Route Origin Authorization

$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS401818.roa
File:                     AS401818.roa (raw, json)
Hash identifier:          tpPQY9L5hG58/0c35sNOBoKnF/+eXMidrhW+r4eyAqs=
Subject key identifier:   7F:A4:46:94:40:4E:E2:9B:7E:72:2D:22:B2:59:C6:05:EE:35:A3:75
Certificate issuer:       /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial:       500CE59B598F7A0A638EDAE06FE04DCD95BAA30C
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access:      rsync://krill.47272.net/repo/HYEHOST/5/AS401818.roa
Signing time:             Sun 28 Jun 2026 18:55:55 +0000
ROA not before:           Sun 28 Jun 2026 18:50:55 +0000
ROA not after:            Sun 27 Jun 2027 18:55:55 +0000
asID:                     401818
IP address blocks:        2a0f:6284:8::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 11 Jul 2026 08:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:0c:e5:9b:59:8f:7a:0a:63:8e:da:e0:6f:e0:4d:cd:95:ba:a3:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
        Validity
            Not Before: Jun 28 18:50:55 2026 GMT
            Not After : Jun 27 18:55:55 2027 GMT
        Subject: CN=7FA44694404EE29B7E722D22B259C605EE35A375
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:06:48:aa:e7:68:ed:ab:41:94:b3:39:e9:a3:
                    35:7d:f9:3d:f3:66:e7:06:5e:ec:8c:ae:07:72:e7:
                    00:cc:c1:9c:8a:e1:67:a6:95:bf:df:99:a2:75:44:
                    1c:69:e4:aa:2f:73:44:15:c1:73:f7:29:26:77:61:
                    cc:eb:03:d8:4f:38:4e:0c:96:1e:af:73:30:68:3d:
                    3a:fa:83:66:ed:a6:28:1a:1b:4f:53:da:a6:d0:5f:
                    fa:7d:1b:c0:5f:e5:bd:45:4e:4e:10:dc:ab:60:ae:
                    6e:fd:5b:2f:d6:c0:56:3f:87:07:12:04:9e:8f:aa:
                    42:33:77:0d:a7:c7:14:cf:db:9d:5f:5e:d8:0d:4c:
                    ea:a5:99:1c:3f:a6:cf:c2:ee:e7:ec:5c:8b:f5:68:
                    a7:24:5b:d6:3d:5c:a1:1a:93:e0:95:d4:c2:c6:ab:
                    32:bc:ee:d3:7d:8b:4d:81:3d:f3:b4:97:d4:e2:1d:
                    23:c1:1d:9f:cc:f7:1b:89:f0:6e:7b:14:bc:e5:3c:
                    d2:50:1d:8a:25:8f:8f:1b:02:c3:1b:2c:7a:aa:24:
                    46:24:a0:fb:02:40:46:a2:c0:1f:8c:75:42:a0:d7:
                    53:00:e0:92:49:10:d5:ea:71:0b:1f:94:d5:30:63:
                    df:f8:c7:4f:ee:fa:ef:94:21:ca:b9:0e:5c:12:5e:
                    8c:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:A4:46:94:40:4E:E2:9B:7E:72:2D:22:B2:59:C6:05:EE:35:A3:75
            X509v3 Authority Key Identifier:
                keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS401818.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:6284:8::/48

    Signature Algorithm: sha256WithRSAEncryption
         0c:42:44:58:44:5d:c8:f6:c9:56:4b:11:72:71:c6:94:4d:a0:
         4e:b2:d8:3f:a2:a2:ce:90:8e:7a:81:73:47:ed:51:c6:e6:3f:
         83:c3:03:fb:ad:a2:cb:d9:ed:43:93:dc:07:00:12:02:b6:42:
         36:7a:c6:ff:90:25:25:ba:31:25:40:1b:53:09:c6:d9:e1:23:
         37:2d:60:ec:96:d2:a2:82:16:35:95:7c:e5:d5:0a:fc:da:5f:
         60:36:e5:5e:dc:7d:88:30:70:d1:a4:d7:77:f2:39:97:da:7f:
         16:a2:49:a7:7c:b5:59:3d:50:f3:df:fd:cc:ed:7f:d5:f5:21:
         ad:b1:8b:31:6c:c8:5e:f9:93:e1:21:52:5e:04:7e:b8:03:e9:
         6c:c0:f4:e9:62:45:47:1d:f1:cf:bc:96:15:18:51:8b:db:23:
         45:7a:10:a1:7c:6c:02:fa:8a:61:28:36:2a:53:83:0e:c2:95:
         73:b7:5f:e1:41:41:20:fc:18:b1:bd:02:05:a4:22:b0:45:91:
         bf:7a:19:87:5e:d9:17:12:71:3a:c9:a8:b2:b5:07:34:a1:6b:
         c2:dc:07:4a:68:19:b2:da:fc:06:b0:e1:1b:ef:93:13:a7:a0:
         26:43:a9:e9:0c:65:61:72:d9:65:7b:c9:29:46:cd:3c:32:e3:
         02:b2:fa:bd
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgIUUAzlm1mPegpjjtrgb+BNzZW6owwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNjA2MjgxODUwNTVaFw0yNzA2MjcxODU1NTVaMDMxMTAvBgNV
BAMTKDdGQTQ0Njk0NDA0RUUyOUI3RTcyMkQyMkIyNTlDNjA1RUUzNUEzNzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzBkiq52jtq0GUsznpozV9+T3z
ZucGXuyMrgdy5wDMwZyK4Wemlb/fmaJ1RBxp5Kovc0QVwXP3KSZ3YczrA9hPOE4M
lh6vczBoPTr6g2btpigaG09T2qbQX/p9G8Bf5b1FTk4Q3Ktgrm79Wy/WwFY/hwcS
BJ6PqkIzdw2nxxTP251fXtgNTOqlmRw/ps/C7ufsXIv1aKckW9Y9XKEak+CV1MLG
qzK87tN9i02BPfO0l9TiHSPBHZ/M9xuJ8G57FLzlPNJQHYolj48bAsMbLHqqJEYk
oPsCQEaiwB+MdUKg11MA4JJJENXqcQsflNUwY9/4x0/u+u+UIcq5DlwSXoxVAgMB
AAGjggHfMIIB2zAdBgNVHQ4EFgQUf6RGlEBO4pt+ci0islnGBe41o3UwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVM0MDE4MTgucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAq
D2KEAAgwDQYJKoZIhvcNAQELBQADggEBAAxCRFhEXcj2yVZLEXJxxpRNoE6y2D+i
os6QjnqBc0ftUcbmP4PDA/utosvZ7UOT3AcAEgK2QjZ6xv+QJSW6MSVAG1MJxtnh
IzctYOyW0qKCFjWVfOXVCvzaX2A25V7cfYgwcNGk13fyOZfafxaiSad8tVk9UPPf
/cztf9X1Ia2xizFsyF75k+EhUl4EfrgD6WzA9OliRUcd8c+8lhUYUYvbI0V6EKF8
bAL6imEoNipTgw7ClXO3X+FBQSD8GLG9AgWkIrBFkb96GYde2RcScTrJqLK1BzSh
a8LcB0poGbLa/Aaw4RvvkxOnoCZDqekMZWFy2WV7ySlGzTwy4wKy+r0=
-----END CERTIFICATE-----
Generated at Fri Jul 10 16:12:55 2026 by rpki-client