Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/647019d0-aed8-481b-971d-49bbf00e94fc.roa
File: 647019d0-aed8-481b-971d-49bbf00e94fc.roa (raw, json)
Hash identifier: /D7v4T3y68OTvcpRis+9jAsjIrqD6OmeZ+ZSvNKkuUc=
Subject key identifier: 70:33:F1:6B:6A:20:38:AA:FA:48:03:7D:76:27:67:53:7F:5A:3E:8F
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 377884E74ED4126945AA1E2247BE45CFE01320D9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/647019d0-aed8-481b-971d-49bbf00e94fc.roa
Signing time: Fri 31 Oct 2025 01:00:41 +0000
ROA not before: Fri 31 Oct 2025 01:00:41 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 31.220.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:78:84:e7:4e:d4:12:69:45:aa:1e:22:47:be:45:cf:e0:13:20:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 31 01:00:41 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=b4a0b30e0b0931b757f652f47c82a06c159842393084ac445a96ecd0631ab173, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:84:d7:6e:2e:6f:8d:25:13:d9:59:fc:a0:68:
e4:5a:a2:ca:a2:b3:1e:b0:8f:30:30:c9:0b:75:5c:
4b:13:60:4b:be:5c:84:78:85:85:a0:0d:5c:c2:b3:
78:90:57:bb:bb:81:70:c4:57:aa:93:4c:e8:d2:87:
96:49:bd:bc:d6:0c:a2:4b:6e:f4:0f:c7:52:ee:b4:
18:bf:17:e9:45:88:f1:23:a5:8a:9d:f9:ab:21:db:
8b:24:d1:da:9a:b2:91:c8:d7:77:bc:e9:20:0a:89:
85:93:50:13:01:39:fa:8c:9c:29:6f:99:5c:a9:86:
3f:1f:8c:ce:bb:16:bd:f5:a1:ee:7a:b7:27:cc:02:
10:94:5c:bb:a9:c5:18:01:af:84:77:28:f0:76:a2:
9a:a7:30:9e:ba:0b:58:68:bd:f4:31:10:5c:21:8b:
1d:d9:17:e0:43:b2:69:5a:c3:d9:a6:e4:d8:f1:c8:
6e:90:55:59:6d:3e:dc:fe:45:96:c2:96:c4:2b:81:
ed:d0:ab:d1:f7:f6:6d:4b:05:e1:bf:a1:2c:51:0b:
c4:f8:b0:cc:78:4f:f4:dd:a1:00:d2:ef:61:ff:b3:
a1:03:b2:2f:d4:a2:4c:c3:8c:ba:89:a4:c6:bd:87:
58:c7:5e:48:3a:e3:b0:65:d2:bb:6f:96:34:a7:80:
94:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:33:F1:6B:6A:20:38:AA:FA:48:03:7D:76:27:67:53:7F:5A:3E:8F
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/647019d0-aed8-481b-971d-49bbf00e94fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.253.0/24
Signature Algorithm: sha256WithRSAEncryption
37:e9:19:d4:e7:6d:21:2d:88:ce:92:f6:dc:f5:94:74:f3:74:
4c:dc:81:73:00:30:d6:cc:87:24:8f:81:0c:77:10:cf:ee:a0:
83:a8:03:12:6d:c5:b1:7f:31:19:23:7a:f5:1e:2c:6a:4a:13:
61:cb:7e:dc:e1:95:19:88:82:97:d8:b6:d2:87:eb:e4:4f:9e:
1f:95:0d:37:84:aa:07:6c:d5:87:46:8f:ee:23:a3:f9:94:e1:
1c:87:6c:c8:ec:1e:08:37:1c:3d:23:12:94:a9:fd:59:9e:43:
f4:c1:1e:0b:98:f6:5f:cd:7b:ad:e3:a2:22:5f:1e:8e:19:76:
9a:ea:02:75:05:7d:15:3f:2f:67:5b:56:72:32:0d:76:0b:cd:
01:e0:fe:73:30:3f:c6:94:5d:f4:62:19:2b:b6:ce:eb:b8:df:
d0:ab:59:98:78:aa:7e:a8:17:53:1f:ee:cb:0b:59:cb:fd:1f:
b8:c6:c3:44:5f:dc:dc:21:f6:94:fa:28:58:4a:19:e9:ac:30:
34:a5:ed:f6:c2:1f:1e:3f:1d:95:81:5f:42:c8:87:57:1c:7a:
a0:00:bc:22:ed:01:01:1a:a2:6f:59:75:fa:4f:d5:85:8f:17:
8b:1d:d0:4c:af:d2:fd:c0:e7:b0:80:8a:5f:ad:99:23:6a:24:
5a:61:74:44
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUN3iE507UEmlFqh4iR75Fz+ATINkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDMxMDEwMDQxWhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BiNGEwYjMwZTBiMDkzMWI3NTdmNjUyZjQ3YzgyYTA2YzE1
OTg0MjM5MzA4NGFjNDQ1YTk2ZWNkMDYzMWFiMTczMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDyhNduLm+NJRPZWfygaORaosqisx6wjzAwyQt1XEsTYEu+
XIR4hYWgDVzCs3iQV7u7gXDEV6qTTOjSh5ZJvbzWDKJLbvQPx1LutBi/F+lFiPEj
pYqd+ash24sk0dqaspHI13e86SAKiYWTUBMBOfqMnClvmVyphj8fjM67Fr31oe56
tyfMAhCUXLupxRgBr4R3KPB2opqnMJ66C1hovfQxEFwhix3ZF+BDsmlaw9mm5Njx
yG6QVVltPtz+RZbClsQrge3Qq9H39m1LBeG/oSxRC8T4sMx4T/TdoQDS72H/s6ED
si/UokzDjLqJpMa9h1jHXkg647Bl0rtvljSngJQJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUcDPxa2ogOKr6SAN9didnU39aPo8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY0NzAxOWQwLWFlZDgtNDgxYi05NzFkLTQ5YmJmMDBlOTRmYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAf3P0wDQYJKoZIhvcNAQELBQADggEBADfpGdTnbSEtiM6S9tz1lHTzdEzc
gXMAMNbMhySPgQx3EM/uoIOoAxJtxbF/MRkjevUeLGpKE2HLftzhlRmIgpfYttKH
6+RPnh+VDTeEqgds1YdGj+4jo/mU4RyHbMjsHgg3HD0jEpSp/VmeQ/TBHguY9l/N
e63joiJfHo4ZdprqAnUFfRU/L2dbVnIyDXYLzQHg/nMwP8aUXfRiGSu2zuu439Cr
WZh4qn6oF1Mf7ssLWcv9H7jGw0Rf3Nwh9pT6KFhKGemsMDSl7fbCHx4/HZWBX0LI
h1cceqAAvCLtAQEaom9ZdfpP1YWPF4sd0Eyv0v3A57CAil+tmSNqJFphdEQ=
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:52:36 2025 by rpki-client