Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b1f089e6-6ff8-4535-9bb3-006927a5216c.roa
File: b1f089e6-6ff8-4535-9bb3-006927a5216c.roa (raw, json)
Hash identifier: aURtizVnQavhzed2efnf9v4za4WWici/3frN5j4djrk=
Subject key identifier: E0:46:78:C3:12:DC:4C:ED:1C:47:93:1F:72:CD:F3:0A:C1:CF:83:E4
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 0C37E0D6E0030636E6469DAA5A984B61CE9E9C2E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b1f089e6-6ff8-4535-9bb3-006927a5216c.roa
Signing time: Wed 22 Oct 2025 00:30:08 +0000
ROA not before: Wed 22 Oct 2025 00:30:08 +0000
ROA not after: Wed 26 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 16.57.0.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:37:e0:d6:e0:03:06:36:e6:46:9d:aa:5a:98:4b:61:ce:9e:9c:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 22 00:30:08 2025 GMT
Not After : Nov 26 23:59:59 2025 GMT
Subject: serialNumber=fab28a0b2c7e2821f4be297e93d5835400874a3c85671acf0bcd5a2acd3e7478, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:01:b7:06:dd:69:62:bc:2b:5b:45:84:f9:4a:
7d:27:b6:13:20:1f:99:0d:4d:a6:30:c1:fe:08:c0:
1a:70:6b:8e:49:f4:a2:ab:ee:d7:a4:ab:85:56:35:
51:38:51:57:ce:e0:1c:e6:68:5e:6a:20:85:95:b7:
e1:fc:ad:b4:37:7f:be:88:79:d1:37:05:e5:21:37:
ec:6f:d8:34:c8:eb:92:44:31:a7:0c:e8:7a:7e:1f:
63:97:c2:db:31:77:ff:b7:3c:7e:a2:b1:c6:d1:71:
8b:f5:72:19:8f:c3:18:c5:6d:36:36:7b:e5:b0:60:
67:52:08:60:63:73:83:ae:69:05:6e:4e:8c:42:1c:
07:32:46:fb:71:75:12:5d:8c:18:39:60:58:fa:a5:
f9:fe:60:2a:4d:22:88:b6:d1:03:bc:2c:09:00:10:
f4:62:7b:1c:bc:22:27:06:2d:85:0f:2b:fd:df:11:
fb:d2:e8:64:3f:c6:08:af:e8:71:2a:8e:a6:13:8f:
c2:2a:fd:f6:db:05:64:23:c6:93:d3:35:e6:60:5e:
10:da:f7:0f:77:8f:16:1c:2e:79:91:db:08:e8:35:
c0:dc:6e:42:ee:cc:1e:c2:7e:62:f4:7d:da:00:f1:
d5:32:e3:78:aa:a9:a4:2e:bb:cc:3d:53:ae:fb:17:
49:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:46:78:C3:12:DC:4C:ED:1C:47:93:1F:72:CD:F3:0A:C1:CF:83:E4
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b1f089e6-6ff8-4535-9bb3-006927a5216c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.57.0.0/19
Signature Algorithm: sha256WithRSAEncryption
1d:12:64:56:ba:65:71:71:8b:b1:1c:b0:60:8d:19:d2:3c:4b:
6b:f4:5e:89:64:5a:93:f7:25:87:c7:13:26:3c:e4:cc:8e:52:
11:a6:0f:99:d7:0e:b0:2a:95:52:3c:4b:da:0c:70:70:35:9c:
fa:e5:35:66:19:e3:4e:1d:ea:5b:2c:43:c4:a2:4d:38:b5:15:
48:ac:b2:f1:09:81:32:78:81:ca:1a:1a:1d:34:fb:ba:e4:ff:
c6:34:59:3b:65:4d:4e:8e:52:65:dc:4e:21:6a:a4:dd:af:84:
70:e1:45:8f:50:c0:6e:64:11:f7:d7:fd:dd:0a:02:89:18:eb:
0d:56:6c:29:9d:ff:81:14:30:8f:d3:6e:1e:de:21:c1:0f:77:
8c:49:cb:a8:a2:e5:e5:e0:2d:cf:85:42:df:b9:9a:fb:e6:aa:
a2:e8:4d:68:01:ea:88:0b:5d:c6:1d:7c:c1:9f:1b:9d:50:01:
00:99:8d:3d:71:13:c9:25:fd:30:b8:ff:fb:76:21:33:48:a8:
dc:a2:0f:38:f4:73:88:0b:93:4b:db:e3:94:bd:ea:37:25:76:
4f:1f:10:52:31:6c:28:b8:62:99:e0:e1:8b:f0:21:1a:4e:3d:
b4:5f:39:13:b4:78:4d:9b:60:a7:00:14:ce:72:97:9d:dd:5a:
03:11:a7:e3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDDfg1uADBjbmRp2qWphLYc6enC4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIyMDAzMDA4WhcNMjUxMTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0BmYWIyOGEwYjJjN2UyODIxZjRiZTI5N2U5M2Q1ODM1NDAw
ODc0YTNjODU2NzFhY2YwYmNkNWEyYWNkM2U3NDc4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDuAbcG3WlivCtbRYT5Sn0nthMgH5kNTaYwwf4IwBpwa45J
9KKr7tekq4VWNVE4UVfO4BzmaF5qIIWVt+H8rbQ3f76IedE3BeUhN+xv2DTI65JE
MacM6Hp+H2OXwtsxd/+3PH6iscbRcYv1chmPwxjFbTY2e+WwYGdSCGBjc4OuaQVu
ToxCHAcyRvtxdRJdjBg5YFj6pfn+YCpNIoi20QO8LAkAEPRiexy8IicGLYUPK/3f
EfvS6GQ/xgiv6HEqjqYTj8Iq/fbbBWQjxpPTNeZgXhDa9w93jxYcLnmR2wjoNcDc
bkLuzB7CfmL0fdoA8dUy43iqqaQuu8w9U677F0lzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU4EZ4wxLcTO0cR5Mfcs3zCsHPg+QwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2IxZjA4OWU2LTZmZjgtNDUzNS05YmIzLTAwNjkyN2E1MjE2Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAUQOQAwDQYJKoZIhvcNAQELBQADggEBAB0SZFa6ZXFxi7EcsGCNGdI8S2v0
XolkWpP3JYfHEyY85MyOUhGmD5nXDrAqlVI8S9oMcHA1nPrlNWYZ404d6lssQ8Si
TTi1FUissvEJgTJ4gcoaGh00+7rk/8Y0WTtlTU6OUmXcTiFqpN2vhHDhRY9QwG5k
EffX/d0KAokY6w1WbCmd/4EUMI/Tbh7eIcEPd4xJy6ii5eXgLc+FQt+5mvvmqqLo
TWgB6ogLXcYdfMGfG51QAQCZjT1xE8kl/TC4//t2ITNIqNyiDzj0c4gLk0vb45S9
6jcldk8fEFIxbCi4Ypng4YvwIRpOPbRfORO0eE2bYKcAFM5yl53dWgMRp+M=
-----END CERTIFICATE-----
Generated at Wed Nov 5 10:01:49 2025 by rpki-client