Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3dbee296-ec09-48ec-b119-3d727f285355.roa
File: 3dbee296-ec09-48ec-b119-3d727f285355.roa (raw, json)
Hash identifier: aLZ1LlYwc1vkBM0Tqd6ZTvEYJz6RFszm/icMzRg3Iq0=
Subject key identifier: 58:0F:32:36:86:66:C6:F2:9C:06:0F:18:3B:2A:A8:DC:74:5F:DE:2C
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 7569643B66E5F94A8FC9A3D720F0B74A1F9D04A8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3dbee296-ec09-48ec-b119-3d727f285355.roa
Signing time: Wed 29 Oct 2025 00:30:15 +0000
ROA not before: Wed 29 Oct 2025 00:30:15 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 40.150.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:69:64:3b:66:e5:f9:4a:8f:c9:a3:d7:20:f0:b7:4a:1f:9d:04:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 29 00:30:15 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=29958fa9e2ecf9557820a0d4293d1d3a0fc887ce03f94d6fe43eb39b91e9de31, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:fd:1e:dc:27:a5:e4:8d:8e:0a:5a:a2:a2:5b:
0a:87:0f:fa:d9:44:13:fd:c4:47:09:6b:46:8a:9c:
58:34:3c:ea:42:45:f7:7b:4f:e9:49:f7:6a:cf:bc:
bc:13:e2:2b:9b:39:3f:81:fe:4f:17:85:81:21:dd:
f0:95:46:84:ff:a5:13:72:99:d2:1b:f4:0b:7a:8d:
a1:10:e4:7f:39:82:a4:cf:a9:3d:ee:13:72:21:88:
99:78:f1:92:23:96:87:d0:b0:52:a8:29:1e:7f:b1:
9c:ec:ca:e1:ae:98:a4:85:25:ea:75:66:00:d5:0b:
a1:66:4e:e1:f4:05:a5:6f:b0:56:10:69:2d:27:3e:
e0:66:6c:75:29:11:13:db:57:3a:ba:c2:d2:13:9d:
5c:8e:e6:e9:c1:48:cc:70:5e:ac:8e:31:10:bb:e9:
38:c4:81:47:73:e0:2c:f4:dc:59:04:c8:c8:c8:cc:
a4:e8:16:9f:1b:48:44:ad:d6:f2:9c:87:f3:63:f4:
b5:1c:9a:13:92:52:71:4f:8a:d2:c2:4b:05:30:cc:
8e:1b:02:c6:da:37:8d:09:76:2b:dd:6c:6b:28:18:
84:cc:a0:15:28:4b:57:69:21:5c:ff:95:f4:1c:fe:
21:ff:0a:de:e2:4a:46:97:6e:c2:eb:1c:d3:34:f3:
a2:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:0F:32:36:86:66:C6:F2:9C:06:0F:18:3B:2A:A8:DC:74:5F:DE:2C
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3dbee296-ec09-48ec-b119-3d727f285355.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
40.150.0.0/16
Signature Algorithm: sha256WithRSAEncryption
91:af:1a:49:b8:3d:ab:54:cf:8a:d8:48:4d:23:7e:0b:17:52:
bd:7e:f3:81:be:ab:67:17:41:91:ba:b7:60:c5:36:5e:7f:34:
f6:b6:66:89:ab:72:46:40:02:d7:c5:f0:3b:ea:69:cd:04:3d:
59:51:b7:79:1a:7a:ca:e3:3e:87:e1:fc:d3:a3:b9:6c:73:68:
bf:f3:60:7f:12:5e:0c:41:c2:f0:64:02:b5:96:5f:49:31:c3:
d3:e3:a2:52:54:ba:80:e7:23:43:60:1f:fb:57:ca:f2:36:ac:
3b:a1:5d:11:25:2f:4a:54:64:fd:ab:0d:7b:35:82:f3:a0:a5:
d7:8c:bb:36:18:3d:f9:56:9f:c4:b6:03:76:ba:54:bc:f7:f4:
c6:4f:23:e3:24:dd:05:06:cf:32:0b:6e:92:81:43:a3:67:71:
46:f5:5a:8e:52:0d:c8:c5:43:85:2f:be:a9:bc:cf:99:8e:48:
47:25:f5:74:68:87:b6:53:95:a6:9d:5b:9f:2f:48:aa:ad:61:
47:ff:61:fe:68:e6:0d:92:ae:2a:6d:db:3f:60:72:39:a5:64:
f1:52:e0:11:b7:8d:b3:cb:e9:e5:9b:35:78:19:e7:97:dd:f2:
a6:c4:79:af:de:39:45:56:7d:cb:67:b8:a0:e6:ba:ab:7f:4e:
73:ec:9e:4d
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUdWlkO2bl+UqPyaPXIPC3Sh+dBKgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI5MDAzMDE1WhcNMjUxMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0AyOTk1OGZhOWUyZWNmOTU1NzgyMGEwZDQyOTNkMWQzYTBm
Yzg4N2NlMDNmOTRkNmZlNDNlYjM5YjkxZTlkZTMxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDR/R7cJ6XkjY4KWqKiWwqHD/rZRBP9xEcJa0aKnFg0POpC
Rfd7T+lJ92rPvLwT4iubOT+B/k8XhYEh3fCVRoT/pRNymdIb9At6jaEQ5H85gqTP
qT3uE3IhiJl48ZIjlofQsFKoKR5/sZzsyuGumKSFJep1ZgDVC6FmTuH0BaVvsFYQ
aS0nPuBmbHUpERPbVzq6wtITnVyO5unBSMxwXqyOMRC76TjEgUdz4Cz03FkEyMjI
zKToFp8bSESt1vKch/Nj9LUcmhOSUnFPitLCSwUwzI4bAsbaN40JdivdbGsoGITM
oBUoS1dpIVz/lfQc/iH/Ct7iSkaXbsLrHNM086LLAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUWA8yNoZmxvKcBg8YOyqo3HRf3iwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNkYmVlMjk2LWVjMDktNDhlYy1iMTE5LTNkNzI3ZjI4NTM1NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAoljANBgkqhkiG9w0BAQsFAAOCAQEAka8aSbg9q1TPithITSN+CxdSvX7z
gb6rZxdBkbq3YMU2Xn809rZmiatyRkAC18XwO+ppzQQ9WVG3eRp6yuM+h+H806O5
bHNov/NgfxJeDEHC8GQCtZZfSTHD0+OiUlS6gOcjQ2Af+1fK8jasO6FdESUvSlRk
/asNezWC86Cl14y7Nhg9+VafxLYDdrpUvPf0xk8j4yTdBQbPMgtukoFDo2dxRvVa
jlINyMVDhS++qbzPmY5IRyX1dGiHtlOVpp1bny9Iqq1hR/9h/mjmDZKuKm3bP2By
OaVk8VLgEbeNs8vp5Zs1eBnnl93ypsR5r945RVZ9y2e4oOa6q39Oc+yeTQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:47:56 2025 by rpki-client