Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a742ab6f-52d7-459d-b6ac-a4a50279b25c.roa
File: a742ab6f-52d7-459d-b6ac-a4a50279b25c.roa (raw, json)
Hash identifier: jEcu/0R9K4byGhEkI0hqwInMS3vX70MncBEINOy6XeA=
Subject key identifier: 6A:EA:52:C6:1B:50:8D:C1:DC:71:FF:05:47:D8:DC:CA:5D:F9:F0:0B
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2461AA4254759C7409CAA34F1B5A573A0D7A070E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a742ab6f-52d7-459d-b6ac-a4a50279b25c.roa
Signing time: Sun 02 Nov 2025 00:41:22 +0000
ROA not before: Sun 02 Nov 2025 00:41:22 +0000
ROA not after: Sun 07 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 99.151.152.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:61:aa:42:54:75:9c:74:09:ca:a3:4f:1b:5a:57:3a:0d:7a:07:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 2 00:41:22 2025 GMT
Not After : Dec 7 23:59:59 2025 GMT
Subject: serialNumber=23a7a6db27375490991bae5f782a8c300a40264f8ce601dc0844c5bd135c3067, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fd:97:72:df:1c:9d:1d:33:60:bc:3f:98:c1:
16:dd:b9:a3:f3:9d:22:2d:f1:5e:df:3b:50:0c:24:
ec:18:e9:9e:bb:98:80:95:25:7f:b6:5d:20:da:14:
50:bc:14:26:26:e6:bb:3e:39:66:6e:b2:64:1c:60:
9e:20:ed:3e:c3:4b:71:bf:07:a6:9b:f0:27:4c:00:
da:79:9d:c9:8f:23:52:55:0a:22:b4:e0:7c:f4:65:
ed:d5:1b:e2:09:b5:d9:10:a4:b7:75:f3:92:ac:13:
13:6c:e4:2f:20:d0:48:ef:ed:74:54:4b:d8:ef:39:
f9:dc:2f:2b:0f:7f:a4:bb:47:2f:9c:c1:b3:6e:9a:
e2:7d:b3:ec:bf:a6:e7:ae:42:70:35:1b:c2:e9:43:
33:8b:5c:37:97:82:28:b2:a0:c7:cf:41:23:0c:1c:
d9:4d:8c:28:71:7c:2a:32:36:c2:7c:75:c6:a2:31:
30:64:93:2e:90:1a:c8:d5:9c:6a:aa:3c:97:dc:5c:
b8:66:3b:b9:2f:b2:66:82:99:37:3b:2f:24:af:16:
49:00:4a:84:6f:be:d3:91:6f:b5:56:6d:c4:59:2e:
8a:84:55:09:6a:75:f5:a4:c9:b5:d8:b5:2a:bc:55:
76:33:b8:e9:89:7a:32:04:84:00:35:b7:7c:20:db:
98:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:EA:52:C6:1B:50:8D:C1:DC:71:FF:05:47:D8:DC:CA:5D:F9:F0:0B
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a742ab6f-52d7-459d-b6ac-a4a50279b25c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
99.151.152.0/23
Signature Algorithm: sha256WithRSAEncryption
99:0d:87:6a:11:e6:de:d4:9f:d6:6e:94:da:c7:d2:cb:42:ec:
de:ca:57:f3:cc:f3:c3:02:d5:07:e7:0b:ea:67:31:56:0a:0b:
1f:88:cd:b9:5c:8d:26:62:11:bd:a9:8d:d9:5d:da:ac:0f:f2:
ce:b2:b8:a8:f7:d3:72:e9:1c:0c:a2:59:45:43:c4:fc:80:37:
fb:08:9c:ee:e6:e4:07:7a:81:b6:b6:0f:05:7b:43:8e:8a:55:
da:db:08:8d:db:d5:fd:06:8a:15:49:05:f5:5f:61:ac:5f:7a:
44:26:54:0a:3f:af:fb:59:08:8a:14:ad:12:6c:ea:58:2a:fa:
9d:f7:e1:8b:0e:c4:83:b2:61:f8:f9:d8:14:59:9a:05:a9:0d:
11:31:ab:11:02:c0:f6:ef:65:a0:e2:33:03:77:7a:78:f4:da:
a4:9c:c3:a1:a4:bd:8e:f3:86:ea:2c:6b:a6:c3:33:78:e8:30:
76:e7:fa:db:d7:fb:32:2e:cd:35:41:3a:a8:5a:68:e5:1d:81:
6c:ba:03:6e:2a:22:7d:cf:2e:bb:a1:35:0f:c4:90:3a:5f:6c:
09:a9:2b:c3:db:fb:99:da:13:c1:7e:a3:b4:0d:99:85:60:b7:
51:ea:00:4c:34:f9:ad:ca:4a:78:f5:22:3e:56:b0:ff:4f:b9:
a5:df:99:45
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJGGqQlR1nHQJyqNPG1pXOg16Bw4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTAyMDA0MTIyWhcNMjUxMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0AyM2E3YTZkYjI3Mzc1NDkwOTkxYmFlNWY3ODJhOGMzMDBh
NDAyNjRmOGNlNjAxZGMwODQ0YzViZDEzNWMzMDY3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3/Zdy3xydHTNgvD+YwRbduaPznSIt8V7fO1AMJOwY6Z67
mICVJX+2XSDaFFC8FCYm5rs+OWZusmQcYJ4g7T7DS3G/B6ab8CdMANp5ncmPI1JV
CiK04Hz0Ze3VG+IJtdkQpLd185KsExNs5C8g0Ejv7XRUS9jvOfncLysPf6S7Ry+c
wbNumuJ9s+y/pueuQnA1G8LpQzOLXDeXgiiyoMfPQSMMHNlNjChxfCoyNsJ8dcai
MTBkky6QGsjVnGqqPJfcXLhmO7kvsmaCmTc7LySvFkkASoRvvtORb7VWbcRZLoqE
VQlqdfWkybXYtSq8VXYzuOmJejIEhAA1t3wg25jLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUaupSxhtQjcHccf8FR9jcyl358AswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E3NDJhYjZmLTUyZDctNDU5ZC1iNmFjLWE0YTUwMjc5YjI1Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFjl5gwDQYJKoZIhvcNAQELBQADggEBAJkNh2oR5t7Un9ZulNrH0stC7N7K
V/PM88MC1QfnC+pnMVYKCx+IzblcjSZiEb2pjdld2qwP8s6yuKj303LpHAyiWUVD
xPyAN/sInO7m5Ad6gba2DwV7Q46KVdrbCI3b1f0GihVJBfVfYaxfekQmVAo/r/tZ
CIoUrRJs6lgq+p334YsOxIOyYfj52BRZmgWpDRExqxECwPbvZaDiMwN3enj02qSc
w6GkvY7zhuosa6bDM3joMHbn+tvX+zIuzTVBOqhaaOUdgWy6A24qIn3PLruhNQ/E
kDpfbAmpK8Pb+5naE8F+o7QNmYVgt1HqAEw0+a3KSnj1Ij5WsP9PuaXfmUU=
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:49:15 2025 by rpki-client