Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5a1921ca-ab9c-438e-b38f-c57ede30e1df.roa
File: 5a1921ca-ab9c-438e-b38f-c57ede30e1df.roa (raw, json)
Hash identifier: R6tF/gOdxm7f1uSz8PqvCt4EP5Iiciq2zX5hlRWzcXY=
Subject key identifier: E7:03:66:92:F6:B3:2D:FD:BE:86:99:1D:A2:6A:0C:8F:33:04:FA:C8
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 1F50D43BBA2ED696B01574335377806F203B6B47
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5a1921ca-ab9c-438e-b38f-c57ede30e1df.roa
Signing time: Mon 20 Oct 2025 21:06:38 +0000
ROA not before: Mon 20 Oct 2025 21:06:38 +0000
ROA not after: Mon 24 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 199.174.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:50:d4:3b:ba:2e:d6:96:b0:15:74:33:53:77:80:6f:20:3b:6b:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 20 21:06:38 2025 GMT
Not After : Nov 24 23:59:59 2025 GMT
Subject: serialNumber=915e2c4633351bba170433445c29433eb4de0d00ca087b314c26ccab26d19d9f, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:5f:1a:07:62:ac:8a:ce:fd:80:a5:e9:c2:d4:
40:1d:1a:d5:b1:3e:ec:bb:6f:c7:12:b1:44:d1:1f:
5c:87:81:71:b8:73:17:63:86:dc:94:cf:30:5c:82:
91:41:af:08:20:ce:ba:57:04:42:15:e5:7e:dd:03:
32:31:fe:2e:91:d6:56:8b:1c:e3:6e:0f:01:ff:e6:
60:19:88:7a:8e:60:7c:26:17:dd:62:a6:43:68:f5:
c5:83:f9:90:00:3c:87:c7:2e:b9:3e:11:ac:4b:3b:
21:9c:fd:ef:5a:a6:52:b7:31:5c:1e:06:15:8b:be:
6d:d3:7c:cb:9b:0c:32:21:04:b7:e5:52:95:03:75:
47:23:c4:29:b2:0f:c6:03:93:1d:80:b6:6d:5c:ae:
00:5d:3e:da:10:bb:fd:1c:5c:20:4e:9b:87:1b:e1:
80:ea:c4:75:c5:95:10:c3:6b:cf:a1:af:12:ee:02:
60:3d:5c:43:49:a7:d5:c6:f1:00:d1:82:77:9e:ea:
6f:ad:d6:f3:a3:08:66:69:29:7d:86:ab:77:2f:71:
69:9a:87:0a:24:4b:21:49:17:ec:f3:ce:9b:c4:f5:
3f:1d:14:ec:95:98:a0:69:cb:51:2e:e8:0e:8a:38:
18:44:fc:d8:c1:e1:3f:48:5b:03:83:da:50:ae:66:
59:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:03:66:92:F6:B3:2D:FD:BE:86:99:1D:A2:6A:0C:8F:33:04:FA:C8
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5a1921ca-ab9c-438e-b38f-c57ede30e1df.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.174.0.0/16
Signature Algorithm: sha256WithRSAEncryption
55:16:04:0e:ff:08:32:5e:fb:95:5a:60:20:25:f0:56:68:12:
68:f0:f7:a2:c5:87:e1:48:a8:67:3f:bf:07:d6:5d:07:81:87:
f5:ea:eb:73:05:cb:10:30:00:07:e8:75:49:bc:e2:92:3c:8f:
92:87:70:dc:56:e4:41:a0:02:28:2a:a5:ba:59:90:07:7f:80:
e1:0a:f7:a5:1a:31:dd:2f:4a:31:e5:03:d9:61:03:6a:83:27:
5e:65:a2:8f:16:58:c6:b9:f5:2c:3a:12:f4:c7:0b:8a:9c:f0:
f5:17:da:bd:e4:b8:db:64:af:87:88:7e:31:6d:ab:d0:07:64:
11:bb:03:01:9f:dd:57:32:94:c6:ea:0e:18:f6:2e:d1:17:b4:
39:18:d2:1a:4b:9e:65:13:8d:d5:c1:39:38:3b:35:b0:fa:1a:
0e:09:bf:e9:05:b6:12:95:48:77:5a:cb:2f:a2:4e:67:e1:80:
cc:d3:04:f8:75:da:2e:c8:6d:5d:d6:e1:17:3f:6b:5e:2c:c4:
3c:4c:2c:26:70:7e:d8:e3:65:f9:b6:7e:07:d3:30:07:f2:cc:
7b:b0:b0:36:20:c6:61:1b:d7:cf:49:76:b7:2e:02:cc:de:93:
3e:08:6b:54:32:96:23:e7:95:97:cb:9f:e5:d1:f5:57:61:01:
b7:28:ab:dd
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUH1DUO7ou1pawFXQzU3eAbyA7a0cwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMjEwNjM4WhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A5MTVlMmM0NjMzMzUxYmJhMTcwNDMzNDQ1YzI5NDMzZWI0
ZGUwZDAwY2EwODdiMzE0YzI2Y2NhYjI2ZDE5ZDlmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQClXxoHYqyKzv2ApenC1EAdGtWxPuy7b8cSsUTRH1yHgXG4
cxdjhtyUzzBcgpFBrwggzrpXBEIV5X7dAzIx/i6R1laLHONuDwH/5mAZiHqOYHwm
F91ipkNo9cWD+ZAAPIfHLrk+EaxLOyGc/e9aplK3MVweBhWLvm3TfMubDDIhBLfl
UpUDdUcjxCmyD8YDkx2Atm1crgBdPtoQu/0cXCBOm4cb4YDqxHXFlRDDa8+hrxLu
AmA9XENJp9XG8QDRgnee6m+t1vOjCGZpKX2Gq3cvcWmahwokSyFJF+zzzpvE9T8d
FOyVmKBpy1Eu6A6KOBhE/NjB4T9IWwOD2lCuZlnlAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU5wNmkvazLf2+hpkdomoMjzME+sgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzVhMTkyMWNhLWFiOWMtNDM4ZS1iMzhmLWM1N2VkZTMwZTFkZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwDHrjANBgkqhkiG9w0BAQsFAAOCAQEAVRYEDv8IMl77lVpgICXwVmgSaPD3
osWH4UioZz+/B9ZdB4GH9errcwXLEDAAB+h1SbzikjyPkodw3FbkQaACKCqlulmQ
B3+A4Qr3pRox3S9KMeUD2WEDaoMnXmWijxZYxrn1LDoS9McLipzw9RfaveS422Sv
h4h+MW2r0AdkEbsDAZ/dVzKUxuoOGPYu0Re0ORjSGkueZRON1cE5ODs1sPoaDgm/
6QW2EpVId1rLL6JOZ+GAzNME+HXaLshtXdbhFz9rXizEPEwsJnB+2ONl+bZ+B9Mw
B/LMe7CwNiDGYRvXz0l2ty4CzN6TPghrVDKWI+eVl8uf5dH1V2EBtyir3Q==
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:54:48 2025 by rpki-client