Route Origin Authorization

$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS200954.roa
File:                     AS200954.roa (raw, json)
Hash identifier:          uHxEBH4xb8tztrkv9HcRSa6HndhYvHXQe8p9SBZmLHo=
Subject key identifier:   90:A9:0A:E9:AC:CF:55:1C:41:14:78:29:35:37:57:26:5B:29:75:40
Certificate issuer:       /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial:       19B0381C8B1B53B4B97DCAE37F1DAB99CCB290DE
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access:      rsync://krill.47272.net/repo/HYEHOST/5/AS200954.roa
Signing time:             Mon 16 Feb 2026 10:44:14 +0000
ROA not before:           Mon 16 Feb 2026 10:39:14 +0000
ROA not after:            Mon 15 Feb 2027 10:44:14 +0000
asID:                     200954
IP address blocks:        2a0f:6282:1f00::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 23 Feb 2026 19:39:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:b0:38:1c:8b:1b:53:b4:b9:7d:ca:e3:7f:1d:ab:99:cc:b2:90:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
        Validity
            Not Before: Feb 16 10:39:14 2026 GMT
            Not After : Feb 15 10:44:14 2027 GMT
        Subject: CN=90A90AE9ACCF551C41147829353757265B297540
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:ec:10:0c:0f:b6:45:d4:12:df:9b:82:4d:d8:
                    df:5f:3c:f3:1f:fc:c8:53:e5:55:dd:cc:ad:fe:d8:
                    5a:34:93:6c:50:59:c2:a4:1c:dd:5e:ba:1c:45:7d:
                    b7:58:da:f9:e4:86:bb:16:38:2c:54:44:95:5a:38:
                    f8:1b:05:ce:da:7f:f8:05:56:f2:b6:c4:05:8b:af:
                    9d:27:b0:35:5f:1e:99:13:33:72:4b:b9:2f:bc:c6:
                    21:ea:04:c9:15:ac:36:2e:ab:8a:60:c9:f1:e2:7a:
                    31:8b:57:34:36:c3:bd:fc:0b:a9:85:b1:21:65:1d:
                    7c:17:1a:0e:fb:52:e6:51:79:e3:c5:5a:b7:0f:c1:
                    4d:c4:a4:f3:44:10:db:20:82:1f:e6:f8:d2:57:91:
                    c6:50:40:c8:7e:4e:5f:6b:ea:8d:47:85:e3:87:6d:
                    7f:6d:e7:67:18:27:c8:20:46:f9:62:41:4f:f7:df:
                    27:b8:e3:0e:34:0c:dd:0f:83:03:13:c2:83:a8:1f:
                    7b:30:96:67:a2:5e:c2:b4:3d:94:1e:e7:d9:86:62:
                    44:c1:04:ff:73:1c:84:63:34:53:11:ae:c0:38:2c:
                    81:aa:89:1c:46:1f:42:42:4a:13:01:8c:8d:d6:45:
                    b1:22:52:7f:67:28:b8:69:11:06:51:a4:95:5b:5f:
                    ac:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:A9:0A:E9:AC:CF:55:1C:41:14:78:29:35:37:57:26:5B:29:75:40
            X509v3 Authority Key Identifier:
                keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS200954.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:6282:1f00::/40

    Signature Algorithm: sha256WithRSAEncryption
         78:70:50:20:35:42:70:61:8c:a2:0b:7d:f9:95:fd:de:d4:6f:
         1f:96:12:04:e8:27:5f:19:87:73:7b:84:d5:1c:31:9a:36:12:
         a0:b0:68:99:19:4f:fd:3e:87:23:e9:ea:86:21:87:74:83:bf:
         c3:47:ef:00:84:ff:66:6b:d7:b4:92:f8:62:68:b5:e4:8c:69:
         a1:1c:09:a1:5c:f5:66:a7:aa:84:de:df:3b:d8:a3:36:b6:0a:
         b4:25:8a:2b:a7:14:12:78:64:b3:2c:4e:ca:d7:e9:91:ee:64:
         8a:70:08:32:ec:fe:d8:05:1a:08:00:d3:05:59:03:f0:56:e6:
         af:6d:5b:86:28:2c:a0:b1:80:a8:03:e1:7d:22:00:0b:00:e2:
         77:fc:65:26:19:84:f8:60:e1:22:24:84:4e:a1:ae:76:d6:e7:
         77:bd:3a:0c:12:3a:57:d5:76:b3:17:b3:98:db:82:67:6b:c0:
         2e:e2:7f:49:d0:a4:f7:de:2e:9f:f0:d9:1e:45:50:31:01:0a:
         10:1a:09:93:aa:ad:7c:88:c1:6d:9a:1a:04:85:66:b0:c1:47:
         1f:eb:f9:29:2f:5d:80:07:57:0d:bc:ca:43:b8:57:e2:28:cb:
         88:88:e6:66:61:d4:67:64:d5:4a:5e:56:5b:36:c4:89:3d:8d:
         cc:3d:2e:ee
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIUGbA4HIsbU7S5fcrjfx2rmcyykN4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNjAyMTYxMDM5MTRaFw0yNzAyMTUxMDQ0MTRaMDMxMTAvBgNV
BAMTKDkwQTkwQUU5QUNDRjU1MUM0MTE0NzgyOTM1Mzc1NzI2NUIyOTc1NDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC97BAMD7ZF1BLfm4JN2N9fPPMf
/MhT5VXdzK3+2Fo0k2xQWcKkHN1euhxFfbdY2vnkhrsWOCxURJVaOPgbBc7af/gF
VvK2xAWLr50nsDVfHpkTM3JLuS+8xiHqBMkVrDYuq4pgyfHiejGLVzQ2w738C6mF
sSFlHXwXGg77UuZReePFWrcPwU3EpPNEENsggh/m+NJXkcZQQMh+Tl9r6o1HheOH
bX9t52cYJ8ggRvliQU/33ye44w40DN0PgwMTwoOoH3swlmeiXsK0PZQe59mGYkTB
BP9zHIRjNFMRrsA4LIGqiRxGH0JCShMBjI3WRbEiUn9nKLhpEQZRpJVbX6yVAgMB
AAGjggHeMIIB2jAdBgNVHQ4EFgQUkKkK6azPVRxBFHgpNTdXJlspdUAwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMDA5NTQucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAq
D2KCHzANBgkqhkiG9w0BAQsFAAOCAQEAeHBQIDVCcGGMogt9+ZX93tRvH5YSBOgn
XxmHc3uE1RwxmjYSoLBomRlP/T6HI+nqhiGHdIO/w0fvAIT/ZmvXtJL4Ymi15Ixp
oRwJoVz1ZqeqhN7fO9ijNrYKtCWKK6cUEnhksyxOytfpke5kinAIMuz+2AUaCADT
BVkD8Fbmr21bhigsoLGAqAPhfSIACwDid/xlJhmE+GDhIiSETqGudtbnd706DBI6
V9V2sxezmNuCZ2vALuJ/SdCk994un/DZHkVQMQEKEBoJk6qtfIjBbZoaBIVmsMFH
H+v5KS9dgAdXDbzKQ7hX4ijLiIjmZmHUZ2TVSl5WWzbEiT2NzD0u7g==
-----END CERTIFICATE-----