Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a72a214c-660b-4404-9cf2-6877b6d84a40.roa
File: a72a214c-660b-4404-9cf2-6877b6d84a40.roa (raw, json)
Hash identifier: pPgmicyCV5uB7qXQ6aQ4Pk1HhIfKqvVIP/PVRHxWoag=
Subject key identifier: 60:3F:15:53:0A:8E:6E:31:F7:E1:8F:84:43:EB:13:50:B0:74:2F:5C
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 30FB610E5877565E9B46549D21317F71D7A5C295
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a72a214c-660b-4404-9cf2-6877b6d84a40.roa
Signing time: Tue 04 Nov 2025 00:00:07 +0000
ROA not before: Tue 04 Nov 2025 00:00:07 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1ff6:c000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:fb:61:0e:58:77:56:5e:9b:46:54:9d:21:31:7f:71:d7:a5:c2:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 4 00:00:07 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=7b128a4cbb43db3b844f6be4189bd395706056db428dbd0ec487be04dd1d368f, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b5:72:9e:ba:45:ca:06:4a:b5:4c:4f:6c:74:
6a:4f:99:4d:34:4e:99:50:5a:6e:5d:2b:24:56:39:
c4:5c:4a:fe:c1:4e:a0:83:c5:fd:44:10:ca:f8:ce:
ff:3b:ae:b5:ac:0a:a7:cb:dd:6f:5b:84:30:de:f3:
3d:0e:59:aa:25:b5:7c:08:6c:80:58:13:f2:ef:4e:
e4:9c:5c:88:46:8d:5a:99:cb:9b:a5:5d:21:a3:83:
9d:5b:21:8f:6b:a2:2d:80:54:f4:e8:7e:3b:25:eb:
13:fe:a4:d9:d9:33:01:fe:e2:70:2d:e9:13:9d:5f:
a6:3b:fb:b1:1d:cf:6a:32:b8:ca:6b:cb:4c:52:1a:
95:24:a2:9c:3b:07:c5:59:3c:56:d8:07:ff:05:47:
27:8f:ae:ca:2e:61:3e:9a:dc:80:5e:81:84:55:96:
f3:1c:12:50:a7:a1:f2:1b:34:7f:24:e2:0f:9c:93:
93:fb:bc:3e:3e:e8:5f:0e:e5:14:5b:38:e8:0f:55:
db:92:75:22:80:f6:ab:79:f4:1a:b5:7e:f4:26:32:
72:23:21:d3:fb:f5:29:71:df:fb:d4:b1:09:51:50:
db:13:e7:0d:5f:7d:2e:fd:3a:00:ac:5e:46:dc:c3:
aa:cd:25:4d:09:07:d5:99:98:07:d0:e4:7f:30:1f:
27:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:3F:15:53:0A:8E:6E:31:F7:E1:8F:84:43:EB:13:50:B0:74:2F:5C
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a72a214c-660b-4404-9cf2-6877b6d84a40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1ff6:c000::/48
Signature Algorithm: sha256WithRSAEncryption
26:99:b0:7a:03:9c:b4:4e:95:60:12:82:f9:d6:31:e7:82:8e:
95:6d:bb:5c:55:72:a4:cf:c8:fb:c5:4e:8d:81:8d:83:17:25:
43:1e:d9:28:bc:9c:d3:24:f7:2a:3a:0c:87:d6:f4:aa:d4:7a:
cc:80:35:a7:88:24:c8:8f:cc:bd:60:30:12:7c:b8:78:9f:b5:
a9:9a:57:36:c2:18:f1:b1:69:64:71:22:e4:43:d2:78:2f:4b:
f8:b7:93:30:e1:f9:9f:ca:e1:af:1b:d0:ed:71:f7:78:52:33:
ce:e8:e5:9e:09:fe:df:19:69:9a:94:e3:b3:6c:0b:7b:3a:ad:
36:54:7f:20:c6:39:bb:7d:99:79:2c:d2:c7:38:f8:fc:5e:2c:
a0:72:39:0e:65:83:24:ef:20:4a:c7:16:24:dc:7b:f3:e8:ea:
36:9b:03:ef:21:85:f1:06:6e:e0:4b:b4:4a:87:de:9e:4a:a6:
fb:e9:37:13:eb:a9:84:3d:dd:7e:0b:a4:b8:bd:9f:38:2e:9f:
b3:a4:b9:17:4c:3f:b2:93:90:7e:32:af:9b:65:63:1b:49:57:
be:06:5d:c2:5d:68:19:32:0d:cc:8c:2b:6d:17:3d:32:35:95:
83:06:40:63:0c:56:4f:9b:e2:de:d0:ed:0c:ed:4c:d0:70:ad:
f0:cf:82:06
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUMPthDlh3Vl6bRlSdITF/cdelwpUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTA0MDAwMDA3WhcNMjUxMjA5MjM1OTU5
WjB6MUkwRwYDVQQFE0A3YjEyOGE0Y2JiNDNkYjNiODQ0ZjZiZTQxODliZDM5NTcw
NjA1NmRiNDI4ZGJkMGVjNDg3YmUwNGRkMWQzNjhmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCztXKeukXKBkq1TE9sdGpPmU00TplQWm5dKyRWOcRcSv7B
TqCDxf1EEMr4zv87rrWsCqfL3W9bhDDe8z0OWaoltXwIbIBYE/LvTuScXIhGjVqZ
y5ulXSGjg51bIY9roi2AVPTofjsl6xP+pNnZMwH+4nAt6ROdX6Y7+7Edz2oyuMpr
y0xSGpUkopw7B8VZPFbYB/8FRyePrsouYT6a3IBegYRVlvMcElCnofIbNH8k4g+c
k5P7vD4+6F8O5RRbOOgPVduSdSKA9qt59Bq1fvQmMnIjIdP79Slx3/vUsQlRUNsT
5w1ffS79OgCsXkbcw6rNJU0JB9WZmAfQ5H8wHycVAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUYD8VUwqObjH34Y+EQ+sTULB0L1wwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E3MmEyMTRjLTY2MGItNDQwNC05Y2YyLTY4NzdiNmQ4NGE0MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB/2wAAwDQYJKoZIhvcNAQELBQADggEBACaZsHoDnLROlWASgvnWMeeC
jpVtu1xVcqTPyPvFTo2BjYMXJUMe2Si8nNMk9yo6DIfW9KrUesyANaeIJMiPzL1g
MBJ8uHiftamaVzbCGPGxaWRxIuRD0ngvS/i3kzDh+Z/K4a8b0O1x93hSM87o5Z4J
/t8ZaZqU47NsC3s6rTZUfyDGObt9mXks0sc4+PxeLKByOQ5lgyTvIErHFiTce/Po
6jabA+8hhfEGbuBLtEqH3p5KpvvpNxPrqYQ93X4LpLi9nzgun7OkuRdMP7KTkH4y
r5tlYxtJV74GXcJdaBkyDcyMK20XPTI1lYMGQGMMVk+b4t7Q7QztTNBwrfDPggY=
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:49:14 2025 by rpki-client