Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/063baeb5-6472-4c87-a2ae-31d24e4e7e50.roa
File: 063baeb5-6472-4c87-a2ae-31d24e4e7e50.roa (raw, json)
Hash identifier: 1bE0pjBjyb6kxamQh8vpz1NlctVQbSfpuERHRBmG5+g=
Subject key identifier: 6A:BA:21:C8:C7:EA:B6:C2:E5:87:58:A2:69:04:3A:76:CE:14:35:B2
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 54DABEBDFAA3622E364B321B15B78E5226368AE5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/063baeb5-6472-4c87-a2ae-31d24e4e7e50.roa
Signing time: Tue 21 Oct 2025 00:30:58 +0000
ROA not before: Tue 21 Oct 2025 00:30:58 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 148.99.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:da:be:bd:fa:a3:62:2e:36:4b:32:1b:15:b7:8e:52:26:36:8a:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 21 00:30:58 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=aa94c844772e5cda5277bf7531e8356bc8941200304978046a1357d65c268164, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:4a:cf:7e:93:10:5a:ca:c8:83:8d:3e:94:ab:
bb:c1:4b:f1:cc:3a:8b:b3:5c:bb:7a:62:68:51:b0:
13:01:6b:5e:ec:54:25:d4:18:fb:27:0d:4c:48:45:
7e:27:39:d7:3a:7f:4e:b8:ed:22:4d:96:64:3d:7a:
01:9f:6f:26:da:42:9f:69:c6:23:69:3e:29:9c:40:
d6:70:37:06:f1:72:95:78:8e:7a:70:4c:0e:ee:a0:
a5:26:19:94:a1:ac:8c:bc:5c:d8:c2:b1:16:4f:69:
cb:22:d0:e0:32:ba:d2:b4:8d:d7:62:a2:b1:06:fd:
97:75:63:aa:d0:ae:4c:7f:5d:5b:90:b4:69:57:51:
71:df:a1:8d:81:34:45:d3:36:52:a7:8f:05:73:e3:
6c:5c:d9:48:2c:5c:fd:d7:90:3b:8b:79:ac:13:46:
c7:b3:bd:7b:76:0c:f8:72:ee:5f:2d:92:9f:4a:c8:
31:87:c3:c8:11:2a:1e:16:b5:8b:eb:37:dd:11:ef:
da:34:18:9b:84:b1:8c:50:59:8d:15:e8:e8:81:92:
94:90:95:e3:fb:41:c0:13:ab:81:72:27:61:22:60:
cd:47:20:ad:8b:3f:90:75:dc:99:af:b5:f5:b9:7e:
d2:e7:e2:44:ce:42:43:97:14:8c:27:f5:70:f5:40:
95:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:BA:21:C8:C7:EA:B6:C2:E5:87:58:A2:69:04:3A:76:CE:14:35:B2
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/063baeb5-6472-4c87-a2ae-31d24e4e7e50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.99.0.0/16
Signature Algorithm: sha256WithRSAEncryption
34:6a:ff:56:ba:49:ea:e3:dd:6c:7a:d9:70:c9:d7:82:81:16:
a2:23:27:40:bd:a1:ef:25:55:fc:9a:b6:9b:9d:d5:8a:1a:85:
71:56:76:04:67:f7:1c:eb:ad:b9:d7:68:c3:68:e7:a7:56:7d:
c2:c1:3d:92:3a:59:a7:5a:61:df:c8:94:04:94:60:21:90:e8:
4e:51:80:2c:37:c3:2d:26:83:25:f5:0e:42:bd:6f:47:9d:11:
80:5b:52:33:d2:1e:e9:9a:b3:50:84:43:40:a7:b7:37:a7:10:
e1:e7:de:e3:00:00:d0:a9:27:39:52:c1:5a:09:9c:92:97:58:
dc:0c:c0:e4:f9:f6:a0:c3:6e:a8:a9:1f:41:0f:71:b4:8c:52:
0f:2d:39:74:8b:b0:10:68:2b:78:d1:f1:67:76:b3:a1:ca:34:
7c:63:ef:5c:bd:00:6e:11:bc:26:d3:5f:1d:c3:d4:ae:96:8e:
8e:91:6b:7f:0a:c0:53:c1:bf:dd:7d:7e:d2:4f:b2:6d:b9:aa:
4f:78:51:45:23:84:1e:9a:fa:77:62:10:16:29:3d:b9:36:9a:
53:6f:75:d0:fe:43:70:1a:f7:f6:f5:b9:15:ab:ad:39:2c:1c:
9f:39:be:bc:df:23:d3:9b:f8:67:20:77:73:e8:cc:1c:1d:56:
a1:b0:95:62
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUVNq+vfqjYi42SzIbFbeOUiY2iuUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIxMDAzMDU4WhcNMjUxMTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BhYTk0Yzg0NDc3MmU1Y2RhNTI3N2JmNzUzMWU4MzU2YmM4
OTQxMjAwMzA0OTc4MDQ2YTEzNTdkNjVjMjY4MTY0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCcSs9+kxBaysiDjT6Uq7vBS/HMOouzXLt6YmhRsBMBa17s
VCXUGPsnDUxIRX4nOdc6f0647SJNlmQ9egGfbybaQp9pxiNpPimcQNZwNwbxcpV4
jnpwTA7uoKUmGZShrIy8XNjCsRZPacsi0OAyutK0jddiorEG/Zd1Y6rQrkx/XVuQ
tGlXUXHfoY2BNEXTNlKnjwVz42xc2UgsXP3XkDuLeawTRsezvXt2DPhy7l8tkp9K
yDGHw8gRKh4WtYvrN90R79o0GJuEsYxQWY0V6OiBkpSQleP7QcATq4FyJ2EiYM1H
IK2LP5B13JmvtfW5ftLn4kTOQkOXFIwn9XD1QJVFAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUarohyMfqtsLlh1iiaQQ6ds4UNbIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzA2M2JhZWI1LTY0NzItNGM4Ny1hMmFlLTMxZDI0ZTRlN2U1MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCUYzANBgkqhkiG9w0BAQsFAAOCAQEANGr/VrpJ6uPdbHrZcMnXgoEWoiMn
QL2h7yVV/Jq2m53VihqFcVZ2BGf3HOutuddow2jnp1Z9wsE9kjpZp1ph38iUBJRg
IZDoTlGALDfDLSaDJfUOQr1vR50RgFtSM9Ie6ZqzUIRDQKe3N6cQ4efe4wAA0Kkn
OVLBWgmckpdY3AzA5Pn2oMNuqKkfQQ9xtIxSDy05dIuwEGgreNHxZ3azoco0fGPv
XL0AbhG8JtNfHcPUrpaOjpFrfwrAU8G/3X1+0k+ybbmqT3hRRSOEHpr6d2IQFik9
uTaaU2910P5DcBr39vW5FautOSwcnzm+vN8j05v4ZyB3c+jMHB1WobCVYg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:46:34 2025 by rpki-client