Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5d276d3c-e25b-4533-9a53-914f075a1f4e.roa
File: 5d276d3c-e25b-4533-9a53-914f075a1f4e.roa (raw, json)
Hash identifier: ZBg5sLHxgYUevWfzXfRx/BwU/W3dhOglwf00x3K5wdQ=
Subject key identifier: 82:6D:66:F7:2C:D6:43:14:C4:8A:60:75:EB:83:D4:23:FF:9E:D3:15
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 5F2A8D20325D21E49775A38F5EE7EBD6209C6A17
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5d276d3c-e25b-4533-9a53-914f075a1f4e.roa
Signing time: Wed 05 Nov 2025 00:40:10 +0000
ROA not before: Wed 05 Nov 2025 00:40:10 +0000
ROA not after: Wed 10 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 64.226.228.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:2a:8d:20:32:5d:21:e4:97:75:a3:8f:5e:e7:eb:d6:20:9c:6a:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 5 00:40:10 2025 GMT
Not After : Dec 10 23:59:59 2025 GMT
Subject: serialNumber=d5cb2a35893dc4801996acf04b42e07cdeeea6b80378fe999be4a23f2578c495, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b3:77:d0:3c:64:e9:f1:5a:16:d9:5a:81:78:
ad:f2:3d:b1:51:e4:eb:1a:f4:fb:d6:f1:03:1e:ce:
ff:5e:db:32:a4:ab:02:45:8f:77:b7:1c:39:b4:27:
b2:01:19:55:ab:4c:71:62:ce:49:76:f0:62:a1:ef:
4b:7e:ee:71:62:1e:ad:e3:e0:a0:5d:9b:5e:d0:f0:
c4:22:b3:c0:9d:3a:0f:a1:71:3f:b1:24:53:c4:7d:
e9:87:1f:eb:68:88:30:6a:d8:aa:86:bc:c5:d3:20:
fc:2d:0f:01:ee:60:f7:82:8b:0f:44:8e:62:d0:91:
5a:6c:96:ff:e6:96:73:2b:2f:2a:a6:14:33:a9:23:
a5:77:10:9e:08:9c:cc:32:83:88:83:89:4c:7b:f4:
aa:c0:c9:f8:ad:07:f5:e8:f6:60:40:44:3b:26:3b:
80:83:4e:bd:b8:f3:f2:0f:73:ef:cd:04:13:9c:29:
cb:98:e7:17:d2:cf:79:89:ae:e4:38:40:d4:f3:ef:
2f:d5:47:33:53:ce:0c:1d:67:f8:e7:41:12:be:14:
2f:4f:c6:c9:f6:6c:77:dc:fb:1f:d6:2e:32:79:39:
1b:de:46:9c:42:de:66:83:13:bf:f0:20:95:d3:4c:
d1:fc:f8:37:18:d1:c3:fa:ce:6b:fc:d2:83:a6:48:
2c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:6D:66:F7:2C:D6:43:14:C4:8A:60:75:EB:83:D4:23:FF:9E:D3:15
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5d276d3c-e25b-4533-9a53-914f075a1f4e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.226.228.0/22
Signature Algorithm: sha256WithRSAEncryption
60:51:43:07:12:e2:eb:59:9f:dd:d8:cf:c1:c6:07:6c:4c:20:
7c:ac:ff:94:93:dd:61:18:e6:8f:1d:22:37:cb:bb:7e:4f:1c:
3d:6c:a8:e8:2e:b7:76:96:9f:c0:4b:44:70:fb:98:8c:49:23:
e1:93:b9:fd:26:c8:f1:91:9b:16:43:29:6f:c1:ce:c3:27:93:
06:66:1e:1c:34:58:91:04:7a:1b:8f:47:7d:eb:f0:e3:9b:32:
06:cd:80:55:b1:35:9c:7a:fa:55:e3:3c:55:96:dd:10:e9:fc:
58:54:c3:fc:7a:a5:1e:13:af:7f:7e:13:4a:e7:e3:99:06:d2:
54:86:6a:a6:ef:ea:11:a4:29:51:6d:24:59:c4:75:84:10:12:
a3:83:b6:4c:6a:a4:2b:ea:70:49:37:7c:fb:31:da:21:b4:44:
e0:bc:7d:16:eb:19:21:c9:e7:ce:8f:62:60:46:56:a8:ac:49:
8e:08:d7:53:09:fa:f4:43:83:c6:60:22:d0:22:e5:e3:52:8f:
5a:db:fa:79:34:fc:75:89:36:1d:bd:93:e1:98:80:8c:39:01:
77:4d:4c:7e:8e:68:cc:2c:87:ca:4a:82:44:36:06:da:4b:b6:
e8:ff:b0:1c:0a:67:f1:8c:9b:fb:b8:bf:dc:e2:18:d9:8e:2f:
e1:b8:c6:c1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXyqNIDJdIeSXdaOPXufr1iCcahcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTA1MDA0MDEwWhcNMjUxMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BkNWNiMmEzNTg5M2RjNDgwMTk5NmFjZjA0YjQyZTA3Y2Rl
ZWVhNmI4MDM3OGZlOTk5YmU0YTIzZjI1NzhjNDk1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCXs3fQPGTp8VoW2VqBeK3yPbFR5Osa9PvW8QMezv9e2zKk
qwJFj3e3HDm0J7IBGVWrTHFizkl28GKh70t+7nFiHq3j4KBdm17Q8MQis8CdOg+h
cT+xJFPEfemHH+toiDBq2KqGvMXTIPwtDwHuYPeCiw9EjmLQkVpslv/mlnMrLyqm
FDOpI6V3EJ4InMwyg4iDiUx79KrAyfitB/Xo9mBARDsmO4CDTr248/IPc+/NBBOc
KcuY5xfSz3mJruQ4QNTz7y/VRzNTzgwdZ/jnQRK+FC9Pxsn2bHfc+x/WLjJ5ORve
RpxC3maDE7/wIJXTTNH8+DcY0cP6zmv80oOmSCxxAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUgm1m9yzWQxTEimB164PUI/+e0xUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzVkMjc2ZDNjLWUyNWItNDUzMy05YTUzLTkxNGYwNzVhMWY0ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJA4uQwDQYJKoZIhvcNAQELBQADggEBAGBRQwcS4utZn93Yz8HGB2xMIHys
/5ST3WEY5o8dIjfLu35PHD1sqOgut3aWn8BLRHD7mIxJI+GTuf0myPGRmxZDKW/B
zsMnkwZmHhw0WJEEehuPR33r8OObMgbNgFWxNZx6+lXjPFWW3RDp/FhUw/x6pR4T
r39+E0rn45kG0lSGaqbv6hGkKVFtJFnEdYQQEqODtkxqpCvqcEk3fPsx2iG0ROC8
fRbrGSHJ586PYmBGVqisSY4I11MJ+vRDg8ZgItAi5eNSj1rb+nk0/HWJNh29k+GY
gIw5AXdNTH6OaMwsh8pKgkQ2BtpLtuj/sBwKZ/GMm/u4v9ziGNmOL+G4xsE=
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:48:47 2025 by rpki-client