$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS16509.roa File: AS16509.roa (raw, json) Hash identifier: RvsmSeW8DcOeuM2jjR13G3XFjh/hnTAGrzJxt3Ol9zw= Subject key identifier: 66:B6:C4:EB:D1:F1:8E:D6:95:AE:C8:00:A6:55:82:3E:F5:A9:1A:E7 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 71C8B473B87E96FE26932BAE50621C5C804E8962 Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS16509.roa Signing time: Sat 30 Aug 2025 23:08:12 +0000 ROA not before: Sat 30 Aug 2025 23:03:12 +0000 ROA not after: Sat 29 Aug 2026 23:08:12 +0000 asID: 16509 IP address blocks: 2a05:dfc3:f740::/44 maxlen: 44 2a05:dfc3:f750::/44 maxlen: 48 2a09:54c6:dfff::/48 maxlen: 48 2a0f:6284:41fe::/48 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 09 Oct 2025 03:37:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:c8:b4:73:b8:7e:96:fe:26:93:2b:ae:50:62:1c:5c:80:4e:89:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Aug 30 23:03:12 2025 GMT Not After : Aug 29 23:08:12 2026 GMT Subject: CN=66B6C4EBD1F18ED695AEC800A655823EF5A91AE7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:30:2d:d3:64:01:c7:48:d8:2b:bc:15:38:19: d5:25:fd:11:5d:27:81:57:41:c1:24:5a:01:35:ca: bc:8b:9e:09:66:c6:84:b4:26:be:9f:31:8f:97:43: d4:00:2d:fc:51:57:b6:8a:4b:2e:ba:58:2b:72:d7: 5c:32:e4:3a:e9:77:85:73:af:77:63:16:5e:55:9f: d4:cf:1a:15:80:4d:ef:71:0c:17:4a:2a:85:81:bf: e3:34:a8:8d:cf:cf:ab:46:03:73:29:f6:b0:27:b2: 71:87:d6:9e:24:81:fc:36:35:2d:04:34:a5:0d:e5: 9f:82:75:7e:27:7a:68:77:a8:ec:ac:b7:ae:26:08: 7f:32:a0:b0:66:ff:5d:b0:dc:f7:47:8e:93:df:32: 5a:1a:06:e8:35:39:16:65:bb:d8:77:a2:0c:e5:4e: eb:e2:a7:a9:a9:2b:48:be:67:9f:ea:87:ba:7d:eb: 31:28:26:d5:a5:b5:f3:1d:5e:82:b1:b3:f0:d1:7f: f7:ff:c1:35:f3:ef:22:19:fc:0d:65:60:d0:a1:4f: 81:23:34:44:61:aa:be:81:a6:5f:2e:63:8c:ca:37: d0:2c:4c:22:07:f2:b6:69:4e:bb:58:9d:4a:58:87: 29:26:26:44:3e:a4:47:c7:3b:1a:b2:2f:e6:8a:00: 84:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:B6:C4:EB:D1:F1:8E:D6:95:AE:C8:00:A6:55:82:3E:F5:A9:1A:E7 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS16509.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc3:f740::/43 2a09:54c6:dfff::/48 2a0f:6284:41fe::/48 Signature Algorithm: sha256WithRSAEncryption 6e:3a:9d:5c:6f:83:3d:9a:71:44:1c:2b:a1:82:68:74:aa:a6: 3d:9e:27:9e:b3:f2:57:af:45:7a:fe:8b:25:b0:46:3e:8c:bc: fc:ed:b1:99:3b:6f:06:a1:a0:74:12:e7:7c:ab:a8:d2:1d:5c: 83:b4:94:04:a8:fd:0b:67:2e:c4:e5:f1:97:a7:2d:97:9c:ca: 70:bb:e3:8a:0d:0f:32:ac:81:0f:31:e1:71:77:b8:1a:f3:14: 9d:01:92:d0:81:51:9c:aa:a5:93:1a:9a:55:8f:8d:96:a2:63: a5:4a:e4:09:ff:ec:24:ce:50:d6:af:96:42:3f:eb:4a:f7:c2: 38:55:f0:21:c2:48:0b:2f:91:20:86:c9:4e:e7:67:90:d9:50: 8f:63:4e:2b:ce:37:66:cb:e0:92:2b:6e:d3:55:f6:05:2d:fc: 74:02:b6:5e:a9:3c:93:aa:ad:a0:f3:bc:e4:c1:f4:ab:62:23: cb:cd:6f:a0:6c:84:d9:b9:43:dc:8a:21:07:7b:40:9a:31:5d: 67:02:10:c5:00:5c:80:b1:79:fc:53:6e:b9:c8:ca:ed:8e:bd: 6c:0a:d0:a9:e3:2f:1c:49:07:90:61:e3:23:3d:de:19:b7:97: cc:d3:a6:f9:5a:30:93:41:fe:c1:fb:25:23:01:a5:dc:6b:5e: fe:b3:0c:b9 -----BEGIN CERTIFICATE----- MIIE5jCCA86gAwIBAgIUcci0c7h+lv4mkyuuUGIcXIBOiWIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNTA4MzAyMzAzMTJaFw0yNjA4MjkyMzA4MTJaMDMxMTAvBgNV BAMTKDY2QjZDNEVCRDFGMThFRDY5NUFFQzgwMEE2NTU4MjNFRjVBOTFBRTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXMC3TZAHHSNgrvBU4GdUl/RFd J4FXQcEkWgE1yryLnglmxoS0Jr6fMY+XQ9QALfxRV7aKSy66WCty11wy5Drpd4Vz r3djFl5Vn9TPGhWATe9xDBdKKoWBv+M0qI3Pz6tGA3Mp9rAnsnGH1p4kgfw2NS0E NKUN5Z+CdX4nemh3qOyst64mCH8yoLBm/12w3PdHjpPfMloaBug1ORZlu9h3ogzl Tuvip6mpK0i+Z5/qh7p96zEoJtWltfMdXoKxs/DRf/f/wTXz7yIZ/A1lYNChT4Ej NERhqr6Bpl8uY4zKN9AsTCIH8rZpTrtYnUpYhykmJkQ+pEfHOxqyL+aKAIQDAgMB AAGjggHwMIIB7DAdBgNVHQ4EFgQUZrbE69HxjtaVrsgAplWCPvWpGucwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMxNjUwOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMwIQQCAAIwGwMHBSoF 38P3QAMHACoJVMbf/wMHACoPYoRB/jANBgkqhkiG9w0BAQsFAAOCAQEAbjqdXG+D PZpxRBwroYJodKqmPZ4nnrPyV69Fev6LJbBGPoy8/O2xmTtvBqGgdBLnfKuo0h1c g7SUBKj9C2cuxOXxl6ctl5zKcLvjig0PMqyBDzHhcXe4GvMUnQGS0IFRnKqlkxqa VY+NlqJjpUrkCf/sJM5Q1q+WQj/rSvfCOFXwIcJICy+RIIbJTudnkNlQj2NOK843 Zsvgkitu01X2BS38dAK2Xqk8k6qtoPO85MH0q2Ijy81voGyE2blD3IohB3tAmjFd ZwIQxQBcgLF5/FNuucjK7Y69bArQqeMvHEkHkGHjIz3eGbeXzNOm+Vowk0H+wfsl IwGl3Gte/rMMuQ== -----END CERTIFICATE-----Generated at Wed Oct 8 17:35:54 2025 by rpki-client