$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS216112.roa File: AS216112.roa (raw, json) Hash identifier: 7F9UCnRtI6mQoRB8m0ho7iIFl4ECtomnbBXgWcKTxx8= Subject key identifier: 48:9D:3E:54:41:FE:22:DF:C2:C5:D9:DB:40:F5:93:E8:06:8B:30:D9 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 1A1C0686870F9BA098F45D1212C2A92D091A032B Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS216112.roa Signing time: Sat 13 Sep 2025 18:38:29 +0000 ROA not before: Sat 13 Sep 2025 18:33:29 +0000 ROA not after: Sat 12 Sep 2026 18:38:29 +0000 asID: 216112 IP address blocks: 2a06:1281:20::/44 maxlen: 44 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Sep 2025 22:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:1c:06:86:87:0f:9b:a0:98:f4:5d:12:12:c2:a9:2d:09:1a:03:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Sep 13 18:33:29 2025 GMT Not After : Sep 12 18:38:29 2026 GMT Subject: CN=489D3E5441FE22DFC2C5D9DB40F593E8068B30D9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:ce:ab:a4:56:a9:93:7c:0f:05:6e:88:2b:c1: b3:8e:78:e4:ce:41:fa:02:84:b2:60:64:a6:ad:75: b7:dd:6c:d4:48:25:df:c6:14:77:a9:80:b4:ea:ed: 74:9d:f0:ca:e4:5c:b8:37:f9:31:ca:3c:cb:95:0c: 76:bb:3d:34:76:ed:0c:fb:dd:23:2d:8e:ae:cc:85: 0f:b7:3d:78:70:a4:ab:b2:fd:23:77:39:0a:fc:73: 43:f1:7e:2b:62:74:8a:fb:48:cb:39:ce:d7:1b:d7: 0d:c8:f1:db:5d:0a:2d:c5:b0:05:94:56:c3:d8:81: bf:17:4d:c8:94:39:8c:1e:8b:d3:3e:f3:06:03:5a: d0:49:5c:25:00:86:54:23:dc:f9:57:1c:72:c4:2f: 7a:86:7e:2d:ef:f1:7d:18:3d:a1:13:af:e1:59:e9: ae:c4:d1:47:be:27:e7:30:af:57:d3:7e:94:8a:94: 8b:84:f7:1b:be:af:38:13:8d:ae:10:dd:25:bd:03: 2c:b5:7f:bf:52:fa:9c:08:1e:5c:0e:0e:0d:8e:80: bd:b5:8b:26:9a:4a:9b:04:b2:8c:42:29:41:2d:aa: 93:7b:2d:54:3d:61:cd:9c:19:46:89:e4:20:49:38: 9d:f9:e0:63:9d:b5:8e:0a:7d:1f:42:c3:ba:8f:48: d9:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:9D:3E:54:41:FE:22:DF:C2:C5:D9:DB:40:F5:93:E8:06:8B:30:D9 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS216112.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a06:1281:20::/44 Signature Algorithm: sha256WithRSAEncryption 16:bd:e5:f4:ab:73:34:4e:e5:8a:5b:dc:2f:f3:2b:cf:8f:f7: bf:6d:43:6a:2c:59:e4:31:df:7e:46:2e:61:ac:ea:05:4b:20: 05:10:6f:c0:21:84:c0:0a:25:f6:c4:4f:08:9d:33:ee:5d:ae: 2c:51:79:7a:75:1d:61:6c:20:19:55:ce:c9:6c:fd:cb:c5:13: de:04:c5:42:f5:54:e8:66:44:2b:8a:4d:62:8c:03:43:29:ca: bc:c6:d7:af:58:17:b1:67:91:bc:cc:34:78:fa:b6:ff:db:0f: ea:31:ac:91:23:42:80:29:35:1d:4c:64:65:fd:89:bf:56:59: 0d:a3:7c:53:7d:80:2d:02:e3:d0:bb:ec:37:e5:38:b3:62:7e: 33:b2:4e:b1:2a:98:92:1f:4e:31:8f:4b:73:44:03:33:e7:b4: 1a:da:20:3e:95:75:2a:92:1f:8e:ab:e4:f6:d2:0b:ca:a2:60: 15:b9:3d:7b:26:01:48:16:61:20:8c:de:c6:ce:f6:30:4a:95: 95:d6:96:15:41:2a:b2:00:0b:fd:f7:15:17:05:47:41:d4:7b: 0d:ad:6e:63:fb:23:63:04:65:0c:4a:75:a5:fd:08:c9:44:b2: e7:ac:6d:7d:d1:98:f3:cf:7b:ef:01:75:ee:c1:02:9b:7b:81: 66:b7:12:29 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgIUGhwGhocPm6CY9F0SEsKpLQkaAyswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNTA5MTMxODMzMjlaFw0yNjA5MTIxODM4MjlaMDMxMTAvBgNV BAMTKDQ4OUQzRTU0NDFGRTIyREZDMkM1RDlEQjQwRjU5M0U4MDY4QjMwRDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDizqukVqmTfA8FbogrwbOOeOTO QfoChLJgZKatdbfdbNRIJd/GFHepgLTq7XSd8MrkXLg3+THKPMuVDHa7PTR27Qz7 3SMtjq7MhQ+3PXhwpKuy/SN3OQr8c0PxfitidIr7SMs5ztcb1w3I8dtdCi3FsAWU VsPYgb8XTciUOYwei9M+8wYDWtBJXCUAhlQj3PlXHHLEL3qGfi3v8X0YPaETr+FZ 6a7E0Ue+J+cwr1fTfpSKlIuE9xu+rzgTja4Q3SW9Ayy1f79S+pwIHlwODg2OgL21 iyaaSpsEsoxCKUEtqpN7LVQ9Yc2cGUaJ5CBJOJ354GOdtY4KfR9Cw7qPSNnjAgMB AAGjggHfMIIB2zAdBgNVHQ4EFgQUSJ0+VEH+It/CxdnbQPWT6AaLMNkwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMTYxMTIucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQq BhKBACAwDQYJKoZIhvcNAQELBQADggEBABa95fSrczRO5Ypb3C/zK8+P979tQ2os WeQx335GLmGs6gVLIAUQb8AhhMAKJfbETwidM+5drixReXp1HWFsIBlVzsls/cvF E94ExUL1VOhmRCuKTWKMA0MpyrzG169YF7FnkbzMNHj6tv/bD+oxrJEjQoApNR1M ZGX9ib9WWQ2jfFN9gC0C49C77DflOLNifjOyTrEqmJIfTjGPS3NEAzPntBraID6V dSqSH46r5PbSC8qiYBW5PXsmAUgWYSCM3sbO9jBKlZXWlhVBKrIAC/33FRcFR0HU ew2tbmP7I2MEZQxKdaX9CMlEsuesbX3RmPPPe+8Bde7BApt7gWa3Eik= -----END CERTIFICATE-----Generated at Wed Sep 17 08:21:25 2025 by rpki-client