Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/02bab7a2-c76f-484d-861d-541c09fa6f4c.roa
File: 02bab7a2-c76f-484d-861d-541c09fa6f4c.roa (raw, json)
Hash identifier: wUTmWZhxtS8rDa9iJ9qlrWpqQyWctDHIYaunA17Mfxw=
Subject key identifier: 09:00:EB:2A:F7:28:2C:96:53:82:DF:2C:D9:22:CF:EE:C1:74:C1:AB
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 70D5809FC1B0CC7B97A7C79370A7901F96463FDD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/02bab7a2-c76f-484d-861d-541c09fa6f4c.roa
Signing time: Tue 28 Oct 2025 00:40:08 +0000
ROA not before: Tue 28 Oct 2025 00:40:08 +0000
ROA not after: Tue 02 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 65.97.128.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:d5:80:9f:c1:b0:cc:7b:97:a7:c7:93:70:a7:90:1f:96:46:3f:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 28 00:40:08 2025 GMT
Not After : Dec 2 23:59:59 2025 GMT
Subject: serialNumber=4b5aaae3af73c518e37f01f9503e9662f6d43463575b436b5e08b5513b9f131d, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2a:1f:e3:31:ad:ef:25:71:30:b0:82:e7:57:
50:cd:8f:c5:e4:ee:48:db:84:07:86:be:22:24:29:
20:e1:f7:ef:1f:fc:07:37:7a:f4:eb:76:f7:c0:9d:
1e:48:36:0b:57:4b:3c:b6:0c:23:2d:c9:ef:41:a8:
15:ba:71:f6:4b:fc:c0:83:1b:86:fb:0b:2f:6d:30:
84:11:81:a4:59:ee:a2:8e:77:da:91:18:f8:b1:da:
0b:c4:ba:b6:e3:e3:ca:db:ea:2a:36:01:ee:ec:da:
e5:2a:15:03:4f:7c:17:d2:05:67:ce:58:a9:b5:df:
d4:82:0b:72:04:20:d6:86:0d:27:35:eb:8f:7d:13:
d7:3a:b6:68:f2:c8:ad:5d:13:3b:05:d2:ef:08:85:
f0:35:e0:ed:84:ea:b3:59:60:5e:94:5e:64:05:d5:
24:bc:1d:14:13:c7:80:cc:be:b0:c5:3c:a6:e4:c9:
54:9d:a7:dd:e3:56:cf:f2:f9:9c:7b:d4:32:60:8a:
00:5b:bb:2c:ab:aa:b1:d3:25:a8:7d:d8:b0:01:d5:
66:ca:be:16:d2:ee:45:1a:ef:0e:6b:f9:1b:73:b9:
46:05:f4:36:55:c5:80:eb:9a:cc:9a:53:6c:e7:92:
89:80:61:32:35:cf:18:76:a7:e0:17:ad:9c:60:a6:
e1:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:00:EB:2A:F7:28:2C:96:53:82:DF:2C:D9:22:CF:EE:C1:74:C1:AB
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/02bab7a2-c76f-484d-861d-541c09fa6f4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
65.97.128.0/18
Signature Algorithm: sha256WithRSAEncryption
51:e3:61:26:7d:cd:c8:00:96:a5:55:72:be:89:30:87:b9:a9:
42:41:0c:7d:4a:07:88:dd:eb:14:c1:3e:ae:6d:56:9f:32:ca:
af:5b:97:50:9b:73:90:d7:dd:19:7d:47:d8:63:f0:89:23:de:
5d:be:0d:01:53:aa:bb:c9:8a:f0:0c:d8:ca:eb:e1:58:c8:75:
a8:94:fc:8c:82:1f:5c:a0:52:1b:61:90:36:ed:fd:c4:e0:54:
a1:20:c4:e2:2b:42:98:0a:b0:46:4d:d7:02:76:5c:fe:f8:ee:
79:a6:c5:a4:e7:f2:9d:0c:29:6e:02:12:54:ad:d7:1b:57:72:
00:9d:4e:8f:e8:f6:2b:ea:28:23:c8:ed:08:92:71:ae:10:08:
35:0d:7b:3c:8a:69:6d:bc:e0:6f:2b:d1:5c:db:a8:6c:6d:94:
b4:54:58:f8:d8:1d:cd:23:cf:a3:11:85:03:cf:44:8c:7f:60:
56:4e:2c:7e:ff:e4:46:a6:35:a5:93:ff:01:36:d9:a2:51:30:
12:b0:b7:e8:82:91:e0:2c:78:07:53:7b:8a:b0:ff:d0:b4:e1:
66:39:3c:e3:e9:04:3a:0d:67:55:67:a7:b5:1d:34:38:48:70:
ef:b8:d3:73:72:b1:31:17:86:55:e3:a8:82:05:99:97:2d:da:
6e:6a:f7:d5
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcNWAn8GwzHuXp8eTcKeQH5ZGP90wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI4MDA0MDA4WhcNMjUxMjAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A0YjVhYWFlM2FmNzNjNTE4ZTM3ZjAxZjk1MDNlOTY2MmY2
ZDQzNDYzNTc1YjQzNmI1ZTA4YjU1MTNiOWYxMzFkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1Kh/jMa3vJXEwsILnV1DNj8Xk7kjbhAeGviIkKSDh9+8f
/Ac3evTrdvfAnR5INgtXSzy2DCMtye9BqBW6cfZL/MCDG4b7Cy9tMIQRgaRZ7qKO
d9qRGPix2gvEurbj48rb6io2Ae7s2uUqFQNPfBfSBWfOWKm139SCC3IEINaGDSc1
6499E9c6tmjyyK1dEzsF0u8IhfA14O2E6rNZYF6UXmQF1SS8HRQTx4DMvrDFPKbk
yVSdp93jVs/y+Zx71DJgigBbuyyrqrHTJah92LAB1WbKvhbS7kUa7w5r+RtzuUYF
9DZVxYDrmsyaU2znkomAYTI1zxh2p+AXrZxgpuGBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUCQDrKvcoLJZTgt8s2SLP7sF0waswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzAyYmFiN2EyLWM3NmYtNDg0ZC04NjFkLTU0MWMwOWZhNmY0Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZBYYAwDQYJKoZIhvcNAQELBQADggEBAFHjYSZ9zcgAlqVVcr6JMIe5qUJB
DH1KB4jd6xTBPq5tVp8yyq9bl1Cbc5DX3Rl9R9hj8Ikj3l2+DQFTqrvJivAM2Mrr
4VjIdaiU/IyCH1ygUhthkDbt/cTgVKEgxOIrQpgKsEZN1wJ2XP747nmmxaTn8p0M
KW4CElSt1xtXcgCdTo/o9ivqKCPI7QiSca4QCDUNezyKaW284G8r0VzbqGxtlLRU
WPjYHc0jz6MRhQPPRIx/YFZOLH7/5EamNaWT/wE22aJRMBKwt+iCkeAseAdTe4qw
/9C04WY5POPpBDoNZ1Vnp7UdNDhIcO+403NysTEXhlXjqIIFmZct2m5q99U=
-----END CERTIFICATE-----
Generated at Wed Nov 5 06:53:05 2025 by rpki-client