Route Origin Authorization

$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS0.roa
File:                     AS0.roa (raw, json)
Hash identifier:          7llNCVlD+RXTaSOKMV2O1nmPVdy7BnBKBisvShoFEH0=
Subject key identifier:   30:B6:62:5A:14:8B:22:37:14:9C:F5:CD:58:F5:47:EC:FD:17:D7:82
Certificate issuer:       /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial:       31BD641FEA61C1819AF9BFC8EE523179A5E760AF
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access:      rsync://krill.47272.net/repo/HYEHOST/5/AS0.roa
Signing time:             Tue 05 Aug 2025 15:33:22 +0000
ROA not before:           Tue 05 Aug 2025 15:28:22 +0000
ROA not after:            Tue 04 Aug 2026 15:33:22 +0000
asID:                     0
IP address blocks:        2a05:dfc3:f400::/40 maxlen: 40
                          2a06:1281:7000::/36 maxlen: 128
                          2a06:1281:9000::/36 maxlen: 36
                          2a06:1281:a000::/36 maxlen: 128
                          2a09:54c6:1000::/36 maxlen: 128
                          2a09:54c7:3000::/36 maxlen: 36
                          2a09:54c7:4000::/36 maxlen: 128
                          2a09:54c7:5000::/36 maxlen: 128
                          2a09:54c7:6000::/36 maxlen: 128
Validation:               OK
Signature path:           rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 14:37:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:bd:64:1f:ea:61:c1:81:9a:f9:bf:c8:ee:52:31:79:a5:e7:60:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
        Validity
            Not Before: Aug  5 15:28:22 2025 GMT
            Not After : Aug  4 15:33:22 2026 GMT
        Subject: CN=30B6625A148B2237149CF5CD58F547ECFD17D782
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:44:f4:99:2b:1a:63:c5:7d:10:07:27:2b:3b:
                    26:05:80:53:84:3f:71:0c:04:68:e7:79:24:e7:c6:
                    06:11:46:c6:46:73:77:14:e7:c2:7e:e5:b5:d7:e9:
                    e5:85:bf:a7:ff:f9:2b:37:ac:3b:ff:da:78:69:77:
                    38:2b:08:56:aa:32:f4:d3:b7:05:a4:9d:a1:3f:85:
                    2a:ca:d2:29:ce:e9:9c:17:a4:46:5e:97:19:b5:7e:
                    bb:4e:fd:29:6a:99:ef:2d:2a:ad:89:fa:95:34:4b:
                    02:b1:c0:e1:5e:2d:07:da:3d:a4:cf:50:a2:56:ee:
                    0a:92:66:17:4b:d4:85:e4:94:20:c2:b2:77:e3:7f:
                    b8:59:7b:ff:92:9b:5e:69:c3:15:e9:0c:0d:f2:ea:
                    a9:0f:92:df:4c:3f:8a:88:fe:70:ac:5b:9c:ab:aa:
                    cb:41:84:4b:71:56:51:93:8f:13:5c:f5:90:2b:e9:
                    49:62:14:4c:fe:aa:b7:34:58:2f:45:32:c2:ff:74:
                    94:00:2e:86:7c:1b:57:42:06:7f:3f:1c:ab:4a:cd:
                    c6:9c:01:35:35:af:4a:81:fe:25:74:a2:d7:56:da:
                    f3:77:59:69:8c:6e:85:9a:bb:fd:c7:4e:11:df:60:
                    cd:91:f8:c2:fb:39:6f:d7:3c:59:3a:21:f8:f8:69:
                    00:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:B6:62:5A:14:8B:22:37:14:9C:F5:CD:58:F5:47:EC:FD:17:D7:82
            X509v3 Authority Key Identifier:
                keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS0.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc3:f400::/40
                  2a06:1281:7000::/36
                  2a06:1281:9000::-2a06:1281:afff:ffff:ffff:ffff:ffff:ffff
                  2a09:54c6:1000::/36
                  2a09:54c7:3000::-2a09:54c7:6fff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         05:02:00:25:06:30:6d:2d:6b:b0:ad:e5:56:30:ef:4c:82:19:
         f8:cd:5f:2e:db:7c:22:e0:21:ca:47:57:21:06:60:c1:df:65:
         ba:16:f4:ba:88:b3:a4:90:81:af:67:88:d8:86:d4:41:bc:93:
         9c:c4:df:f5:b6:43:f2:b1:52:2e:26:70:f6:a2:1b:55:75:a2:
         13:c2:b5:60:c0:cf:51:3b:d6:dd:78:40:b0:06:24:ed:d7:54:
         0c:a2:2d:1f:ad:20:6d:15:c9:ac:c1:18:81:a6:3b:1f:6b:7f:
         d7:69:df:af:87:82:4d:93:3d:7f:c7:ef:bd:6e:cf:c5:38:af:
         42:4f:33:c5:f4:fe:e5:ed:51:20:37:a1:c2:12:c4:b2:b9:ff:
         87:a9:e2:33:4a:53:01:64:10:07:2b:bc:13:1e:a3:4c:02:1d:
         e7:ab:cf:e6:f0:c5:78:76:17:5a:26:6c:89:ad:56:73:20:7c:
         1e:32:83:23:bf:0b:83:c6:9d:70:ae:c5:5c:ee:bb:5e:6a:97:
         17:c4:0d:dd:ee:bb:c0:a0:4c:71:9d:98:2e:63:f3:f9:bf:12:
         47:bc:18:df:ec:d9:74:c1:ef:81:fa:01:b6:59:89:ad:19:b1:
         64:8e:8e:92:29:01:28:72:a9:0a:1e:11:f9:ac:cc:b1:18:46:
         bd:b0:36:e8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUMb1kH+phwYGa+b/I7lIxeaXnYK8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNTA4MDUxNTI4MjJaFw0yNjA4MDQxNTMzMjJaMDMxMTAvBgNV
BAMTKDMwQjY2MjVBMTQ4QjIyMzcxNDlDRjVDRDU4RjU0N0VDRkQxN0Q3ODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYRPSZKxpjxX0QBycrOyYFgFOE
P3EMBGjneSTnxgYRRsZGc3cU58J+5bXX6eWFv6f/+Ss3rDv/2nhpdzgrCFaqMvTT
twWknaE/hSrK0inO6ZwXpEZelxm1frtO/Slqme8tKq2J+pU0SwKxwOFeLQfaPaTP
UKJW7gqSZhdL1IXklCDCsnfjf7hZe/+Sm15pwxXpDA3y6qkPkt9MP4qI/nCsW5yr
qstBhEtxVlGTjxNc9ZAr6UliFEz+qrc0WC9FMsL/dJQALoZ8G1dCBn8/HKtKzcac
ATU1r0qB/iV0otdW2vN3WWmMboWau/3HThHfYM2R+ML7OW/XPFk6Ifj4aQDzAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUMLZiWhSLIjcUnPXNWPVH7P0X14IwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyMEoGCCsGAQUFBwELBD4wPDA6BggrBgEFBQcwC4YucnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMwLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAAjA8AwYAKgXfw/QD
BgQqBhKBcDAQAwYEKgYSgZADBgQqBhKBoAMGBCoJVMYQMBADBgQqCVTHMAMGBCoJ
VMdgMA0GCSqGSIb3DQEBCwUAA4IBAQAFAgAlBjBtLWuwreVWMO9Mghn4zV8u23wi
4CHKR1chBmDB32W6FvS6iLOkkIGvZ4jYhtRBvJOcxN/1tkPysVIuJnD2ohtVdaIT
wrVgwM9RO9bdeECwBiTt11QMoi0frSBtFcmswRiBpjsfa3/Xad+vh4JNkz1/x++9
bs/FOK9CTzPF9P7l7VEgN6HCEsSyuf+HqeIzSlMBZBAHK7wTHqNMAh3nq8/m8MV4
dhdaJmyJrVZzIHweMoMjvwuDxp1wrsVc7rteapcXxA3d7rvAoExxnZguY/P5vxJH
vBjf7Nl0we+B+gG2WYmtGbFkjo6SKQEocqkKHhH5rMyxGEa9sDbo
-----END CERTIFICATE-----
Generated at Tue Aug 5 20:05:50 2025 by rpki-client