Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/329407c6-ade2-4e81-8e88-4118393e7f6a.roa
File: 329407c6-ade2-4e81-8e88-4118393e7f6a.roa (raw, json)
Hash identifier: 3nJxUrNQUGmMSVW364T9y4irJAi21akr8PCPIf4fQbc=
Subject key identifier: BB:27:4B:86:B5:A6:01:B5:88:4F:C8:6B:4C:80:11:7A:6D:5F:B0:50
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 63174C29D00B7C5DB76944BEAA9E49347AAE090E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/329407c6-ade2-4e81-8e88-4118393e7f6a.roa
Signing time: Wed 05 Nov 2025 00:40:05 +0000
ROA not before: Wed 05 Nov 2025 00:40:05 +0000
ROA not after: Wed 10 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 209.109.64.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:17:4c:29:d0:0b:7c:5d:b7:69:44:be:aa:9e:49:34:7a:ae:09:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 5 00:40:05 2025 GMT
Not After : Dec 10 23:59:59 2025 GMT
Subject: serialNumber=dfcb3489057212a8b19600428345529b23aa45ea8112b12abd7ac3b9b2c88108, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:8a:2e:cb:f4:f8:a2:91:c3:d3:ba:3e:29:45:
b4:05:f9:3a:b7:8f:5e:ea:76:61:fb:6b:52:bf:00:
2e:a6:32:27:fe:9e:aa:fa:d3:7d:9e:7a:7f:c2:b1:
c4:7b:5f:04:a3:3f:ef:e3:a2:99:e4:93:01:a4:50:
4d:22:98:95:87:e9:f2:69:f3:73:af:84:2f:00:36:
95:32:fa:25:c0:c2:78:75:87:56:56:f5:40:e4:c7:
0a:3c:5a:ab:18:77:87:63:80:de:fd:2e:0b:55:b0:
93:20:a6:90:97:94:f8:34:6b:0d:55:f5:e1:9c:53:
5a:f7:04:b2:b5:51:de:2d:a4:6b:6e:ed:14:a7:a7:
3e:04:a6:4b:2d:ac:2b:b5:04:01:f5:f5:4c:87:c5:
e9:57:69:74:3d:3b:30:bd:fe:04:b4:d7:db:67:28:
31:8c:72:b5:1d:60:8b:ae:ad:71:9a:53:a6:11:ed:
88:f0:7f:5d:cd:f3:70:dc:5d:cf:b1:0e:46:0e:58:
5c:d0:b7:8c:96:e3:38:28:0b:55:d8:62:d5:6e:1b:
3e:d6:f5:03:7d:e0:76:70:27:bf:75:10:b1:3c:2f:
74:6f:12:77:84:ec:1c:66:86:8d:21:67:cb:13:ae:
ce:a6:65:e2:6f:7d:0a:57:19:a6:f9:e5:6f:89:eb:
0d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:27:4B:86:B5:A6:01:B5:88:4F:C8:6B:4C:80:11:7A:6D:5F:B0:50
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/329407c6-ade2-4e81-8e88-4118393e7f6a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
209.109.64.0/19
Signature Algorithm: sha256WithRSAEncryption
32:4e:9d:85:9f:31:e1:79:92:68:f6:e7:1d:69:88:c9:7a:7c:
5b:7d:4e:37:83:d4:16:7d:5e:6b:6b:13:cd:25:91:5d:25:dd:
1c:af:a7:a1:21:d3:34:8d:87:6d:ec:05:74:bf:08:be:f2:94:
70:18:cc:74:02:ad:36:34:5c:a8:d0:1e:74:a3:d4:a3:4f:82:
a2:d1:64:99:9f:2c:8e:d3:53:f0:f3:be:51:c8:7b:dd:9c:95:
da:70:08:c1:85:76:64:04:cf:f9:74:70:3b:45:7a:a4:6c:cf:
23:8d:1c:7b:88:95:81:03:e0:19:74:d4:06:16:1e:bb:f8:22:
18:76:8b:d8:09:11:d2:7c:c5:c4:28:39:ce:c0:48:7f:ca:89:
f4:07:78:34:8d:16:4f:6f:eb:21:d3:a8:9c:9c:fa:f1:d1:99:
97:70:3e:09:97:c2:73:64:25:93:3f:a4:2e:77:bc:b2:eb:74:
df:01:dc:f9:4a:e0:37:51:10:da:4a:e7:ba:39:80:ef:3a:4e:
3f:68:73:b9:23:81:00:38:0f:56:39:c6:46:12:9d:35:aa:4e:
10:89:1d:04:34:fb:6c:d5:62:44:ae:b4:c5:2b:20:92:63:f3:
8e:8f:0d:96:30:a9:c4:09:60:fd:6e:73:1c:51:d0:91:b4:a5:
62:69:23:f2
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYxdMKdALfF23aUS+qp5JNHquCQ4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTA1MDA0MDA1WhcNMjUxMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BkZmNiMzQ4OTA1NzIxMmE4YjE5NjAwNDI4MzQ1NTI5YjIz
YWE0NWVhODExMmIxMmFiZDdhYzNiOWIyYzg4MTA4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCQii7L9PiikcPTuj4pRbQF+Tq3j17qdmH7a1K/AC6mMif+
nqr6032een/CscR7XwSjP+/jopnkkwGkUE0imJWH6fJp83OvhC8ANpUy+iXAwnh1
h1ZW9UDkxwo8WqsYd4djgN79LgtVsJMgppCXlPg0aw1V9eGcU1r3BLK1Ud4tpGtu
7RSnpz4EpkstrCu1BAH19UyHxelXaXQ9OzC9/gS019tnKDGMcrUdYIuurXGaU6YR
7Yjwf13N83DcXc+xDkYOWFzQt4yW4zgoC1XYYtVuGz7W9QN94HZwJ791ELE8L3Rv
EneE7Bxmho0hZ8sTrs6mZeJvfQpXGab55W+J6w1pAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUuydLhrWmAbWIT8hrTIARem1fsFAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMyOTQwN2M2LWFkZTItNGU4MS04ZTg4LTQxMTgzOTNlN2Y2YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXRbUAwDQYJKoZIhvcNAQELBQADggEBADJOnYWfMeF5kmj25x1piMl6fFt9
TjeD1BZ9XmtrE80lkV0l3Ryvp6Eh0zSNh23sBXS/CL7ylHAYzHQCrTY0XKjQHnSj
1KNPgqLRZJmfLI7TU/DzvlHIe92cldpwCMGFdmQEz/l0cDtFeqRszyONHHuIlYED
4Bl01AYWHrv4Ihh2i9gJEdJ8xcQoOc7ASH/KifQHeDSNFk9v6yHTqJyc+vHRmZdw
PgmXwnNkJZM/pC53vLLrdN8B3PlK4DdRENpK57o5gO86Tj9oc7kjgQA4D1Y5xkYS
nTWqThCJHQQ0+2zVYkSutMUrIJJj846PDZYwqcQJYP1ucxxR0JG0pWJpI/I=
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:50:29 2025 by rpki-client