Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5e8a746b-196e-4958-804c-1ff8ad621b8e.roa
File: 5e8a746b-196e-4958-804c-1ff8ad621b8e.roa (raw, json)
Hash identifier: QWXsvgn7yt96jtqJC7M7OMsn7zkvLj1KQZObeOhoKRk=
Subject key identifier: A1:B6:63:65:EA:E9:89:12:F9:A4:FA:E9:57:A6:E3:A1:C8:39:55:42
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 28266EA47D44617446A851F43D3B679F66381EE4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5e8a746b-196e-4958-804c-1ff8ad621b8e.roa
Signing time: Wed 05 Nov 2025 00:20:08 +0000
ROA not before: Wed 05 Nov 2025 00:20:08 +0000
ROA not after: Wed 10 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 121.95.128.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:26:6e:a4:7d:44:61:74:46:a8:51:f4:3d:3b:67:9f:66:38:1e:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 5 00:20:08 2025 GMT
Not After : Dec 10 23:59:59 2025 GMT
Subject: serialNumber=dd024746d9827eaf98e60114ea1ab3cc19577b03bd4ba489eac15f8164b414a7, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ef:29:7d:68:c7:7a:34:1b:24:8a:c6:0b:e5:
6f:29:36:3a:8e:76:40:7d:ea:5d:25:0a:0b:95:bc:
98:24:12:18:e6:31:ee:9a:94:49:5a:61:a5:57:de:
bc:3b:5e:6c:3d:83:ed:b6:b4:08:9e:a3:c8:b5:67:
27:33:20:97:e0:c1:14:e3:22:53:01:53:80:e8:6e:
f2:3b:8e:5c:6e:04:1c:70:ac:c8:9d:6e:97:87:4b:
dd:c7:55:44:92:b3:84:e3:4b:2b:2c:a8:6f:bb:e1:
1c:49:33:4b:b1:f7:9a:f4:f3:c7:ae:3d:e1:52:c3:
a0:24:c4:1d:3c:5c:dc:ec:cf:85:ab:66:a7:3f:7d:
83:5e:70:e3:1b:d2:ea:d4:61:2a:6b:b6:1a:d2:00:
f2:ed:26:03:06:34:ae:e0:66:3b:21:78:f5:3c:2c:
20:69:00:10:bb:8f:52:1a:ef:7a:d7:18:77:94:f9:
a2:09:19:9c:fc:1a:63:f2:0f:1e:d9:88:c5:2f:86:
5d:fd:3f:83:1a:92:82:02:a3:89:f8:ef:ff:ee:c2:
fd:d9:bf:06:a5:77:89:ac:5a:b6:b6:7e:28:c6:ad:
86:c9:0b:12:6a:99:cd:7c:e2:08:d3:bc:b2:32:06:
10:99:3c:58:97:e8:44:89:c8:9b:dc:1d:63:9a:08:
49:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:B6:63:65:EA:E9:89:12:F9:A4:FA:E9:57:A6:E3:A1:C8:39:55:42
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5e8a746b-196e-4958-804c-1ff8ad621b8e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.95.128.0/17
Signature Algorithm: sha256WithRSAEncryption
c7:67:40:1a:8f:b6:4e:36:1a:90:a6:69:30:97:97:9f:5c:16:
2d:91:a2:1b:00:b8:b8:4a:00:ea:16:68:ba:e1:d9:e6:1a:48:
57:1c:14:01:7b:25:9c:84:3b:34:07:51:b3:c8:91:5f:b2:9a:
62:b2:04:e1:cb:27:df:c0:53:4d:e8:37:d9:c0:b7:2b:42:ab:
85:c9:2a:de:4c:f7:4f:d8:d9:35:7f:f3:9f:ea:83:49:79:bd:
bc:c0:be:0d:2d:02:91:25:5d:d1:00:b5:d4:82:4a:1a:c5:0c:
3f:3d:56:65:f8:c7:71:aa:a9:d5:a3:a8:36:06:d4:16:57:f9:
5d:a8:0c:8e:61:be:2d:47:bc:e0:84:81:73:99:c7:47:06:12:
a5:ed:0f:00:34:3c:dd:30:88:65:4c:5f:91:10:a2:df:31:65:
42:64:2f:de:cc:4f:30:8a:07:f3:df:6d:ff:7f:a6:48:05:e8:
6d:c3:4e:d5:71:48:57:08:d9:32:77:64:ae:1f:7a:4b:b1:b6:
64:fc:eb:6e:60:51:bf:72:7a:37:96:87:13:b8:42:bb:70:af:
f2:cc:3e:92:ea:c5:80:e6:98:86:6b:a3:6b:58:b4:17:65:67:
bd:39:24:34:a5:35:f1:40:bc:e8:71:02:33:06:ce:91:ef:ba:
29:94:4f:be
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKCZupH1EYXRGqFH0PTtnn2Y4HuQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTA1MDAyMDA4WhcNMjUxMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BkZDAyNDc0NmQ5ODI3ZWFmOThlNjAxMTRlYTFhYjNjYzE5
NTc3YjAzYmQ0YmE0ODllYWMxNWY4MTY0YjQxNGE3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDC7yl9aMd6NBskisYL5W8pNjqOdkB96l0lCguVvJgkEhjm
Me6alElaYaVX3rw7Xmw9g+22tAieo8i1ZyczIJfgwRTjIlMBU4DobvI7jlxuBBxw
rMidbpeHS93HVUSSs4TjSyssqG+74RxJM0ux95r088euPeFSw6AkxB08XNzsz4Wr
Zqc/fYNecOMb0urUYSprthrSAPLtJgMGNK7gZjshePU8LCBpABC7j1Ia73rXGHeU
+aIJGZz8GmPyDx7ZiMUvhl39P4MakoICo4n47//uwv3Zvwald4msWra2fijGrYbJ
CxJqmc184gjTvLIyBhCZPFiX6ESJyJvcHWOaCEk3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUobZjZerpiRL5pPrpV6bjocg5VUIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzVlOGE3NDZiLTE5NmUtNDk1OC04MDRjLTFmZjhhZDYyMWI4ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAd5X4AwDQYJKoZIhvcNAQELBQADggEBAMdnQBqPtk42GpCmaTCXl59cFi2R
ohsAuLhKAOoWaLrh2eYaSFccFAF7JZyEOzQHUbPIkV+ymmKyBOHLJ9/AU03oN9nA
tytCq4XJKt5M90/Y2TV/85/qg0l5vbzAvg0tApElXdEAtdSCShrFDD89VmX4x3Gq
qdWjqDYG1BZX+V2oDI5hvi1HvOCEgXOZx0cGEqXtDwA0PN0wiGVMX5EQot8xZUJk
L97MTzCKB/Pfbf9/pkgF6G3DTtVxSFcI2TJ3ZK4fekuxtmT8625gUb9yejeWhxO4
Qrtwr/LMPpLqxYDmmIZro2tYtBdlZ705JDSlNfFAvOhxAjMGzpHvuimUT74=
-----END CERTIFICATE-----
Generated at Wed Nov 5 14:55:42 2025 by rpki-client