Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/866a68a9-989e-463b-be1d-493465d7a0ab.roa
File: 866a68a9-989e-463b-be1d-493465d7a0ab.roa (raw, json)
Hash identifier: iZ+IyGlVm0vwoGZk2JvTiJlnSYCjjoNrPY4+KnXmR0Q=
Subject key identifier: FC:BB:3C:BF:1A:7D:91:03:A0:3C:8B:2D:64:90:28:BE:14:3F:98:03
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 56424B709B8703703D1031EEA1CA0B4E741A204F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/866a68a9-989e-463b-be1d-493465d7a0ab.roa
Signing time: Sun 26 Oct 2025 00:20:08 +0000
ROA not before: Sun 26 Oct 2025 00:20:08 +0000
ROA not after: Sun 30 Nov 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2600:1ffa:2000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:42:4b:70:9b:87:03:70:3d:10:31:ee:a1:ca:0b:4e:74:1a:20:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 26 00:20:08 2025 GMT
Not After : Nov 30 23:59:59 2025 GMT
Subject: serialNumber=e5cbdeab116348707c139b4e78bfe1c227ebf0a760580bbf248d4093fad57120, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:8d:bf:30:95:53:4c:e8:e6:8c:1f:95:9c:cb:
9f:35:d6:4f:1e:27:68:89:37:e7:87:2c:7a:76:56:
21:ed:17:cb:95:7b:e3:29:db:82:5c:2e:c4:d8:ca:
53:8d:90:b7:43:4c:7f:44:47:fa:42:41:9a:9f:ef:
4c:10:dd:72:01:a7:41:c5:25:18:8e:26:bb:b4:d3:
14:1f:5c:77:86:50:fa:5d:66:92:22:00:89:b9:b9:
3e:5b:28:5c:7a:c0:3f:89:d5:eb:bc:fe:f9:dd:04:
d5:ff:8f:17:33:c4:17:ef:1e:4f:45:f4:00:2b:ce:
07:69:57:6b:b6:d0:81:7b:49:14:db:5a:02:5c:e9:
27:31:a3:0d:3d:eb:ac:c5:29:1e:02:65:f6:c6:8d:
87:cd:75:79:78:39:b3:b8:98:c2:d9:b5:e3:fe:26:
54:69:8d:01:e9:96:17:8a:93:de:1f:e1:36:cd:93:
ed:f5:b9:90:dc:35:0a:01:15:8f:15:b0:e0:66:01:
aa:94:59:e2:92:58:f4:a6:96:10:97:59:95:3c:68:
9d:9a:13:b3:04:a5:c9:51:38:8f:36:7a:da:58:9d:
36:56:15:d7:04:76:14:a6:26:0e:28:8a:bb:d4:8a:
c1:9f:c9:01:fb:d8:dc:9c:6d:2e:c0:b6:9e:00:46:
4d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:BB:3C:BF:1A:7D:91:03:A0:3C:8B:2D:64:90:28:BE:14:3F:98:03
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/866a68a9-989e-463b-be1d-493465d7a0ab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1ffa:2000::/40
Signature Algorithm: sha256WithRSAEncryption
4c:7d:c3:6f:02:89:2e:12:0f:03:56:94:2e:1a:f1:ce:1c:fa:
fd:d4:6c:f8:d8:3d:23:29:35:17:b1:68:e6:b6:33:dc:6c:80:
c7:a8:31:3e:65:87:7e:a2:e2:59:49:e5:e7:ff:11:e3:e2:b6:
13:34:11:43:4a:1e:a5:cb:64:e9:4e:5d:1a:9c:3e:ed:56:de:
7b:32:99:77:1a:b9:b7:0f:3f:7e:c8:d8:3e:f7:7a:62:aa:c2:
59:85:3e:65:cc:00:18:4b:a0:79:99:b7:55:df:7f:8b:fd:1b:
e7:ed:bc:56:2c:64:12:63:20:c6:04:c4:94:db:e3:b4:d6:ee:
75:df:20:3c:9d:51:dc:c3:20:04:d3:60:5a:56:2a:ee:6d:0c:
f7:95:65:b2:b5:42:c9:7a:2a:51:9a:e1:29:1c:32:b0:7e:5c:
a0:1b:62:9a:d8:6f:24:45:36:c3:e0:e4:17:86:cc:5f:67:65:
b4:e6:ca:e2:3e:7c:7c:67:17:17:f1:51:2c:ae:00:50:8d:87:
c2:53:5a:b4:e2:77:12:99:89:34:2a:0a:75:08:d0:4f:81:e3:
ee:c5:e5:12:47:c1:7e:d4:79:3e:54:a0:03:46:f2:82:e5:7b:
8e:47:a4:f7:fd:30:98:bd:ea:60:a4:32:f1:5c:40:d9:67:66:
23:43:14:db
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUVkJLcJuHA3A9EDHuocoLTnQaIE8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI2MDAyMDA4WhcNMjUxMTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BlNWNiZGVhYjExNjM0ODcwN2MxMzliNGU3OGJmZTFjMjI3
ZWJmMGE3NjA1ODBiYmYyNDhkNDA5M2ZhZDU3MTIwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgjb8wlVNM6OaMH5Wcy5811k8eJ2iJN+eHLHp2ViHtF8uV
e+Mp24JcLsTYylONkLdDTH9ER/pCQZqf70wQ3XIBp0HFJRiOJru00xQfXHeGUPpd
ZpIiAIm5uT5bKFx6wD+J1eu8/vndBNX/jxczxBfvHk9F9AArzgdpV2u20IF7SRTb
WgJc6Scxow0966zFKR4CZfbGjYfNdXl4ObO4mMLZteP+JlRpjQHplheKk94f4TbN
k+31uZDcNQoBFY8VsOBmAaqUWeKSWPSmlhCXWZU8aJ2aE7MEpclROI82etpYnTZW
FdcEdhSmJg4oirvUisGfyQH72NycbS7Atp4ARk1zAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU/Ls8vxp9kQOgPIstZJAovhQ/mAMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg2NmE2OGE5LTk4OWUtNDYzYi1iZTFkLTQ5MzQ2NWQ3YTBhYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/6IDANBgkqhkiG9w0BAQsFAAOCAQEATH3DbwKJLhIPA1aULhrxzhz6
/dRs+Ng9Iyk1F7Fo5rYz3GyAx6gxPmWHfqLiWUnl5/8R4+K2EzQRQ0oepctk6U5d
Gpw+7VbeezKZdxq5tw8/fsjYPvd6YqrCWYU+ZcwAGEugeZm3Vd9/i/0b5+28Vixk
EmMgxgTElNvjtNbudd8gPJ1R3MMgBNNgWlYq7m0M95VlsrVCyXoqUZrhKRwysH5c
oBtimthvJEU2w+DkF4bMX2dltObK4j58fGcXF/FRLK4AUI2HwlNatOJ3EpmJNCoK
dQjQT4Hj7sXlEkfBftR5PlSgA0byguV7jkek9/0wmL3qYKQy8VxA2WdmI0MU2w==
-----END CERTIFICATE-----
Generated at Wed Nov 5 07:28:58 2025 by rpki-client