Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/59637748-f9e2-4c44-86a6-89a1c02f3f23.roa
File: 59637748-f9e2-4c44-86a6-89a1c02f3f23.roa (raw, json)
Hash identifier: lqp7Lt1JEIlSBz3YuII7XWhQ2w12wVlAfgYZ7wEtjnE=
Subject key identifier: 6F:FE:74:5F:8C:18:9A:7D:03:73:55:0D:7F:3C:24:B5:38:56:E7:04
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2D0C7C65B38CDA5FF430555F5476A500FD283E5B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/59637748-f9e2-4c44-86a6-89a1c02f3f23.roa
Signing time: Fri 31 Oct 2025 00:30:51 +0000
ROA not before: Fri 31 Oct 2025 00:30:51 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 44.203.128.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:0c:7c:65:b3:8c:da:5f:f4:30:55:5f:54:76:a5:00:fd:28:3e:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 31 00:30:51 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=aadb034b038ffe2a6b846e07603970121513e70cb4ea0468b5332207df982f59, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:15:4a:95:20:a4:a4:77:59:44:a7:90:e3:94:
7f:77:9a:78:c3:e0:04:15:3f:08:2e:72:27:24:27:
a2:b5:bb:25:05:9a:28:8e:90:c6:1e:ba:04:df:48:
75:67:c3:0e:ea:1d:1a:dc:58:78:91:55:61:7d:7e:
e6:ea:d9:93:3c:14:e1:8d:1c:db:41:6b:d2:7e:2e:
8f:da:0b:83:15:2f:14:11:ac:fe:a9:c0:fa:4a:b9:
43:26:5b:a4:42:41:53:c6:26:9e:bd:3a:2e:67:6a:
a3:16:d8:3e:a4:c5:54:37:05:77:cd:b3:59:4a:47:
70:7f:86:41:3e:75:5d:04:8b:ba:ad:10:5f:0e:32:
b6:05:8d:79:6e:74:99:91:06:a9:b3:55:4f:35:7c:
f3:d6:13:92:fc:8b:c1:97:68:f4:12:52:35:cf:9d:
0c:b0:37:56:a2:9b:eb:19:30:de:20:42:4a:3d:41:
cc:c4:f7:63:8a:90:a3:d2:63:f0:e1:02:84:74:67:
41:f6:9b:cc:af:38:2d:56:a3:48:48:c1:60:f4:9f:
be:88:59:bd:d5:2a:49:d6:33:5e:e7:9e:e1:39:05:
e8:21:47:c3:04:6a:49:48:e3:ce:ee:6e:0a:37:49:
bd:fa:57:22:b2:ff:e0:2b:5d:99:50:de:1e:19:04:
10:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:FE:74:5F:8C:18:9A:7D:03:73:55:0D:7F:3C:24:B5:38:56:E7:04
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/59637748-f9e2-4c44-86a6-89a1c02f3f23.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
44.203.128.0/23
Signature Algorithm: sha256WithRSAEncryption
70:e8:2c:ce:02:25:05:99:5d:d0:0b:82:50:e0:12:90:09:7b:
5c:12:06:10:e6:04:8d:a8:29:6f:3f:0d:01:89:09:12:fd:16:
65:c7:94:6a:71:e3:f2:71:27:fe:d8:f1:e2:25:17:36:e1:13:
20:96:06:26:80:5c:dc:e0:9c:e8:19:47:e9:70:98:5f:d7:17:
8a:c5:5f:b0:70:43:a1:89:db:7d:ac:30:aa:c6:b0:2a:ff:ce:
bb:ac:7c:67:df:5c:7d:02:f2:a7:ae:bc:b9:98:ec:62:35:f7:
96:fa:ca:24:5a:97:19:7a:7d:2c:be:17:07:54:72:9d:35:cc:
71:00:fa:ed:26:d0:a2:6f:43:b8:cd:0a:d3:31:68:3a:fe:4a:
0c:87:73:ba:e0:30:f4:08:64:97:3e:3a:c5:99:4f:af:b1:eb:
a3:ad:73:55:d2:45:b3:f0:78:be:9a:54:6f:18:9a:7a:1e:62:
06:3b:e7:f7:e9:12:58:b1:35:2b:d8:cb:8a:af:6f:14:61:4f:
66:57:dc:8e:d8:35:2e:36:42:e3:e1:2b:c7:9e:0e:69:5c:f9:
e7:b1:ef:cf:c7:74:4a:82:40:46:ce:f2:e2:11:0c:b7:d7:8f:
89:25:5d:55:db:15:a2:13:39:2e:6b:fb:91:2a:22:07:06:15:
cb:e5:39:ef
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULQx8ZbOM2l/0MFVfVHalAP0oPlswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDMxMDAzMDUxWhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BhYWRiMDM0YjAzOGZmZTJhNmI4NDZlMDc2MDM5NzAxMjE1
MTNlNzBjYjRlYTA0NjhiNTMzMjIwN2RmOTgyZjU5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2FUqVIKSkd1lEp5DjlH93mnjD4AQVPwgucickJ6K1uyUF
miiOkMYeugTfSHVnww7qHRrcWHiRVWF9fubq2ZM8FOGNHNtBa9J+Lo/aC4MVLxQR
rP6pwPpKuUMmW6RCQVPGJp69Oi5naqMW2D6kxVQ3BXfNs1lKR3B/hkE+dV0Ei7qt
EF8OMrYFjXludJmRBqmzVU81fPPWE5L8i8GXaPQSUjXPnQywN1aim+sZMN4gQko9
QczE92OKkKPSY/DhAoR0Z0H2m8yvOC1Wo0hIwWD0n76IWb3VKknWM17nnuE5Begh
R8MEaklI487ubgo3Sb36VyKy/+ArXZlQ3h4ZBBC7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUb/50X4wYmn0Dc1UNfzwktThW5wQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzU5NjM3NzQ4LWY5ZTItNGM0NC04NmE2LTg5YTFjMDJmM2YyMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEsy4AwDQYJKoZIhvcNAQELBQADggEBAHDoLM4CJQWZXdALglDgEpAJe1wS
BhDmBI2oKW8/DQGJCRL9FmXHlGpx4/JxJ/7Y8eIlFzbhEyCWBiaAXNzgnOgZR+lw
mF/XF4rFX7BwQ6GJ232sMKrGsCr/zrusfGffXH0C8qeuvLmY7GI195b6yiRalxl6
fSy+FwdUcp01zHEA+u0m0KJvQ7jNCtMxaDr+SgyHc7rgMPQIZJc+OsWZT6+x66Ot
c1XSRbPweL6aVG8YmnoeYgY75/fpElixNSvYy4qvbxRhT2ZX3I7YNS42QuPhK8ee
Dmlc+eex78/HdEqCQEbO8uIRDLfXj4klXVXbFaITOS5r+5EqIgcGFcvlOe8=
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:44:51 2025 by rpki-client