Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/940d4db1-8435-4b14-9f65-40384956f3cf.roa
File: 940d4db1-8435-4b14-9f65-40384956f3cf.roa (raw, json)
Hash identifier: O1tChOxA+HwOGbDs6ogsBP9q8sRJEGtSSRarQWPo7qs=
Subject key identifier: 66:C4:7D:DF:7E:28:86:01:B6:B6:52:99:63:7B:49:25:49:6A:EF:32
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 0B96FFC90947C07F6A38F57022A940BD49F3A66A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/940d4db1-8435-4b14-9f65-40384956f3cf.roa
Signing time: Wed 22 Oct 2025 00:00:09 +0000
ROA not before: Wed 22 Oct 2025 00:00:09 +0000
ROA not after: Wed 26 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 35.51.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:96:ff:c9:09:47:c0:7f:6a:38:f5:70:22:a9:40:bd:49:f3:a6:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 22 00:00:09 2025 GMT
Not After : Nov 26 23:59:59 2025 GMT
Subject: serialNumber=f79d0dd65f60466630e0c74b624829b6845e75da60a538b24b3faee38a1d2545, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:44:98:de:b9:b6:df:99:53:f3:46:d6:c4:c1:
23:7d:fb:2f:e7:6c:16:08:2b:e0:1d:9c:0c:52:fe:
60:5f:25:23:08:41:3d:15:ab:5b:71:8a:bb:d1:a8:
76:c0:26:28:7d:3a:24:a6:80:83:96:cb:9b:cb:cf:
26:dc:5b:d5:39:05:78:68:8f:65:20:f7:78:9e:b6:
76:03:79:93:ee:e7:37:62:83:e8:67:67:18:9b:be:
bc:32:d4:ed:ed:44:7c:a7:0d:18:74:e7:24:38:b6:
07:a4:41:cf:cd:56:20:3c:51:63:aa:e3:77:d1:f6:
4d:81:db:84:f4:90:21:b5:df:e5:68:f6:8c:49:a4:
03:f6:d3:ec:03:f0:10:9e:f1:1f:4b:ae:06:3d:79:
0c:87:06:e7:fd:a2:72:3d:8f:ce:7f:0a:4e:5c:a2:
15:54:6a:0e:34:df:eb:a6:da:f0:c0:d0:e7:b3:fc:
46:59:37:61:1b:e8:db:96:65:fe:37:ae:4c:6c:53:
c1:16:c6:6c:ce:33:c1:72:b2:9c:6a:4b:f2:b4:4f:
52:f4:12:78:83:85:48:c0:15:c0:72:fb:85:22:8b:
9f:72:df:d2:94:a4:e7:25:89:27:74:58:fc:1e:50:
ce:0d:f0:27:7e:a7:ef:41:f6:ec:7d:0a:8f:a8:79:
5e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:C4:7D:DF:7E:28:86:01:B6:B6:52:99:63:7B:49:25:49:6A:EF:32
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/940d4db1-8435-4b14-9f65-40384956f3cf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
35.51.0.0/16
Signature Algorithm: sha256WithRSAEncryption
67:9e:b0:13:4d:12:5d:e7:31:45:30:1e:da:e5:5e:be:de:9c:
43:88:1e:a9:fc:4a:06:c9:41:e6:b8:37:d4:45:b9:92:1c:24:
d6:f7:80:80:f6:3e:da:36:11:b2:51:93:cb:8b:57:b3:f0:b8:
59:9b:ee:c0:bf:5e:99:54:35:2a:d8:7f:87:9f:a8:03:d3:5d:
b2:79:43:a2:b8:4a:9b:e5:d7:e8:d6:27:22:9b:d2:6b:cd:92:
12:70:87:af:28:75:07:ba:01:fb:32:df:40:1d:f7:e9:4f:2f:
ad:d0:b3:eb:6b:33:36:74:11:ca:32:cf:90:04:46:cc:c2:2c:
1b:aa:a2:ae:51:7e:37:ba:f6:72:18:05:8e:1a:6b:82:d4:3f:
f0:e7:fa:6f:ae:89:a4:18:e7:a5:79:77:89:8c:20:37:e1:9e:
6d:c9:1c:92:0d:be:75:5b:8d:1e:52:6e:73:b2:c0:8c:70:30:
1d:94:92:5f:fd:01:5a:6b:f4:99:01:7f:e0:ab:23:ff:52:9a:
63:e5:c1:45:fa:ab:d3:ad:69:96:15:d6:e5:11:5d:cc:a1:73:
a4:78:03:fb:9f:8a:75:af:0b:ae:82:66:ed:42:0b:f2:de:e7:
91:cf:0b:41:31:9c:9e:4c:e3:93:46:6a:e2:f4:44:e0:3d:27:
8b:b0:11:44
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUC5b/yQlHwH9qOPVwIqlAvUnzpmowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIyMDAwMDA5WhcNMjUxMTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0BmNzlkMGRkNjVmNjA0NjY2MzBlMGM3NGI2MjQ4MjliNjg0
NWU3NWRhNjBhNTM4YjI0YjNmYWVlMzhhMWQyNTQ1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2RJjeubbfmVPzRtbEwSN9+y/nbBYIK+AdnAxS/mBfJSMI
QT0Vq1txirvRqHbAJih9OiSmgIOWy5vLzybcW9U5BXhoj2Ug93ietnYDeZPu5zdi
g+hnZxibvrwy1O3tRHynDRh05yQ4tgekQc/NViA8UWOq43fR9k2B24T0kCG13+Vo
9oxJpAP20+wD8BCe8R9LrgY9eQyHBuf9onI9j85/Ck5cohVUag403+um2vDA0Oez
/EZZN2Eb6NuWZf43rkxsU8EWxmzOM8FyspxqS/K0T1L0EniDhUjAFcBy+4Uii59y
39KUpOcliSd0WPweUM4N8Cd+p+9B9ux9Co+oeV4VAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUZsR9334ohgG2tlKZY3tJJUlq7zIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk0MGQ0ZGIxLTg0MzUtNGIxNC05ZjY1LTQwMzg0OTU2ZjNjZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAjMzANBgkqhkiG9w0BAQsFAAOCAQEAZ56wE00SXecxRTAe2uVevt6cQ4ge
qfxKBslB5rg31EW5khwk1veAgPY+2jYRslGTy4tXs/C4WZvuwL9emVQ1Kth/h5+o
A9NdsnlDorhKm+XX6NYnIpvSa82SEnCHryh1B7oB+zLfQB336U8vrdCz62szNnQR
yjLPkARGzMIsG6qirlF+N7r2chgFjhprgtQ/8Of6b66JpBjnpXl3iYwgN+Gebckc
kg2+dVuNHlJuc7LAjHAwHZSSX/0BWmv0mQF/4Ksj/1KaY+XBRfqr061plhXW5RFd
zKFzpHgD+5+Kda8LroJm7UIL8t7nkc8LQTGcnkzjk0Zq4vRE4D0ni7ARRA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 15:18:12 2025 by rpki-client