$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS57974.roa File: AS57974.roa (raw, json) Hash identifier: kCxk85bCLjPUHXdrMhMWVHmxROIej7VmGLst0UBBLGs= Subject key identifier: 09:97:52:5F:20:C8:BC:BA:F6:16:73:84:E8:DF:93:8B:BD:46:B5:23 Certificate issuer: /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Certificate serial: 2446905FF12D7A21FCC2299CDC508C6238564603 Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject info access: rsync://krill.47272.net/repo/HYEHOST/5/AS57974.roa Signing time: Mon 06 Oct 2025 01:53:37 +0000 ROA not before: Mon 06 Oct 2025 01:48:37 +0000 ROA not after: Mon 05 Oct 2026 01:53:37 +0000 asID: 57974 IP address blocks: 2a0f:6284:4218::/48 maxlen: 48 Validation: OK Signature path: rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 09 Oct 2025 03:37:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:46:90:5f:f1:2d:7a:21:fc:c2:29:9c:dc:50:8c:62:38:56:46:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7 Validity Not Before: Oct 6 01:48:37 2025 GMT Not After : Oct 5 01:53:37 2026 GMT Subject: CN=0997525F20C8BCBAF6167384E8DF938BBD46B523 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:32:ad:50:c0:82:48:3f:70:91:a7:a9:f5:ea: 66:48:25:53:8c:4d:df:d6:79:07:59:8e:72:48:b4: d3:76:0d:33:9e:3e:1e:b5:ab:c6:b9:d5:c0:86:4a: b1:59:86:c0:d6:33:79:62:9f:a9:ed:14:1f:f1:01: e9:58:7c:df:71:0e:aa:ce:b9:aa:36:ff:a0:12:92: 0e:83:d4:2b:4e:a9:ab:a0:a3:e8:af:dd:86:a0:01: 04:fc:3f:47:e9:3f:96:a8:44:55:98:d3:68:31:d7: 8b:5f:aa:73:54:ba:cf:1f:2b:01:53:a8:a7:2c:56: 67:12:eb:c9:8d:ce:71:d3:7d:54:d1:d2:85:73:ad: ad:57:9e:d6:1e:5d:a3:1c:23:7d:af:ad:cc:3e:51: 4c:9c:41:fb:5b:fa:bc:9a:6e:01:3b:73:1f:64:36: 07:7c:a6:38:58:21:ea:00:35:a5:29:3b:ff:07:5a: ba:51:32:d4:80:31:04:b1:68:38:6c:30:a5:fa:74: 7a:b1:26:20:20:49:80:11:68:cb:80:af:a2:c9:07: 3f:2c:1e:ee:4d:bb:b3:91:78:ca:05:6d:30:3a:ac: 03:d8:be:36:bd:36:7a:05:08:1a:ba:78:5d:a1:67: 6d:b7:43:e8:36:e0:3f:3e:ff:70:29:fe:7c:93:41: 72:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:97:52:5F:20:C8:BC:BA:F6:16:73:84:E8:DF:93:8B:BD:46:B5:23 X509v3 Authority Key Identifier: keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer Subject Information Access: Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS57974.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:6284:4218::/48 Signature Algorithm: sha256WithRSAEncryption 49:ef:d6:b7:9d:42:a9:75:02:ad:dc:66:b5:51:d0:60:6d:52: 7a:ef:7a:d8:dd:9b:7d:7d:d4:b3:4c:91:cf:32:e9:ac:f4:9a: ee:05:22:71:6e:93:32:47:89:85:53:79:c6:5b:75:a7:fc:00: a9:29:07:76:64:94:96:57:57:57:78:9c:05:99:20:6c:cf:70: 64:db:c8:c0:32:73:de:24:f4:57:d2:09:3b:fb:2d:76:91:71: ea:8e:ae:a8:0a:fd:63:fb:34:ca:76:91:6c:6f:58:61:7d:be: 62:69:a1:bc:86:eb:2c:b6:d7:01:85:f2:b1:7d:5f:0a:32:42: da:47:ea:46:ad:f4:4c:37:a7:d6:7c:26:6d:4b:4e:b8:98:b2: ad:b8:da:ec:bd:db:13:2f:27:68:8c:aa:d8:d7:e5:7c:10:db: 82:d8:ba:f0:d2:49:4a:4e:91:1a:53:01:12:03:03:77:75:c4: 65:42:7a:aa:10:1b:c7:d7:4d:4f:31:61:ba:0a:9e:d5:c7:7c: 19:18:82:bc:28:97:09:7f:34:90:cf:8d:7c:f9:09:4e:11:63: 42:45:23:0b:1f:f2:5f:34:60:65:cb:6a:30:6b:93:a2:33:fd: 3c:8c:3d:22:bf:97:68:79:27:b6:b1:c2:4d:bc:61:5c:fe:50: 47:ef:09:7d -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIUJEaQX/EteiH8wimc3FCMYjhWRgMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2 OTk1MUZENzAeFw0yNTEwMDYwMTQ4MzdaFw0yNjEwMDUwMTUzMzdaMDMxMTAvBgNV BAMTKDA5OTc1MjVGMjBDOEJDQkFGNjE2NzM4NEU4REY5MzhCQkQ0NkI1MjMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPMq1QwIJIP3CRp6n16mZIJVOM Td/WeQdZjnJItNN2DTOePh61q8a51cCGSrFZhsDWM3lin6ntFB/xAelYfN9xDqrO uao2/6ASkg6D1CtOqaugo+iv3YagAQT8P0fpP5aoRFWY02gx14tfqnNUus8fKwFT qKcsVmcS68mNznHTfVTR0oVzra1XntYeXaMcI32vrcw+UUycQftb+ryabgE7cx9k Ngd8pjhYIeoANaUpO/8HWrpRMtSAMQSxaDhsMKX6dHqxJiAgSYARaMuAr6LJBz8s Hu5Nu7OReMoFbTA6rAPYvja9NnoFCBq6eF2hZ223Q+g24D8+/3Ap/nyTQXLpAgMB AAGjggHeMIIB2jAdBgNVHQ4EFgQUCZdSXyDIvLr2FnOE6N+Ti71GtSMwHwYDVR0j BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5 MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVM1Nzk3NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoP YoRCGDANBgkqhkiG9w0BAQsFAAOCAQEASe/Wt51CqXUCrdxmtVHQYG1Seu962N2b fX3Us0yRzzLprPSa7gUicW6TMkeJhVN5xlt1p/wAqSkHdmSUlldXV3icBZkgbM9w ZNvIwDJz3iT0V9IJO/stdpFx6o6uqAr9Y/s0ynaRbG9YYX2+YmmhvIbrLLbXAYXy sX1fCjJC2kfqRq30TDen1nwmbUtOuJiyrbja7L3bEy8naIyq2NflfBDbgti68NJJ Sk6RGlMBEgMDd3XEZUJ6qhAbx9dNTzFhugqe1cd8GRiCvCiXCX80kM+NfPkJThFj QkUjCx/yXzRgZctqMGuTojP9PIw9Ir+XaHkntrHCTbxhXP5QR+8JfQ== -----END CERTIFICATE-----Generated at Wed Oct 8 17:40:37 2025 by rpki-client