$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS31898.roa File: AS31898.roa (raw, json) Hash identifier: rABbEfwzvWLX+a7A2Pe1hBWsPXXJk2ppLOmQ2xhv3bA= Subject key identifier: CE:EB:9E:DA:D3:6E:C8:F8:40:20:B0:E1:2E:21:E5:F5:3B:1D:C2:7C Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 09C84A8AE227DDEDFA2577A9A749FCE47066525B Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS31898.roa Signing time: Wed 27 Aug 2025 05:47:56 +0000 ROA not before: Wed 27 Aug 2025 05:42:56 +0000 ROA not after: Wed 26 Aug 2026 05:47:56 +0000 asID: 31898 IP address blocks: 2a05:dfc3:f6ce::/48 maxlen: 48 2a05:dfc3:f760::/44 maxlen: 48 2a0a:6044:6d00::/48 maxlen: 48 2a0f:6284:41ff::/48 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 09 Oct 2025 13:21:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:c8:4a:8a:e2:27:dd:ed:fa:25:77:a9:a7:49:fc:e4:70:66:52:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Aug 27 05:42:56 2025 GMT Not After : Aug 26 05:47:56 2026 GMT Subject: CN=CEEB9EDAD36EC8F84020B0E12E21E5F53B1DC27C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:cf:d5:b9:11:12:d6:ee:70:ff:c4:5d:57:34: 8f:14:79:b7:9c:92:5a:f1:d5:ec:48:6e:36:f8:38: 37:93:6a:1a:df:c4:0e:2f:c5:92:d8:0e:d4:b9:8b: 23:6f:0e:e2:81:d7:5f:59:60:79:fd:10:07:57:71: 22:db:f9:b6:30:e2:c1:e8:2c:f2:e2:65:6b:c8:af: 4a:7a:87:3c:28:ef:d7:73:21:f4:a8:20:a8:69:6d: 83:85:b6:23:24:58:c1:c4:be:42:6e:7b:86:dd:c6: 2b:ae:e1:07:be:45:76:e4:0e:ae:8d:70:0f:4e:f1: 7f:64:4b:ee:dd:72:17:41:9f:05:27:c1:f8:8f:a8: 6b:95:dc:d5:c9:96:8d:33:af:3d:33:7f:55:00:fe: 29:cf:5d:80:0a:6c:c7:a0:25:72:00:2d:a1:91:59: fa:df:ec:82:eb:68:77:dd:e4:7b:9d:64:4c:2a:81: ed:6c:b5:08:9d:21:8b:3e:65:17:25:93:df:ac:22: 7b:9e:38:ef:a5:f2:c7:66:40:83:5e:20:12:99:b0: 40:71:d5:af:54:c7:c2:22:72:2e:8c:d5:43:47:12: 48:81:5a:3d:07:d5:53:67:0f:f6:5c:a0:b5:0c:86: 0f:70:76:47:80:69:d8:ad:17:10:e4:ff:85:ec:8c: f4:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:EB:9E:DA:D3:6E:C8:F8:40:20:B0:E1:2E:21:E5:F5:3B:1D:C2:7C X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS31898.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc3:f6ce::/48 2a05:dfc3:f760::/44 2a0a:6044:6d00::/48 2a0f:6284:41ff::/48 Signature Algorithm: sha256WithRSAEncryption 5f:ec:4d:00:93:44:ed:77:0a:3c:e5:ab:9d:68:1c:fa:85:a7: 32:70:81:42:82:45:08:ff:4e:df:f7:3a:0c:02:b0:6e:aa:aa: d6:8d:8f:1b:87:a2:df:9c:ae:cb:0a:a4:50:83:e0:0a:47:ea: 30:32:df:51:5f:df:55:34:f2:dc:37:f5:9e:c7:9e:fb:f7:88: 7b:27:33:3b:7c:27:48:78:a0:4e:ab:bb:58:6e:ee:47:c6:60: a0:a7:10:bb:87:0e:e8:f6:49:bc:4d:b0:1f:d4:4c:02:33:fa: f8:38:27:40:51:2e:ab:e1:53:1c:6e:1d:ba:82:43:17:1a:fc: f3:af:fc:1b:91:25:94:26:4f:aa:5a:1c:cf:39:46:c3:1f:26: d2:1e:2c:45:2b:f4:b0:2a:a7:64:36:3d:a1:7c:cd:d6:72:96: ba:fc:b1:8d:f2:89:99:3e:2d:aa:52:c4:68:6c:25:15:d1:bf: e4:4a:27:38:9d:ad:12:15:7e:ac:1d:16:78:85:30:95:3f:0f: bc:66:b9:d8:60:a0:83:f6:86:33:49:65:cf:7d:1f:3f:d7:90: bd:91:81:e1:b2:f9:27:52:e1:68:85:4c:43:26:ef:4f:a6:5b: 24:54:30:6e:8a:ce:23:9a:0a:87:89:dd:55:1b:f7:07:89:a0: f7:fe:77:8a -----BEGIN CERTIFICATE----- MIIE7zCCA9egAwIBAgIUCchKiuIn3e36JXepp0n85HBmUlswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNTA4MjcwNTQyNTZaFw0yNjA4MjYwNTQ3NTZaMDMxMTAvBgNV BAMTKENFRUI5RURBRDM2RUM4Rjg0MDIwQjBFMTJFMjFFNUY1M0IxREMyN0MwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGz9W5ERLW7nD/xF1XNI8Uebec klrx1exIbjb4ODeTahrfxA4vxZLYDtS5iyNvDuKB119ZYHn9EAdXcSLb+bYw4sHo LPLiZWvIr0p6hzwo79dzIfSoIKhpbYOFtiMkWMHEvkJue4bdxiuu4Qe+RXbkDq6N cA9O8X9kS+7dchdBnwUnwfiPqGuV3NXJlo0zrz0zf1UA/inPXYAKbMegJXIALaGR Wfrf7ILraHfd5HudZEwqge1stQidIYs+ZRclk9+sInueOO+l8sdmQINeIBKZsEBx 1a9Ux8Iici6M1UNHEkiBWj0H1VNnD/ZcoLUMhg9wdkeAaditFxDk/4XsjPT1AgMB AAGjggH5MIIB9TAdBgNVHQ4EFgQUzuue2tNuyPhAILDhLiHl9TsdwnwwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMzMTg5OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAIwJAMHACoF 38P2zgMHBCoF38P3YAMHACoKYERtAAMHACoPYoRB/zANBgkqhkiG9w0BAQsFAAOC AQEAX+xNAJNE7XcKPOWrnWgc+oWnMnCBQoJFCP9O3/c6DAKwbqqq1o2PG4ei35yu ywqkUIPgCkfqMDLfUV/fVTTy3Df1nsee+/eIeyczO3wnSHigTqu7WG7uR8ZgoKcQ u4cO6PZJvE2wH9RMAjP6+DgnQFEuq+FTHG4duoJDFxr886/8G5EllCZPqloczzlG wx8m0h4sRSv0sCqnZDY9oXzN1nKWuvyxjfKJmT4tqlLEaGwlFdG/5EonOJ2tEhV+ rB0WeIUwlT8PvGa52GCgg/aGM0llz30fP9eQvZGB4bL5J1LhaIVMQybvT6ZbJFQw borOI5oKh4ndVRv3B4mg9/53ig== -----END CERTIFICATE-----Generated at Wed Oct 8 17:35:51 2025 by rpki-client