Route Origin Authorization

$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS57974.roa
File:                     AS57974.roa (raw, json)
Hash identifier:          fURaxvKzJTeswF5XLxi74N8eW84vNh9S3zR5pBRZa5Q=
Subject key identifier:   7E:A9:33:AB:97:0F:44:AA:B8:F7:F7:FD:C0:E7:06:22:DA:51:0F:5C
Certificate issuer:       /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial:       77D377B61CE7FCF8E9B64EC80A20986323FD512C
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access:      rsync://krill.47272.net/repo/HYEHOST/5/AS57974.roa
Signing time:             Sun 28 Jun 2026 18:55:32 +0000
ROA not before:           Sun 28 Jun 2026 18:50:32 +0000
ROA not after:            Sun 27 Jun 2027 18:55:32 +0000
asID:                     57974
IP address blocks:        2a0f:6284:4218::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 09 Jul 2026 09:19:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:d3:77:b6:1c:e7:fc:f8:e9:b6:4e:c8:0a:20:98:63:23:fd:51:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
        Validity
            Not Before: Jun 28 18:50:32 2026 GMT
            Not After : Jun 27 18:55:32 2027 GMT
        Subject: CN=7EA933AB970F44AAB8F7F7FDC0E70622DA510F5C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:1e:16:33:8b:1c:13:8c:34:a6:45:b4:14:d3:
                    d4:d1:11:73:c3:ec:5f:50:58:50:2f:ff:af:77:47:
                    f9:c0:3a:8f:6f:f5:66:57:84:49:3b:5b:4d:41:4d:
                    32:2f:d0:b9:da:f9:7f:19:3b:5e:33:98:10:d1:e4:
                    cf:36:27:22:89:db:40:c3:c0:a5:5d:3e:35:b1:2b:
                    8c:5d:61:d7:99:cb:8a:71:31:e0:f2:ed:6f:60:2d:
                    44:e3:4f:45:bf:f4:1d:0f:c9:7b:8a:93:c8:c5:7f:
                    34:b2:c3:1a:da:a1:f1:d5:d9:c2:c1:a2:5d:d4:77:
                    01:7b:fe:40:7c:61:f7:cf:78:96:b3:03:af:f4:8d:
                    34:a8:c1:78:ca:94:bf:55:38:36:36:dc:59:ae:bd:
                    f6:34:3d:5a:15:ea:dc:3b:a3:36:b1:4e:e7:85:76:
                    02:5f:35:20:fc:cd:2d:44:20:3c:d9:e3:d7:a7:db:
                    b0:d7:3d:5a:8f:2e:b6:90:af:10:f8:73:70:56:d3:
                    55:97:41:23:a7:29:91:15:6e:31:66:fa:02:58:e7:
                    cb:2e:6b:3c:18:c3:b0:23:d4:e3:00:79:cd:ae:92:
                    4f:0d:3c:0c:8f:33:6d:41:15:ef:45:52:d9:43:b6:
                    51:3c:45:07:44:8c:df:58:86:a3:d7:a3:88:2e:2f:
                    25:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:A9:33:AB:97:0F:44:AA:B8:F7:F7:FD:C0:E7:06:22:DA:51:0F:5C
            X509v3 Authority Key Identifier:
                keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS57974.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:6284:4218::/48

    Signature Algorithm: sha256WithRSAEncryption
         08:47:08:4d:d1:e6:13:b1:e9:73:a6:de:23:db:db:c4:ef:ff:
         a3:cf:cb:c2:b4:a7:ba:01:d8:e4:06:d5:4a:12:4c:cf:75:47:
         84:7f:ff:95:18:b1:50:65:16:0f:04:b7:ee:4a:69:5c:3b:c9:
         8c:c5:9a:af:45:8a:94:67:64:53:17:26:31:9c:ba:82:be:9d:
         34:eb:87:f4:a3:5f:e7:55:59:fb:fe:4c:51:b0:c0:52:34:d0:
         c9:01:28:2d:2a:b8:c3:d5:47:88:c2:5c:7d:bc:fa:fe:a4:90:
         94:80:9c:73:bb:50:ec:cd:3c:26:90:09:72:53:df:13:ed:a1:
         88:50:c8:db:be:8e:ae:fd:31:58:6f:d8:b2:20:7a:41:b6:53:
         e9:20:3e:97:73:0e:47:6d:64:2c:03:9c:9f:95:84:cc:72:df:
         9f:ab:06:7d:dd:ef:b9:a1:f4:b0:63:0e:08:6b:44:9f:a1:f6:
         4d:a3:c5:8b:90:0d:82:ff:85:69:31:90:46:01:93:bc:99:8f:
         c9:73:e9:59:0e:2f:24:79:cf:b3:c2:0c:00:f9:68:f8:2d:37:
         bf:17:01:d4:63:a0:fb:a0:a0:9c:9e:ee:c9:d0:a0:91:ca:83:
         05:93:0c:e1:1e:d8:46:d4:7e:35:39:17:83:49:ee:5e:dc:5f:
         6d:7e:e4:62
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIUd9N3thzn/Pjptk7ICiCYYyP9USwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNjA2MjgxODUwMzJaFw0yNzA2MjcxODU1MzJaMDMxMTAvBgNV
BAMTKDdFQTkzM0FCOTcwRjQ0QUFCOEY3RjdGREMwRTcwNjIyREE1MTBGNUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvHhYzixwTjDSmRbQU09TREXPD
7F9QWFAv/693R/nAOo9v9WZXhEk7W01BTTIv0Lna+X8ZO14zmBDR5M82JyKJ20DD
wKVdPjWxK4xdYdeZy4pxMeDy7W9gLUTjT0W/9B0PyXuKk8jFfzSywxraofHV2cLB
ol3UdwF7/kB8YffPeJazA6/0jTSowXjKlL9VODY23FmuvfY0PVoV6tw7ozaxTueF
dgJfNSD8zS1EIDzZ49en27DXPVqPLraQrxD4c3BW01WXQSOnKZEVbjFm+gJY58su
azwYw7Aj1OMAec2ukk8NPAyPM21BFe9FUtlDtlE8RQdEjN9YhqPXo4guLyVJAgMB
AAGjggHeMIIB2jAdBgNVHQ4EFgQUfqkzq5cPRKq49/f9wOcGItpRD1wwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVM1Nzk3NC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoP
YoRCGDANBgkqhkiG9w0BAQsFAAOCAQEACEcITdHmE7Hpc6beI9vbxO//o8/LwrSn
ugHY5AbVShJMz3VHhH//lRixUGUWDwS37kppXDvJjMWar0WKlGdkUxcmMZy6gr6d
NOuH9KNf51VZ+/5MUbDAUjTQyQEoLSq4w9VHiMJcfbz6/qSQlICcc7tQ7M08JpAJ
clPfE+2hiFDI276Orv0xWG/YsiB6QbZT6SA+l3MOR21kLAOcn5WEzHLfn6sGfd3v
uaH0sGMOCGtEn6H2TaPFi5ANgv+FaTGQRgGTvJmPyXPpWQ4vJHnPs8IMAPlo+C03
vxcB1GOg+6CgnJ7uydCgkcqDBZMM4R7YRtR+NTkXg0nuXtxfbX7kYg==
-----END CERTIFICATE-----
Generated at Wed Jul 8 19:03:51 2026 by rpki-client