Route Origin Authorization

$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS216052.roa
File:                     AS216052.roa (raw, json)
Hash identifier:          zhju5tn30I6YKS+oQNGIEh8JIuVo48yl3ffsdlWU8F0=
Subject key identifier:   06:DE:7A:91:AB:46:99:20:C3:A5:9C:5C:25:AA:F7:63:6F:C6:15:42
Certificate issuer:       /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial:       8FDB2D7F5F96BAAF1466DB06DBF6C0C59CD375
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access:      rsync://krill.47272.net/repo/HYEHOST/5/AS216052.roa
Signing time:             Thu 04 Jun 2026 16:51:51 +0000
ROA not before:           Thu 04 Jun 2026 16:46:51 +0000
ROA not after:            Thu 03 Jun 2027 16:51:51 +0000
asID:                     216052
IP address blocks:        2a0a:6044:a900::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 07:08:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            8f:db:2d:7f:5f:96:ba:af:14:66:db:06:db:f6:c0:c5:9c:d3:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
        Validity
            Not Before: Jun  4 16:46:51 2026 GMT
            Not After : Jun  3 16:51:51 2027 GMT
        Subject: CN=06DE7A91AB469920C3A59C5C25AAF7636FC61542
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:82:78:f1:81:a7:fb:4c:f1:ba:af:0e:a0:ae:
                    92:0d:f0:72:b9:57:60:e5:43:81:ab:89:e8:1d:22:
                    80:a9:e1:5a:42:da:49:b3:c9:a7:41:70:9d:11:58:
                    18:03:22:69:f3:dc:29:1f:e4:6a:44:d8:fd:4d:71:
                    19:65:d8:df:7d:f7:9b:25:2e:02:7f:69:e1:f2:d2:
                    dc:d4:97:52:96:cc:7f:3f:e6:78:0e:a5:e4:4c:18:
                    34:9a:83:15:ed:34:72:f8:25:8a:63:61:6a:b1:ad:
                    62:12:e7:ed:c8:05:20:f4:52:4c:20:0e:cd:f0:94:
                    86:49:9c:8f:6a:3c:4a:84:3c:36:66:30:a7:b2:c4:
                    e8:27:a0:6d:c3:d0:0b:00:29:7f:6e:b6:d7:de:3b:
                    f6:54:d3:de:8a:bf:09:b1:af:55:67:6c:66:69:62:
                    69:8e:87:b4:bd:04:57:2c:34:ec:f5:4d:90:bd:86:
                    3f:a5:b8:1f:32:37:e8:87:3a:97:4e:ec:32:f2:15:
                    f2:da:53:e7:93:38:c3:ea:78:80:41:c4:2c:ab:46:
                    76:b6:f1:f4:6c:ba:86:3c:47:a0:46:6e:8f:4c:11:
                    50:25:73:3d:c2:0e:53:99:0d:a9:c4:ea:71:9d:47:
                    66:ce:25:c8:eb:61:c2:d6:d6:bb:f1:ea:87:29:d5:
                    da:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:DE:7A:91:AB:46:99:20:C3:A5:9C:5C:25:AA:F7:63:6F:C6:15:42
            X509v3 Authority Key Identifier:
                keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS216052.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:a900::/40

    Signature Algorithm: sha256WithRSAEncryption
         30:65:97:fe:ec:0b:99:1f:69:bc:e7:bf:14:a3:68:42:f2:19:
         3a:ac:f4:ec:e9:e3:8c:e5:ef:0e:74:e9:d9:bd:54:9f:71:68:
         a3:74:92:17:d0:b7:a5:c6:93:e7:ef:80:1d:f3:e5:0a:26:64:
         8c:7c:eb:db:74:23:f5:4c:cf:7c:7b:ed:02:bb:00:a9:f6:f7:
         06:a4:6a:79:77:68:46:88:70:ff:55:5f:62:7d:44:44:91:25:
         76:27:c6:d4:5b:80:e2:fa:02:f6:ee:49:51:ac:03:92:dc:f1:
         df:8c:a7:58:95:38:b6:cf:5a:5e:0b:06:b4:a1:2c:fd:d3:87:
         eb:44:47:02:53:da:da:4d:b8:67:e1:25:77:c7:d2:e3:84:3f:
         41:42:d1:0e:a9:4a:3c:98:d1:36:e1:15:6b:a7:04:f2:4b:72:
         ca:4e:cc:8a:70:f9:fc:b9:47:ea:91:18:77:b9:6b:00:ce:31:
         8c:41:a9:b1:08:e7:4d:ba:70:e2:9c:0e:35:5f:b0:1e:76:0b:
         ed:77:55:7e:6b:fc:38:3b:87:e6:74:f8:6c:30:b0:4e:84:c4:
         ae:04:98:f2:1a:0d:41:05:88:ca:0b:60:78:af:5d:d1:7e:b8:
         0f:5b:a5:e5:35:49:6e:34:60:51:a2:7d:5e:3d:6d:c4:07:20:
         55:52:50:73
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIUAI/bLX9flrqvFGbbBtv2wMWc03UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNjA2MDQxNjQ2NTFaFw0yNzA2MDMxNjUxNTFaMDMxMTAvBgNV
BAMTKDA2REU3QTkxQUI0Njk5MjBDM0E1OUM1QzI1QUFGNzYzNkZDNjE1NDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCgnjxgaf7TPG6rw6grpIN8HK5
V2DlQ4GriegdIoCp4VpC2kmzyadBcJ0RWBgDImnz3Ckf5GpE2P1NcRll2N9995sl
LgJ/aeHy0tzUl1KWzH8/5ngOpeRMGDSagxXtNHL4JYpjYWqxrWIS5+3IBSD0Ukwg
Ds3wlIZJnI9qPEqEPDZmMKeyxOgnoG3D0AsAKX9uttfeO/ZU096Kvwmxr1VnbGZp
YmmOh7S9BFcsNOz1TZC9hj+luB8yN+iHOpdO7DLyFfLaU+eTOMPqeIBBxCyrRna2
8fRsuoY8R6BGbo9MEVAlcz3CDlOZDanE6nGdR2bOJcjrYcLW1rvx6ocp1drTAgMB
AAGjggHeMIIB2jAdBgNVHQ4EFgQUBt56katGmSDDpZxcJar3Y2/GFUIwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMTYwNTIucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAq
CmBEqTANBgkqhkiG9w0BAQsFAAOCAQEAMGWX/uwLmR9pvOe/FKNoQvIZOqz07Onj
jOXvDnTp2b1Un3Foo3SSF9C3pcaT5++AHfPlCiZkjHzr23Qj9UzPfHvtArsAqfb3
BqRqeXdoRohw/1VfYn1ERJEldifG1FuA4voC9u5JUawDktzx34ynWJU4ts9aXgsG
tKEs/dOH60RHAlPa2k24Z+Eld8fS44Q/QULRDqlKPJjRNuEVa6cE8ktyyk7MinD5
/LlH6pEYd7lrAM4xjEGpsQjnTbpw4pwONV+wHnYL7XdVfmv8ODuH5nT4bDCwToTE
rgSY8hoNQQWIygtgeK9d0X64D1ul5TVJbjRgUaJ9Xj1txAcgVVJQcw==
-----END CERTIFICATE-----