$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS49867.roa File: AS49867.roa (raw, json) Hash identifier: ltvK9LemI3L/tiTP041frU8Vus3ybW8CLQ78riHyx1g= Subject key identifier: 6A:51:70:0D:15:7F:95:29:24:D0:A6:2C:47:6B:30:BF:0C:48:A7:01 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 285DBBEA6526B88EE8B61B184032B47645BB9FBE Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS49867.roa Signing time: Thu 03 Jul 2025 15:53:09 +0000 ROA not before: Thu 03 Jul 2025 15:48:09 +0000 ROA not after: Thu 02 Jul 2026 15:53:09 +0000 asID: 49867 IP address blocks: 2a05:dfc3:f400::/40 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Jul 2025 17:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:5d:bb:ea:65:26:b8:8e:e8:b6:1b:18:40:32:b4:76:45:bb:9f:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Jul 3 15:48:09 2025 GMT Not After : Jul 2 15:53:09 2026 GMT Subject: CN=6A51700D157F952924D0A62C476B30BF0C48A701 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:93:df:06:94:36:83:f4:ff:6c:bc:bc:2a:00: be:15:86:f7:3e:e0:22:7e:56:be:42:fa:e7:68:f2: f1:5e:69:8e:7d:bb:a0:26:56:7b:5f:4a:52:7e:ec: 5c:02:2b:7b:f6:ae:4e:a0:ed:b4:87:47:85:a8:f1: 87:3d:d1:99:f5:c7:5b:a7:8a:77:23:1f:06:36:5f: d4:92:1e:84:a6:7c:41:64:26:c3:96:24:e4:c0:ef: 5a:f8:a4:72:84:75:6c:b9:9e:88:97:81:c5:78:b9: bd:be:7b:60:18:88:18:37:b3:9d:d8:dd:14:36:f4: af:a3:89:20:5a:78:1c:09:4d:2a:d7:fe:32:1b:cc: 03:ae:d2:17:6b:93:37:a7:45:79:04:80:61:a6:ca: 43:0a:db:6e:df:56:4e:a5:80:ed:25:5f:2b:b6:ae: 4d:e5:99:7b:4c:44:31:73:b4:b9:f6:07:26:75:2f: e1:ac:08:2e:fb:a6:a9:91:4e:8f:03:26:e0:4b:2c: 3b:b6:5b:12:64:52:38:b5:0e:b8:66:01:94:d1:c1: f6:27:98:df:b6:4f:c4:eb:63:65:b5:43:23:3b:88: d7:82:73:58:49:db:e6:2f:e0:dd:30:84:cb:96:9a: 3b:23:ad:ea:79:4d:fd:51:78:f6:42:9c:a4:16:18: 7e:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:51:70:0D:15:7F:95:29:24:D0:A6:2C:47:6B:30:BF:0C:48:A7:01 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS49867.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc3:f400::/40 Signature Algorithm: sha256WithRSAEncryption 81:fd:6b:de:1f:dd:85:f1:85:30:bb:6a:e6:c2:4a:a0:83:d6: a4:be:0d:26:8f:35:46:39:d3:91:d9:6b:c2:14:59:5c:73:5b: 61:e1:ef:a9:c6:e1:92:95:f3:f4:70:fe:cc:b1:f2:4e:db:7b: 76:13:6b:dc:c1:91:37:39:5e:d8:d9:3c:33:2f:7a:be:15:5b: 06:da:1f:30:f7:83:ff:bd:d4:a4:2e:cf:53:29:50:71:df:42: d3:38:a6:47:cf:d4:6d:1e:9c:db:61:8f:0d:9e:24:f9:56:ba: 97:1c:69:0a:a6:b7:61:a2:89:ed:76:5b:2f:2d:fd:1d:9a:1a: 28:66:0c:10:86:18:17:53:38:0b:20:e4:b4:2c:41:ba:3a:9a: 1d:43:bf:ab:ea:aa:27:86:d6:fc:07:4d:9c:6a:31:29:44:6a: d2:50:5a:c1:ae:41:7f:15:37:86:42:08:67:be:b6:35:4a:a9: 48:17:a4:59:0e:d1:42:4d:46:3f:e1:83:31:dc:f5:bb:b1:d0: 76:59:2d:9e:e7:8f:23:aa:c1:cf:16:fe:6a:04:1e:f8:fa:f9: 15:fe:34:61:38:31:89:d7:64:36:78:78:fd:f7:18:2a:0c:78: 7f:dd:fa:80:c9:b9:93:05:5b:6b:4f:c9:28:a3:37:ec:2e:bd: 69:95:26:08 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgIUKF276mUmuI7othsYQDK0dkW7n74wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNTA3MDMxNTQ4MDlaFw0yNjA3MDIxNTUzMDlaMDMxMTAvBgNV BAMTKDZBNTE3MDBEMTU3Rjk1MjkyNEQwQTYyQzQ3NkIzMEJGMEM0OEE3MDEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6k98GlDaD9P9svLwqAL4Vhvc+ 4CJ+Vr5C+udo8vFeaY59u6AmVntfSlJ+7FwCK3v2rk6g7bSHR4Wo8Yc90Zn1x1un incjHwY2X9SSHoSmfEFkJsOWJOTA71r4pHKEdWy5noiXgcV4ub2+e2AYiBg3s53Y 3RQ29K+jiSBaeBwJTSrX/jIbzAOu0hdrkzenRXkEgGGmykMK227fVk6lgO0lXyu2 rk3lmXtMRDFztLn2ByZ1L+GsCC77pqmRTo8DJuBLLDu2WxJkUji1DrhmAZTRwfYn mN+2T8TrY2W1QyM7iNeCc1hJ2+Yv4N0whMuWmjsjrep5Tf1RePZCnKQWGH4xAgMB AAGjggHdMIIB2TAdBgNVHQ4EFgQUalFwDRV/lSkk0KYsR2swvwxIpwEwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVM0OTg2Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF 38P0MA0GCSqGSIb3DQEBCwUAA4IBAQCB/WveH92F8YUwu2rmwkqgg9akvg0mjzVG OdOR2WvCFFlcc1th4e+pxuGSlfP0cP7MsfJO23t2E2vcwZE3OV7Y2TwzL3q+FVsG 2h8w94P/vdSkLs9TKVBx30LTOKZHz9RtHpzbYY8NniT5VrqXHGkKprdhoontdlsv Lf0dmhooZgwQhhgXUzgLIOS0LEG6OpodQ7+r6qonhtb8B02cajEpRGrSUFrBrkF/ FTeGQghnvrY1SqlIF6RZDtFCTUY/4YMx3PW7sdB2WS2e548jqsHPFv5qBB74+vkV /jRhODGJ12Q2eHj99xgqDHh/3fqAybmTBVtrT8koozfsLr1plSYI -----END CERTIFICATE-----Generated at Sat Jul 5 02:09:32 2025 by rpki-client