Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/783c511e-5fb0-4300-843c-c199f004156b.roa
File: 783c511e-5fb0-4300-843c-c199f004156b.roa (raw, json)
Hash identifier: sVHFzCVaINxPqCST8okjBO1ZBG9VHa4oT1dEoDH25X8=
Subject key identifier: E3:D3:22:7A:3E:C7:61:95:D5:76:1C:17:B0:C5:48:2E:A5:47:8D:D2
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: EC116D877B11554D579AE2AF1492C5903D06C5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/783c511e-5fb0-4300-843c-c199f004156b.roa
Signing time: Sat 25 Oct 2025 00:01:18 +0000
ROA not before: Sat 25 Oct 2025 00:01:18 +0000
ROA not after: Sat 29 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 168.203.128.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
ec:11:6d:87:7b:11:55:4d:57:9a:e2:af:14:92:c5:90:3d:06:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 25 00:01:18 2025 GMT
Not After : Nov 29 23:59:59 2025 GMT
Subject: serialNumber=ed41aa428340c39cc7899b4a9e6369f133588ca2d6eb5a64b39c1411ee1812fe, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:8d:38:fc:41:18:42:3f:a6:c1:ed:22:43:61:
fa:c6:2a:ae:68:ce:dd:5d:49:53:d2:89:36:94:f6:
64:1b:64:e3:e6:b7:19:bb:78:de:55:7f:0d:01:ff:
fa:d0:9d:8a:69:22:b4:ad:a6:31:4e:5b:c7:44:ee:
aa:b2:ee:b4:ca:f5:ce:72:96:2c:5c:4c:c1:20:39:
c7:1d:81:fd:25:b8:df:21:7c:3a:7c:a4:67:12:36:
62:db:3e:ec:fc:13:b2:6c:b0:11:0b:ff:22:ab:29:
d5:f0:e6:c6:d4:13:3a:b9:46:ae:0b:42:0f:13:99:
bb:ef:02:11:3c:9e:92:12:5d:19:e9:c3:ac:f6:31:
6e:c1:e9:7a:20:96:cd:93:5f:dd:fe:f2:2c:b3:21:
8c:55:dd:29:4d:fa:1a:57:c3:9d:a7:40:52:18:4a:
62:1a:71:83:08:4a:4c:38:ac:20:33:13:d5:35:24:
ae:1e:6e:29:64:c7:34:dd:c5:65:41:0a:15:b5:9a:
d4:55:83:f3:0f:ea:8a:f6:97:d2:cb:08:a0:1e:b2:
c3:5c:45:bb:16:e0:ef:08:1f:c9:d3:d7:e2:9c:6b:
1e:c5:99:bd:d9:31:86:35:ec:1a:f4:93:ed:32:5d:
e3:d1:c7:f4:a0:df:7f:98:fc:0b:44:51:1b:cf:7d:
90:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:D3:22:7A:3E:C7:61:95:D5:76:1C:17:B0:C5:48:2E:A5:47:8D:D2
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/783c511e-5fb0-4300-843c-c199f004156b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
168.203.128.0/17
Signature Algorithm: sha256WithRSAEncryption
80:12:c3:de:8c:7f:32:7f:45:f8:48:00:81:ef:5a:7b:f1:e9:
e2:48:3d:5d:a7:57:2a:2c:f5:03:e6:1e:f2:8f:cc:16:6d:81:
8c:dc:c9:3e:0c:8e:0a:b0:71:e0:f9:83:71:49:f7:29:74:67:
ce:cb:6d:39:c5:c3:1b:58:a7:10:b0:e2:bf:9d:8a:40:92:e5:
5b:fc:35:39:b0:b7:90:aa:88:52:c6:8d:0a:a3:06:ab:2a:67:
1c:6e:de:6e:48:ae:fa:16:9d:3f:c7:94:8a:80:0d:86:a5:6f:
0f:9a:c5:6e:17:a9:7c:5e:ad:5c:78:06:7f:7a:52:23:8c:09:
35:3a:e7:44:2b:54:22:88:25:64:71:44:69:e5:7f:31:e4:cc:
47:16:d2:5d:87:cc:13:be:6d:1a:53:80:b7:59:46:79:06:80:
18:c3:d4:e1:0f:ab:2e:50:14:eb:f5:4b:35:9a:f3:70:cc:b3:
d1:e8:6e:93:a4:46:c0:2d:16:5a:1c:eb:f0:41:19:31:ba:fb:
7e:44:bc:b0:99:9e:2a:60:48:0b:bd:14:4e:24:27:24:59:70:
14:aa:4a:7d:a7:d6:41:63:ca:f3:8b:9f:83:25:84:05:4a:11:
32:f1:00:97:d7:80:7c:98:87:65:dc:8c:13:29:a1:79:93:a0:
7b:ce:80:d2
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAOwRbYd7EVVNV5rirxSSxZA9BsUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI1MDAwMTE4WhcNMjUxMTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZDQxYWE0MjgzNDBjMzljYzc4OTliNGE5ZTYzNjlmMTMz
NTg4Y2EyZDZlYjVhNjRiMzljMTQxMWVlMTgxMmZlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDnjTj8QRhCP6bB7SJDYfrGKq5ozt1dSVPSiTaU9mQbZOPm
txm7eN5Vfw0B//rQnYppIrStpjFOW8dE7qqy7rTK9c5ylixcTMEgOccdgf0luN8h
fDp8pGcSNmLbPuz8E7JssBEL/yKrKdXw5sbUEzq5Rq4LQg8TmbvvAhE8npISXRnp
w6z2MW7B6Xogls2TX93+8iyzIYxV3SlN+hpXw52nQFIYSmIacYMISkw4rCAzE9U1
JK4ebilkxzTdxWVBChW1mtRVg/MP6or2l9LLCKAessNcRbsW4O8IH8nT1+Kcax7F
mb3ZMYY17Br0k+0yXePRx/Sg33+Y/AtEURvPfZBFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU49Miej7HYZXVdhwXsMVILqVHjdIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc4M2M1MTFlLTVmYjAtNDMwMC04NDNjLWMxOTlmMDA0MTU2Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAeoy4AwDQYJKoZIhvcNAQELBQADggEBAIASw96MfzJ/RfhIAIHvWnvx6eJI
PV2nVyos9QPmHvKPzBZtgYzcyT4MjgqwceD5g3FJ9yl0Z87LbTnFwxtYpxCw4r+d
ikCS5Vv8NTmwt5CqiFLGjQqjBqsqZxxu3m5IrvoWnT/HlIqADYalbw+axW4XqXxe
rVx4Bn96UiOMCTU650QrVCKIJWRxRGnlfzHkzEcW0l2HzBO+bRpTgLdZRnkGgBjD
1OEPqy5QFOv1SzWa83DMs9HobpOkRsAtFloc6/BBGTG6+35EvLCZnipgSAu9FE4k
JyRZcBSqSn2n1kFjyvOLn4MlhAVKETLxAJfXgHyYh2XcjBMpoXmToHvOgNI=
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:49:07 2025 by rpki-client