Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a45d5e2a-b38d-4e66-86d3-7a039177d46e.roa
File: a45d5e2a-b38d-4e66-86d3-7a039177d46e.roa (raw, json)
Hash identifier: WQ7ILcx2nUreb/C1Z0y+PbBX3IW+Q3xU9BrjE1h1mFg=
Subject key identifier: 7D:1E:90:BF:44:CB:6F:5E:77:16:98:FB:9F:6F:14:21:60:60:72:05
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 09D143E628CF6DB77E4EA42C591BBA405C8378AE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a45d5e2a-b38d-4e66-86d3-7a039177d46e.roa
Signing time: Fri 31 Oct 2025 00:10:03 +0000
ROA not before: Fri 31 Oct 2025 00:10:03 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 14618
IP address blocks: 13.130.0.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:d1:43:e6:28:cf:6d:b7:7e:4e:a4:2c:59:1b:ba:40:5c:83:78:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 31 00:10:03 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=f2c3d6c42435671a5b6297d6a0f8dbad37a5fce2dbd9bb2ba602eb4279488160, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f4:32:b4:73:26:f8:81:ea:d0:47:dd:1f:3a:
ad:8a:35:f9:da:d9:8f:6f:85:ad:e3:16:f6:06:4d:
19:e1:fa:68:34:b4:31:ac:8b:5e:50:bb:03:7b:83:
c6:ad:24:3f:67:c3:1d:7c:de:8d:af:01:aa:69:5c:
25:5b:72:22:23:5f:86:5e:c4:d5:a6:57:16:d9:7e:
18:60:c4:b0:db:ae:3e:c6:c8:a9:de:2d:ab:99:18:
f4:8f:93:e1:59:b5:a8:ff:be:f6:23:e2:bd:f4:98:
31:e4:de:1e:76:af:65:b9:eb:dc:3d:d9:5e:49:61:
68:60:ea:a0:73:8f:3e:39:46:3f:0d:96:dc:df:13:
da:cb:7f:d1:8f:15:f0:49:87:ae:b1:64:d3:ec:68:
09:5f:79:20:b1:a8:57:4c:3b:85:ab:bc:3e:e8:24:
17:0f:24:7a:d6:ed:ef:95:dc:97:dd:3e:c3:d7:9e:
7d:a5:fe:12:f1:69:6d:31:e2:26:65:a9:8c:96:46:
ff:64:01:3c:cc:cb:b6:60:ad:98:4f:43:a0:ba:89:
23:b1:54:ed:3c:a5:97:73:a5:f2:62:c6:1f:ae:d3:
9d:de:9a:30:f0:fc:fa:ea:b9:03:13:fd:a4:ff:fd:
6d:64:6d:b2:bb:15:97:aa:26:6d:7d:d9:24:6c:a9:
83:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:1E:90:BF:44:CB:6F:5E:77:16:98:FB:9F:6F:14:21:60:60:72:05
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a45d5e2a-b38d-4e66-86d3-7a039177d46e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
13.130.0.0/21
Signature Algorithm: sha256WithRSAEncryption
d1:08:95:83:af:51:59:16:f4:9c:64:76:34:4c:a4:6f:55:0e:
5e:1e:02:48:06:d4:41:7a:cd:3e:f5:65:54:5b:b7:98:34:68:
37:14:ad:12:1c:ad:0d:54:88:64:e9:cd:81:ed:54:d8:a8:ff:
ff:80:62:bf:c4:d3:75:f9:cb:92:e2:42:5b:bb:a5:8c:13:1b:
3c:cb:46:06:c4:c9:b0:f5:02:25:c9:08:2d:ce:af:e5:06:fc:
51:92:8e:e9:b0:1a:52:10:a5:94:e9:65:05:0c:cc:f9:c3:7a:
5f:48:74:9f:1b:9c:14:73:52:af:14:49:ce:19:c9:4a:79:3c:
de:58:f7:eb:23:39:3e:2b:e1:2b:ed:06:94:a2:5e:2c:bd:4d:
9f:3a:62:8c:02:20:a9:6e:5a:63:0d:fd:cf:88:af:f2:37:fe:
1b:14:c4:d4:e1:70:52:68:62:7b:85:13:18:22:05:50:24:58:
93:30:d1:7f:41:bd:de:eb:fb:c7:f6:f3:f7:e0:6f:7d:a7:68:
82:f3:bd:2b:84:13:14:26:2f:83:3b:a7:71:bb:5d:44:a2:8c:
10:14:98:93:90:2f:db:4f:98:be:fa:03:56:32:fb:20:6e:c9:
a6:0b:d3:90:af:62:98:c0:50:ad:0f:d3:bc:6a:d4:fc:6a:a5:
90:a6:9f:43
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCdFD5ijPbbd+TqQsWRu6QFyDeK4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDMxMDAxMDAzWhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BmMmMzZDZjNDI0MzU2NzFhNWI2Mjk3ZDZhMGY4ZGJhZDM3
YTVmY2UyZGJkOWJiMmJhNjAyZWI0Mjc5NDg4MTYwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC39DK0cyb4gerQR90fOq2KNfna2Y9vha3jFvYGTRnh+mg0
tDGsi15QuwN7g8atJD9nwx183o2vAappXCVbciIjX4ZexNWmVxbZfhhgxLDbrj7G
yKneLauZGPSPk+FZtaj/vvYj4r30mDHk3h52r2W569w92V5JYWhg6qBzjz45Rj8N
ltzfE9rLf9GPFfBJh66xZNPsaAlfeSCxqFdMO4WrvD7oJBcPJHrW7e+V3JfdPsPX
nn2l/hLxaW0x4iZlqYyWRv9kATzMy7ZgrZhPQ6C6iSOxVO08pZdzpfJixh+u053e
mjDw/PrquQMT/aT//W1kbbK7FZeqJm192SRsqYNxAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUfR6Qv0TLb153Fpj7n28UIWBgcgUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E0NWQ1ZTJhLWIzOGQtNGU2Ni04NmQzLTdhMDM5MTc3ZDQ2ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMNggAwDQYJKoZIhvcNAQELBQADggEBANEIlYOvUVkW9JxkdjRMpG9VDl4e
AkgG1EF6zT71ZVRbt5g0aDcUrRIcrQ1UiGTpzYHtVNio//+AYr/E03X5y5LiQlu7
pYwTGzzLRgbEybD1AiXJCC3Or+UG/FGSjumwGlIQpZTpZQUMzPnDel9IdJ8bnBRz
Uq8USc4ZyUp5PN5Y9+sjOT4r4SvtBpSiXiy9TZ86YowCIKluWmMN/c+Ir/I3/hsU
xNThcFJoYnuFExgiBVAkWJMw0X9Bvd7r+8f28/fgb32naILzvSuEExQmL4M7p3G7
XUSijBAUmJOQL9tPmL76A1Yy+yBuyaYL05CvYpjAUK0P07xq1PxqpZCmn0M=
-----END CERTIFICATE-----
Generated at Wed Nov 5 11:26:24 2025 by rpki-client