Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/68af9002-6d9c-4a97-b412-41140a596dc9.roa
File: 68af9002-6d9c-4a97-b412-41140a596dc9.roa (raw, json)
Hash identifier: /mIHYVFkFYMqs7ijVX7CYtMZkWW4ECUol4yUBKaIajw=
Subject key identifier: 2B:F5:E8:B2:A5:BD:D5:E5:CF:FE:E0:23:2D:F0:20:FD:7B:2F:94:BF
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 210FBDB5009317715299651F0A7139D93B998E23
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/68af9002-6d9c-4a97-b412-41140a596dc9.roa
Signing time: Sun 02 Nov 2025 00:10:36 +0000
ROA not before: Sun 02 Nov 2025 00:10:36 +0000
ROA not after: Sun 07 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 99.150.56.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:0f:bd:b5:00:93:17:71:52:99:65:1f:0a:71:39:d9:3b:99:8e:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 2 00:10:36 2025 GMT
Not After : Dec 7 23:59:59 2025 GMT
Subject: serialNumber=b67b3663fe9eca8eefd6c244db8f1172fe034c2fbbb4f665e2e6230fbbc2fd42, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b6:9d:26:d7:98:ac:8e:bc:3b:82:90:b7:e1:
cc:f9:eb:cf:c8:8b:55:3b:6c:b9:a0:9e:15:69:56:
33:41:9a:34:81:1e:21:67:20:f1:4a:14:89:ea:63:
1b:d3:94:8f:fe:c1:74:e6:2a:fc:00:4f:70:82:da:
94:6a:b0:03:f8:53:6c:e1:4c:e9:b7:d7:95:02:c1:
e2:f5:84:bf:99:4e:f3:98:7f:8f:14:d2:ee:aa:16:
b9:30:51:ab:01:9d:1e:c6:04:3b:bc:64:9d:4e:fa:
6b:b4:e8:02:69:e4:f3:88:55:e2:18:9c:d7:81:d2:
31:cc:8a:44:34:4b:8d:f8:7d:3d:1b:6b:85:82:45:
48:ac:1d:aa:ca:ae:69:7d:a5:d9:bc:5c:fe:ff:da:
80:dc:64:ca:8d:6e:6c:9a:df:3b:55:97:18:19:eb:
51:54:a1:15:12:17:c0:b9:b5:f9:90:d6:39:c7:2f:
46:58:f5:bc:06:10:07:86:39:21:ba:e2:31:0e:c0:
73:c2:33:d9:01:f2:d6:52:ea:ab:d5:32:b2:6d:31:
77:08:ed:07:1f:0b:5d:0a:e2:41:5a:1b:a7:75:82:
63:68:7e:b2:2a:d3:e3:00:2e:a9:cd:bb:fa:9e:b9:
90:d2:9c:ac:3b:c3:a6:c2:c2:60:c9:e8:c4:31:f4:
0b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:F5:E8:B2:A5:BD:D5:E5:CF:FE:E0:23:2D:F0:20:FD:7B:2F:94:BF
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/68af9002-6d9c-4a97-b412-41140a596dc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
99.150.56.0/21
Signature Algorithm: sha256WithRSAEncryption
36:3c:7e:1c:df:1f:6c:5f:72:0f:16:bd:24:26:0b:26:85:56:
a3:9c:50:24:e3:76:ed:c2:aa:10:44:53:a7:3c:45:00:72:bf:
17:df:b8:27:83:54:68:c7:2d:76:36:f8:e5:0b:c6:2c:77:eb:
5b:0c:6d:da:a0:92:65:dd:81:23:40:25:66:21:7f:0c:53:9c:
9f:18:ef:2f:03:f8:c5:0a:52:86:07:1f:1a:d3:46:c1:88:a5:
18:8f:4b:91:86:87:2f:dd:17:41:bc:0b:24:ad:be:9c:53:7d:
4e:e6:f6:4a:21:85:fb:b1:da:a1:90:5d:dc:68:cf:a2:31:d3:
0f:43:19:6a:b2:60:a9:d8:4d:0c:b4:d3:4b:a4:60:46:e5:8d:
c0:c6:2e:ad:40:18:e4:0a:5d:61:3d:b5:c6:8f:b9:3f:f5:1e:
1c:83:cb:cf:c3:23:32:0f:49:ec:2c:50:f8:97:e5:d7:0c:d0:
bb:21:97:40:6a:46:df:f1:e0:1c:82:a7:06:31:43:94:a1:2e:
53:0d:1d:a9:7b:3d:62:30:ca:cd:c2:e2:07:3b:55:33:bb:64:
43:2d:dc:6f:7c:ac:4a:be:f9:5b:66:49:5a:3c:7f:3d:a4:e4:
78:cf:de:3c:b5:de:bf:ef:b6:d1:13:71:69:6b:9f:86:4e:4e:
bd:f5:69:a4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIQ+9tQCTF3FSmWUfCnE52TuZjiMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTAyMDAxMDM2WhcNMjUxMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BiNjdiMzY2M2ZlOWVjYThlZWZkNmMyNDRkYjhmMTE3MmZl
MDM0YzJmYmJiNGY2NjVlMmU2MjMwZmJiYzJmZDQyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7tp0m15isjrw7gpC34cz568/Ii1U7bLmgnhVpVjNBmjSB
HiFnIPFKFInqYxvTlI/+wXTmKvwAT3CC2pRqsAP4U2zhTOm315UCweL1hL+ZTvOY
f48U0u6qFrkwUasBnR7GBDu8ZJ1O+mu06AJp5POIVeIYnNeB0jHMikQ0S434fT0b
a4WCRUisHarKrml9pdm8XP7/2oDcZMqNbmya3ztVlxgZ61FUoRUSF8C5tfmQ1jnH
L0ZY9bwGEAeGOSG64jEOwHPCM9kB8tZS6qvVMrJtMXcI7QcfC10K4kFaG6d1gmNo
frIq0+MALqnNu/qeuZDSnKw7w6bCwmDJ6MQx9AurAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUK/XosqW91eXP/uAjLfAg/XsvlL8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY4YWY5MDAyLTZkOWMtNGE5Ny1iNDEyLTQxMTQwYTU5NmRjOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANjljgwDQYJKoZIhvcNAQELBQADggEBADY8fhzfH2xfcg8WvSQmCyaFVqOc
UCTjdu3CqhBEU6c8RQByvxffuCeDVGjHLXY2+OULxix361sMbdqgkmXdgSNAJWYh
fwxTnJ8Y7y8D+MUKUoYHHxrTRsGIpRiPS5GGhy/dF0G8CyStvpxTfU7m9kohhfux
2qGQXdxoz6Ix0w9DGWqyYKnYTQy000ukYEbljcDGLq1AGOQKXWE9tcaPuT/1HhyD
y8/DIzIPSewsUPiX5dcM0Lshl0BqRt/x4ByCpwYxQ5ShLlMNHal7PWIwys3C4gc7
VTO7ZEMt3G98rEq++VtmSVo8fz2k5HjP3jy13r/vttETcWlrn4ZOTr31aaQ=
-----END CERTIFICATE-----
Generated at Wed Nov 5 10:01:56 2025 by rpki-client