Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/22d8d62c-46ea-4668-b9c2-042f62204cad.roa
File: 22d8d62c-46ea-4668-b9c2-042f62204cad.roa (raw, json)
Hash identifier: a64kg4cxPdKcrtzy0dispF/vR/Kn74x/MwWbLhKlyHI=
Subject key identifier: 88:24:4A:30:01:43:DF:13:8A:6B:74:B4:02:0B:06:42:40:19:05:03
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 37D6E083AFCD849C29BDBA8E732C3F8CC88D78D5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/22d8d62c-46ea-4668-b9c2-042f62204cad.roa
Signing time: Wed 29 Oct 2025 00:40:05 +0000
ROA not before: Wed 29 Oct 2025 00:40:05 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 16.213.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:d6:e0:83:af:cd:84:9c:29:bd:ba:8e:73:2c:3f:8c:c8:8d:78:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 29 00:40:05 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=5eef2e4a33be51a9d42b6fa44dfd9c79992bac9795627fe88b14ccaece363a4a, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:54:65:46:f5:e9:ff:f3:3f:de:44:5b:1b:76:
67:5a:88:62:af:fa:5d:8f:da:41:11:20:8e:80:6a:
2c:1c:24:51:1e:49:8f:f7:2a:a1:6e:f6:56:6a:a8:
4b:79:1e:d8:ab:ab:7e:9d:9e:0c:86:01:43:ee:4a:
a1:ef:ea:99:86:d3:bc:b9:11:ff:e0:d7:f6:de:18:
28:c3:f7:50:ad:7b:69:a7:98:ea:b1:c4:f4:3b:83:
eb:27:e6:60:7d:63:0f:cb:70:8b:da:48:ec:ca:70:
23:22:d3:c1:7c:e4:a6:66:10:71:e6:b5:39:0d:8c:
3a:55:75:44:60:6b:08:b0:f1:91:ea:3a:a0:b5:cc:
13:d3:91:2f:11:87:59:b3:68:bf:15:4b:70:1c:da:
77:ee:87:68:31:55:f1:42:16:8e:91:c7:33:bf:a5:
27:d1:9b:03:c2:7d:37:9c:b9:a1:29:12:6f:08:57:
32:b6:6f:05:fd:02:67:df:fd:5a:b4:f3:f4:ef:11:
98:2c:31:46:a8:83:38:72:c5:74:61:d7:65:f1:d6:
9c:f0:2c:62:f1:0b:50:3e:52:c5:0c:38:0a:89:36:
0f:ea:02:b9:b1:3e:14:29:0d:f1:1b:72:ce:33:1f:
11:56:84:f2:c3:46:f7:82:b2:5a:34:de:ef:dd:9c:
6b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:24:4A:30:01:43:DF:13:8A:6B:74:B4:02:0B:06:42:40:19:05:03
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/22d8d62c-46ea-4668-b9c2-042f62204cad.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.213.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d7:e6:0a:1e:c2:81:ca:df:08:f2:08:43:2d:81:f1:07:88:0c:
c9:04:e3:ee:c8:e8:d3:07:d0:24:78:be:0d:cd:a3:f1:e5:af:
57:92:e3:7f:55:15:4f:67:69:f4:92:5d:62:58:fd:89:71:26:
df:2e:6a:14:5b:35:c3:45:57:2f:ab:31:b6:fa:fa:41:cb:6e:
58:b5:21:d6:bf:b4:e1:3a:e7:90:72:ef:c7:f1:db:f0:2f:99:
5d:ad:07:c2:76:88:29:eb:85:7b:df:4d:79:69:c7:00:9a:de:
f1:6f:0f:48:68:ce:6e:4c:b5:c8:07:07:2c:6a:b8:7e:4f:2e:
bc:e1:c0:0d:76:57:cc:50:9a:0a:27:04:ed:ea:32:a1:05:bc:
6e:8a:79:ef:f6:f2:f9:c4:ab:d1:a8:21:78:1a:20:55:8b:20:
83:4a:c0:1a:fd:09:35:17:59:40:d9:3c:4a:fc:03:87:08:4d:
ad:0a:74:04:dd:14:a1:c9:15:d7:15:ca:94:1e:ee:85:6d:82:
6f:f1:fc:58:dd:a4:fb:bf:ef:a0:b8:cb:a9:df:70:17:09:1f:
9c:8f:84:3f:39:65:2c:4f:e4:5d:5e:39:fe:5a:29:b0:4c:cb:
49:f2:b5:73:23:ea:7b:f5:6b:ef:be:a7:5a:46:91:6a:ef:a5:
92:e7:1a:45
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUN9bgg6/NhJwpvbqOcyw/jMiNeNUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI5MDA0MDA1WhcNMjUxMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A1ZWVmMmU0YTMzYmU1MWE5ZDQyYjZmYTQ0ZGZkOWM3OTk5
MmJhYzk3OTU2MjdmZTg4YjE0Y2NhZWNlMzYzYTRhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJVGVG9en/8z/eRFsbdmdaiGKv+l2P2kERII6AaiwcJFEe
SY/3KqFu9lZqqEt5Htirq36dngyGAUPuSqHv6pmG07y5Ef/g1/beGCjD91Cte2mn
mOqxxPQ7g+sn5mB9Yw/LcIvaSOzKcCMi08F85KZmEHHmtTkNjDpVdURgawiw8ZHq
OqC1zBPTkS8Rh1mzaL8VS3Ac2nfuh2gxVfFCFo6RxzO/pSfRmwPCfTecuaEpEm8I
VzK2bwX9Amff/Vq08/TvEZgsMUaogzhyxXRh12Xx1pzwLGLxC1A+UsUMOAqJNg/q
ArmxPhQpDfEbcs4zHxFWhPLDRveCslo03u/dnGu1AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUiCRKMAFD3xOKa3S0AgsGQkAZBQMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzIyZDhkNjJjLTQ2ZWEtNDY2OC1iOWMyLTA0MmY2MjIwNGNhZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQ1TANBgkqhkiG9w0BAQsFAAOCAQEA1+YKHsKByt8I8ghDLYHxB4gMyQTj
7sjo0wfQJHi+Dc2j8eWvV5Ljf1UVT2dp9JJdYlj9iXEm3y5qFFs1w0VXL6sxtvr6
QctuWLUh1r+04TrnkHLvx/Hb8C+ZXa0HwnaIKeuFe99NeWnHAJre8W8PSGjObky1
yAcHLGq4fk8uvOHADXZXzFCaCicE7eoyoQW8bop57/by+cSr0agheBogVYsgg0rA
Gv0JNRdZQNk8SvwDhwhNrQp0BN0UockV1xXKlB7uhW2Cb/H8WN2k+7/voLjLqd9w
FwkfnI+EPzllLE/kXV45/lopsEzLSfK1cyPqe/Vr776nWkaRau+lkucaRQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 07:59:37 2025 by rpki-client