Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6205efa3-adeb-4c79-a841-af02822a7d3f.roa
File: 6205efa3-adeb-4c79-a841-af02822a7d3f.roa (raw, json)
Hash identifier: Yka4I4W1Eh+wqg3GrEIH+KBWDdNANgCghny5Rpo3p68=
Subject key identifier: 41:1B:00:77:D2:40:5B:1E:95:E2:B6:FF:0C:74:33:53:CC:F6:BB:75
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 551928100F901FB98CB804CC547B22A10B447888
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6205efa3-adeb-4c79-a841-af02822a7d3f.roa
Signing time: Sun 02 Nov 2025 00:40:08 +0000
ROA not before: Sun 02 Nov 2025 00:40:08 +0000
ROA not after: Sun 07 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 66.152.0.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:19:28:10:0f:90:1f:b9:8c:b8:04:cc:54:7b:22:a1:0b:44:78:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 2 00:40:08 2025 GMT
Not After : Dec 7 23:59:59 2025 GMT
Subject: serialNumber=4d568a3a73e766f1d411388fba8626dee15b433b99bdcf6e18118de0b794fd42, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:75:9d:f3:5d:03:bd:1a:e8:c7:fc:51:ee:57:
b8:8c:0d:8e:fb:20:8d:e2:0a:b4:2e:83:51:eb:27:
27:be:68:96:09:df:12:85:1d:f5:6c:71:2d:32:a8:
43:92:9b:78:6b:43:60:ea:0b:30:85:5f:ae:9f:52:
4a:9c:f4:7f:12:b2:80:a6:22:6f:b6:21:a9:e5:74:
de:4c:16:07:ac:db:a1:bd:de:0c:8d:34:9d:4f:25:
83:e4:ef:b3:91:f8:f8:1d:3a:74:af:5f:e2:cc:af:
7d:e9:39:39:e1:99:77:03:06:06:1e:6f:fb:aa:d3:
2e:1e:9e:9d:58:45:9d:19:65:4a:5a:3d:d6:8e:1c:
e3:31:bb:52:13:b8:da:67:19:b5:fc:40:bd:86:f4:
93:76:16:5b:66:69:bc:5c:66:ec:fc:d9:4b:15:48:
24:7a:b0:22:41:09:d5:cd:27:32:bd:4a:6c:f5:fb:
05:36:5b:8a:af:83:d0:37:a6:7f:66:13:25:49:0b:
c7:35:76:af:12:dd:0c:a7:b4:ac:54:92:b8:9f:03:
44:af:0a:f6:f0:b3:b3:f8:b4:42:b7:9e:08:18:32:
a3:a8:d1:4f:25:ad:d0:50:95:c7:4a:80:2e:a0:26:
e6:45:ac:98:06:95:f1:3b:91:26:c3:75:d8:2e:ad:
72:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:1B:00:77:D2:40:5B:1E:95:E2:B6:FF:0C:74:33:53:CC:F6:BB:75
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6205efa3-adeb-4c79-a841-af02822a7d3f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.152.0.0/18
Signature Algorithm: sha256WithRSAEncryption
77:a0:f2:7f:2f:8b:89:e7:2b:2b:dc:30:8c:55:46:c3:b7:49:
3b:92:b6:07:6f:dd:43:df:4d:c9:87:4b:16:6b:17:18:c8:b7:
68:1b:87:3e:4b:a0:b3:3f:f6:70:06:64:fa:f2:b0:a4:86:fd:
68:04:11:7c:56:cb:a6:0a:e6:69:39:e1:57:06:f3:6d:f7:90:
77:e1:8a:a7:c7:95:1e:66:3d:9b:31:9d:1c:3e:91:17:da:bc:
e8:2f:7c:59:6f:4b:86:c0:ba:dd:11:77:c5:c6:a8:58:c6:14:
ed:b0:82:d0:6f:a6:2e:3e:b8:50:45:cd:c2:cd:b8:b7:92:6b:
2f:52:fc:4e:68:66:dd:31:ef:1e:ed:2c:0b:7f:5b:eb:52:50:
2e:40:92:de:42:f9:57:eb:43:46:99:cc:a6:00:9e:3b:60:96:
08:99:bf:7d:60:7c:25:f1:1d:54:09:d6:ac:5b:2a:2f:74:61:
82:e5:b3:c1:6e:00:41:ff:f2:5c:b8:e7:b1:04:cb:05:8f:0b:
38:c5:08:4d:d8:18:e5:a5:bd:2b:d5:33:7a:9b:3f:d8:f3:bd:
2e:04:ac:63:3c:9d:e4:1d:60:f9:fe:fd:01:87:1c:ea:3e:ef:
ae:62:f6:1f:28:b2:d3:fd:57:f1:bb:2f:ab:ee:59:da:04:c9:
21:26:ef:93
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVRkoEA+QH7mMuATMVHsioQtEeIgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTAyMDA0MDA4WhcNMjUxMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A0ZDU2OGEzYTczZTc2NmYxZDQxMTM4OGZiYTg2MjZkZWUx
NWI0MzNiOTliZGNmNmUxODExOGRlMGI3OTRmZDQyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzdZ3zXQO9GujH/FHuV7iMDY77II3iCrQug1HrJye+aJYJ
3xKFHfVscS0yqEOSm3hrQ2DqCzCFX66fUkqc9H8SsoCmIm+2IanldN5MFges26G9
3gyNNJ1PJYPk77OR+PgdOnSvX+LMr33pOTnhmXcDBgYeb/uq0y4enp1YRZ0ZZUpa
PdaOHOMxu1ITuNpnGbX8QL2G9JN2FltmabxcZuz82UsVSCR6sCJBCdXNJzK9Smz1
+wU2W4qvg9A3pn9mEyVJC8c1dq8S3QyntKxUkrifA0SvCvbws7P4tEK3nggYMqOo
0U8lrdBQlcdKgC6gJuZFrJgGlfE7kSbDddgurXLPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUQRsAd9JAWx6V4rb/DHQzU8z2u3UwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzYyMDVlZmEzLWFkZWItNGM3OS1hODQxLWFmMDI4MjJhN2QzZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZCmAAwDQYJKoZIhvcNAQELBQADggEBAHeg8n8vi4nnKyvcMIxVRsO3STuS
tgdv3UPfTcmHSxZrFxjIt2gbhz5LoLM/9nAGZPrysKSG/WgEEXxWy6YK5mk54VcG
8233kHfhiqfHlR5mPZsxnRw+kRfavOgvfFlvS4bAut0Rd8XGqFjGFO2wgtBvpi4+
uFBFzcLNuLeSay9S/E5oZt0x7x7tLAt/W+tSUC5Akt5C+VfrQ0aZzKYAnjtglgiZ
v31gfCXxHVQJ1qxbKi90YYLls8FuAEH/8ly457EEywWPCzjFCE3YGOWlvSvVM3qb
P9jzvS4ErGM8neQdYPn+/QGHHOo+765i9h8ostP9V/G7L6vuWdoEySEm75M=
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:45:14 2025 by rpki-client