Route Origin Authorization

$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS212154.roa
File:                     AS212154.roa (raw, json)
Hash identifier:          A2uMOKRolCt5Jzr/Vcm1Yvd5rs557mfwQjZBMyene2A=
Subject key identifier:   B0:95:AC:E6:E7:ED:7A:78:AB:A7:AE:19:AA:A1:25:73:D7:17:9F:0D
Certificate issuer:       /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial:       0375605FC2133966D6A48BB57BA9E2EF52003C7C
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access:      rsync://krill.47272.net/repo/HYEHOST/5/AS212154.roa
Signing time:             Sat 28 Mar 2026 06:38:31 +0000
ROA not before:           Sat 28 Mar 2026 06:33:31 +0000
ROA not after:            Sat 27 Mar 2027 06:38:31 +0000
asID:                     212154
IP address blocks:        2a05:dfc3:fd00::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:75:60:5f:c2:13:39:66:d6:a4:8b:b5:7b:a9:e2:ef:52:00:3c:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
        Validity
            Not Before: Mar 28 06:33:31 2026 GMT
            Not After : Mar 27 06:38:31 2027 GMT
        Subject: CN=B095ACE6E7ED7A78ABA7AE19AAA12573D7179F0D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:b7:e7:e6:f2:87:96:ea:a2:db:13:80:8b:bf:
                    78:cf:38:ca:61:7a:b2:5a:09:a3:83:53:3c:d2:9e:
                    24:7d:b9:ae:b0:64:87:69:6f:29:cd:02:76:b2:6c:
                    50:65:2e:8e:bf:5f:ef:9f:2f:d3:50:e0:aa:26:3c:
                    89:f2:e4:39:00:e8:68:07:c4:1c:8b:c3:1a:95:5f:
                    69:79:5f:c1:e8:6b:ee:99:43:a5:b0:66:19:79:c5:
                    74:f3:3b:a2:85:2c:b8:9a:f1:e3:49:dd:fd:ac:ef:
                    b2:98:cd:c1:eb:ac:73:81:8d:5a:c8:0e:09:a9:da:
                    c0:67:4d:36:91:c6:fe:00:42:bb:00:51:5d:5e:a1:
                    72:5b:a1:64:91:b7:9f:dd:81:77:ba:8c:e0:65:4d:
                    35:42:20:73:af:ef:74:8f:41:ca:7f:e5:3d:de:b2:
                    66:4b:b2:32:b0:48:ce:44:ca:8a:6e:e7:b4:c2:65:
                    a5:48:df:58:ad:12:3f:a7:e9:3b:2c:20:4c:2e:48:
                    4e:a7:ea:f1:10:4f:cd:06:51:05:27:42:5e:32:81:
                    3a:7a:42:5c:49:23:54:dc:e0:a7:e5:f5:ba:04:e0:
                    0c:82:1a:bd:78:a0:82:be:e5:f1:5d:e3:0b:ad:68:
                    9a:3e:96:8c:e9:4c:e3:bf:30:a1:61:76:fd:3c:56:
                    28:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:95:AC:E6:E7:ED:7A:78:AB:A7:AE:19:AA:A1:25:73:D7:17:9F:0D
            X509v3 Authority Key Identifier:
                keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS212154.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc3:fd00::/44

    Signature Algorithm: sha256WithRSAEncryption
         16:36:20:b6:80:e5:07:82:27:a4:b3:a6:50:c5:89:5d:0c:8e:
         de:b5:d8:5f:81:a7:20:0b:46:74:b7:5e:ac:c4:dc:3e:74:6c:
         ea:99:af:f1:5d:73:78:24:8d:48:c5:71:cd:f9:39:87:8b:02:
         17:30:5a:f7:b3:e0:7f:2c:64:b1:c9:01:57:f7:9b:03:ac:72:
         5e:19:74:b4:3f:e3:75:03:70:c6:94:38:88:50:3a:ad:9f:af:
         b9:92:b0:28:a0:b1:0a:83:56:40:54:ff:8b:bd:f7:cc:92:5c:
         75:a3:70:e6:0c:a2:61:f5:3d:15:1f:7a:da:b7:c5:71:df:f2:
         cc:ba:42:35:ac:48:c6:a6:30:32:2a:68:47:03:4a:69:af:f7:
         9d:6f:39:e5:ab:bb:a8:2b:30:25:6e:6b:c4:6b:62:d5:07:9b:
         7a:0f:e4:0d:6a:c2:28:a6:69:0d:7f:f3:55:b5:dc:c7:e4:0d:
         31:cb:11:e5:a7:06:52:cf:fe:0b:03:dc:fa:5a:bf:ac:ba:00:
         be:55:dd:19:b4:76:d1:c1:20:1f:7c:d4:43:2d:0d:a7:6c:24:
         d0:b8:db:1f:ad:21:b0:83:b4:49:6b:51:c1:cd:22:96:b6:07:
         6e:cb:32:2f:b0:dd:52:c4:ea:1a:2b:e8:43:8d:b0:cc:95:81:
         7f:3e:59:51
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgIUA3VgX8ITOWbWpIu1e6ni71IAPHwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNjAzMjgwNjMzMzFaFw0yNzAzMjcwNjM4MzFaMDMxMTAvBgNV
BAMTKEIwOTVBQ0U2RTdFRDdBNzhBQkE3QUUxOUFBQTEyNTczRDcxNzlGMEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZt+fm8oeW6qLbE4CLv3jPOMph
erJaCaODUzzSniR9ua6wZIdpbynNAnaybFBlLo6/X++fL9NQ4KomPIny5DkA6GgH
xByLwxqVX2l5X8Hoa+6ZQ6WwZhl5xXTzO6KFLLia8eNJ3f2s77KYzcHrrHOBjVrI
Dgmp2sBnTTaRxv4AQrsAUV1eoXJboWSRt5/dgXe6jOBlTTVCIHOv73SPQcp/5T3e
smZLsjKwSM5Eyopu57TCZaVI31itEj+n6TssIEwuSE6n6vEQT80GUQUnQl4ygTp6
QlxJI1Tc4Kfl9boE4AyCGr14oIK+5fFd4wutaJo+lozpTOO/MKFhdv08ViiHAgMB
AAGjggHfMIIB2zAdBgNVHQ4EFgQUsJWs5uftenirp64ZqqElc9cXnw0wHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMTIxNTQucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQq
Bd/D/QAwDQYJKoZIhvcNAQELBQADggEBABY2ILaA5QeCJ6SzplDFiV0Mjt612F+B
pyALRnS3XqzE3D50bOqZr/Fdc3gkjUjFcc35OYeLAhcwWvez4H8sZLHJAVf3mwOs
cl4ZdLQ/43UDcMaUOIhQOq2fr7mSsCigsQqDVkBU/4u998ySXHWjcOYMomH1PRUf
etq3xXHf8sy6QjWsSMamMDIqaEcDSmmv951vOeWru6grMCVua8RrYtUHm3oP5A1q
wiimaQ1/81W13MfkDTHLEeWnBlLP/gsD3Ppav6y6AL5V3Rm0dtHBIB981EMtDads
JNC42x+tIbCDtElrUcHNIpa2B27LMi+w3VLE6hor6EONsMyVgX8+WVE=
-----END CERTIFICATE-----