$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS209693.roa File: AS209693.roa (raw, json) Hash identifier: jOleTujoINqCpsDH1OzttgmGVPu0HNmaDVIll6nHuk4= Subject key identifier: 98:51:BF:A9:B2:5C:CF:E5:47:21:F3:38:F7:B8:A0:CE:D4:02:31:63 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 71B089F5DFC6677B428833AF2097F1A2848688DC Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS209693.roa Signing time: Tue 30 Sep 2025 08:02:09 +0000 ROA not before: Tue 30 Sep 2025 07:57:09 +0000 ROA not after: Tue 29 Sep 2026 08:02:09 +0000 asID: 209693 IP address blocks: 2a09:54c6:5000::/36 maxlen: 48 2a0f:6284:c000::/34 maxlen: 34 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 09 Oct 2025 13:21:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:b0:89:f5:df:c6:67:7b:42:88:33:af:20:97:f1:a2:84:86:88:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Sep 30 07:57:09 2025 GMT Not After : Sep 29 08:02:09 2026 GMT Subject: CN=9851BFA9B25CCFE54721F338F7B8A0CED4023163 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:20:57:5c:3d:ed:13:6f:22:a8:83:7d:b9:59: 81:9b:22:95:56:0e:d3:62:16:13:4a:7d:9c:44:82: 8c:0f:b3:b4:61:17:4f:7e:c4:1e:4a:99:65:cd:46: fb:0a:09:09:49:78:0f:d2:06:41:1d:49:b6:a7:49: a0:88:c0:4a:eb:33:bf:61:d4:02:21:e6:b7:3b:a7: cd:36:dc:42:07:3d:47:ef:87:8a:81:27:69:0f:e4: 33:ec:8b:84:66:4c:8b:ce:88:12:ff:0b:e5:80:24: da:3f:6d:10:94:be:a7:8c:3a:6d:f8:bf:6e:db:f0: f6:49:90:38:d4:0b:bf:77:62:c3:cc:d6:15:a8:d1: 26:cd:82:05:c1:9b:75:d1:d9:d2:4a:69:97:57:a9: 43:a6:20:f7:89:a2:84:7d:3a:05:03:41:6d:8d:86: 89:a2:9c:65:9d:76:8c:52:d0:9a:52:5a:77:d0:2c: 5f:e4:e0:c0:c5:68:19:80:08:3f:36:1b:f7:84:a2: 84:35:04:5e:53:03:f9:88:44:7a:27:d4:29:73:94: 21:db:e7:f2:02:54:3b:96:dc:5b:3f:27:cc:4f:d4: 38:89:41:fd:e4:64:a5:9d:4d:31:d1:5a:62:7d:b7: 9b:58:41:bc:f8:ce:e6:88:e3:3a:8c:37:04:86:2d: 29:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:51:BF:A9:B2:5C:CF:E5:47:21:F3:38:F7:B8:A0:CE:D4:02:31:63 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS209693.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a09:54c6:5000::/36 2a0f:6284:c000::/34 Signature Algorithm: sha256WithRSAEncryption 22:6a:f4:76:97:3f:c9:d3:47:df:eb:3c:a1:3f:4b:a3:19:86: 93:d4:61:b4:7d:9c:0f:fa:bc:5a:55:f6:75:d3:17:26:50:6d: bc:df:5c:68:bb:a6:78:36:65:76:5b:61:fc:ea:05:09:5f:82: ad:95:6d:c1:5e:6e:e2:37:57:6b:a4:4f:a5:4e:15:08:a7:70: f2:70:94:e3:fd:d2:29:24:c4:87:2c:8f:a6:8a:1c:e0:8d:a7: 9f:05:9c:d2:28:94:53:4a:2f:10:bb:d7:38:0f:bf:dc:50:88: 41:d0:41:a7:52:48:f3:f8:99:07:01:16:18:83:0f:e7:fb:0d: bc:02:f5:80:91:8d:6b:2d:ed:41:a5:05:09:71:9a:4f:f1:47: e9:fd:1b:43:d8:36:ca:ab:49:4b:20:23:bc:26:81:09:bb:1f: 28:39:6e:26:92:b5:31:59:7e:e2:20:0f:fe:2f:69:cf:53:ca: 75:72:23:1f:93:41:9b:46:91:e6:17:3c:30:44:95:7d:71:c4: da:2c:88:a3:13:25:d1:be:f9:86:07:43:a9:f3:62:bf:6a:cb: 59:3a:72:80:61:62:43:66:51:7b:78:6f:1c:8c:88:24:67:67: 33:8a:91:60:c0:16:8a:35:17:57:95:f2:f1:cd:cd:dd:bb:7a: 7d:01:d6:f6 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUcbCJ9d/GZ3tCiDOvIJfxooSGiNwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNTA5MzAwNzU3MDlaFw0yNjA5MjkwODAyMDlaMDMxMTAvBgNV BAMTKDk4NTFCRkE5QjI1Q0NGRTU0NzIxRjMzOEY3QjhBMENFRDQwMjMxNjMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdIFdcPe0TbyKog325WYGbIpVW DtNiFhNKfZxEgowPs7RhF09+xB5KmWXNRvsKCQlJeA/SBkEdSbanSaCIwErrM79h 1AIh5rc7p8023EIHPUfvh4qBJ2kP5DPsi4RmTIvOiBL/C+WAJNo/bRCUvqeMOm34 v27b8PZJkDjUC793YsPM1hWo0SbNggXBm3XR2dJKaZdXqUOmIPeJooR9OgUDQW2N hominGWddoxS0JpSWnfQLF/k4MDFaBmACD82G/eEooQ1BF5TA/mIRHon1ClzlCHb 5/ICVDuW3Fs/J8xP1DiJQf3kZKWdTTHRWmJ9t5tYQbz4zuaI4zqMNwSGLSkdAgMB AAGjggHmMIIB4jAdBgNVHQ4EFgQUmFG/qbJcz+VHIfM497igztQCMWMwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMDk2OTMucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwKQYIKwYBBQUHAQcBAf8EGjAYMBYEAgACMBADBgQq CVTGUAMGBioPYoTAMA0GCSqGSIb3DQEBCwUAA4IBAQAiavR2lz/J00ff6zyhP0uj GYaT1GG0fZwP+rxaVfZ10xcmUG2831xou6Z4NmV2W2H86gUJX4KtlW3BXm7iN1dr pE+lThUIp3DycJTj/dIpJMSHLI+mihzgjaefBZzSKJRTSi8Qu9c4D7/cUIhB0EGn Ukjz+JkHARYYgw/n+w28AvWAkY1rLe1BpQUJcZpP8Ufp/RtD2DbKq0lLICO8JoEJ ux8oOW4mkrUxWX7iIA/+L2nPU8p1ciMfk0GbRpHmFzwwRJV9ccTaLIijEyXRvvmG B0Op82K/astZOnKAYWJDZlF7eG8cjIgkZ2czipFgwBaKNRdXlfLxzc3du3p9Adb2 -----END CERTIFICATE-----Generated at Wed Oct 8 17:35:55 2025 by rpki-client