$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS214299.roa File: AS214299.roa (raw, json) Hash identifier: ZmhEwAKb1sE8L0cItAME0+yba0HH0zWZriZ03WvKF4M= Subject key identifier: 91:D0:20:52:FA:C0:AB:7B:1D:19:5A:A9:47:E7:4F:F5:29:52:87:E7 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 15526894D83565B6C50E56D9522CFC50B8EF5EE2 Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS214299.roa Signing time: Sun 19 Apr 2026 12:22:19 +0000 ROA not before: Sun 19 Apr 2026 12:17:19 +0000 ROA not after: Sun 18 Apr 2027 12:22:19 +0000 asID: 214299 IP address blocks: 2a05:dfc3:fd40::/44 maxlen: 52 2a05:dfc3:fd40::/48 maxlen: 48 2a0f:6284:1000::/36 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 20 Apr 2026 15:31:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:52:68:94:d8:35:65:b6:c5:0e:56:d9:52:2c:fc:50:b8:ef:5e:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Apr 19 12:17:19 2026 GMT Not After : Apr 18 12:22:19 2027 GMT Subject: CN=91D02052FAC0AB7B1D195AA947E74FF5295287E7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:64:ee:bc:71:20:e2:a0:b3:ef:de:78:50:86: 47:32:49:f8:01:bc:a9:c7:9f:64:f1:f8:d1:dd:5b: 7a:a8:6c:f9:46:4b:f7:b2:f1:48:bd:2e:7f:41:6a: 32:95:8b:3f:1b:44:e0:51:29:a1:0e:c8:47:43:2c: 75:f4:4d:4b:1b:12:18:6e:83:84:61:2d:c3:3f:d8: 2e:ab:5a:26:8a:40:5e:a3:01:94:83:78:d4:bc:c2: 1c:2a:6e:e0:73:95:88:e2:33:9c:ce:5c:00:0a:7f: 98:9d:1a:09:e8:00:ef:64:22:d2:ca:40:19:4a:62: e2:d0:59:8a:48:55:d5:d7:f9:28:02:e9:c2:88:da: 9c:8e:10:e0:2e:4b:1f:ed:de:9c:cb:b6:7b:df:a6: a0:1e:ec:04:d7:2c:f2:d5:c3:bf:92:8a:2a:74:e3: 5b:b8:70:b4:47:a8:f3:59:11:4e:07:7d:c2:cc:09: 92:35:70:a1:6f:92:6b:b1:60:a5:6c:60:c0:e4:fb: 2e:fa:8b:4c:f2:1d:11:65:4f:c1:3d:69:0a:06:65: 32:4a:3c:4e:93:f3:87:9c:9d:6b:07:ca:b8:6f:8b: e3:1f:f2:42:e0:d3:d3:33:e9:c8:bb:f7:47:d1:d6: 09:2a:28:c5:43:33:0e:c7:f1:68:bc:bf:90:c9:40: 6f:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:D0:20:52:FA:C0:AB:7B:1D:19:5A:A9:47:E7:4F:F5:29:52:87:E7 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS214299.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc3:fd40::/44 2a0f:6284:1000::/36 Signature Algorithm: sha256WithRSAEncryption 48:8c:11:27:f6:2f:47:a3:ec:12:4b:ed:61:97:c8:ad:dd:24: 9a:fd:a5:48:0b:7f:6d:77:28:45:82:d8:27:6b:ea:b9:aa:09: 37:5a:df:96:e7:51:a1:b6:7b:d0:97:dc:cc:a8:39:ca:f1:80: 44:e9:08:e6:d6:01:cb:ad:7c:83:45:02:27:e3:a3:bc:23:68: 80:61:54:58:14:69:58:59:a3:de:ce:e7:7b:67:71:31:d3:da: 6f:e9:1d:08:c6:c1:1c:eb:c1:23:43:80:d3:40:86:27:f0:9d: a6:9d:92:c0:0c:26:d0:97:28:5f:aa:01:91:6f:ae:cd:4a:49: 7e:f7:be:8b:91:80:9f:37:e3:43:36:1f:4b:55:a6:aa:39:38: c8:df:d7:9f:65:7f:63:23:21:cb:10:0b:6c:04:ea:1c:84:cd: 0b:25:af:1e:7f:86:cb:81:19:10:ba:a0:ea:5a:1e:f9:16:2c: 9f:16:47:b6:be:64:da:29:2f:cc:a7:95:95:b6:82:f6:78:81: 33:2c:96:38:11:dc:08:b6:eb:38:71:88:b9:8b:df:28:c8:cc: 1b:e8:ed:bf:2e:1d:3c:a1:32:26:03:60:a9:ce:d9:4b:fb:58: 6a:46:47:eb:6b:bf:46:a0:5f:38:52:7d:42:9f:80:13:c7:74: 3b:66:41:7a -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUFVJolNg1ZbbFDlbZUiz8ULjvXuIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNjA0MTkxMjE3MTlaFw0yNzA0MTgxMjIyMTlaMDMxMTAvBgNV BAMTKDkxRDAyMDUyRkFDMEFCN0IxRDE5NUFBOTQ3RTc0RkY1Mjk1Mjg3RTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6ZO68cSDioLPv3nhQhkcySfgB vKnHn2Tx+NHdW3qobPlGS/ey8Ui9Ln9BajKViz8bROBRKaEOyEdDLHX0TUsbEhhu g4RhLcM/2C6rWiaKQF6jAZSDeNS8whwqbuBzlYjiM5zOXAAKf5idGgnoAO9kItLK QBlKYuLQWYpIVdXX+SgC6cKI2pyOEOAuSx/t3pzLtnvfpqAe7ATXLPLVw7+Siip0 41u4cLRHqPNZEU4HfcLMCZI1cKFvkmuxYKVsYMDk+y76i0zyHRFlT8E9aQoGZTJK PE6T84ecnWsHyrhvi+Mf8kLg09Mz6ci790fR1gkqKMVDMw7H8Wi8v5DJQG/NAgMB AAGjggHnMIIB4zAdBgNVHQ4EFgQUkdAgUvrAq3sdGVqpR+dP9SlSh+cwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMTQyOTkucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwKgYIKwYBBQUHAQcBAf8EGzAZMBcEAgACMBEDBwQq Bd/D/UADBgQqD2KEEDANBgkqhkiG9w0BAQsFAAOCAQEASIwRJ/YvR6PsEkvtYZfI rd0kmv2lSAt/bXcoRYLYJ2vquaoJN1rfludRobZ70JfczKg5yvGAROkI5tYBy618 g0UCJ+OjvCNogGFUWBRpWFmj3s7ne2dxMdPab+kdCMbBHOvBI0OA00CGJ/Cdpp2S wAwm0JcoX6oBkW+uzUpJfve+i5GAnzfjQzYfS1Wmqjk4yN/Xn2V/YyMhyxALbATq HITNCyWvHn+Gy4EZELqg6loe+RYsnxZHtr5k2ikvzKeVlbaC9niBMyyWOBHcCLbr OHGIuYvfKMjMG+jtvy4dPKEyJgNgqc7ZS/tYakZH62u/RqBfOFJ9Qp+AE8d0O2ZB eg== -----END CERTIFICATE-----Generated at Mon Apr 20 07:13:56 2026 by rpki-client