Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a7e4e4c8-325e-4c4d-8dfa-29db72c04b6e.roa
File: a7e4e4c8-325e-4c4d-8dfa-29db72c04b6e.roa (raw, json)
Hash identifier: zqGKi+BhKyrTvZr1BIJlDPxk6NtTn2OLSfTHd+Yu4Ac=
Subject key identifier: AD:D3:6C:22:D0:AE:C0:C8:4B:8A:61:1A:6A:80:22:34:DD:DA:79:E6
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 1BCC8FD90596B086799E2BC65F2CC92BAF8FC543
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a7e4e4c8-325e-4c4d-8dfa-29db72c04b6e.roa
Signing time: Wed 22 Oct 2025 00:40:06 +0000
ROA not before: Wed 22 Oct 2025 00:40:06 +0000
ROA not after: Wed 26 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 210.89.64.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:cc:8f:d9:05:96:b0:86:79:9e:2b:c6:5f:2c:c9:2b:af:8f:c5:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 22 00:40:06 2025 GMT
Not After : Nov 26 23:59:59 2025 GMT
Subject: serialNumber=ac7c862a53bc37c872513f33c316c6f6d13e8b1a1eea87f9362061a11eee13a4, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:6e:bf:c7:a7:4f:87:62:75:29:8a:f8:53:8f:
4e:33:c4:bf:c0:57:fb:39:e6:52:a3:37:db:6a:94:
4f:c4:7c:8e:ea:1a:1c:83:19:87:8c:c4:b5:2a:b0:
df:0a:1c:80:4a:12:88:74:e7:a6:c7:9a:be:b4:5d:
b1:62:d2:36:82:dd:7a:a9:49:94:77:4f:12:56:66:
d2:2c:dc:d4:37:61:d9:8d:53:77:94:3e:c4:96:8c:
af:e1:69:71:9b:6d:cf:56:bf:1e:f3:0f:55:c6:f0:
07:56:3e:ce:49:2c:18:a0:59:ee:43:f7:77:05:b1:
3b:d4:c3:1f:75:00:9c:45:39:0e:45:55:aa:9e:fb:
15:3a:9f:cc:bc:a2:22:eb:82:b5:96:f6:d5:c5:65:
62:1e:e8:2f:7b:b1:6e:31:f4:62:ee:82:e3:25:81:
74:3e:48:47:4a:29:78:3a:ad:eb:d3:7b:a2:c7:ce:
e6:36:9d:a8:f6:7b:d6:b8:40:ab:04:a7:2c:10:f5:
aa:ed:e8:af:bf:06:e3:06:44:b5:8d:00:1d:8e:1d:
d0:51:26:eb:1e:16:66:22:d9:9f:82:3c:e4:0d:b4:
6d:19:19:80:d5:80:fa:86:3f:21:3a:8d:13:c4:cf:
07:b9:5b:a4:cc:69:84:7c:6f:7c:f7:a9:d4:0a:d1:
8c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:D3:6C:22:D0:AE:C0:C8:4B:8A:61:1A:6A:80:22:34:DD:DA:79:E6
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a7e4e4c8-325e-4c4d-8dfa-29db72c04b6e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
210.89.64.0/19
Signature Algorithm: sha256WithRSAEncryption
5f:1c:b1:4e:ef:3b:0e:4d:95:f7:11:aa:88:8e:57:c8:40:91:
2b:38:6f:46:41:7d:4c:7d:ba:cf:c7:f0:44:25:4d:46:10:ba:
58:cc:6a:5b:3a:90:08:48:32:b0:67:28:bd:8c:1b:ac:da:68:
5e:59:a1:ed:55:ee:ed:8c:21:db:50:bb:1a:32:2e:f3:7d:00:
30:84:2d:04:3d:23:0a:99:98:91:08:75:9f:3d:f4:04:0a:4b:
d6:db:68:fc:3c:e9:c3:5c:4b:e4:fc:dc:3f:92:01:ad:f9:0f:
94:42:36:f0:fa:a0:5f:dd:2f:64:c5:32:58:43:ea:c5:3e:bd:
5e:42:b4:1c:4f:5d:54:d1:a8:70:64:d7:64:49:5d:91:a9:b3:
93:df:66:2c:9f:31:6f:cd:f0:07:b7:a3:48:fa:55:a8:3e:90:
48:36:0c:94:fb:06:cb:cd:f1:c6:c0:5a:b2:a7:30:95:0e:d7:
9c:67:35:13:48:11:0a:3f:fa:a9:0a:a4:21:fd:35:fe:e0:d8:
b0:5b:bd:53:7a:ba:17:4a:c3:70:59:5d:28:89:b2:b6:19:16:
d1:06:48:0a:b8:e7:ff:7a:5f:ba:93:36:29:16:e8:c2:c2:2d:
cb:8b:5b:b7:f1:50:3b:95:c7:f7:2f:a8:a3:ac:b7:ce:02:91:
f4:78:6c:f4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUG8yP2QWWsIZ5nivGXyzJK6+PxUMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIyMDA0MDA2WhcNMjUxMTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0BhYzdjODYyYTUzYmMzN2M4NzI1MTNmMzNjMzE2YzZmNmQx
M2U4YjFhMWVlYTg3ZjkzNjIwNjFhMTFlZWUxM2E0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC5br/Hp0+HYnUpivhTj04zxL/AV/s55lKjN9tqlE/EfI7q
GhyDGYeMxLUqsN8KHIBKEoh056bHmr60XbFi0jaC3XqpSZR3TxJWZtIs3NQ3YdmN
U3eUPsSWjK/haXGbbc9Wvx7zD1XG8AdWPs5JLBigWe5D93cFsTvUwx91AJxFOQ5F
Vaqe+xU6n8y8oiLrgrWW9tXFZWIe6C97sW4x9GLuguMlgXQ+SEdKKXg6revTe6LH
zuY2naj2e9a4QKsEpywQ9art6K+/BuMGRLWNAB2OHdBRJuseFmYi2Z+CPOQNtG0Z
GYDVgPqGPyE6jRPEzwe5W6TMaYR8b3z3qdQK0YyVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUrdNsItCuwMhLimEaaoAiNN3aeeYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E3ZTRlNGM4LTMyNWUtNGM0ZC04ZGZhLTI5ZGI3MmMwNGI2ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXSWUAwDQYJKoZIhvcNAQELBQADggEBAF8csU7vOw5NlfcRqoiOV8hAkSs4
b0ZBfUx9us/H8EQlTUYQuljMals6kAhIMrBnKL2MG6zaaF5Zoe1V7u2MIdtQuxoy
LvN9ADCELQQ9IwqZmJEIdZ899AQKS9bbaPw86cNcS+T83D+SAa35D5RCNvD6oF/d
L2TFMlhD6sU+vV5CtBxPXVTRqHBk12RJXZGps5PfZiyfMW/N8Ae3o0j6Vag+kEg2
DJT7BsvN8cbAWrKnMJUO15xnNRNIEQo/+qkKpCH9Nf7g2LBbvVN6uhdKw3BZXSiJ
srYZFtEGSAq45/96X7qTNikW6MLCLcuLW7fxUDuVx/cvqKOst84CkfR4bPQ=
-----END CERTIFICATE-----
Generated at Wed Nov 5 11:26:03 2025 by rpki-client