Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/752845bf-4fad-4178-abc3-345e36b80c44.roa
File: 752845bf-4fad-4178-abc3-345e36b80c44.roa (raw, json)
Hash identifier: Y950y4F3H9B46tMqCMf/k0kWU82japzRQRQN5+l954E=
Subject key identifier: BA:6B:DD:87:13:9F:2E:F1:87:2F:91:BE:BD:5B:53:71:64:97:1F:1B
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3AB81FBBD598DC16081A3312CCD0E8A0422A7B59
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/752845bf-4fad-4178-abc3-345e36b80c44.roa
Signing time: Wed 05 Nov 2025 00:21:19 +0000
ROA not before: Wed 05 Nov 2025 00:21:19 +0000
ROA not after: Wed 10 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 69.0.142.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:b8:1f:bb:d5:98:dc:16:08:1a:33:12:cc:d0:e8:a0:42:2a:7b:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 5 00:21:19 2025 GMT
Not After : Dec 10 23:59:59 2025 GMT
Subject: serialNumber=0835e9af4fdcd6cafcdde40eaafdf50f29673e0e1c599483f2096c0d70b4efe7, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:55:2e:09:78:8b:99:24:39:95:71:da:2d:8b:
da:0e:8f:d8:98:5f:f6:75:ca:a7:6f:ad:ef:bd:23:
c4:0f:bc:e0:40:9b:03:9c:d2:af:8b:91:41:de:b1:
1d:0b:55:d2:f2:40:2a:ce:ad:9c:5e:07:d5:2e:4f:
6f:6f:02:f0:d9:e5:ae:ea:81:13:e7:da:d8:5a:a4:
49:1f:a8:80:1c:2c:da:61:d1:39:46:c7:fb:2c:fb:
12:f5:11:e7:d8:7f:22:27:41:27:81:e1:a0:75:a2:
41:eb:43:29:19:a1:2a:e4:24:85:31:25:4e:d0:7e:
1f:02:e5:d0:5a:06:aa:cf:e7:a5:4c:17:3a:a7:ea:
21:7d:29:bd:73:73:05:cd:1d:81:c6:37:7c:85:61:
6b:6f:16:f1:d1:6a:7a:d2:b0:2e:b5:ed:e7:b9:06:
74:a2:e6:b1:69:d5:97:97:c4:8e:70:88:70:a0:13:
ff:92:b4:03:e5:cc:72:de:36:f8:ec:96:88:d2:3e:
a0:ae:c3:38:0b:6a:4d:44:39:ea:03:45:d5:33:52:
c8:85:00:31:f1:c6:e0:dd:4e:38:0d:e3:96:3e:54:
5d:df:59:44:e1:82:76:11:b1:78:84:66:20:66:01:
bf:b8:e2:6d:25:5d:ea:7d:7f:95:40:33:78:d7:7e:
32:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:6B:DD:87:13:9F:2E:F1:87:2F:91:BE:BD:5B:53:71:64:97:1F:1B
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/752845bf-4fad-4178-abc3-345e36b80c44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
69.0.142.0/23
Signature Algorithm: sha256WithRSAEncryption
c3:6d:22:72:33:37:a2:c1:5e:df:6b:d2:ed:eb:35:e9:ec:21:
23:20:10:41:07:50:11:cb:0b:ee:c9:14:6a:c7:56:d0:d5:aa:
b1:81:8c:df:de:45:3a:29:87:e0:ba:9e:d5:63:e6:39:bd:fa:
1a:72:f1:2d:38:84:b8:12:52:36:6a:47:f1:68:81:cb:fc:a7:
63:9a:ab:2b:3b:b6:1b:84:ec:e7:47:91:2e:a2:0e:36:e4:16:
20:6d:06:6c:6b:e6:5d:28:a2:b9:b4:0c:1b:fa:b4:27:b8:c1:
7a:f6:36:35:19:d1:9b:0a:da:16:e7:9c:6a:67:b0:62:71:0e:
a9:54:09:bf:d7:e8:6f:ac:28:e2:7d:e2:0a:71:f0:87:f0:3d:
94:8a:2d:e0:80:7c:70:ca:76:a0:6a:01:24:e8:51:fc:6b:98:
8c:0d:6e:ed:c9:bd:b7:7b:0b:79:38:7d:c1:a9:ff:f8:41:6c:
54:60:55:ba:a8:1c:fb:b5:56:ff:79:92:95:12:42:64:c2:40:
b2:4c:7f:f5:73:6f:ed:4e:24:a8:53:18:d0:f7:8a:03:24:60:
bb:99:db:34:4b:79:9d:da:b8:14:35:21:6f:bf:ef:a1:e9:d4:
e7:5c:83:ec:ab:c0:46:32:7a:2b:6d:c6:68:33:9f:68:4e:99:
5e:d3:d1:19
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOrgfu9WY3BYIGjMSzNDooEIqe1kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTA1MDAyMTE5WhcNMjUxMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AwODM1ZTlhZjRmZGNkNmNhZmNkZGU0MGVhYWZkZjUwZjI5
NjczZTBlMWM1OTk0ODNmMjA5NmMwZDcwYjRlZmU3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyVS4JeIuZJDmVcdoti9oOj9iYX/Z1yqdvre+9I8QPvOBA
mwOc0q+LkUHesR0LVdLyQCrOrZxeB9UuT29vAvDZ5a7qgRPn2thapEkfqIAcLNph
0TlGx/ss+xL1EefYfyInQSeB4aB1okHrQykZoSrkJIUxJU7Qfh8C5dBaBqrP56VM
Fzqn6iF9Kb1zcwXNHYHGN3yFYWtvFvHRanrSsC617ee5BnSi5rFp1ZeXxI5wiHCg
E/+StAPlzHLeNvjslojSPqCuwzgLak1EOeoDRdUzUsiFADHxxuDdTjgN45Y+VF3f
WUThgnYRsXiEZiBmAb+44m0lXep9f5VAM3jXfjKvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUumvdhxOfLvGHL5G+vVtTcWSXHxswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc1Mjg0NWJmLTRmYWQtNDE3OC1hYmMzLTM0NWUzNmI4MGM0NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFFAI4wDQYJKoZIhvcNAQELBQADggEBAMNtInIzN6LBXt9r0u3rNensISMg
EEEHUBHLC+7JFGrHVtDVqrGBjN/eRToph+C6ntVj5jm9+hpy8S04hLgSUjZqR/Fo
gcv8p2Oaqys7thuE7OdHkS6iDjbkFiBtBmxr5l0oorm0DBv6tCe4wXr2NjUZ0ZsK
2hbnnGpnsGJxDqlUCb/X6G+sKOJ94gpx8IfwPZSKLeCAfHDKdqBqASToUfxrmIwN
bu3Jvbd7C3k4fcGp//hBbFRgVbqoHPu1Vv95kpUSQmTCQLJMf/Vzb+1OJKhTGND3
igMkYLuZ2zRLeZ3auBQ1IW+/76Hp1Odcg+yrwEYyeittxmgzn2hOmV7T0Rk=
-----END CERTIFICATE-----
Generated at Wed Nov 5 10:09:41 2025 by rpki-client