Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94a6c9be-efcb-4ad8-98a9-02a004c32420.roa
File: 94a6c9be-efcb-4ad8-98a9-02a004c32420.roa (raw, json)
Hash identifier: tdCWhx2Rf77m2V4z1t/AlTkV9leI/a15qK9Bao9w7S8=
Subject key identifier: 81:4B:8E:ED:CD:37:CB:E8:69:C4:D7:97:5A:1C:2D:8C:D4:D7:E4:A5
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 0173926F1CE6EA3104EEA21376A039DA35D5A2BE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94a6c9be-efcb-4ad8-98a9-02a004c32420.roa
Signing time: Wed 29 Oct 2025 00:30:11 +0000
ROA not before: Wed 29 Oct 2025 00:30:11 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1f38:80e0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:73:92:6f:1c:e6:ea:31:04:ee:a2:13:76:a0:39:da:35:d5:a2:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 29 00:30:11 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=23b7f939c7b8c348c606413f10b0a7ecd414d64ff3f608b40f8e81fd8abe357b, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:99:68:ca:b3:53:30:87:97:cd:eb:33:8b:60:
29:98:73:3d:79:7a:62:d3:29:1d:c7:fa:cd:9f:d9:
92:ff:53:22:22:83:27:7f:96:03:2d:cd:ac:55:4c:
8c:de:d4:cf:0e:31:94:ff:e4:13:a3:a2:50:26:74:
76:f0:bb:a1:f0:1d:10:d5:45:92:15:87:2e:3c:51:
48:b5:ac:9b:c5:fc:d4:c7:06:21:44:e2:66:39:62:
23:dd:3c:9a:d6:40:81:87:ab:4a:bb:ce:b7:6d:83:
9f:4a:e5:41:85:77:aa:00:47:f5:f2:df:8c:e9:b7:
d7:db:76:73:1c:49:f7:58:ac:60:f5:8a:07:58:5d:
c6:71:2b:52:9b:67:1a:e6:62:cb:c3:fe:6d:a8:42:
f5:53:39:1b:c0:84:42:5e:7b:6f:31:db:2c:3b:a6:
79:2d:34:af:94:59:a1:ce:5f:0c:ea:94:1e:92:09:
7f:5e:1d:51:3b:91:cb:3b:e8:f2:f3:5f:56:cb:fa:
58:af:59:d6:a5:3b:e1:95:b0:7e:1a:aa:bf:2d:b4:
bf:f8:b9:0a:48:6d:06:07:fd:9d:a5:60:77:07:a4:
53:ea:74:b1:60:62:e1:9a:1b:e3:6f:dd:ac:9d:34:
da:dd:ac:44:0b:de:7d:03:b2:c3:e6:34:0a:c6:8b:
9d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:4B:8E:ED:CD:37:CB:E8:69:C4:D7:97:5A:1C:2D:8C:D4:D7:E4:A5
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94a6c9be-efcb-4ad8-98a9-02a004c32420.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1f38:80e0::/48
Signature Algorithm: sha256WithRSAEncryption
a7:86:fa:69:24:fb:21:01:fb:59:b4:a0:0b:8c:34:b4:23:2f:
8e:75:cd:8d:3d:cd:4b:f8:0c:f3:fb:02:f0:bc:c5:49:29:44:
dc:41:3b:c7:07:70:fd:eb:f1:20:a4:65:79:db:14:b6:e9:bb:
32:5b:51:01:4e:65:72:95:36:6b:82:b0:c2:6c:56:c7:1d:a6:
43:5f:af:92:ff:cd:f0:bb:d3:46:08:d0:04:b9:d5:9d:14:6c:
59:c3:9c:3f:fb:6c:08:b7:fb:cc:87:e3:0c:c3:94:9b:9c:b2:
27:4f:fb:22:b5:c9:27:89:75:99:59:09:ae:b4:e5:dd:2f:db:
43:6a:7d:0c:a1:e3:8c:43:7f:9e:b5:d0:51:89:20:9e:a9:b7:
f3:ac:fe:7a:14:f9:31:58:45:ac:01:13:c3:d0:8b:a2:7f:1f:
3d:1d:ea:a2:48:a6:6c:34:77:60:fa:e5:01:bc:cb:c3:c9:3e:
c9:94:a1:68:de:85:2a:93:0d:f1:19:d9:fa:a3:fd:b5:f3:45:
94:99:2d:5d:d5:96:4a:73:83:d4:45:5c:74:d8:76:89:18:54:
1a:41:08:d2:cd:70:db:2a:33:56:43:78:6c:02:73:57:16:ab:
d9:a7:6e:70:a3:61:b9:b4:d6:d8:e8:98:a3:6c:28:15:8e:67:
e2:ea:de:2e
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUAXOSbxzm6jEE7qITdqA52jXVor4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI5MDAzMDExWhcNMjUxMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0AyM2I3ZjkzOWM3YjhjMzQ4YzYwNjQxM2YxMGIwYTdlY2Q0
MTRkNjRmZjNmNjA4YjQwZjhlODFmZDhhYmUzNTdiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDLmWjKs1Mwh5fN6zOLYCmYcz15emLTKR3H+s2f2ZL/UyIi
gyd/lgMtzaxVTIze1M8OMZT/5BOjolAmdHbwu6HwHRDVRZIVhy48UUi1rJvF/NTH
BiFE4mY5YiPdPJrWQIGHq0q7zrdtg59K5UGFd6oAR/Xy34zpt9fbdnMcSfdYrGD1
igdYXcZxK1KbZxrmYsvD/m2oQvVTORvAhEJee28x2yw7pnktNK+UWaHOXwzqlB6S
CX9eHVE7kcs76PLzX1bL+livWdalO+GVsH4aqr8ttL/4uQpIbQYH/Z2lYHcHpFPq
dLFgYuGaG+Nv3aydNNrdrEQL3n0DssPmNArGi52FAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUgUuO7c03y+hpxNeXWhwtjNTX5KUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk0YTZjOWJlLWVmY2ItNGFkOC05OGE5LTAyYTAwNGMzMjQyMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB84gOAwDQYJKoZIhvcNAQELBQADggEBAKeG+mkk+yEB+1m0oAuMNLQj
L451zY09zUv4DPP7AvC8xUkpRNxBO8cHcP3r8SCkZXnbFLbpuzJbUQFOZXKVNmuC
sMJsVscdpkNfr5L/zfC700YI0AS51Z0UbFnDnD/7bAi3+8yH4wzDlJucsidP+yK1
ySeJdZlZCa605d0v20NqfQyh44xDf5610FGJIJ6pt/Os/noU+TFYRawBE8PQi6J/
Hz0d6qJIpmw0d2D65QG8y8PJPsmUoWjehSqTDfEZ2fqj/bXzRZSZLV3Vlkpzg9RF
XHTYdokYVBpBCNLNcNsqM1ZDeGwCc1cWq9mnbnCjYbm01tjomKNsKBWOZ+Lq3i4=
-----END CERTIFICATE-----
Generated at Wed Nov 5 10:01:33 2025 by rpki-client