Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3d6c20c8-51a8-4a01-982f-1879ea5a55cb.roa
File: 3d6c20c8-51a8-4a01-982f-1879ea5a55cb.roa (raw, json)
Hash identifier: mG1ePCNu9tvfHH1AZGxbz/gW/JdIgO/D/SV/UrH7QGE=
Subject key identifier: 4E:D2:65:9A:B1:58:8E:1F:CA:2A:08:B1:D6:07:31:67:C7:D9:5C:C8
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 54ECB87E57081E4B3E8909F74572BC2932F5C2BB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3d6c20c8-51a8-4a01-982f-1879ea5a55cb.roa
Signing time: Sat 01 Nov 2025 00:20:04 +0000
ROA not before: Sat 01 Nov 2025 00:20:04 +0000
ROA not after: Sat 06 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 136.18.140.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:ec:b8:7e:57:08:1e:4b:3e:89:09:f7:45:72:bc:29:32:f5:c2:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 1 00:20:04 2025 GMT
Not After : Dec 6 23:59:59 2025 GMT
Subject: serialNumber=3a7dad54e3a46c192e51cfe3d6991a83239a4c9f80f3592e254813468d8468dc, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:23:7b:c5:9d:02:d5:e9:36:e7:09:a0:07:8c:
92:70:b2:55:87:12:04:5c:3a:7e:0d:a4:e7:e1:60:
7a:17:2c:a1:25:7a:37:d2:40:e5:80:b9:be:32:32:
e4:28:bc:91:27:69:94:8d:cc:3c:a1:14:c9:74:0f:
dd:88:24:11:21:72:02:de:c1:b0:98:aa:c5:16:1e:
23:f8:2b:89:ea:5d:f0:24:01:a8:5c:83:94:d6:f0:
b1:ed:a7:70:c2:5d:eb:23:cf:af:e1:52:8f:ee:6b:
21:ff:93:96:d2:b3:66:10:a9:d9:32:6d:7a:45:dc:
14:d1:2d:97:ef:56:81:bb:e6:46:71:26:d7:3d:96:
d4:4d:8b:4c:62:9d:53:ca:b0:e1:71:7d:ea:91:a1:
ef:1c:63:63:b8:3e:4a:87:64:1f:a0:06:d3:34:2e:
2f:11:d2:8a:64:5b:eb:3e:3f:15:7d:44:16:27:54:
7c:55:4a:a4:f8:e7:2f:02:e7:1d:6b:23:51:03:d0:
6e:46:d6:1c:f0:da:3d:99:ab:b3:9d:de:97:00:3e:
9e:0a:4d:81:2b:98:cc:09:d3:b6:f9:49:5e:30:f8:
96:2f:95:42:d3:ab:43:dd:6d:93:01:d6:59:c9:4e:
7b:4a:76:08:78:de:44:de:13:04:d7:30:92:af:b4:
de:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:D2:65:9A:B1:58:8E:1F:CA:2A:08:B1:D6:07:31:67:C7:D9:5C:C8
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3d6c20c8-51a8-4a01-982f-1879ea5a55cb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
136.18.140.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:65:95:e6:80:21:7b:5c:8c:fd:4d:51:ea:b1:fe:e7:84:8d:
a2:a1:74:d2:58:a4:92:8d:2d:5d:0d:01:4f:74:29:d1:80:62:
2e:5d:7e:db:2c:83:94:d3:99:73:b9:63:0e:98:b2:f9:da:73:
7c:82:4f:fb:d9:ad:59:c8:8a:47:25:ea:cf:d8:eb:68:d4:e6:
39:e4:04:b3:5f:fe:73:3f:4d:fe:a9:1d:33:8f:f9:50:9f:97:
5a:3b:66:04:df:91:c3:5e:23:af:ea:2a:50:ab:d4:d3:4b:a4:
e3:8f:37:b9:df:2e:2f:3c:b7:c5:92:e4:de:0a:80:0e:16:4a:
00:de:a5:d4:5f:b3:8e:2f:56:93:86:39:3c:98:b0:82:64:5b:
78:46:cf:64:03:30:af:1a:69:15:f1:80:5c:7c:cf:6b:9d:fc:
4b:13:25:cc:0e:d2:ba:ff:61:96:9d:c6:b7:86:40:bd:1a:80:
2a:93:6f:42:aa:2d:3b:a5:a4:d0:00:fd:60:f2:af:86:a8:a8:
2b:56:43:df:d3:16:21:90:59:89:73:d0:39:02:1b:76:bc:c4:
dd:9f:18:bf:86:2f:16:17:33:ec:df:fe:7f:50:51:d7:1b:82:
6b:89:48:67:e0:00:75:20:41:a9:34:0c:4f:9d:58:95:ba:60:
f3:69:f0:e0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVOy4flcIHks+iQn3RXK8KTL1wrswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTAxMDAyMDA0WhcNMjUxMjA2MjM1OTU5
WjB6MUkwRwYDVQQFE0AzYTdkYWQ1NGUzYTQ2YzE5MmU1MWNmZTNkNjk5MWE4MzIz
OWE0YzlmODBmMzU5MmUyNTQ4MTM0NjhkODQ2OGRjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/I3vFnQLV6TbnCaAHjJJwslWHEgRcOn4NpOfhYHoXLKEl
ejfSQOWAub4yMuQovJEnaZSNzDyhFMl0D92IJBEhcgLewbCYqsUWHiP4K4nqXfAk
Aahcg5TW8LHtp3DCXesjz6/hUo/uayH/k5bSs2YQqdkybXpF3BTRLZfvVoG75kZx
Jtc9ltRNi0xinVPKsOFxfeqRoe8cY2O4PkqHZB+gBtM0Li8R0opkW+s+PxV9RBYn
VHxVSqT45y8C5x1rI1ED0G5G1hzw2j2Zq7Od3pcAPp4KTYErmMwJ07b5SV4w+JYv
lULTq0PdbZMB1lnJTntKdgh43kTeEwTXMJKvtN5PAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUTtJlmrFYjh/KKgix1gcxZ8fZXMgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNkNmMyMGM4LTUxYTgtNGEwMS05ODJmLTE4NzllYTVhNTVjYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACIEowwDQYJKoZIhvcNAQELBQADggEBAIplleaAIXtcjP1NUeqx/ueEjaKh
dNJYpJKNLV0NAU90KdGAYi5dftssg5TTmXO5Yw6Ysvnac3yCT/vZrVnIikcl6s/Y
62jU5jnkBLNf/nM/Tf6pHTOP+VCfl1o7ZgTfkcNeI6/qKlCr1NNLpOOPN7nfLi88
t8WS5N4KgA4WSgDepdRfs44vVpOGOTyYsIJkW3hGz2QDMK8aaRXxgFx8z2ud/EsT
JcwO0rr/YZadxreGQL0agCqTb0KqLTulpNAA/WDyr4aoqCtWQ9/TFiGQWYlz0DkC
G3a8xN2fGL+GLxYXM+zf/n9QUdcbgmuJSGfgAHUgQak0DE+dWJW6YPNp8OA=
-----END CERTIFICATE-----
Generated at Wed Nov 5 06:46:07 2025 by rpki-client