Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/40678bef-8d07-4eae-a68e-675cf4cd98ca.roa
File: 40678bef-8d07-4eae-a68e-675cf4cd98ca.roa (raw, json)
Hash identifier: IeCQdNF/5GqgtofAjX8EtD43AnHBgBDrqnK4PCaRY2o=
Subject key identifier: ED:60:68:7C:09:AC:8E:B4:12:BC:09:B2:19:46:5C:62:51:67:2F:C8
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4200614B73D42828C7768F3AC3CDB9DD5756DA80
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/40678bef-8d07-4eae-a68e-675cf4cd98ca.roa
Signing time: Fri 31 Oct 2025 00:50:43 +0000
ROA not before: Fri 31 Oct 2025 00:50:43 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 50.18.104.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:00:61:4b:73:d4:28:28:c7:76:8f:3a:c3:cd:b9:dd:57:56:da:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 31 00:50:43 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=03cc025e4941b3b9829e8428a267a7f32816c6d2c9f9cde0df9923d7cd2bdd50, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:5d:ee:f7:88:2b:21:25:15:71:1f:ef:aa:db:
25:68:11:a0:2c:8e:8a:0e:88:8d:33:5f:d4:f7:79:
71:b7:1b:bc:e6:88:7c:1f:80:03:37:ac:9c:8c:e3:
ec:d3:a7:45:fb:26:f3:18:f5:6b:33:4f:ff:1e:02:
ac:30:0c:18:0e:43:dc:b9:5a:60:1b:4b:32:2e:7d:
9d:03:33:ed:4d:f9:23:d7:86:c5:bf:b0:34:e9:b9:
dc:77:c3:c1:75:89:a2:de:e0:f2:3b:93:64:77:08:
56:69:ff:e8:08:8d:e8:23:e2:16:18:10:7c:54:71:
17:ec:5a:56:7b:69:ec:4a:d6:d4:6c:97:68:70:f5:
9a:67:9a:1f:84:73:df:bd:2f:ac:a0:fa:fe:29:64:
f9:c4:94:c7:c1:4b:25:89:35:67:4f:e9:d2:23:d8:
c5:da:48:1a:d7:ce:be:0e:40:28:17:29:f9:a3:a7:
81:50:5b:10:ea:2c:16:c2:e2:15:f2:2f:8e:a4:e3:
43:59:51:f2:9c:92:93:16:fb:80:d3:6a:50:c4:d9:
f4:75:11:5c:f6:a5:78:f6:34:ba:43:6e:61:d0:f1:
fc:b3:4f:63:77:7c:69:1f:5d:fe:c4:62:8e:09:40:
e9:30:6d:a2:e5:7c:a9:6f:46:b5:5b:2c:df:f1:d2:
ae:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:60:68:7C:09:AC:8E:B4:12:BC:09:B2:19:46:5C:62:51:67:2F:C8
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/40678bef-8d07-4eae-a68e-675cf4cd98ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
50.18.104.0/21
Signature Algorithm: sha256WithRSAEncryption
d9:63:25:37:67:a2:8e:0f:20:38:a7:be:4f:95:cb:01:33:0f:
82:ab:30:30:16:c2:67:fe:0e:cc:36:c2:0f:87:cc:df:7d:17:
bc:65:ab:e9:74:c3:72:f5:0c:32:9e:4b:8e:87:15:cb:e0:65:
bd:c8:a9:d2:b9:6f:08:4e:32:de:96:1f:08:a7:52:36:38:4d:
6f:b5:d6:61:ab:78:f5:e7:5c:a0:db:59:ff:86:0e:11:60:06:
39:38:a9:e6:fc:c9:68:06:96:85:fc:17:72:45:e4:f5:f9:46:
a7:4e:63:bb:87:db:dc:e5:15:e5:3d:47:6f:12:9e:de:1e:e5:
20:1d:35:8d:5a:2f:e7:83:ef:c3:fe:bb:ba:70:41:39:e1:ac:
c9:e6:94:6e:c1:56:8b:97:27:73:c9:ac:ab:2e:38:8a:65:3c:
49:67:67:30:e1:8f:06:a5:b3:60:18:b4:05:f5:ca:40:13:10:
28:fd:0a:6a:73:2c:76:e3:73:c9:9b:9c:58:f5:fe:a8:c5:08:
3a:50:25:c3:be:b6:b9:f1:a5:81:08:84:da:64:51:52:b7:e1:
f0:6c:30:1f:a4:5e:2c:a2:8d:fa:d4:fe:48:d8:30:3c:32:1b:
69:47:51:ef:5c:60:d6:28:df:c7:87:2a:d3:59:f0:a2:32:b4:
b4:ff:34:81
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQgBhS3PUKCjHdo86w8253VdW2oAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDMxMDA1MDQzWhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0AwM2NjMDI1ZTQ5NDFiM2I5ODI5ZTg0MjhhMjY3YTdmMzI4
MTZjNmQyYzlmOWNkZTBkZjk5MjNkN2NkMmJkZDUwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgXe73iCshJRVxH++q2yVoEaAsjooOiI0zX9T3eXG3G7zm
iHwfgAM3rJyM4+zTp0X7JvMY9WszT/8eAqwwDBgOQ9y5WmAbSzIufZ0DM+1N+SPX
hsW/sDTpudx3w8F1iaLe4PI7k2R3CFZp/+gIjegj4hYYEHxUcRfsWlZ7aexK1tRs
l2hw9Zpnmh+Ec9+9L6yg+v4pZPnElMfBSyWJNWdP6dIj2MXaSBrXzr4OQCgXKfmj
p4FQWxDqLBbC4hXyL46k40NZUfKckpMW+4DTalDE2fR1EVz2pXj2NLpDbmHQ8fyz
T2N3fGkfXf7EYo4JQOkwbaLlfKlvRrVbLN/x0q7/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU7WBofAmsjrQSvAmyGUZcYlFnL8gwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQwNjc4YmVmLThkMDctNGVhZS1hNjhlLTY3NWNmNGNkOThjYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMyEmgwDQYJKoZIhvcNAQELBQADggEBANljJTdnoo4PIDinvk+VywEzD4Kr
MDAWwmf+Dsw2wg+HzN99F7xlq+l0w3L1DDKeS46HFcvgZb3IqdK5bwhOMt6WHwin
UjY4TW+11mGrePXnXKDbWf+GDhFgBjk4qeb8yWgGloX8F3JF5PX5RqdOY7uH29zl
FeU9R28Snt4e5SAdNY1aL+eD78P+u7pwQTnhrMnmlG7BVouXJ3PJrKsuOIplPEln
ZzDhjwals2AYtAX1ykATECj9CmpzLHbjc8mbnFj1/qjFCDpQJcO+trnxpYEIhNpk
UVK34fBsMB+kXiyijfrU/kjYMDwyG2lHUe9cYNYo38eHKtNZ8KIytLT/NIE=
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:22:20 2025 by rpki-client