$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS207113.roa File: AS207113.roa (raw, json) Hash identifier: ADr2i71zTCbR2gmNUiIa8yxL2FuYf5aUe/TVBTfdsn0= Subject key identifier: F2:0C:22:3B:E6:2B:C2:E4:D5:C4:84:B0:C0:E5:64:5B:B6:7B:09:B2 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 0DE628B31835C3D0DABC9D7113CC9405522B009B Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS207113.roa Signing time: Thu 02 Oct 2025 19:01:00 +0000 ROA not before: Thu 02 Oct 2025 18:56:00 +0000 ROA not after: Thu 01 Oct 2026 19:01:00 +0000 asID: 207113 IP address blocks: 2a0f:6284:4200::/44 maxlen: 48 2a0f:6284:420f::/48 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 09 Oct 2025 03:37:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:e6:28:b3:18:35:c3:d0:da:bc:9d:71:13:cc:94:05:52:2b:00:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Oct 2 18:56:00 2025 GMT Not After : Oct 1 19:01:00 2026 GMT Subject: CN=F20C223BE62BC2E4D5C484B0C0E5645BB67B09B2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:1c:5b:2f:bf:f1:80:b7:7e:69:6c:cf:85:e0: b5:ae:55:41:fb:c5:c0:ac:89:58:f0:db:0f:fe:de: 87:fc:20:2f:04:48:39:ee:42:4c:dc:5b:80:58:48: c1:f1:6e:cb:16:5c:07:92:49:b5:e5:7c:59:b0:1d: 31:1d:e6:a2:c8:18:4c:e1:61:f8:05:94:21:bc:5b: 09:9e:d1:6e:2b:67:c2:6c:cb:b1:62:fa:58:d9:fb: 13:47:ad:2c:6c:a4:61:64:35:51:67:ed:88:df:73: 45:8f:66:1a:e7:2d:ff:33:d4:5a:01:67:15:eb:0c: 3d:f1:23:52:33:75:66:e3:a5:b4:1d:de:c5:30:d0: 3b:48:e3:88:40:95:2e:e0:af:90:bd:47:b7:d3:8f: c3:a7:af:37:24:34:41:a7:84:fe:5f:00:7e:9a:63: 64:5e:a9:91:f0:bd:c3:84:bf:e5:20:fe:32:ae:9b: 3f:cb:b7:f3:a9:dd:9a:8d:7e:02:64:0e:e9:a3:8d: 69:ea:bf:c5:fb:3e:37:52:d6:3e:5f:21:61:7c:08: 92:52:51:c0:b3:eb:5b:2b:d1:ab:a5:bf:96:9d:8a: 91:db:26:7c:63:95:ce:ee:f1:97:5c:b5:a4:13:8d: 8e:fb:62:6a:8a:58:7f:00:3b:bc:40:48:02:db:21: 55:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:0C:22:3B:E6:2B:C2:E4:D5:C4:84:B0:C0:E5:64:5B:B6:7B:09:B2 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS207113.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:6284:4200::/44 Signature Algorithm: sha256WithRSAEncryption 80:98:fb:db:bd:c0:a8:31:ea:fc:52:c3:6d:0b:8d:d9:7b:53: 59:d5:0a:20:3c:ec:13:50:97:bf:88:73:bd:5f:53:a3:23:b9: 1b:6d:0e:54:f2:e4:8c:97:0a:f2:36:ee:73:ed:ba:43:c4:3e: 34:a2:fc:79:76:5a:05:54:e7:c5:26:8d:d4:5e:2e:dc:5b:ea: 57:98:6f:59:05:21:99:0d:a0:30:a0:9d:13:13:18:25:f5:09: 37:19:69:79:7f:3e:24:1f:17:f8:5d:9b:7c:fb:bd:76:24:10: 7d:9b:c5:1d:6d:98:1d:72:45:3a:d7:06:7c:29:f4:4b:fa:b5: 0e:3e:51:1e:91:4c:21:5e:58:88:77:86:b5:d7:e9:b6:c3:aa: 56:6f:bf:b6:df:ce:db:0f:64:61:78:38:9f:8d:6e:ef:19:78: 0a:d3:9f:ba:49:f3:0b:8c:b1:36:32:59:80:aa:55:c9:eb:52: a7:59:b2:ef:30:0f:98:d2:72:af:88:f1:7f:d1:d9:55:4c:9d: e0:08:cb:d7:af:86:d3:9c:16:1c:cd:3c:ee:a1:a6:eb:c3:bb: b9:fa:7a:88:9e:9c:a2:59:a1:b9:8a:53:1c:bb:09:f9:cf:3c: 24:a5:4e:72:ad:b6:8d:ec:53:dc:18:de:e3:f0:14:f7:60:13: 9d:26:29:60 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgIUDeYosxg1w9DavJ1xE8yUBVIrAJswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNTEwMDIxODU2MDBaFw0yNjEwMDExOTAxMDBaMDMxMTAvBgNV BAMTKEYyMEMyMjNCRTYyQkMyRTRENUM0ODRCMEMwRTU2NDVCQjY3QjA5QjIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChHFsvv/GAt35pbM+F4LWuVUH7 xcCsiVjw2w/+3of8IC8ESDnuQkzcW4BYSMHxbssWXAeSSbXlfFmwHTEd5qLIGEzh YfgFlCG8Wwme0W4rZ8Jsy7Fi+ljZ+xNHrSxspGFkNVFn7Yjfc0WPZhrnLf8z1FoB ZxXrDD3xI1IzdWbjpbQd3sUw0DtI44hAlS7gr5C9R7fTj8OnrzckNEGnhP5fAH6a Y2ReqZHwvcOEv+Ug/jKumz/Lt/Op3ZqNfgJkDumjjWnqv8X7PjdS1j5fIWF8CJJS UcCz61sr0aulv5adipHbJnxjlc7u8ZdctaQTjY77YmqKWH8AO7xASALbIVWpAgMB AAGjggHfMIIB2zAdBgNVHQ4EFgQU8gwiO+YrwuTVxISwwOVkW7Z7CbIwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMDcxMTMucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQq D2KEQgAwDQYJKoZIhvcNAQELBQADggEBAICY+9u9wKgx6vxSw20Ljdl7U1nVCiA8 7BNQl7+Ic71fU6MjuRttDlTy5IyXCvI27nPtukPEPjSi/Hl2WgVU58UmjdReLtxb 6leYb1kFIZkNoDCgnRMTGCX1CTcZaXl/PiQfF/hdm3z7vXYkEH2bxR1tmB1yRTrX Bnwp9Ev6tQ4+UR6RTCFeWIh3hrXX6bbDqlZvv7bfztsPZGF4OJ+Nbu8ZeArTn7pJ 8wuMsTYyWYCqVcnrUqdZsu8wD5jScq+I8X/R2VVMneAIy9evhtOcFhzNPO6hpuvD u7n6eoienKJZobmKUxy7CfnPPCSlTnKtto3sU9wY3uPwFPdgE50mKWA= -----END CERTIFICATE-----Generated at Wed Oct 8 17:35:55 2025 by rpki-client