Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/97aba946-3a05-402f-9b1e-270f07bcd39f.roa
File: 97aba946-3a05-402f-9b1e-270f07bcd39f.roa (raw, json)
Hash identifier: s1jK/tYmLjlpVVQ9kMgiU7X5gmHpnuAxS+xoxDnMYjE=
Subject key identifier: CB:27:BB:3A:A1:AB:00:E5:63:43:BA:8A:E0:D5:99:E1:C6:91:47:D7
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 61C43055540C79657B35D414CC32631B9E9B8460
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/97aba946-3a05-402f-9b1e-270f07bcd39f.roa
Signing time: Wed 22 Oct 2025 00:10:54 +0000
ROA not before: Wed 22 Oct 2025 00:10:54 +0000
ROA not after: Wed 26 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 35.18.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:c4:30:55:54:0c:79:65:7b:35:d4:14:cc:32:63:1b:9e:9b:84:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 22 00:10:54 2025 GMT
Not After : Nov 26 23:59:59 2025 GMT
Subject: serialNumber=91263ec77dce3ccd9f270421e08557d38ba6260c26c73acc82aa6807e3816173, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b3:45:dc:cd:35:84:20:81:0e:90:08:8f:6d:
61:8a:55:8e:ee:69:b7:24:52:23:dd:8a:57:39:7f:
40:31:ab:56:2a:f9:2d:bc:a1:13:73:2b:1e:99:8b:
58:7e:30:e3:46:f6:6d:b2:8d:8c:fc:8c:ce:2e:bb:
64:3d:ca:fb:56:87:ed:ea:16:5b:9a:92:c6:1d:76:
8b:94:d7:bd:ab:a0:0b:66:6b:fc:53:5e:75:1e:53:
35:24:54:38:2d:a6:02:5d:6a:57:0f:63:82:32:40:
9c:06:b6:51:db:87:72:0e:ea:72:cd:2d:37:ce:6f:
17:ff:65:34:7b:b7:ce:e4:1a:c0:9b:87:97:5b:f2:
16:9d:b8:ae:71:e3:a6:f5:a2:d1:e9:03:bb:59:ab:
20:31:a4:c7:d5:f1:c2:8f:8e:de:fb:be:e8:16:c7:
6c:83:31:2f:f8:44:c5:cf:ea:dd:c6:26:58:cd:01:
ad:71:f4:78:78:db:d7:8c:2c:e8:05:dc:4d:8b:86:
3c:3c:e6:a0:2f:06:4d:4b:c3:ae:0f:83:a2:44:29:
2c:17:c4:5c:b5:64:e5:d8:bd:59:21:27:bd:4a:ce:
3b:f8:07:78:3d:ac:42:72:26:2c:7c:77:7f:b9:ea:
30:ed:54:27:50:75:16:6c:ff:5b:6a:70:ec:03:df:
b1:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:27:BB:3A:A1:AB:00:E5:63:43:BA:8A:E0:D5:99:E1:C6:91:47:D7
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/97aba946-3a05-402f-9b1e-270f07bcd39f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
35.18.0.0/15
Signature Algorithm: sha256WithRSAEncryption
cc:27:ab:7e:62:8a:71:fe:d5:73:d9:14:10:68:f3:34:50:1e:
bc:05:76:85:ed:bc:17:a8:4a:b1:a7:08:51:18:ee:9a:1e:f1:
f1:1f:86:8d:65:2f:ea:f4:a8:c9:6c:b7:c3:62:b4:0c:fb:fa:
43:f5:09:20:47:bc:7a:0b:78:75:0a:3e:e6:91:df:39:6a:47:
3f:94:87:5f:57:a3:ac:7e:f5:df:9f:f2:54:18:f3:f3:cf:07:
be:65:a4:f6:7c:fb:d4:e5:d3:5e:4b:d0:8b:6f:c4:2a:e5:65:
25:9c:79:19:21:28:34:d0:9c:65:11:f6:5e:de:7a:65:2d:66:
15:da:8b:99:1a:a4:ea:f6:7a:67:eb:37:e9:4b:2e:33:62:e1:
3b:47:06:18:de:28:c3:b5:bc:d0:56:5e:73:34:82:84:f9:44:
dd:86:69:61:dd:24:f8:cb:92:b4:c2:f4:e3:e7:a6:8c:3a:97:
7e:fa:eb:73:00:00:9a:7a:f4:ae:01:de:9c:4f:84:29:f1:2c:
47:f9:28:0a:88:2d:2d:c8:9d:74:d6:c6:c9:45:b0:53:e2:12:
10:54:f5:2e:29:2e:ce:cc:a9:3b:a0:39:9b:60:48:87:eb:3b:
46:52:aa:87:3d:b7:dc:71:0a:d9:6f:61:4f:1a:4b:93:f2:1e:
0b:4f:ba:0f
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUYcQwVVQMeWV7NdQUzDJjG56bhGAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIyMDAxMDU0WhcNMjUxMTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0A5MTI2M2VjNzdkY2UzY2NkOWYyNzA0MjFlMDg1NTdkMzhi
YTYyNjBjMjZjNzNhY2M4MmFhNjgwN2UzODE2MTczMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCLs0XczTWEIIEOkAiPbWGKVY7uabckUiPdilc5f0Axq1Yq
+S28oRNzKx6Zi1h+MONG9m2yjYz8jM4uu2Q9yvtWh+3qFluaksYddouU172roAtm
a/xTXnUeUzUkVDgtpgJdalcPY4IyQJwGtlHbh3IO6nLNLTfObxf/ZTR7t87kGsCb
h5db8haduK5x46b1otHpA7tZqyAxpMfV8cKPjt77vugWx2yDMS/4RMXP6t3GJljN
Aa1x9Hh429eMLOgF3E2Lhjw85qAvBk1Lw64Pg6JEKSwXxFy1ZOXYvVkhJ71Kzjv4
B3g9rEJyJix8d3+56jDtVCdQdRZs/1tqcOwD37EnAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUyye7OqGrAOVjQ7qK4NWZ4caRR9cwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk3YWJhOTQ2LTNhMDUtNDAyZi05YjFlLTI3MGYwN2JjZDM5Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEjEjANBgkqhkiG9w0BAQsFAAOCAQEAzCerfmKKcf7Vc9kUEGjzNFAevAV2
he28F6hKsacIURjumh7x8R+GjWUv6vSoyWy3w2K0DPv6Q/UJIEe8egt4dQo+5pHf
OWpHP5SHX1ejrH7135/yVBjz888HvmWk9nz71OXTXkvQi2/EKuVlJZx5GSEoNNCc
ZRH2Xt56ZS1mFdqLmRqk6vZ6Z+s36UsuM2LhO0cGGN4ow7W80FZeczSChPlE3YZp
Yd0k+MuStML04+emjDqXfvrrcwAAmnr0rgHenE+EKfEsR/koCogtLciddNbGyUWw
U+ISEFT1LikuzsypO6A5m2BIh+s7RlKqhz233HEK2W9hTxpLk/IeC0+6Dw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 07:45:18 2025 by rpki-client