Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/32717b38-cb52-42a3-aaca-2c1c0036c862.roa
File: 32717b38-cb52-42a3-aaca-2c1c0036c862.roa (raw, json)
Hash identifier: YIeDLpPG5LAQdLO2gKjF+jetlvH+stuSqUgHPjKYptc=
Subject key identifier: 9A:68:00:B5:0E:E6:12:19:A9:6E:8D:D3:E3:53:36:6C:AB:11:21:7D
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 173369D3D19DC1C75A837D08862D4B3CCF673A34
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/32717b38-cb52-42a3-aaca-2c1c0036c862.roa
Signing time: Tue 21 Oct 2025 00:40:48 +0000
ROA not before: Tue 21 Oct 2025 00:40:48 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 16.126.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:33:69:d3:d1:9d:c1:c7:5a:83:7d:08:86:2d:4b:3c:cf:67:3a:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 21 00:40:48 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=5fbf769e95344b1fa5dd700af3586716d05620cda61eded16ebb0584cb385fcf, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e9:a2:a0:63:f6:cb:66:04:4a:1f:e9:28:91:
cb:d9:be:ca:8b:81:0f:95:40:8c:77:4d:04:ed:5a:
32:82:a2:29:18:f2:4e:9e:9c:0c:b9:ad:b6:d5:a0:
13:5e:a3:34:78:04:f7:c4:bb:0c:c5:7d:f9:a4:7f:
e0:06:02:65:96:61:db:fb:39:32:bd:d0:73:6d:10:
85:e2:a3:1e:95:ce:8c:ce:5b:16:46:9d:cf:0d:47:
be:09:2f:43:2b:60:e3:96:39:0e:9f:7c:6c:68:f6:
48:cb:1a:55:8a:1c:0a:37:2f:df:ce:88:18:51:3c:
87:d3:3b:ba:85:b4:4d:68:70:7d:ec:cd:bc:08:f4:
42:8f:91:52:9a:8e:fc:5a:a1:59:e6:e0:53:2b:a2:
65:6b:1f:e3:60:59:f7:53:ed:c6:81:89:e0:b9:b3:
a5:6e:d9:ba:3b:da:58:14:25:96:9a:9f:55:fb:5d:
c8:f5:62:15:43:fc:e1:87:50:a1:2f:43:e8:d6:fd:
56:aa:c7:5a:f1:74:41:28:89:1c:5c:13:cc:a9:37:
b8:ee:15:ce:4c:65:8c:71:f3:88:32:ff:ab:fd:aa:
ec:53:de:40:69:9e:cd:35:84:74:ae:a2:85:1e:9a:
50:11:c5:ee:f8:4a:a8:47:1b:aa:ac:70:3e:da:a0:
98:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:68:00:B5:0E:E6:12:19:A9:6E:8D:D3:E3:53:36:6C:AB:11:21:7D
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/32717b38-cb52-42a3-aaca-2c1c0036c862.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.126.0.0/15
Signature Algorithm: sha256WithRSAEncryption
46:23:a0:19:b8:f4:cd:83:ad:ef:d7:20:a3:01:4a:62:e7:58:
ff:22:0d:52:c9:03:d4:59:e9:be:f6:eb:02:f0:d6:03:60:fc:
4e:f0:df:90:72:23:5d:a2:a8:a8:77:6e:4d:98:57:2a:42:60:
b1:6a:54:92:0e:fb:6d:75:fc:d3:52:44:80:e9:8f:f5:6f:d0:
84:02:e5:71:de:80:ec:df:41:36:af:fd:94:78:50:64:fe:99:
03:fc:06:e8:61:56:68:61:b1:65:92:ab:61:f7:7b:e3:0d:68:
fc:22:47:20:ab:7a:2c:13:10:04:7f:44:5d:81:2e:ef:6a:a1:
9d:7d:a0:d0:0f:60:de:67:15:e9:79:89:95:9f:3b:07:7a:bb:
2f:77:38:25:9f:2d:3d:56:eb:be:3b:b5:59:d7:08:d4:2c:97:
ca:dc:49:f3:36:23:fb:81:57:c0:52:8a:bf:72:d9:49:17:9f:
9f:79:78:52:a8:e1:6b:45:3c:4d:28:96:80:f0:d6:1d:67:16:
0f:3a:ad:20:c3:19:04:6e:07:53:27:49:ef:20:e1:aa:c1:7f:
41:f2:76:94:b8:20:90:66:6f:b6:e2:2f:aa:34:96:7f:c7:7f:
91:f0:88:49:ce:00:52:93:83:09:3c:a6:ec:69:5e:7a:6d:b2:
10:28:d8:9a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUFzNp09Gdwcdag30Ihi1LPM9nOjQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIxMDA0MDQ4WhcNMjUxMTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A1ZmJmNzY5ZTk1MzQ0YjFmYTVkZDcwMGFmMzU4NjcxNmQw
NTYyMGNkYTYxZWRlZDE2ZWJiMDU4NGNiMzg1ZmNmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDG6aKgY/bLZgRKH+kokcvZvsqLgQ+VQIx3TQTtWjKCoikY
8k6enAy5rbbVoBNeozR4BPfEuwzFffmkf+AGAmWWYdv7OTK90HNtEIXiox6VzozO
WxZGnc8NR74JL0MrYOOWOQ6ffGxo9kjLGlWKHAo3L9/OiBhRPIfTO7qFtE1ocH3s
zbwI9EKPkVKajvxaoVnm4FMromVrH+NgWfdT7caBieC5s6Vu2bo72lgUJZaan1X7
Xcj1YhVD/OGHUKEvQ+jW/Vaqx1rxdEEoiRxcE8ypN7juFc5MZYxx84gy/6v9quxT
3kBpns01hHSuooUemlARxe74SqhHG6qscD7aoJilAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUmmgAtQ7mEhmpbo3T41M2bKsRIX0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMyNzE3YjM4LWNiNTItNDJhMy1hYWNhLTJjMWMwMDM2Yzg2Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEQfjANBgkqhkiG9w0BAQsFAAOCAQEARiOgGbj0zYOt79cgowFKYudY/yIN
UskD1FnpvvbrAvDWA2D8TvDfkHIjXaKoqHduTZhXKkJgsWpUkg77bXX801JEgOmP
9W/QhALlcd6A7N9BNq/9lHhQZP6ZA/wG6GFWaGGxZZKrYfd74w1o/CJHIKt6LBMQ
BH9EXYEu72qhnX2g0A9g3mcV6XmJlZ87B3q7L3c4JZ8tPVbrvju1WdcI1CyXytxJ
8zYj+4FXwFKKv3LZSRefn3l4Uqjha0U8TSiWgPDWHWcWDzqtIMMZBG4HUydJ7yDh
qsF/QfJ2lLggkGZvtuIvqjSWf8d/kfCISc4AUpODCTym7Gleem2yECjYmg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:47:16 2025 by rpki-client