Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/95add0c9-7527-4fb6-90a3-ac5d9312df04.roa
File: 95add0c9-7527-4fb6-90a3-ac5d9312df04.roa (raw, json)
Hash identifier: 0CD/9q+3rnp6sEhh4WfNyPkPo6w4Dle2Vd2UcXEW8eY=
Subject key identifier: D8:25:31:FE:BA:49:33:41:2C:CB:AF:66:34:F3:9A:1B:5E:C9:01:D5
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4975CB39EB9A9E20401832F34482FCE062EB8191
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/95add0c9-7527-4fb6-90a3-ac5d9312df04.roa
Signing time: Wed 05 Nov 2025 00:20:47 +0000
ROA not before: Wed 05 Nov 2025 00:20:47 +0000
ROA not after: Wed 10 Dec 2025 23:59:59 +0000
asID: 8987
IP address blocks: 16.64.36.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:75:cb:39:eb:9a:9e:20:40:18:32:f3:44:82:fc:e0:62:eb:81:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 5 00:20:47 2025 GMT
Not After : Dec 10 23:59:59 2025 GMT
Subject: serialNumber=76151167120e4dc922f6419fbae5d09da034c46984a7d42e2a528173a5d69f33, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:4b:44:46:63:f1:af:f5:bd:46:3b:72:de:95:
aa:43:39:ae:c3:0d:7a:d4:c5:8b:43:1b:e0:cd:62:
44:a7:43:94:b7:cc:93:1c:b7:f4:22:b9:3b:72:18:
65:43:58:93:2f:f1:b5:53:c2:62:5f:0b:6d:4a:50:
04:58:27:16:28:45:b8:d3:19:76:56:33:7f:ff:1e:
16:a3:4e:c6:72:86:16:8e:7c:e5:ea:f5:bf:0a:70:
4b:7c:c7:e9:6a:cd:69:51:29:fb:f4:c2:c4:50:e9:
61:f6:a7:7d:87:c9:c5:98:6d:ce:26:65:1b:8c:7c:
63:13:9e:f4:86:d2:a7:41:26:fa:71:58:09:cd:78:
53:c6:dd:06:35:86:f3:8f:ba:10:60:4b:23:83:dd:
92:a3:7b:aa:8e:5f:9a:e9:f3:40:31:2b:d8:9b:86:
53:f6:17:33:5d:37:77:cf:e5:ec:18:7b:b5:c5:f1:
6a:3c:7d:d6:4b:94:31:3c:03:c8:eb:86:c1:b2:a9:
da:27:83:b7:94:82:e0:0e:d1:6e:0e:b6:bf:f9:d4:
c5:ab:ef:a5:f8:bf:73:60:49:d1:f0:10:e1:12:9b:
09:38:3a:f9:a1:f0:45:7a:73:39:1b:26:e3:dd:99:
d8:35:93:46:b0:00:49:ca:70:d6:ec:1a:87:88:31:
21:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:25:31:FE:BA:49:33:41:2C:CB:AF:66:34:F3:9A:1B:5E:C9:01:D5
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/95add0c9-7527-4fb6-90a3-ac5d9312df04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.64.36.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:f1:4c:6e:ba:54:0e:6e:ac:85:60:8a:0d:29:f0:e9:bf:eb:
39:9f:9c:2e:6d:34:d7:19:ee:f8:4e:19:57:c0:be:b4:18:e4:
88:37:f2:59:09:02:d4:50:9a:e1:f6:fe:2b:fe:ae:4b:8c:53:
dd:9c:bb:85:e5:1a:b3:22:33:9a:d8:b6:36:61:1e:7e:f1:14:
aa:9a:50:6d:f6:6f:e3:84:f6:37:73:69:bf:e0:48:e9:01:2c:
15:c6:a8:3e:11:18:9a:18:74:e8:fa:ac:87:ef:f8:ca:30:fe:
4d:a4:05:a0:72:3d:91:78:db:d0:82:6d:56:17:0d:73:f7:d8:
71:47:3b:3d:fb:fd:e1:2e:0d:3b:ba:1b:90:2d:b8:ed:59:25:
01:16:76:1c:05:78:9d:3d:76:11:c7:6b:e6:0a:7f:a9:f7:31:
2e:75:36:fb:79:23:4f:2d:cd:ee:39:e0:b4:d1:2a:cb:77:0b:
5d:b0:a0:6a:8e:a9:12:73:f3:8c:8b:08:5a:2c:77:d1:cb:d6:
b9:55:08:7b:15:d1:35:9b:9b:79:11:9d:e1:b4:94:85:81:cd:
ef:7b:d4:64:16:5b:a7:a6:3e:9e:8f:1f:b4:fa:a1:4b:ef:e8:
68:1e:59:1f:fe:ff:23:72:ed:ee:18:16:2f:e0:b4:e2:72:ee:
61:ff:fd:67
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSXXLOeuaniBAGDLzRIL84GLrgZEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTA1MDAyMDQ3WhcNMjUxMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A3NjE1MTE2NzEyMGU0ZGM5MjJmNjQxOWZiYWU1ZDA5ZGEw
MzRjNDY5ODRhN2Q0MmUyYTUyODE3M2E1ZDY5ZjMzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDIS0RGY/Gv9b1GO3LelapDOa7DDXrUxYtDG+DNYkSnQ5S3
zJMct/QiuTtyGGVDWJMv8bVTwmJfC21KUARYJxYoRbjTGXZWM3//HhajTsZyhhaO
fOXq9b8KcEt8x+lqzWlRKfv0wsRQ6WH2p32HycWYbc4mZRuMfGMTnvSG0qdBJvpx
WAnNeFPG3QY1hvOPuhBgSyOD3ZKje6qOX5rp80AxK9ibhlP2FzNdN3fP5ewYe7XF
8Wo8fdZLlDE8A8jrhsGyqdong7eUguAO0W4Otr/51MWr76X4v3NgSdHwEOESmwk4
Ovmh8EV6czkbJuPdmdg1k0awAEnKcNbsGoeIMSHPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU2CUx/rpJM0Esy69mNPOaG17JAdUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk1YWRkMGM5LTc1MjctNGZiNi05MGEzLWFjNWQ5MzEyZGYwNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEQQCQwDQYJKoZIhvcNAQELBQADggEBAD3xTG66VA5urIVgig0p8Om/6zmf
nC5tNNcZ7vhOGVfAvrQY5Ig38lkJAtRQmuH2/iv+rkuMU92cu4XlGrMiM5rYtjZh
Hn7xFKqaUG32b+OE9jdzab/gSOkBLBXGqD4RGJoYdOj6rIfv+Mow/k2kBaByPZF4
29CCbVYXDXP32HFHOz37/eEuDTu6G5AtuO1ZJQEWdhwFeJ09dhHHa+YKf6n3MS51
Nvt5I08tze454LTRKst3C12woGqOqRJz84yLCFosd9HL1rlVCHsV0TWbm3kRneG0
lIWBze971GQWW6emPp6PH7T6oUvv6GgeWR/+/yNy7e4YFi/gtOJy7mH//Wc=
-----END CERTIFICATE-----
Generated at Wed Nov 5 04:00:49 2025 by rpki-client