Route Origin Authorization

$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS14618.roa
File:                     AS14618.roa (raw, json)
Hash identifier:          gWHZP1JkFtz4WEYvWYD5WW0PV43VDPnfQStVI6Vx1SU=
Subject key identifier:   D3:5D:3F:34:F0:0A:B9:FE:9D:01:5E:9B:15:37:AF:EE:2B:97:F9:8D
Certificate issuer:       /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial:       4ABC1B25047F5866F08E54A71DAF020A6D10A0EE
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access:      rsync://krill.47272.net/repo/HYEHOST/5/AS14618.roa
Signing time:             Sun 28 Jun 2026 18:56:56 +0000
ROA not before:           Sun 28 Jun 2026 18:51:56 +0000
ROA not after:            Sun 27 Jun 2027 18:56:56 +0000
asID:                     14618
IP address blocks:        2a05:dfc3:f740::/44 maxlen: 44
                          2a05:dfc3:f750::/44 maxlen: 48
                          2a0f:6284:4c00::/44 maxlen: 48
                          2a0f:6284:4c50::/44 maxlen: 48
                          2a0f:6284:4c60::/44 maxlen: 48
                          2a0f:6284:4c70::/44 maxlen: 48
                          2a0f:6284:4c80::/44 maxlen: 48
                          2a0f:6284:4c90::/44 maxlen: 48
                          2a0f:6284:4cd0::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 11 Jul 2026 08:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:bc:1b:25:04:7f:58:66:f0:8e:54:a7:1d:af:02:0a:6d:10:a0:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
        Validity
            Not Before: Jun 28 18:51:56 2026 GMT
            Not After : Jun 27 18:56:56 2027 GMT
        Subject: CN=D35D3F34F00AB9FE9D015E9B1537AFEE2B97F98D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:62:46:b9:5b:ee:e3:6b:17:3b:51:13:24:d2:
                    79:73:f0:0c:b0:11:31:22:e5:b3:56:e1:d4:1a:40:
                    03:cc:4a:e0:3f:69:b8:89:fe:50:87:e3:41:6e:97:
                    4e:52:78:df:cf:4f:e2:ff:a7:51:76:a2:74:ec:1e:
                    e2:ce:f8:e7:12:ca:ea:5f:03:2d:1e:29:be:7e:74:
                    37:2a:60:40:c9:a5:b3:c1:d1:51:8e:6d:30:1b:f7:
                    54:ec:85:b3:b3:cb:c0:d2:bb:07:39:89:55:76:0d:
                    55:b9:22:3b:e0:bf:7d:75:69:d2:9f:23:b8:85:81:
                    08:31:d8:ee:75:c9:09:cc:58:a4:fe:44:7d:da:54:
                    99:dd:b8:08:7b:91:5c:e0:78:e4:75:03:6a:fb:7d:
                    80:5c:28:41:e3:28:74:c0:41:f8:d4:60:ab:5c:21:
                    b1:2b:6b:17:df:99:b3:41:ed:16:01:e6:c6:4d:6e:
                    bb:50:76:44:4b:9e:ce:99:e7:00:ac:ca:d0:b8:27:
                    cf:3f:14:24:1f:d0:27:5a:19:9f:b0:28:65:17:32:
                    51:60:1c:fb:b1:57:39:b0:85:71:12:11:76:29:f3:
                    c4:d1:42:46:ad:22:61:a9:b3:be:0d:65:b3:0f:6d:
                    d3:b9:e5:cb:c5:3f:cf:02:fe:a4:b7:4c:7a:cc:bb:
                    00:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:5D:3F:34:F0:0A:B9:FE:9D:01:5E:9B:15:37:AF:EE:2B:97:F9:8D
            X509v3 Authority Key Identifier:
                keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS14618.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc3:f740::/43
                  2a0f:6284:4c00::/44
                  2a0f:6284:4c50::-2a0f:6284:4c9f:ffff:ffff:ffff:ffff:ffff
                  2a0f:6284:4cd0::/44

    Signature Algorithm: sha256WithRSAEncryption
         52:61:4c:1c:68:fe:5a:ba:2c:60:4d:c0:8c:fb:62:1c:3d:cd:
         cb:84:e8:cd:8f:25:3c:1f:ef:36:b6:b3:e9:96:dc:b6:1f:d5:
         fa:84:9a:fd:42:15:0e:d6:36:da:4f:98:af:ad:55:43:b4:b0:
         2a:d5:55:30:4e:ec:0a:39:b1:0d:50:53:9d:ab:93:fd:ea:90:
         dd:9f:d1:31:dd:95:3a:86:5d:41:ea:66:1c:a1:19:59:06:73:
         2f:97:1e:60:46:1d:f4:e4:5c:b4:6e:ce:d5:4c:16:39:b1:58:
         22:5d:7a:6c:dc:fe:5c:02:71:c5:d3:00:7a:8d:7f:b4:c4:18:
         43:cc:ce:c4:46:34:20:5f:fc:25:73:e9:33:25:1f:62:0e:44:
         a6:dc:7d:05:e2:ef:f6:89:7c:02:e5:ef:8c:a7:68:60:e5:47:
         db:1e:9c:1f:69:0c:2e:b7:b9:f4:c9:5f:bc:69:8e:e0:ad:1b:
         03:1c:a6:9e:b3:f3:5e:11:b0:7b:a7:3f:49:1c:46:f2:97:da:
         4f:49:75:97:00:0f:4b:b8:11:36:10:14:00:0d:f8:dc:e7:63:
         ec:4a:40:1c:57:b1:71:ac:65:a4:10:00:9d:81:bb:7c:0f:4a:
         09:84:93:60:be:ed:0d:2e:50:6b:cc:5b:03:a0:2c:26:b9:0d:
         f1:03:93:65
-----BEGIN CERTIFICATE-----
MIIE+jCCA+KgAwIBAgIUSrwbJQR/WGbwjlSnHa8CCm0QoO4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNjA2MjgxODUxNTZaFw0yNzA2MjcxODU2NTZaMDMxMTAvBgNV
BAMTKEQzNUQzRjM0RjAwQUI5RkU5RDAxNUU5QjE1MzdBRkVFMkI5N0Y5OEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcYka5W+7jaxc7URMk0nlz8Ayw
ETEi5bNW4dQaQAPMSuA/abiJ/lCH40Ful05SeN/PT+L/p1F2onTsHuLO+OcSyupf
Ay0eKb5+dDcqYEDJpbPB0VGObTAb91TshbOzy8DSuwc5iVV2DVW5Ijvgv311adKf
I7iFgQgx2O51yQnMWKT+RH3aVJnduAh7kVzgeOR1A2r7fYBcKEHjKHTAQfjUYKtc
IbEraxffmbNB7RYB5sZNbrtQdkRLns6Z5wCsytC4J88/FCQf0CdaGZ+wKGUXMlFg
HPuxVzmwhXESEXYp88TRQkatImGps74NZbMPbdO55cvFP88C/qS3THrMuwCDAgMB
AAGjggIEMIICADAdBgNVHQ4EFgQU010/NPAKuf6dAV6bFTev7iuX+Y0wHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMxNDYxOC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjBIBggrBgEFBQcBBwEB/wQ5MDcwNQQCAAIwLwMHBSoF
38P3QAMHBCoPYoRMADASAwcEKg9ihExQAwcFKg9ihEyAAwcEKg9ihEzQMA0GCSqG
SIb3DQEBCwUAA4IBAQBSYUwcaP5auixgTcCM+2IcPc3LhOjNjyU8H+82trPplty2
H9X6hJr9QhUO1jbaT5ivrVVDtLAq1VUwTuwKObENUFOdq5P96pDdn9Ex3ZU6hl1B
6mYcoRlZBnMvlx5gRh305Fy0bs7VTBY5sVgiXXps3P5cAnHF0wB6jX+0xBhDzM7E
RjQgX/wlc+kzJR9iDkSm3H0F4u/2iXwC5e+Mp2hg5UfbHpwfaQwut7n0yV+8aY7g
rRsDHKaes/NeEbB7pz9JHEbyl9pPSXWXAA9LuBE2EBQADfjc52PsSkAcV7FxrGWk
EACdgbt8D0oJhJNgvu0NLlBrzFsDoCwmuQ3xA5Nl
-----END CERTIFICATE-----
Generated at Fri Jul 10 16:12:45 2026 by rpki-client