Route Origin Authorization

$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS199243.roa
File:                     AS199243.roa (raw, json)
Hash identifier:          tv6ZW3TFrrG3daqVPiturEAOnzi6qyqiVzG/gpAw4AA=
Subject key identifier:   0E:55:9F:3B:88:E4:5D:1D:4C:12:54:A4:BC:53:90:5C:CF:EC:5B:CB
Certificate issuer:       /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial:       7E7A136FBD6C37571315959DD70F7D4EAB7C5277
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access:      rsync://krill.47272.net/repo/HYEHOST/5/AS199243.roa
Signing time:             Sat 11 Apr 2026 10:12:21 +0000
ROA not before:           Sat 11 Apr 2026 10:07:21 +0000
ROA not after:            Sat 10 Apr 2027 10:12:21 +0000
asID:                     199243
IP address blocks:        2a0f:6284:3500::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 16 Apr 2026 18:48:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:7a:13:6f:bd:6c:37:57:13:15:95:9d:d7:0f:7d:4e:ab:7c:52:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
        Validity
            Not Before: Apr 11 10:07:21 2026 GMT
            Not After : Apr 10 10:12:21 2027 GMT
        Subject: CN=0E559F3B88E45D1D4C1254A4BC53905CCFEC5BCB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:54:7a:71:1d:ca:e9:d9:e2:8c:6f:7f:f8:c0:
                    00:51:ba:45:0b:fb:b0:9f:05:77:a6:19:94:70:0c:
                    c5:75:7c:82:c5:b3:04:05:0c:52:2c:f9:17:60:54:
                    12:10:ef:7d:3a:0e:d2:1b:e4:cd:7b:81:78:d3:d7:
                    a3:3a:8c:14:93:d5:45:49:66:82:79:99:d2:de:7a:
                    9f:2e:39:33:ca:57:a7:16:47:43:76:fd:e1:0f:31:
                    d5:43:c6:cf:19:68:04:4d:a8:fc:ba:03:2f:8e:16:
                    58:a2:10:95:f9:5b:aa:c3:91:83:38:81:8e:4f:1c:
                    9e:d6:33:66:a4:dd:74:ab:14:63:8e:e3:84:16:0d:
                    3a:f7:7d:6f:45:3e:1c:d5:44:22:98:ba:02:5f:23:
                    76:f1:97:cc:60:54:a0:a0:af:96:52:6e:45:21:1c:
                    78:b3:80:56:bf:aa:c0:50:85:10:a7:ff:f2:1e:bd:
                    b7:d6:c3:a0:59:26:a0:95:07:8c:4a:05:88:1a:f7:
                    c7:57:df:bd:71:e0:27:b8:99:ff:e3:5b:0d:cf:49:
                    56:c5:2a:46:68:17:f3:07:d6:e5:2e:9b:3c:c0:9c:
                    1f:cd:03:85:e5:dd:b5:84:fe:50:45:ae:ad:7b:87:
                    14:c4:39:1e:4d:05:89:26:54:e9:0a:ee:ad:4e:b4:
                    c0:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:55:9F:3B:88:E4:5D:1D:4C:12:54:A4:BC:53:90:5C:CF:EC:5B:CB
            X509v3 Authority Key Identifier:
                keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS199243.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:6284:3500::/40

    Signature Algorithm: sha256WithRSAEncryption
         60:19:79:ce:54:e8:4d:15:55:02:e8:7a:98:99:82:96:c1:c0:
         5c:d4:77:34:41:a8:46:d6:45:ac:af:5e:47:d2:af:4f:12:82:
         97:c1:cd:60:b1:d8:5b:b5:40:75:41:14:da:a7:04:21:c1:25:
         b0:1e:93:51:ef:47:d5:4a:54:7d:15:e1:bb:a4:4b:06:97:31:
         5b:20:a5:05:e3:a8:83:1d:d2:f3:c4:2a:e1:f4:46:15:c9:53:
         77:47:f4:00:1c:1e:e4:3d:c8:dc:e6:e6:39:0b:75:f3:f3:cc:
         94:09:b9:af:7e:5f:0c:29:d9:72:2f:76:43:11:71:d4:26:15:
         88:87:d3:03:69:f5:81:c3:fa:4d:ff:00:4a:4a:d6:ff:93:1a:
         6a:4c:81:7b:fc:72:03:61:8f:ac:77:bf:cf:0d:fe:ee:69:f7:
         0f:34:72:de:e8:3b:c0:86:34:fd:a8:05:57:31:dd:b1:db:68:
         b3:61:58:33:f4:e9:b3:87:b1:4f:f6:0c:7c:71:f2:10:06:20:
         de:3a:34:3f:f3:3a:57:49:c8:36:5a:23:26:e8:a9:56:26:33:
         ed:0b:97:2c:7a:03:ce:1e:38:2a:26:27:86:ec:db:e2:42:0a:
         de:c6:20:4a:12:68:98:ca:7b:51:5e:15:10:a2:09:13:18:de:
         9d:cf:52:4c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIUfnoTb71sN1cTFZWd1w99Tqt8UncwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNjA0MTExMDA3MjFaFw0yNzA0MTAxMDEyMjFaMDMxMTAvBgNV
BAMTKDBFNTU5RjNCODhFNDVEMUQ0QzEyNTRBNEJDNTM5MDVDQ0ZFQzVCQ0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYVHpxHcrp2eKMb3/4wABRukUL
+7CfBXemGZRwDMV1fILFswQFDFIs+RdgVBIQ7306DtIb5M17gXjT16M6jBST1UVJ
ZoJ5mdLeep8uOTPKV6cWR0N2/eEPMdVDxs8ZaARNqPy6Ay+OFliiEJX5W6rDkYM4
gY5PHJ7WM2ak3XSrFGOO44QWDTr3fW9FPhzVRCKYugJfI3bxl8xgVKCgr5ZSbkUh
HHizgFa/qsBQhRCn//IevbfWw6BZJqCVB4xKBYga98dX371x4Ce4mf/jWw3PSVbF
KkZoF/MH1uUumzzAnB/NA4Xl3bWE/lBFrq17hxTEOR5NBYkmVOkK7q1OtMBRAgMB
AAGjggHeMIIB2jAdBgNVHQ4EFgQUDlWfO4jkXR1MElSkvFOQXM/sW8swHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMxOTkyNDMucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAq
D2KENTANBgkqhkiG9w0BAQsFAAOCAQEAYBl5zlToTRVVAuh6mJmClsHAXNR3NEGo
RtZFrK9eR9KvTxKCl8HNYLHYW7VAdUEU2qcEIcElsB6TUe9H1UpUfRXhu6RLBpcx
WyClBeOogx3S88Qq4fRGFclTd0f0ABwe5D3I3ObmOQt18/PMlAm5r35fDCnZci92
QxFx1CYViIfTA2n1gcP6Tf8ASkrW/5MaakyBe/xyA2GPrHe/zw3+7mn3DzRy3ug7
wIY0/agFVzHdsdtos2FYM/Tps4exT/YMfHHyEAYg3jo0P/M6V0nINlojJuipViYz
7QuXLHoDzh44KiYnhuzb4kIK3sYgShJomMp7UV4VEKIJExjenc9STA==
-----END CERTIFICATE-----