Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/036a67f7-252e-4131-a438-c4749fe3d147.roa
File: 036a67f7-252e-4131-a438-c4749fe3d147.roa (raw, json)
Hash identifier: 75ui3oU9D0fOK+NDa3fuVI4NGm+nJpNaEbcBKxEupxE=
Subject key identifier: 43:8F:B4:90:9D:30:95:97:24:B6:EE:11:EC:5A:46:03:04:D7:9A:CC
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 665EC5D96F45EDF00DFFAFE4E6C3036F4BD79FC5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/036a67f7-252e-4131-a438-c4749fe3d147.roa
Signing time: Sat 01 Nov 2025 00:50:12 +0000
ROA not before: Sat 01 Nov 2025 00:50:12 +0000
ROA not after: Sat 06 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1fbb:8000::/39 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:5e:c5:d9:6f:45:ed:f0:0d:ff:af:e4:e6:c3:03:6f:4b:d7:9f:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 1 00:50:12 2025 GMT
Not After : Dec 6 23:59:59 2025 GMT
Subject: serialNumber=ddb6982f518cc1a8afdf67aac2bbd9fbe794db5cc448809636e5917db99643f3, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3d:f8:f7:a7:6e:26:21:01:9c:a8:fb:02:3b:
ae:26:be:5f:49:f4:7a:52:86:8c:2e:23:80:d6:f6:
8a:63:09:34:82:fc:7a:48:d6:9c:fc:51:27:44:2a:
56:8b:ae:7e:6d:60:b7:1b:55:d5:12:f4:6c:a8:f4:
3a:af:d4:2c:89:bc:6c:8c:e2:f6:85:e5:df:9d:fa:
e3:2c:b7:d0:af:73:3f:8f:11:0e:06:c8:82:40:e6:
e0:c0:1a:5e:4e:41:7b:b3:22:cc:c0:0a:7b:80:1c:
43:32:34:f2:34:a4:c3:c0:9f:b4:e0:ea:e3:68:cc:
9b:d7:f6:3a:20:98:41:e9:d4:f7:7b:2b:91:15:2d:
91:03:c7:ca:c2:8f:ab:e9:ef:c4:58:4e:78:d0:a5:
c0:a6:72:7f:37:c4:c7:1a:a2:66:b6:98:c9:f6:39:
f1:73:62:d2:23:fa:7c:8d:7c:e7:05:56:df:be:bb:
16:71:88:fa:72:43:59:95:ae:24:a3:27:b5:11:1b:
1c:3c:92:19:58:f7:e9:2e:61:58:05:44:fa:7d:c5:
ec:c9:dc:0c:67:5a:fd:ce:e9:cc:da:c7:52:1b:ba:
54:31:33:7a:3d:6f:d9:61:cb:d6:2a:83:c9:3e:d4:
2f:27:5d:87:db:0b:4d:68:a3:96:01:1e:bf:41:f1:
f3:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:8F:B4:90:9D:30:95:97:24:B6:EE:11:EC:5A:46:03:04:D7:9A:CC
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/036a67f7-252e-4131-a438-c4749fe3d147.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1fbb:8000::/39
Signature Algorithm: sha256WithRSAEncryption
07:54:f0:2f:27:81:ca:cb:01:52:13:3e:c3:96:db:0a:4e:e1:
a5:21:67:c8:0e:46:13:15:8e:75:21:a8:7c:1d:b7:91:eb:27:
e8:72:9d:f2:1b:50:53:c5:f7:37:5b:3d:37:d9:92:5f:8b:d9:
74:89:ea:6f:67:a0:fa:19:66:7f:df:3f:62:8d:41:76:28:17:
08:2b:03:b4:b0:8c:ab:9f:98:a3:31:aa:01:25:8f:b5:fc:27:
22:fb:64:5a:bb:50:8d:cf:ea:fa:40:6e:b8:46:95:6a:63:b6:
dd:63:30:66:c0:cd:21:19:cc:05:0d:d6:93:0e:8e:23:e3:7e:
76:4c:c3:39:63:f6:fb:30:64:a2:c3:62:99:a0:29:b3:ac:36:
93:5a:c0:a8:2f:e6:45:0a:cb:e9:bd:04:ef:d8:60:ea:d6:4b:
bc:23:4a:d2:a1:3d:16:fa:79:59:79:9b:a1:e2:32:10:1a:d6:
f2:6d:3a:05:ad:e9:1d:74:da:b7:2a:37:50:4f:f7:0e:b8:c3:
57:ba:b5:11:1d:4a:13:58:41:ab:20:4a:f7:8f:c5:3d:f4:00:
43:64:be:ee:39:8b:01:6f:5f:a9:53:b7:c4:b8:98:d8:d4:3d:
1e:4f:8a:f8:56:18:a8:de:09:8c:c0:05:73:ad:16:3c:bf:fd:
19:9d:6d:17
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUZl7F2W9F7fAN/6/k5sMDb0vXn8UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTAxMDA1MDEyWhcNMjUxMjA2MjM1OTU5
WjB6MUkwRwYDVQQFE0BkZGI2OTgyZjUxOGNjMWE4YWZkZjY3YWFjMmJiZDlmYmU3
OTRkYjVjYzQ0ODgwOTYzNmU1OTE3ZGI5OTY0M2YzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCUPfj3p24mIQGcqPsCO64mvl9J9HpShowuI4DW9opjCTSC
/HpI1pz8USdEKlaLrn5tYLcbVdUS9Gyo9Dqv1CyJvGyM4vaF5d+d+uMst9Cvcz+P
EQ4GyIJA5uDAGl5OQXuzIszACnuAHEMyNPI0pMPAn7Tg6uNozJvX9jogmEHp1Pd7
K5EVLZEDx8rCj6vp78RYTnjQpcCmcn83xMcaoma2mMn2OfFzYtIj+nyNfOcFVt++
uxZxiPpyQ1mVriSjJ7URGxw8khlY9+kuYVgFRPp9xezJ3AxnWv3O6czax1IbulQx
M3o9b9lhy9Yqg8k+1C8nXYfbC01oo5YBHr9B8fOnAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUQ4+0kJ0wlZcktu4R7FpGAwTXmswwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzAzNmE2N2Y3LTI1MmUtNDEzMS1hNDM4LWM0NzQ5ZmUzZDE0Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAB+7gDANBgkqhkiG9w0BAQsFAAOCAQEAB1TwLyeByssBUhM+w5bbCk7h
pSFnyA5GExWOdSGofB23kesn6HKd8htQU8X3N1s9N9mSX4vZdInqb2eg+hlmf98/
Yo1BdigXCCsDtLCMq5+YozGqASWPtfwnIvtkWrtQjc/q+kBuuEaVamO23WMwZsDN
IRnMBQ3Wkw6OI+N+dkzDOWP2+zBkosNimaAps6w2k1rAqC/mRQrL6b0E79hg6tZL
vCNK0qE9Fvp5WXmboeIyEBrW8m06Ba3pHXTatyo3UE/3DrjDV7q1ER1KE1hBqyBK
94/FPfQAQ2S+7jmLAW9fqVO3xLiY2NQ9Hk+K+FYYqN4JjMAFc60WPL/9GZ1tFw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:51:46 2025 by rpki-client