Route Origin Authorization

$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS57110.roa
File:                     AS57110.roa (raw, json)
Hash identifier:          NL9RjXtEmmrpW8sj255lyU+792Fp6dNKLVYc1Wu9v6M=
Subject key identifier:   A3:58:1C:68:ED:49:5F:BE:7E:CB:93:ED:B4:AB:73:1E:B0:E8:9E:ED
Certificate issuer:       /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial:       431C53B31509998D4F300F805FAFFE3D31B62AFA
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access:      rsync://krill.47272.net/repo/HYEHOST/5/AS57110.roa
Signing time:             Sun 28 Jun 2026 18:55:58 +0000
ROA not before:           Sun 28 Jun 2026 18:50:58 +0000
ROA not after:            Sun 27 Jun 2027 18:55:58 +0000
asID:                     57110
IP address blocks:        2a0a:6044:3000::/40 maxlen: 40
                          2a0a:6044:3001::/48 maxlen: 48
                          2a0f:6283:1101::/48 maxlen: 48
                          2a0f:6283:1120::/44 maxlen: 48
                          2a0f:6284:4000::/40 maxlen: 40
                          2a0f:6284:4001::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 11 Jul 2026 08:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:1c:53:b3:15:09:99:8d:4f:30:0f:80:5f:af:fe:3d:31:b6:2a:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
        Validity
            Not Before: Jun 28 18:50:58 2026 GMT
            Not After : Jun 27 18:55:58 2027 GMT
        Subject: CN=A3581C68ED495FBE7ECB93EDB4AB731EB0E89EED
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:c6:c9:ca:08:10:5a:36:e0:76:c0:fd:18:c4:
                    04:7f:8a:4d:13:ff:d2:99:d1:44:4a:2c:09:2b:fa:
                    45:c6:19:f3:71:5e:f6:cc:c0:1e:65:30:53:7e:4e:
                    06:c7:9a:79:bd:f8:df:a1:f5:71:04:f8:ab:81:ce:
                    24:db:49:63:6a:df:2e:14:d4:b0:5b:5c:fc:c5:f2:
                    4e:ae:fe:3a:78:85:1c:8f:06:81:75:8e:f5:a1:b6:
                    c6:1f:60:de:bb:f6:b2:3c:01:04:2e:cd:fd:09:6a:
                    29:fe:74:ee:c3:70:1f:a2:99:95:a5:ef:81:a2:21:
                    56:f2:3e:1f:b8:ca:0a:bc:fa:7f:99:24:27:cd:58:
                    24:19:2c:37:6b:04:be:f0:66:3b:60:14:ae:a6:b0:
                    e7:bb:e4:97:35:9b:52:64:fb:58:d1:34:a5:0e:2b:
                    a7:0b:0a:6e:f8:68:39:27:21:8e:11:59:1c:b9:da:
                    1d:b1:45:04:50:ed:45:86:84:77:19:31:95:2e:e0:
                    d2:2f:e8:0a:bb:35:80:0a:3c:fb:36:78:c9:1b:38:
                    8f:ff:00:f1:e8:b8:07:8b:ca:d5:3f:54:a5:04:1b:
                    4d:67:41:2f:d4:28:33:b5:a8:52:ca:56:7f:df:8e:
                    12:95:45:34:6d:9d:d6:3e:a8:d1:cd:35:80:aa:0c:
                    fe:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:58:1C:68:ED:49:5F:BE:7E:CB:93:ED:B4:AB:73:1E:B0:E8:9E:ED
            X509v3 Authority Key Identifier:
                keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS57110.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:3000::/40
                  2a0f:6283:1101::/48
                  2a0f:6283:1120::/44
                  2a0f:6284:4000::/40

    Signature Algorithm: sha256WithRSAEncryption
         17:6b:5d:99:74:7b:f3:0a:4f:be:38:e9:4d:c9:d6:f7:9b:fb:
         c1:58:64:4d:9d:c2:d6:b8:49:c7:9e:09:eb:3d:52:2f:4e:b8:
         7b:8c:42:b1:48:91:97:58:5d:32:96:97:9c:5b:a0:fa:0c:cc:
         6e:41:2a:13:9e:1d:b8:bc:03:68:59:12:26:0c:0c:2d:a8:3a:
         0d:99:15:95:fb:ef:60:97:a9:c8:cc:7b:33:e5:3f:a7:a9:9e:
         8e:6b:20:31:57:99:fb:12:90:9c:d0:ab:0e:45:af:67:34:e2:
         40:6a:41:0f:25:68:be:57:d9:5c:c3:05:06:0d:51:92:2a:9c:
         5a:74:19:ba:ae:99:d6:65:dc:5e:31:f8:5c:98:34:c4:0a:56:
         c0:3c:1a:2a:26:a2:15:d9:ad:33:18:95:a8:10:93:f5:0b:a7:
         cb:2a:38:ff:83:18:35:16:a5:69:2c:2c:0e:65:2b:c0:67:0a:
         60:9f:ec:5d:de:db:9a:26:40:e2:d7:a3:0b:c0:48:08:ec:4f:
         72:6c:57:db:43:17:1c:54:a1:3a:44:ac:5b:3a:bf:11:bf:23:
         a5:e8:fe:7d:72:4e:64:2b:ef:89:6a:e2:d2:b4:b7:1a:7b:17:
         94:39:e1:2e:6f:6b:f5:ad:eb:17:c6:d2:55:05:24:58:01:ea:
         55:93:8e:37
-----BEGIN CERTIFICATE-----
MIIE7TCCA9WgAwIBAgIUQxxTsxUJmY1PMA+AX6/+PTG2KvowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNjA2MjgxODUwNThaFw0yNzA2MjcxODU1NThaMDMxMTAvBgNV
BAMTKEEzNTgxQzY4RUQ0OTVGQkU3RUNCOTNFREI0QUI3MzFFQjBFODlFRUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIxsnKCBBaNuB2wP0YxAR/ik0T
/9KZ0URKLAkr+kXGGfNxXvbMwB5lMFN+TgbHmnm9+N+h9XEE+KuBziTbSWNq3y4U
1LBbXPzF8k6u/jp4hRyPBoF1jvWhtsYfYN679rI8AQQuzf0Jain+dO7DcB+imZWl
74GiIVbyPh+4ygq8+n+ZJCfNWCQZLDdrBL7wZjtgFK6msOe75Jc1m1Jk+1jRNKUO
K6cLCm74aDknIY4RWRy52h2xRQRQ7UWGhHcZMZUu4NIv6Aq7NYAKPPs2eMkbOI//
APHouAeLytU/VKUEG01nQS/UKDO1qFLKVn/fjhKVRTRtndY+qNHNNYCqDP5NAgMB
AAGjggH3MIIB8zAdBgNVHQ4EFgQUo1gcaO1JX75+y5PttKtzHrDonu0wHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVM1NzExMC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjA7BggrBgEFBQcBBwEB/wQsMCowKAQCAAIwIgMGACoK
YEQwAwcAKg9igxEBAwcEKg9igxEgAwYAKg9ihEAwDQYJKoZIhvcNAQELBQADggEB
ABdrXZl0e/MKT7446U3J1veb+8FYZE2dwta4SceeCes9Ui9OuHuMQrFIkZdYXTKW
l5xboPoMzG5BKhOeHbi8A2hZEiYMDC2oOg2ZFZX772CXqcjMezPlP6epno5rIDFX
mfsSkJzQqw5Fr2c04kBqQQ8laL5X2VzDBQYNUZIqnFp0GbqumdZl3F4x+FyYNMQK
VsA8GiomohXZrTMYlagQk/ULp8sqOP+DGDUWpWksLA5lK8BnCmCf7F3e25omQOLX
owvASAjsT3JsV9tDFxxUoTpErFs6vxG/I6Xo/n1yTmQr74lq4tK0txp7F5Q54S5v
a/Wt6xfG0lUFJFgB6lWTjjc=
-----END CERTIFICATE-----
Generated at Fri Jul 10 16:11:31 2026 by rpki-client