$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS16509.roa File: AS16509.roa (raw, json) Hash identifier: z6UhHjJKnBkVyW10HokRHlQMb4EAxVnVHG1mBqtpRsQ= Subject key identifier: 42:48:D3:5B:A5:F4:4D:C9:FE:FC:CA:CD:D3:55:54:79:D0:9E:BA:03 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 1E30BAA83E772BA02673D52B0E2A1743BE844B63 Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS16509.roa Signing time: Mon 18 Aug 2025 20:20:48 +0000 ROA not before: Mon 18 Aug 2025 20:15:48 +0000 ROA not after: Mon 17 Aug 2026 20:20:48 +0000 asID: 16509 IP address blocks: 2a05:dfc3:f740::/44 maxlen: 44 2a05:dfc3:f750::/44 maxlen: 48 2a09:54c6:dfff::/48 maxlen: 48 2a0f:6284:41fe::/48 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 20 Aug 2025 21:47:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:30:ba:a8:3e:77:2b:a0:26:73:d5:2b:0e:2a:17:43:be:84:4b:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Aug 18 20:15:48 2025 GMT Not After : Aug 17 20:20:48 2026 GMT Subject: CN=4248D35BA5F44DC9FEFCCACDD3555479D09EBA03 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:40:86:ed:25:9d:15:75:3c:ce:10:4a:24:38: 09:36:f5:1b:40:de:31:e1:cb:ae:03:52:54:3e:b6: d9:18:4f:c3:49:27:3c:12:49:94:ea:86:47:76:bf: 18:48:57:89:fb:b6:1f:fa:c8:2b:f1:e1:b2:4a:77: 31:5c:3f:18:87:ad:1b:a9:00:2a:ab:b7:f4:33:92: b4:3a:4a:50:da:82:60:d6:e6:3b:41:09:a1:13:62: 13:ce:b8:04:70:36:5e:e1:4c:ea:24:67:b1:b7:82: 4a:c8:21:0e:a1:37:12:22:0f:0e:27:b6:8c:fc:99: 38:df:cd:f0:ba:bf:ef:fa:e3:f9:6e:8b:03:f1:d6: 58:2e:95:4d:9b:36:5e:7b:3c:d4:7a:b8:7e:36:64: bc:5a:bb:ed:40:a0:a3:97:e6:fe:df:5d:01:71:71: b0:e4:98:33:55:6d:fb:ad:a8:cb:8e:f9:ae:5f:02: d0:d3:45:bb:23:c5:40:91:5f:73:11:0b:6b:2d:e6: ba:ee:b8:84:a8:01:a7:1b:9c:b6:1b:c1:5e:a9:0b: 9d:4b:b7:5e:99:f8:e0:47:cd:d2:f5:88:87:f3:b0: 56:48:d5:e7:10:f4:2b:c3:49:36:50:c1:81:3f:5f: b1:58:fd:0a:b5:f5:72:78:9a:d1:25:2a:5c:34:18: 89:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:48:D3:5B:A5:F4:4D:C9:FE:FC:CA:CD:D3:55:54:79:D0:9E:BA:03 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS16509.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc3:f740::/43 2a09:54c6:dfff::/48 2a0f:6284:41fe::/48 Signature Algorithm: sha256WithRSAEncryption 53:0b:23:09:ef:a3:3c:aa:9a:67:c7:81:37:ff:4a:16:d0:6c: fa:90:b7:8d:c2:d2:78:95:ac:39:92:e8:5f:b2:cc:bb:a4:c5: 0d:22:2b:b9:52:39:41:d4:19:15:5e:cd:12:c8:27:38:10:68: 13:05:d8:2d:f0:40:77:91:6f:4e:fc:e6:10:48:a4:87:f5:96: 06:31:a4:82:d1:12:3b:5d:c0:c9:7f:22:7a:18:0d:17:c6:9a: fb:9e:17:c4:87:f2:ac:89:6a:18:0e:71:9e:ae:2a:a4:ca:e0: 67:04:0d:f9:aa:cc:24:ff:3b:0e:6d:e1:6b:1f:e1:c5:af:04: 25:d7:98:95:5b:ae:26:14:06:4e:16:e3:6c:d7:7d:d5:38:82: 94:ff:a4:33:f7:c9:d7:0f:bf:93:4a:c6:1c:d7:26:e9:00:be: 29:80:fe:36:02:10:8f:46:7f:60:f7:9d:17:1f:b7:37:39:df: 21:08:bc:3a:ec:9e:b1:12:1d:81:d3:a3:06:00:30:bd:56:34: b0:f5:7a:36:10:45:e9:51:a6:77:fd:fa:92:b8:f3:92:39:97: ae:ae:31:4c:ff:de:1c:6c:c0:51:0b:ae:66:d6:9e:65:15:b6: b8:84:a6:47:18:58:1c:1f:2d:c0:b6:7e:09:a9:b3:37:20:dd: 6b:bb:4b:40 -----BEGIN CERTIFICATE----- MIIE5jCCA86gAwIBAgIUHjC6qD53K6Amc9UrDioXQ76ES2MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNTA4MTgyMDE1NDhaFw0yNjA4MTcyMDIwNDhaMDMxMTAvBgNV BAMTKDQyNDhEMzVCQTVGNDREQzlGRUZDQ0FDREQzNTU1NDc5RDA5RUJBMDMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/QIbtJZ0VdTzOEEokOAk29RtA 3jHhy64DUlQ+ttkYT8NJJzwSSZTqhkd2vxhIV4n7th/6yCvx4bJKdzFcPxiHrRup ACqrt/QzkrQ6SlDagmDW5jtBCaETYhPOuARwNl7hTOokZ7G3gkrIIQ6hNxIiDw4n toz8mTjfzfC6v+/64/luiwPx1lgulU2bNl57PNR6uH42ZLxau+1AoKOX5v7fXQFx cbDkmDNVbfutqMuO+a5fAtDTRbsjxUCRX3MRC2st5rruuISoAacbnLYbwV6pC51L t16Z+OBHzdL1iIfzsFZI1ecQ9CvDSTZQwYE/X7FY/Qq19XJ4mtElKlw0GIm/AgMB AAGjggHwMIIB7DAdBgNVHQ4EFgQUQkjTW6X0Tcn+/MrN01VUedCeugMwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMxNjUwOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMwIQQCAAIwGwMHBSoF 38P3QAMHACoJVMbf/wMHACoPYoRB/jANBgkqhkiG9w0BAQsFAAOCAQEAUwsjCe+j PKqaZ8eBN/9KFtBs+pC3jcLSeJWsOZLoX7LMu6TFDSIruVI5QdQZFV7NEsgnOBBo EwXYLfBAd5FvTvzmEEikh/WWBjGkgtESO13AyX8iehgNF8aa+54XxIfyrIlqGA5x nq4qpMrgZwQN+arMJP87Dm3hax/hxa8EJdeYlVuuJhQGThbjbNd91TiClP+kM/fJ 1w+/k0rGHNcm6QC+KYD+NgIQj0Z/YPedFx+3NznfIQi8OuyesRIdgdOjBgAwvVY0 sPV6NhBF6VGmd/36krjzkjmXrq4xTP/eHGzAUQuuZtaeZRW2uISmRxhYHB8twLZ+ CamzNyDda7tLQA== -----END CERTIFICATE-----Generated at Wed Aug 20 13:19:33 2025 by rpki-client