Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8c4bf097-d8a8-476c-a175-6b763ab54239.roa
File: 8c4bf097-d8a8-476c-a175-6b763ab54239.roa (raw, json)
Hash identifier: fY+Y8UDk3kCTpDR82grIX0x3DD/baM02PLnLRB4NPdI=
Subject key identifier: 83:7C:2F:A6:BE:67:B0:21:B5:08:B5:4E:38:5B:9C:A8:89:13:08:7B
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 17CECF93549A29A98BF1A881D400BDF92DA9B245
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8c4bf097-d8a8-476c-a175-6b763ab54239.roa
Signing time: Tue 28 Oct 2025 00:21:21 +0000
ROA not before: Tue 28 Oct 2025 00:21:21 +0000
ROA not after: Tue 02 Dec 2025 23:59:59 +0000
asID: 14618
IP address blocks: 136.18.4.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:ce:cf:93:54:9a:29:a9:8b:f1:a8:81:d4:00:bd:f9:2d:a9:b2:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 28 00:21:21 2025 GMT
Not After : Dec 2 23:59:59 2025 GMT
Subject: serialNumber=ca549867b43a02fcddc05b0ddcc68990790026c311d83c3d250b054d49655d7c, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d3:13:63:55:29:36:b1:1d:a7:8d:4d:a2:49:
cf:06:68:ad:8f:fc:25:8e:07:95:c0:7e:8c:eb:2e:
7e:3d:1e:9a:25:9e:bc:63:a6:58:ec:ca:3f:25:ed:
16:38:9b:d3:78:2f:f9:2f:36:0c:2b:f7:f9:7c:87:
ee:47:b0:0f:94:a0:ea:00:66:e3:ee:98:0c:52:63:
b9:bc:ad:6f:c9:00:47:7a:3f:e5:9d:d1:9d:4c:aa:
4a:b8:a3:20:b0:65:c2:57:e6:20:1a:a6:eb:d5:2a:
63:13:5a:dd:97:f6:51:57:22:59:ac:81:0e:dc:f9:
60:9c:a6:1e:c6:b4:a8:68:7e:29:43:21:c1:4e:46:
31:39:22:83:16:d8:cd:a7:cb:4a:a4:7d:80:1a:c9:
c0:a1:08:90:cf:3a:d0:17:cc:ac:f1:a5:12:d0:f2:
22:23:71:fb:e5:26:d2:10:e7:05:8f:52:1f:1f:29:
39:29:0c:3a:5e:27:b8:e4:b3:e8:3c:75:32:24:79:
2a:fe:24:a0:40:20:3b:53:47:65:e2:8c:90:97:a7:
f0:df:3a:1e:24:57:68:2c:b9:a3:c0:91:92:5a:09:
c6:6e:c6:14:26:17:32:b7:fc:60:2d:1b:f4:86:95:
0f:9f:a6:0b:85:d8:40:a2:1c:9d:01:87:57:73:f4:
88:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:7C:2F:A6:BE:67:B0:21:B5:08:B5:4E:38:5B:9C:A8:89:13:08:7B
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8c4bf097-d8a8-476c-a175-6b763ab54239.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
136.18.4.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:47:70:38:6b:21:e8:3a:cf:cb:49:ca:b7:b3:09:96:bd:c4:
d1:44:04:3e:cb:a1:b9:10:0c:72:50:8a:5d:fa:cc:cb:df:1e:
cc:d9:10:bc:65:46:d3:e3:46:1a:4e:4d:c6:dc:b1:a2:f6:38:
86:96:66:4f:5e:cb:c6:bf:8b:0e:84:34:01:6c:0e:e5:ca:30:
00:a6:6b:69:a2:b0:4e:c8:8f:78:78:bd:1e:12:79:96:fe:36:
87:70:9a:6a:e0:99:1a:02:f9:cb:97:61:b5:46:fd:15:48:0f:
b4:84:6f:9e:fc:41:83:23:d1:ac:9b:4a:e3:c2:bb:41:1e:a2:
c4:dd:04:59:e5:11:03:c0:c6:33:c9:de:0f:3a:82:c3:08:7b:
61:6b:09:64:8d:1c:07:3d:2b:68:b8:59:8f:6a:19:d5:55:d2:
a3:50:cc:b9:b4:88:42:9e:d6:d0:1d:11:95:1c:d8:71:0b:04:
77:f2:40:5d:5b:94:bc:53:62:66:4e:05:0b:d9:96:e0:10:a0:
09:b7:5a:3c:b6:1a:e1:77:3a:e5:1b:3b:f7:44:77:09:57:78:
19:17:66:a5:53:3c:61:19:47:0c:f2:43:d9:49:bc:71:59:d4:
e9:51:cb:e4:22:63:01:88:d1:5e:50:ac:90:c6:34:42:8d:ae:
af:30:00:bf
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUF87Pk1SaKamL8aiB1AC9+S2pskUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI4MDAyMTIxWhcNMjUxMjAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BjYTU0OTg2N2I0M2EwMmZjZGRjMDViMGRkY2M2ODk5MDc5
MDAyNmMzMTFkODNjM2QyNTBiMDU0ZDQ5NjU1ZDdjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCh0xNjVSk2sR2njU2iSc8GaK2P/CWOB5XAfozrLn49Hpol
nrxjpljsyj8l7RY4m9N4L/kvNgwr9/l8h+5HsA+UoOoAZuPumAxSY7m8rW/JAEd6
P+Wd0Z1Mqkq4oyCwZcJX5iAapuvVKmMTWt2X9lFXIlmsgQ7c+WCcph7GtKhofilD
IcFORjE5IoMW2M2ny0qkfYAaycChCJDPOtAXzKzxpRLQ8iIjcfvlJtIQ5wWPUh8f
KTkpDDpeJ7jks+g8dTIkeSr+JKBAIDtTR2XijJCXp/DfOh4kV2gsuaPAkZJaCcZu
xhQmFzK3/GAtG/SGlQ+fpguF2ECiHJ0Bh1dz9Ih1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUg3wvpr5nsCG1CLVOOFucqIkTCHswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhjNGJmMDk3LWQ4YTgtNDc2Yy1hMTc1LTZiNzYzYWI1NDIzOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAKIEgQwDQYJKoZIhvcNAQELBQADggEBABpHcDhrIeg6z8tJyrezCZa9xNFE
BD7LobkQDHJQil36zMvfHszZELxlRtPjRhpOTcbcsaL2OIaWZk9ey8a/iw6ENAFs
DuXKMACma2misE7Ij3h4vR4SeZb+NodwmmrgmRoC+cuXYbVG/RVID7SEb578QYMj
0aybSuPCu0EeosTdBFnlEQPAxjPJ3g86gsMIe2FrCWSNHAc9K2i4WY9qGdVV0qNQ
zLm0iEKe1tAdEZUc2HELBHfyQF1blLxTYmZOBQvZluAQoAm3Wjy2GuF3OuUbO/dE
dwlXeBkXZqVTPGEZRwzyQ9lJvHFZ1OlRy+QiYwGI0V5QrJDGNEKNrq8wAL8=
-----END CERTIFICATE-----
Generated at Wed Nov 5 12:16:23 2025 by rpki-client