Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/132f73c3-a546-4296-a702-8a3aab70f706.roa
File: 132f73c3-a546-4296-a702-8a3aab70f706.roa (raw, json)
Hash identifier: eHRFt/afhyexymXZ4Pr8uyJkZC5xx82HjQSllf6x5xU=
Subject key identifier: CA:88:14:E3:2D:80:53:55:34:37:48:7D:8A:F0:5B:58:A5:E5:CF:2B
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 29DED7DC79649ACC2C43CAF87801E66712656EE6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/132f73c3-a546-4296-a702-8a3aab70f706.roa
Signing time: Wed 05 Nov 2025 00:20:07 +0000
ROA not before: Wed 05 Nov 2025 00:20:07 +0000
ROA not after: Wed 10 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 121.93.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:de:d7:dc:79:64:9a:cc:2c:43:ca:f8:78:01:e6:67:12:65:6e:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 5 00:20:07 2025 GMT
Not After : Dec 10 23:59:59 2025 GMT
Subject: serialNumber=12c92b75ef3696bb568e4ded46e8fdfb71e2c48f5d052e7f88578debeface770, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:79:6c:e4:ff:eb:b4:c0:26:ac:bb:c9:80:cb:
09:ed:7e:8f:79:bc:66:cc:d5:e1:3b:56:43:03:30:
ee:a3:9a:e7:4d:28:90:13:2a:05:f0:83:65:9b:db:
b6:f0:12:29:6d:83:e1:4e:af:5a:17:37:91:3d:37:
7a:58:76:cb:15:4f:f4:06:f0:2f:75:fc:66:a1:91:
cd:32:5c:0c:32:49:96:95:b1:63:0c:6c:70:05:ec:
a5:61:1e:19:08:7d:53:26:ab:03:c4:b6:70:aa:a5:
de:7e:11:2f:8d:ee:8a:53:b9:0d:c5:82:b7:ba:8f:
ae:3e:38:e0:66:4e:e0:f4:be:ba:5e:bc:4d:03:38:
57:32:28:5a:c0:32:21:95:db:96:91:2f:f6:ac:52:
ef:bc:a9:d4:1c:4a:7a:cb:90:1c:ce:98:96:3f:30:
5c:fd:7f:9e:7b:5d:f5:0e:20:bb:ac:30:cd:13:54:
8a:01:f8:14:d6:cb:9a:42:80:fd:9d:05:1f:ad:b1:
bd:69:da:2d:b1:b8:04:5d:43:99:40:8b:c4:84:e8:
08:2b:0f:14:6d:22:c4:64:21:f5:bb:d7:2c:0a:7c:
28:31:53:a5:de:62:37:f7:93:2d:f5:dc:e7:87:5c:
7b:dd:7b:70:b7:c5:a5:ee:de:23:79:fb:a2:ef:b8:
5e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:88:14:E3:2D:80:53:55:34:37:48:7D:8A:F0:5B:58:A5:E5:CF:2B
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/132f73c3-a546-4296-a702-8a3aab70f706.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.93.0.0/17
Signature Algorithm: sha256WithRSAEncryption
18:0f:f6:ba:ba:91:a9:22:26:5c:0e:9e:82:e1:2c:b5:b9:65:
10:0a:d8:37:4f:95:70:29:da:07:95:a6:b4:42:53:8b:f3:57:
66:55:54:77:cc:68:b5:1e:8c:29:b7:1b:99:23:c3:e0:05:b5:
fb:64:05:0a:4d:45:11:81:e8:6e:2a:82:16:56:4c:23:ef:2b:
88:ea:14:47:1d:d0:4b:8c:ab:df:3e:b6:32:93:e4:60:d1:d4:
ac:ed:7b:cd:2a:55:ba:74:bc:d6:dd:b7:6b:bf:bd:f6:ba:df:
9a:ff:59:e4:40:c6:2d:3d:23:f4:4c:c3:14:6b:e6:f4:5e:b7:
b5:d3:10:d6:e2:66:6b:0f:1f:60:54:ce:d1:57:87:aa:fa:04:
0a:af:b3:89:99:5e:9f:02:f3:63:ca:f5:95:90:ef:89:9e:f6:
15:a9:ec:fd:80:5d:3e:75:6f:c7:91:0f:16:24:8a:66:a0:de:
45:f3:de:13:5b:9e:7c:70:4a:9f:a0:08:4c:96:30:ec:26:0e:
82:6f:57:ef:0c:80:f8:45:c4:27:4f:d4:e4:eb:11:73:89:9f:
c9:8d:24:f9:be:06:30:f0:e5:a1:87:8b:0b:81:b0:5d:16:39:
8e:47:be:82:7a:30:41:c2:d9:26:25:82:85:c4:ea:23:38:d6:
9a:8c:6e:a0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKd7X3HlkmswsQ8r4eAHmZxJlbuYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTA1MDAyMDA3WhcNMjUxMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AxMmM5MmI3NWVmMzY5NmJiNTY4ZTRkZWQ0NmU4ZmRmYjcx
ZTJjNDhmNWQwNTJlN2Y4ODU3OGRlYmVmYWNlNzcwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCOeWzk/+u0wCasu8mAywntfo95vGbM1eE7VkMDMO6jmudN
KJATKgXwg2Wb27bwEiltg+FOr1oXN5E9N3pYdssVT/QG8C91/Gahkc0yXAwySZaV
sWMMbHAF7KVhHhkIfVMmqwPEtnCqpd5+ES+N7opTuQ3Fgre6j64+OOBmTuD0vrpe
vE0DOFcyKFrAMiGV25aRL/asUu+8qdQcSnrLkBzOmJY/MFz9f557XfUOILusMM0T
VIoB+BTWy5pCgP2dBR+tsb1p2i2xuARdQ5lAi8SE6AgrDxRtIsRkIfW71ywKfCgx
U6XeYjf3ky313OeHXHvde3C3xaXu3iN5+6LvuF43AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUyogU4y2AU1U0N0h9ivBbWKXlzyswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzEzMmY3M2MzLWE1NDYtNDI5Ni1hNzAyLThhM2FhYjcwZjcwNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAd5XQAwDQYJKoZIhvcNAQELBQADggEBABgP9rq6kakiJlwOnoLhLLW5ZRAK
2DdPlXAp2geVprRCU4vzV2ZVVHfMaLUejCm3G5kjw+AFtftkBQpNRRGB6G4qghZW
TCPvK4jqFEcd0EuMq98+tjKT5GDR1Kzte80qVbp0vNbdt2u/vfa635r/WeRAxi09
I/RMwxRr5vRet7XTENbiZmsPH2BUztFXh6r6BAqvs4mZXp8C82PK9ZWQ74me9hWp
7P2AXT51b8eRDxYkimag3kXz3hNbnnxwSp+gCEyWMOwmDoJvV+8MgPhFxCdP1OTr
EXOJn8mNJPm+BjDw5aGHiwuBsF0WOY5HvoJ6MEHC2SYlgoXE6iM41pqMbqA=
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:49:57 2025 by rpki-client