Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b2a36fd0-8c46-4a97-b2e1-53d031c85428.roa
File: b2a36fd0-8c46-4a97-b2e1-53d031c85428.roa (raw, json)
Hash identifier: TKrhoab6QIyTzbopi2Ps+VytqzJCfKqpZHOYvAylY3E=
Subject key identifier: C9:4A:1E:DC:70:6E:15:2F:41:3E:A2:39:13:B6:9D:7C:54:CF:FF:98
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 10E148E0266F9779321939C634A5C2705C8FC5F7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b2a36fd0-8c46-4a97-b2e1-53d031c85428.roa
Signing time: Wed 05 Nov 2025 00:31:00 +0000
ROA not before: Wed 05 Nov 2025 00:31:00 +0000
ROA not after: Wed 10 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 69.0.176.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:e1:48:e0:26:6f:97:79:32:19:39:c6:34:a5:c2:70:5c:8f:c5:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 5 00:31:00 2025 GMT
Not After : Dec 10 23:59:59 2025 GMT
Subject: serialNumber=2d01eda8dd7ec5c52dee8cac07e924c7f29a79cc2a922309cb745c1c268f9344, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:48:ee:78:51:96:50:e6:c1:0e:8e:18:87:4b:
0b:ad:67:fa:03:aa:8f:61:80:75:ad:df:17:98:4b:
46:88:74:f9:eb:ca:b7:03:f3:86:d4:2f:58:f7:ac:
c3:9f:d4:ce:2d:7b:b8:ef:83:29:8e:48:e0:a3:f4:
22:7b:65:7a:23:5b:e4:ae:15:ad:05:e5:cd:22:4f:
97:1c:3d:e4:2f:8e:3a:33:ab:b5:28:e6:8b:2f:ab:
68:4f:a9:60:d2:ba:b1:e4:c1:bf:c9:06:de:c9:41:
17:62:ab:f0:68:b1:ca:e8:5b:b2:c0:15:d0:d7:f3:
e0:07:01:18:96:ac:d8:4a:d1:d3:59:0a:48:26:22:
40:38:7c:55:05:2f:31:c6:63:3f:0e:22:a8:0f:51:
a6:73:96:d9:82:a2:03:df:67:26:75:61:51:10:a0:
aa:34:5d:9e:63:21:20:aa:60:99:db:e6:8a:c0:11:
c8:87:71:5c:4f:b0:2e:74:84:97:fd:9a:a1:46:d5:
82:6c:65:f7:1f:d0:73:a6:14:7b:5c:96:a8:b9:ea:
26:51:e3:87:ce:3c:03:8b:2a:c5:38:82:bd:0a:a8:
22:41:9b:56:39:54:4a:c9:83:8c:41:6f:b5:38:28:
ba:ce:a1:ce:c3:85:89:57:26:19:cd:3e:de:06:0b:
c4:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:4A:1E:DC:70:6E:15:2F:41:3E:A2:39:13:B6:9D:7C:54:CF:FF:98
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b2a36fd0-8c46-4a97-b2e1-53d031c85428.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
69.0.176.0/21
Signature Algorithm: sha256WithRSAEncryption
07:4f:75:a0:f7:91:24:d0:c1:18:1a:30:00:97:09:60:43:e9:
71:b0:81:de:ca:5e:a6:e9:0d:7a:c6:6b:88:48:62:29:d6:4f:
c5:ed:85:e7:ce:f5:b6:49:51:a1:a6:50:0a:97:72:2a:d5:3e:
5c:9e:9f:89:f0:bb:be:b2:db:a5:3f:40:b1:2f:32:d8:e9:4d:
80:c2:08:8d:a0:dd:73:9f:a5:bf:c0:98:63:78:1a:fd:b9:24:
2a:8b:99:92:4f:8c:d5:ff:d4:f6:c8:be:75:17:16:e3:4f:3f:
4b:19:26:ba:25:7d:06:68:4c:af:3c:15:c2:22:9e:09:9d:d9:
f4:58:c4:59:ae:45:28:61:cb:bf:2c:37:57:12:3c:6e:f8:e9:
db:b1:26:94:12:16:82:42:85:d6:fd:f9:0e:f2:9d:a9:cd:7e:
b7:b9:b4:79:f4:a5:46:3a:d4:28:d7:46:fc:8d:fa:e6:15:d1:
84:b9:5d:11:82:46:8b:8a:24:59:e7:e2:dc:da:c6:24:bf:70:
c4:af:fe:d3:81:56:dc:a6:41:53:43:35:43:bb:8c:ba:2f:f4:
3a:ce:ae:21:94:1d:2c:82:66:41:f7:f1:58:cb:c4:c7:f4:7e:
70:e7:d0:fd:8c:21:45:b2:b3:1d:cf:b2:24:b1:87:3e:5f:55:
95:17:eb:a3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUEOFI4CZvl3kyGTnGNKXCcFyPxfcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTA1MDAzMTAwWhcNMjUxMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AyZDAxZWRhOGRkN2VjNWM1MmRlZThjYWMwN2U5MjRjN2Yy
OWE3OWNjMmE5MjIzMDljYjc0NWMxYzI2OGY5MzQ0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDbSO54UZZQ5sEOjhiHSwutZ/oDqo9hgHWt3xeYS0aIdPnr
yrcD84bUL1j3rMOf1M4te7jvgymOSOCj9CJ7ZXojW+SuFa0F5c0iT5ccPeQvjjoz
q7Uo5osvq2hPqWDSurHkwb/JBt7JQRdiq/BoscroW7LAFdDX8+AHARiWrNhK0dNZ
CkgmIkA4fFUFLzHGYz8OIqgPUaZzltmCogPfZyZ1YVEQoKo0XZ5jISCqYJnb5orA
EciHcVxPsC50hJf9mqFG1YJsZfcf0HOmFHtclqi56iZR44fOPAOLKsU4gr0KqCJB
m1Y5VErJg4xBb7U4KLrOoc7DhYlXJhnNPt4GC8RtAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUyUoe3HBuFS9BPqI5E7adfFTP/5gwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2IyYTM2ZmQwLThjNDYtNGE5Ny1iMmUxLTUzZDAzMWM4NTQyOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANFALAwDQYJKoZIhvcNAQELBQADggEBAAdPdaD3kSTQwRgaMACXCWBD6XGw
gd7KXqbpDXrGa4hIYinWT8XthefO9bZJUaGmUAqXcirVPlyen4nwu76y26U/QLEv
MtjpTYDCCI2g3XOfpb/AmGN4Gv25JCqLmZJPjNX/1PbIvnUXFuNPP0sZJrolfQZo
TK88FcIingmd2fRYxFmuRShhy78sN1cSPG746duxJpQSFoJChdb9+Q7ynanNfre5
tHn0pUY61CjXRvyN+uYV0YS5XRGCRouKJFnn4tzaxiS/cMSv/tOBVtymQVNDNUO7
jLov9DrOriGUHSyCZkH38VjLxMf0fnDn0P2MIUWysx3PsiSxhz5fVZUX66M=
-----END CERTIFICATE-----
Generated at Wed Nov 5 11:36:34 2025 by rpki-client