Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/46ffd29f-2469-4e53-b48f-865865efa7e1.roa
File: 46ffd29f-2469-4e53-b48f-865865efa7e1.roa (raw, json)
Hash identifier: qX677xiPnzmdVUYb5W5lDoQQ/rLFLWng2avI2t1d2d0=
Subject key identifier: A0:70:A5:A8:57:36:E2:D3:B2:23:C7:45:66:DC:81:3B:7E:42:FF:7F
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 7BF4666D59733207723C3081D0209DE29B7927BA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/46ffd29f-2469-4e53-b48f-865865efa7e1.roa
Signing time: Sat 25 Oct 2025 00:30:47 +0000
ROA not before: Sat 25 Oct 2025 00:30:47 +0000
ROA not after: Sat 29 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 16.124.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:f4:66:6d:59:73:32:07:72:3c:30:81:d0:20:9d:e2:9b:79:27:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 25 00:30:47 2025 GMT
Not After : Nov 29 23:59:59 2025 GMT
Subject: serialNumber=faa4db7c39be1e8471d5e8ee261015eacf58b5adf1ff8c8d2572338f516b238f, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:f7:a4:f8:70:68:bb:f7:90:24:03:10:f5:b6:
b5:76:96:1b:f0:2b:49:46:6d:67:c1:15:01:66:ff:
1b:6a:92:45:54:34:e6:8e:d8:e6:8e:5d:9b:39:56:
08:bc:a4:dd:e3:9f:01:a9:6a:5f:5c:7e:18:ec:40:
e6:bb:ab:17:29:b7:73:9e:d6:95:7a:be:b4:5a:90:
d4:2d:1c:b5:65:40:79:3e:24:36:7f:82:f5:87:7a:
6c:cc:e4:c9:0a:3e:3c:75:7c:64:d0:0f:a0:0d:7a:
98:e6:d2:e3:a1:d7:a6:76:20:0b:5a:ec:32:12:b6:
cb:54:d1:ca:c6:13:34:a8:53:19:25:31:1b:16:a6:
51:e8:6e:82:21:d4:ad:2c:73:ba:8b:34:eb:39:82:
d3:64:ce:75:01:bd:b5:ee:23:e6:98:69:c3:3f:6f:
5f:72:c2:d4:9d:2a:70:0b:48:bc:21:d9:bb:ac:61:
83:17:4e:e7:bc:0f:c4:9a:32:f1:b2:e9:4f:79:cb:
6f:70:92:db:6b:c9:44:6f:ca:69:bb:db:ae:b9:eb:
a8:cb:d2:25:2a:70:d7:80:2a:13:57:f9:0d:46:0e:
e3:af:03:73:14:80:a8:5c:8e:01:25:23:f8:9e:5b:
ce:e3:fd:16:13:99:82:be:4c:c1:e6:8b:18:f4:fb:
0d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:70:A5:A8:57:36:E2:D3:B2:23:C7:45:66:DC:81:3B:7E:42:FF:7F
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/46ffd29f-2469-4e53-b48f-865865efa7e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.124.0.0/16
Signature Algorithm: sha256WithRSAEncryption
10:41:7d:06:9d:70:e9:ea:6c:15:93:05:56:e5:57:5a:e6:19:
ec:14:14:52:3d:22:3f:3d:af:cc:da:9c:6e:10:df:6e:15:50:
9b:b2:dd:cb:ba:c8:8d:94:26:7a:43:3f:31:7d:ae:47:15:9f:
b8:c4:c2:78:46:c0:75:ee:0c:c7:1e:c3:b1:fc:3b:7e:64:50:
ac:ff:3b:03:2c:d9:c8:2a:40:65:c8:0e:75:29:5e:e5:04:a8:
d3:d9:17:9c:65:08:8c:f0:32:b3:04:c1:c2:77:ad:68:f3:22:
ca:f1:4c:2a:ed:ee:00:92:94:28:6a:c2:b8:19:71:ee:b3:0c:
ba:99:0b:0f:aa:17:4c:97:4b:1b:77:24:3e:22:12:d4:fb:1e:
f6:a9:b7:20:c0:82:3e:ef:ae:26:68:a5:18:c2:27:2e:f3:05:
2a:52:12:21:bc:3d:e7:c1:44:24:53:24:47:76:1d:78:d9:8c:
8e:26:ad:34:d0:68:ec:f8:cb:df:6c:ea:3c:80:63:6d:cb:79:
ef:db:4a:60:f0:b0:88:8e:5f:c0:08:d7:21:21:49:a1:47:4b:
9f:3c:9d:60:99:df:4f:ef:57:5e:3a:83:7a:5a:f0:82:d0:69:
d5:dd:50:e1:d2:b7:dc:7f:ab:e7:37:f5:aa:78:ee:b7:6d:0d:
76:a9:9e:25
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUe/RmbVlzMgdyPDCB0CCd4pt5J7owDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI1MDAzMDQ3WhcNMjUxMTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BmYWE0ZGI3YzM5YmUxZTg0NzFkNWU4ZWUyNjEwMTVlYWNm
NThiNWFkZjFmZjhjOGQyNTcyMzM4ZjUxNmIyMzhmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDl96T4cGi795AkAxD1trV2lhvwK0lGbWfBFQFm/xtqkkVU
NOaO2OaOXZs5Vgi8pN3jnwGpal9cfhjsQOa7qxcpt3Oe1pV6vrRakNQtHLVlQHk+
JDZ/gvWHemzM5MkKPjx1fGTQD6ANepjm0uOh16Z2IAta7DIStstU0crGEzSoUxkl
MRsWplHoboIh1K0sc7qLNOs5gtNkznUBvbXuI+aYacM/b19ywtSdKnALSLwh2bus
YYMXTue8D8SaMvGy6U95y29wkttryURvymm7266566jL0iUqcNeAKhNX+Q1GDuOv
A3MUgKhcjgElI/ieW87j/RYTmYK+TMHmixj0+w2lAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUoHClqFc24tOyI8dFZtyBO35C/38wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ2ZmZkMjlmLTI0NjktNGU1My1iNDhmLTg2NTg2NWVmYTdlMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQfDANBgkqhkiG9w0BAQsFAAOCAQEAEEF9Bp1w6epsFZMFVuVXWuYZ7BQU
Uj0iPz2vzNqcbhDfbhVQm7Ldy7rIjZQmekM/MX2uRxWfuMTCeEbAde4Mxx7Dsfw7
fmRQrP87AyzZyCpAZcgOdSle5QSo09kXnGUIjPAyswTBwnetaPMiyvFMKu3uAJKU
KGrCuBlx7rMMupkLD6oXTJdLG3ckPiIS1Pse9qm3IMCCPu+uJmilGMInLvMFKlIS
Ibw958FEJFMkR3YdeNmMjiatNNBo7PjL32zqPIBjbct579tKYPCwiI5fwAjXISFJ
oUdLnzydYJnfT+9XXjqDelrwgtBp1d1Q4dK33H+r5zf1qnjut20NdqmeJQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:43:59 2025 by rpki-client