Route Origin Authorization

$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS216052.roa
File:                     AS216052.roa (raw, json)
Hash identifier:          jYORC2QpHb7z2EGoHnVWLEQbMc9jtDEOSd36yhI8TYU=
Subject key identifier:   B2:D2:4D:31:B5:6B:6C:70:73:EF:17:0C:CF:28:F4:FA:97:C7:26:38
Certificate issuer:       /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial:       5F4F3101159AB5702DC93087B156E5C0236BA7FA
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access:      rsync://krill.47272.net/repo/HYEHOST/5/AS216052.roa
Signing time:             Sun 28 Jun 2026 18:58:20 +0000
ROA not before:           Sun 28 Jun 2026 18:53:20 +0000
ROA not after:            Sun 27 Jun 2027 18:58:20 +0000
asID:                     216052
IP address blocks:        2a0a:6044:a900::/40 maxlen: 48
                          2a0a:6044:ac00::/44 maxlen: 44
Validation:               OK
Signature path:           rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 11 Jul 2026 08:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:4f:31:01:15:9a:b5:70:2d:c9:30:87:b1:56:e5:c0:23:6b:a7:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
        Validity
            Not Before: Jun 28 18:53:20 2026 GMT
            Not After : Jun 27 18:58:20 2027 GMT
        Subject: CN=B2D24D31B56B6C7073EF170CCF28F4FA97C72638
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:4b:34:1f:66:78:4b:4a:33:57:c8:66:06:71:
                    03:94:ba:c9:dd:53:fc:73:b7:b5:1e:38:e1:f5:eb:
                    45:38:0b:bd:c9:c1:70:67:8a:36:69:c6:39:40:c9:
                    a5:11:63:db:a8:73:3c:31:6e:ca:8f:d3:58:40:be:
                    27:52:f9:6b:da:f0:22:c5:1a:3d:d0:fc:56:78:aa:
                    a3:bd:45:78:45:c8:98:ad:00:45:60:dc:36:0d:8c:
                    64:5c:01:41:4a:81:e3:0c:32:12:43:aa:8f:4f:8d:
                    67:ed:5b:e1:a7:94:2e:9b:f1:2c:ca:3e:ef:e5:2e:
                    09:b5:5d:3e:cc:e1:63:dc:62:b2:07:5a:0d:7c:b2:
                    e8:b0:4a:6f:d5:5d:a3:86:df:c8:fa:63:6c:50:03:
                    92:4f:64:36:4a:09:96:26:3c:71:7f:6f:dc:78:a1:
                    16:09:ac:ff:8c:f3:70:93:11:4f:ac:b3:14:0e:a0:
                    2f:7a:9e:cd:50:68:01:4a:d2:f9:72:7d:9f:c9:ec:
                    12:8c:11:5f:5f:a8:cc:19:96:24:30:7a:89:99:98:
                    cd:d5:ea:31:34:c5:1f:88:a6:16:e9:f3:0b:5d:28:
                    a1:3d:76:ea:5f:0c:5c:7e:b4:7a:26:6f:e4:ea:2c:
                    73:be:1e:47:2a:b9:d7:e2:a6:fc:06:74:aa:c0:1b:
                    81:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:D2:4D:31:B5:6B:6C:70:73:EF:17:0C:CF:28:F4:FA:97:C7:26:38
            X509v3 Authority Key Identifier:
                keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS216052.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:a900::/40
                  2a0a:6044:ac00::/44

    Signature Algorithm: sha256WithRSAEncryption
         22:b5:c4:51:e9:31:46:16:5a:d2:22:59:9f:18:6f:99:2a:70:
         97:32:43:fd:c1:3c:3b:08:c9:81:03:cc:4d:c6:49:98:f4:76:
         b0:1b:71:a6:8e:5b:3f:e3:a2:6d:87:fa:72:4d:88:b2:ad:f1:
         9c:83:21:ec:b7:20:6f:03:3b:7b:db:c5:f0:e5:e6:6e:be:7e:
         85:3f:44:be:ef:b1:f5:9c:cb:81:34:a3:ed:7f:d4:78:48:47:
         13:18:13:b1:7a:6a:f1:bd:f9:d8:0a:85:c4:dc:14:1d:e5:73:
         04:f9:56:44:31:3e:10:01:67:26:59:cb:11:63:91:47:65:f8:
         34:da:40:85:ef:85:3d:b9:0a:cb:d7:ce:d5:e4:cb:67:bf:31:
         17:c6:57:76:3c:4d:f1:84:10:52:45:b0:d4:43:f9:af:81:08:
         c8:b2:72:97:eb:d6:4e:94:98:2e:1e:2c:d3:ba:c3:86:08:1b:
         9d:c0:d2:bc:e2:0b:5b:4d:87:b6:d1:b6:ec:b9:df:ab:07:5e:
         f1:2f:d9:5d:b3:e5:09:1b:eb:d1:60:cb:83:5b:2c:89:34:93:
         65:f6:7a:65:ae:58:d5:48:55:22:b4:6a:30:88:3c:ca:a1:4f:
         60:08:73:cd:cd:b8:5c:cc:e1:c4:f1:4a:4f:bb:99:f5:62:e0:
         38:38:d1:41
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUX08xARWatXAtyTCHsVblwCNrp/owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNjA2MjgxODUzMjBaFw0yNzA2MjcxODU4MjBaMDMxMTAvBgNV
BAMTKEIyRDI0RDMxQjU2QjZDNzA3M0VGMTcwQ0NGMjhGNEZBOTdDNzI2MzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCMSzQfZnhLSjNXyGYGcQOUusnd
U/xzt7UeOOH160U4C73JwXBnijZpxjlAyaURY9uoczwxbsqP01hAvidS+Wva8CLF
Gj3Q/FZ4qqO9RXhFyJitAEVg3DYNjGRcAUFKgeMMMhJDqo9PjWftW+GnlC6b8SzK
Pu/lLgm1XT7M4WPcYrIHWg18suiwSm/VXaOG38j6Y2xQA5JPZDZKCZYmPHF/b9x4
oRYJrP+M83CTEU+ssxQOoC96ns1QaAFK0vlyfZ/J7BKMEV9fqMwZliQweomZmM3V
6jE0xR+Iphbp8wtdKKE9dupfDFx+tHomb+TqLHO+HkcqudfipvwGdKrAG4GHAgMB
AAGjggHnMIIB4zAdBgNVHQ4EFgQUstJNMbVrbHBz7xcMzyj0+pfHJjgwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMTYwNTIucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwKgYIKwYBBQUHAQcBAf8EGzAZMBcEAgACMBEDBgAq
CmBEqQMHBCoKYESsADANBgkqhkiG9w0BAQsFAAOCAQEAIrXEUekxRhZa0iJZnxhv
mSpwlzJD/cE8OwjJgQPMTcZJmPR2sBtxpo5bP+OibYf6ck2Isq3xnIMh7LcgbwM7
e9vF8OXmbr5+hT9Evu+x9ZzLgTSj7X/UeEhHExgTsXpq8b352AqFxNwUHeVzBPlW
RDE+EAFnJlnLEWORR2X4NNpAhe+FPbkKy9fO1eTLZ78xF8ZXdjxN8YQQUkWw1EP5
r4EIyLJyl+vWTpSYLh4s07rDhggbncDSvOILW02HttG27Lnfqwde8S/ZXbPlCRvr
0WDLg1ssiTSTZfZ6Za5Y1UhVIrRqMIg8yqFPYAhzzc24XMzhxPFKT7uZ9WLgODjR
QQ==
-----END CERTIFICATE-----
Generated at Fri Jul 10 16:14:55 2026 by rpki-client