Route Origin Authorization

$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS204150.roa
File:                     AS204150.roa (raw, json)
Hash identifier:          PlLNdmzZCvOKsy1vjXSSTIIO1u0NGHdSZmbyxXXcUkM=
Subject key identifier:   CB:C6:6D:EA:FE:33:39:32:17:3B:52:4A:87:BC:7D:E6:10:81:C0:67
Certificate issuer:       /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial:       79C22C2687C490B9BD80B39134BA4F66B2215D5D
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access:      rsync://krill.47272.net/repo/HYEHOST/5/AS204150.roa
Signing time:             Mon 16 Feb 2026 13:40:52 +0000
ROA not before:           Mon 16 Feb 2026 13:35:52 +0000
ROA not after:            Mon 15 Feb 2027 13:40:52 +0000
asID:                     204150
IP address blocks:        2a0f:6284:800::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 09:20:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:c2:2c:26:87:c4:90:b9:bd:80:b3:91:34:ba:4f:66:b2:21:5d:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
        Validity
            Not Before: Feb 16 13:35:52 2026 GMT
            Not After : Feb 15 13:40:52 2027 GMT
        Subject: CN=CBC66DEAFE333932173B524A87BC7DE61081C067
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:09:2b:56:9c:68:b5:1f:1b:ac:49:cb:e8:61:
                    69:92:3f:ae:51:ce:33:bc:93:bd:ef:cf:3d:cd:3a:
                    0b:74:c0:35:4b:87:23:ed:66:2a:cd:7b:d0:9b:99:
                    9b:1a:c7:16:2a:13:ba:22:9a:20:af:1c:8c:8c:70:
                    82:e5:58:d2:47:09:f5:4c:71:c7:70:2c:a1:0c:56:
                    c5:86:fb:36:2f:8a:46:4e:30:82:2a:33:a6:66:20:
                    ff:07:fb:6a:c7:08:af:81:39:52:07:b1:46:84:98:
                    2b:2f:a8:78:6a:91:a4:39:7d:cd:ab:99:bf:a0:5a:
                    10:22:ce:30:57:4e:eb:7e:5d:06:5f:ad:51:93:c5:
                    76:e1:c0:09:a4:aa:40:d5:d0:1d:e1:66:29:dc:c1:
                    cd:32:4d:1c:05:30:b8:88:3d:0f:b0:e4:57:b3:ca:
                    50:4b:55:99:b5:33:e6:22:99:55:49:3f:07:92:1a:
                    17:c4:f1:cd:6f:cc:c0:7f:03:3e:9f:b0:d8:1c:35:
                    12:79:1e:1a:c6:dc:3e:b3:f9:92:76:18:21:3f:50:
                    0f:7c:bf:70:fc:d2:a0:fc:34:7c:f2:13:33:cd:17:
                    66:62:04:c5:dc:8a:b2:bb:bc:15:d1:3b:c2:a6:1e:
                    00:24:c7:d1:76:e7:13:ea:94:c8:20:10:6d:2b:f6:
                    d4:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:C6:6D:EA:FE:33:39:32:17:3B:52:4A:87:BC:7D:E6:10:81:C0:67
            X509v3 Authority Key Identifier:
                keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS204150.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:6284:800::/40

    Signature Algorithm: sha256WithRSAEncryption
         87:33:b7:c2:08:80:0d:ea:1a:bd:da:e7:29:a1:0d:e1:3b:1a:
         33:7d:08:c4:47:4f:6c:b1:b1:48:58:2f:8f:6b:1a:9b:56:c6:
         62:a1:7b:29:8f:8a:34:04:4e:18:45:25:b4:e8:f4:6f:71:90:
         cd:cd:68:1b:2e:83:28:e4:98:77:56:76:14:fb:ac:1f:ef:63:
         b7:7a:25:ac:88:f8:75:f2:1f:bd:32:82:e6:5d:d3:3b:dc:2c:
         4e:6d:51:e8:90:b2:0b:f1:b5:50:79:d2:51:62:de:9a:18:7d:
         2c:21:84:ed:e3:8d:8c:72:52:9f:9a:c9:85:d1:05:07:f4:82:
         ec:dc:19:12:72:4e:40:24:b9:ce:f8:60:ee:8e:20:47:ac:25:
         96:70:76:24:cf:aa:2c:56:2c:4b:c6:a8:0c:7a:e9:b6:05:06:
         4d:76:69:36:77:d5:28:af:82:82:fd:e6:7b:35:7d:ab:06:92:
         08:d4:18:2a:56:22:bf:4f:9e:d9:e9:7b:e7:ae:06:9c:1f:63:
         35:83:41:c1:c1:98:db:9c:ac:d9:fb:fd:13:e7:e6:a9:41:7e:
         4d:d3:b9:9a:26:75:bc:15:f4:d1:a2:1b:74:34:2d:63:b6:53:
         3b:c2:ee:ad:88:bc:b8:e7:37:aa:cb:14:3a:8b:46:05:03:91:
         e5:07:38:1a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIUecIsJofEkLm9gLORNLpPZrIhXV0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNjAyMTYxMzM1NTJaFw0yNzAyMTUxMzQwNTJaMDMxMTAvBgNV
BAMTKENCQzY2REVBRkUzMzM5MzIxNzNCNTI0QTg3QkM3REU2MTA4MUMwNjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkCStWnGi1HxusScvoYWmSP65R
zjO8k73vzz3NOgt0wDVLhyPtZirNe9CbmZsaxxYqE7oimiCvHIyMcILlWNJHCfVM
ccdwLKEMVsWG+zYvikZOMIIqM6ZmIP8H+2rHCK+BOVIHsUaEmCsvqHhqkaQ5fc2r
mb+gWhAizjBXTut+XQZfrVGTxXbhwAmkqkDV0B3hZincwc0yTRwFMLiIPQ+w5Fez
ylBLVZm1M+YimVVJPweSGhfE8c1vzMB/Az6fsNgcNRJ5HhrG3D6z+ZJ2GCE/UA98
v3D80qD8NHzyEzPNF2ZiBMXcirK7vBXRO8KmHgAkx9F25xPqlMggEG0r9tTzAgMB
AAGjggHeMIIB2jAdBgNVHQ4EFgQUy8Zt6v4zOTIXO1JKh7x95hCBwGcwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMDQxNTAucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAq
D2KECDANBgkqhkiG9w0BAQsFAAOCAQEAhzO3wgiADeoavdrnKaEN4TsaM30IxEdP
bLGxSFgvj2sam1bGYqF7KY+KNAROGEUltOj0b3GQzc1oGy6DKOSYd1Z2FPusH+9j
t3olrIj4dfIfvTKC5l3TO9wsTm1R6JCyC/G1UHnSUWLemhh9LCGE7eONjHJSn5rJ
hdEFB/SC7NwZEnJOQCS5zvhg7o4gR6wllnB2JM+qLFYsS8aoDHrptgUGTXZpNnfV
KK+Cgv3mezV9qwaSCNQYKlYiv0+e2el7564GnB9jNYNBwcGY25ys2fv9E+fmqUF+
TdO5miZ1vBX00aIbdDQtY7ZTO8LurYi8uOc3qssUOotGBQOR5Qc4Gg==
-----END CERTIFICATE-----