f:47:0d:fa:42:35:85: d4:1c:81:09:c4:20:4c:3c:ad:cd:1e:13:71:38:20:eb:c8:48: 12:b5:07:b3:d4:84:44:07:d0:bf:ec:bb:cf:9e:04:f5:6b:5e: 95:36:41:cf:5a:d0:67:ea:67:2f:a1:62:69:ba:0a:ce:6e:a6: d9:76:bd:62 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIUTSZo1e6U3FvlaT7pq6GiupaFD0EwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNTA3MDMxNTQ4MTBaFw0yNjA3MDIxNTUzMTBaMDMxMTAvBgNV BAMTKDRCNjZDMEQwQzVCMkM5NDUxNURDODY5QzQ0NUY1MzlBOEEzOTI3OUUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8a60P379h+G64LTUVVYyNU8KX X1yRDrDsMDHjf/Z1TqXWRCeVu7PwnO7y/Lr/ScZeOFVpx+vY1uLLezwTGZKR+a4i EMpD9wgb291QLBdR479usq/qrQRCQvSSUYZ4xLLhn5c1F8XRowmON1qlhJoB+ym6 hCaOAnfXbql+ozZcO1SeI6VHcqwhkRfBCgUxuqtxaSBoI5VapReDIVl8qvyL//VS u2bw3OSTD/7qhwcN+fzYlehiylA6UaZMNVsmDHx6gWhuphNohAEWY9OXQ55xXDLZ 90/2ZFi0bu9IeTCu8llnGTy8fbn/hO/u6PyECF9MjM/iRxG9CgP/kdsx5cRFAgMB AAGjggHeMIIB2jAdBgNVHQ4EFgQUS2bA0MWyyUUV3IacRF9Tmoo5J54wHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMxNjUwOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBSoF 38P3QDANBgkqhkiG9w0BAQsFAAOCAQEAIKhG90yf64f8r5yp6dcxpuuom6pJ++ZH 14Lv/kGO5oJJKUaKZHjw7lH+I4LZgI/HpyQUiGmlB7+xYm1haGLnmFFGwaCVGVAb h+k/MKjemUNWxj0JD7kzdGcqs92qvAohrH8NDb/l3o9OBzY/N7khgA9tPjY/qTRC hnbd0uLdx5N7p4+FrYD6/yPz+9zNS5k2iemB7ZJM+r1eCCSLEm43o+OOaZ96Y2Ek qR9u8niOrWQDofWdjnGi8OanSQVPNct/Rw36QjWF1ByBCcQgTDytzR4TcTgg68hI ErUHs9SERAfQv+y7z54E9WtelTZBz1rQZ+pnL6FiaboKzm6m2Xa9Yg== -----END CERTIFICATE-----Generated at Sat Jul 5 02:08:08 2025 by rpki-client