Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3327cfae-d76e-433c-9489-6c1d618274a8.roa
File: 3327cfae-d76e-433c-9489-6c1d618274a8.roa (raw, json)
Hash identifier: 4fNBQfO1js5CN30uinmYGDhYlXHk1JGDZX/mVtrKadA=
Subject key identifier: EB:34:09:7A:A5:0F:03:99:55:1D:C4:52:BC:76:EE:3C:DA:60:CC:7D
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2DA5F889D9EA57E3F1380E20F9D2F7ABF1D3F526
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3327cfae-d76e-433c-9489-6c1d618274a8.roa
Signing time: Sun 02 Nov 2025 00:30:16 +0000
ROA not before: Sun 02 Nov 2025 00:30:16 +0000
ROA not after: Sun 07 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 99.151.190.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:a5:f8:89:d9:ea:57:e3:f1:38:0e:20:f9:d2:f7:ab:f1:d3:f5:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 2 00:30:16 2025 GMT
Not After : Dec 7 23:59:59 2025 GMT
Subject: serialNumber=91b2737dc17309887328f5b3109152b520ed9def3a9456e3379ce5be61668aa6, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:84:43:c2:56:6e:59:ef:28:a6:ae:67:c0:53:
c7:c5:2f:ac:49:9c:a1:78:10:72:2a:6b:c5:5d:e5:
85:4f:e5:c2:95:35:39:ff:30:bb:cf:b1:28:e0:64:
ea:3b:ba:11:6a:1f:50:51:0d:43:0d:45:c3:c7:4a:
44:3d:4f:e9:dc:d1:4e:df:51:33:96:8f:7f:f2:4d:
1e:c5:a2:d7:17:4e:ad:b9:01:6c:d3:05:dc:e4:3c:
05:f0:6f:2c:39:3e:54:cc:a9:d1:4b:a9:5a:d9:4b:
35:4d:0c:3c:92:8a:20:54:7d:d6:3d:b2:6e:2a:be:
b3:d1:d7:f2:72:c3:8b:42:e6:b6:7c:c0:87:47:16:
f6:12:25:f1:1c:98:48:16:72:bc:c9:02:b7:e5:40:
70:a5:62:82:d7:99:20:e9:a4:18:f3:fd:b1:d2:e6:
e3:24:19:3b:88:ad:4f:42:07:a4:bd:72:0a:c6:15:
5b:94:35:04:5e:18:56:85:cb:fc:91:b7:0f:15:07:
c8:22:de:8a:e2:67:ea:ae:1d:53:94:d8:3a:fa:55:
4f:8e:f5:84:c5:b5:82:ae:fd:6b:4c:81:ee:cf:34:
e9:86:dc:50:41:ce:08:63:1e:c4:77:90:6b:b1:5a:
40:89:09:49:d2:b9:44:00:48:41:19:5a:a1:4f:04:
7a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:34:09:7A:A5:0F:03:99:55:1D:C4:52:BC:76:EE:3C:DA:60:CC:7D
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3327cfae-d76e-433c-9489-6c1d618274a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
99.151.190.0/23
Signature Algorithm: sha256WithRSAEncryption
c9:7e:93:3f:09:25:fa:b0:24:f3:04:d8:6c:56:22:8a:c4:e5:
45:bb:b1:2c:82:19:75:eb:dd:ea:cf:a1:69:2f:e8:76:56:c8:
4b:a1:25:1c:ef:86:08:9a:94:1d:06:27:84:b5:b0:ab:59:fe:
fd:68:39:36:9d:1e:c9:22:61:55:4a:cc:78:a9:be:1e:6c:4b:
47:be:73:4c:d5:a4:a9:0c:a9:2b:18:c4:42:81:dd:20:0b:05:
13:2b:4b:5c:1b:eb:86:d6:61:ea:75:8c:c2:02:f7:e8:5c:8e:
1f:25:84:39:37:84:d3:b4:21:94:e5:99:ec:b9:e5:cb:9e:fe:
24:08:1d:5c:4d:bb:9f:d5:a0:1b:1d:04:54:01:52:2b:65:70:
35:c4:32:17:51:c9:a9:2c:f8:9c:2e:ea:e3:d3:a9:5f:cc:a8:
09:91:66:27:54:02:a0:75:3f:20:6d:5b:45:f1:b9:d8:b0:e1:
57:82:aa:2a:3f:47:64:26:9f:6e:db:fe:b8:e4:6b:87:05:5c:
1d:3c:9f:9b:7b:21:b4:d0:e2:28:e3:22:bd:54:cb:ff:b6:19:
61:52:e5:30:d5:38:08:fa:6c:98:ec:a1:c5:58:a8:eb:32:37:
64:69:54:34:cb:2a:9d:3f:eb:12:9b:eb:7a:81:4b:29:e6:2c:
0c:02:1a:c8
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULaX4idnqV+PxOA4g+dL3q/HT9SYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTAyMDAzMDE2WhcNMjUxMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A5MWIyNzM3ZGMxNzMwOTg4NzMyOGY1YjMxMDkxNTJiNTIw
ZWQ5ZGVmM2E5NDU2ZTMzNzljZTViZTYxNjY4YWE2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDRhEPCVm5Z7yimrmfAU8fFL6xJnKF4EHIqa8Vd5YVP5cKV
NTn/MLvPsSjgZOo7uhFqH1BRDUMNRcPHSkQ9T+nc0U7fUTOWj3/yTR7FotcXTq25
AWzTBdzkPAXwbyw5PlTMqdFLqVrZSzVNDDySiiBUfdY9sm4qvrPR1/Jyw4tC5rZ8
wIdHFvYSJfEcmEgWcrzJArflQHClYoLXmSDppBjz/bHS5uMkGTuIrU9CB6S9cgrG
FVuUNQReGFaFy/yRtw8VB8gi3oriZ+quHVOU2Dr6VU+O9YTFtYKu/WtMge7PNOmG
3FBBzghjHsR3kGuxWkCJCUnSuUQASEEZWqFPBHqvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU6zQJeqUPA5lVHcRSvHbuPNpgzH0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMzMjdjZmFlLWQ3NmUtNDMzYy05NDg5LTZjMWQ2MTgyNzRhOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFjl74wDQYJKoZIhvcNAQELBQADggEBAMl+kz8JJfqwJPME2GxWIorE5UW7
sSyCGXXr3erPoWkv6HZWyEuhJRzvhgialB0GJ4S1sKtZ/v1oOTadHskiYVVKzHip
vh5sS0e+c0zVpKkMqSsYxEKB3SALBRMrS1wb64bWYep1jMIC9+hcjh8lhDk3hNO0
IZTlmey55cue/iQIHVxNu5/VoBsdBFQBUitlcDXEMhdRyaks+Jwu6uPTqV/MqAmR
ZidUAqB1PyBtW0Xxudiw4VeCqio/R2Qmn27b/rjka4cFXB08n5t7IbTQ4ijjIr1U
y/+2GWFS5TDVOAj6bJjsocVYqOsyN2RpVDTLKp0/6xKb63qBSynmLAwCGsg=
-----END CERTIFICATE-----
Generated at Wed Nov 5 11:49:44 2025 by rpki-client