Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bb30dae4-d1a8-4163-8e98-839af3476d58.roa
File: bb30dae4-d1a8-4163-8e98-839af3476d58.roa (raw, json)
Hash identifier: hWk7EFdU0ujJ92iAq+oDxy19bi+QEFt9N8UFNZBhrMI=
Subject key identifier: 98:C2:D7:B7:E3:2D:0C:A5:25:47:56:E6:82:D2:8E:16:7B:8A:4E:B2
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 1D2A82DC15D127FFE7578EDFCCDF670979216C33
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bb30dae4-d1a8-4163-8e98-839af3476d58.roa
Signing time: Tue 21 Oct 2025 00:20:50 +0000
ROA not before: Tue 21 Oct 2025 00:20:50 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 16.56.224.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:2a:82:dc:15:d1:27:ff:e7:57:8e:df:cc:df:67:09:79:21:6c:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 21 00:20:50 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=502159b7bd90c81c041e0ba1eb302baadfb148610160cbd858420bc362451714, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:04:7b:b8:0f:89:5c:fe:ec:1d:c7:a7:e4:d4:
68:e1:e4:f4:3a:91:ed:03:b1:78:78:a5:66:db:91:
81:3e:26:1c:ee:6c:35:40:e2:59:22:81:3d:6d:49:
4c:bb:d9:37:20:b9:72:cf:a5:b6:74:8f:ea:ec:3c:
5d:c2:60:ac:14:2d:2b:ed:79:e9:15:33:d4:a7:41:
7e:e4:c8:18:ea:ef:c4:0a:ad:f1:ae:5c:30:a9:2a:
44:5c:f5:5d:15:13:da:f5:be:0b:84:78:8a:1d:54:
49:39:bd:9d:fa:39:aa:8c:6c:6b:38:90:31:5b:cb:
f9:83:ac:6b:a9:b1:9d:60:75:84:5e:56:d2:c9:5d:
1d:a6:2d:5f:e6:07:09:ee:d7:71:b1:fc:52:ec:3d:
cb:cf:77:e9:e2:bc:82:44:e5:d4:6c:2d:57:cc:f1:
45:7d:df:6e:4c:3e:f6:a2:42:50:cc:6a:8e:3d:31:
ca:88:ba:91:89:37:a0:72:6b:e6:cf:b1:41:04:97:
17:25:b0:f6:bf:0c:f5:6a:e8:54:ef:83:00:b9:24:
39:71:50:43:56:32:26:fc:8e:ed:bf:3d:bf:5a:05:
99:93:40:af:05:99:ae:7e:36:92:59:1f:a8:ab:14:
b7:66:0d:ff:57:d4:e5:ef:09:c5:a1:36:4f:17:d9:
d7:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:C2:D7:B7:E3:2D:0C:A5:25:47:56:E6:82:D2:8E:16:7B:8A:4E:B2
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bb30dae4-d1a8-4163-8e98-839af3476d58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.56.224.0/19
Signature Algorithm: sha256WithRSAEncryption
c0:f3:f5:5b:00:9d:b9:aa:b9:d8:4d:18:34:24:7c:08:2f:72:
15:89:b4:89:38:56:33:b4:89:ea:16:20:e4:3c:7f:a1:95:2c:
8c:8f:ed:6c:b5:6c:63:bd:2c:00:f3:24:9c:c1:5f:c5:98:8f:
4f:bd:c5:06:65:61:d2:3e:05:48:e9:e3:73:b2:2e:87:cd:8b:
d5:fe:93:b6:eb:a4:82:88:66:5f:19:c1:f9:d2:06:73:d8:83:
46:99:d1:07:db:bd:ee:b8:3b:f3:99:17:48:3e:b1:5a:7c:64:
f4:32:9c:9e:73:b8:ac:54:58:fa:55:c3:7d:9e:42:9e:22:3c:
45:a3:36:95:6d:bd:a1:af:b4:84:99:ee:bc:1a:1a:8b:85:95:
f1:5c:e0:70:76:65:8a:b3:80:71:51:26:d0:52:2c:26:bd:ee:
97:36:de:d7:57:cf:b5:97:ce:d5:79:44:3f:e6:52:aa:3b:87:
8c:bc:45:4e:06:4a:49:c0:6d:9c:ed:88:15:2c:74:e4:ad:40:
0a:d2:53:15:d8:82:cc:d0:2d:b9:ed:0c:5a:01:48:31:36:2a:
2e:f3:dd:95:8a:27:f2:e3:90:ea:45:8c:a8:90:22:db:ca:11:
c2:b1:a1:70:7f:e3:06:00:90:20:23:8e:c6:02:b9:88:63:e0:
58:f0:c7:8b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUHSqC3BXRJ//nV47fzN9nCXkhbDMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIxMDAyMDUwWhcNMjUxMTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A1MDIxNTliN2JkOTBjODFjMDQxZTBiYTFlYjMwMmJhYWRm
YjE0ODYxMDE2MGNiZDg1ODQyMGJjMzYyNDUxNzE0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCtBHu4D4lc/uwdx6fk1Gjh5PQ6ke0DsXh4pWbbkYE+Jhzu
bDVA4lkigT1tSUy72TcguXLPpbZ0j+rsPF3CYKwULSvteekVM9SnQX7kyBjq78QK
rfGuXDCpKkRc9V0VE9r1vguEeIodVEk5vZ36OaqMbGs4kDFby/mDrGupsZ1gdYRe
VtLJXR2mLV/mBwnu13Gx/FLsPcvPd+nivIJE5dRsLVfM8UV9325MPvaiQlDMao49
McqIupGJN6Bya+bPsUEElxclsPa/DPVq6FTvgwC5JDlxUENWMib8ju2/Pb9aBZmT
QK8Fma5+NpJZH6irFLdmDf9X1OXvCcWhNk8X2dfrAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUmMLXt+MtDKUlR1bmgtKOFnuKTrIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JiMzBkYWU0LWQxYTgtNDE2My04ZTk4LTgzOWFmMzQ3NmQ1OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAUQOOAwDQYJKoZIhvcNAQELBQADggEBAMDz9VsAnbmqudhNGDQkfAgvchWJ
tIk4VjO0ieoWIOQ8f6GVLIyP7Wy1bGO9LADzJJzBX8WYj0+9xQZlYdI+BUjp43Oy
LofNi9X+k7brpIKIZl8ZwfnSBnPYg0aZ0Qfbve64O/OZF0g+sVp8ZPQynJ5zuKxU
WPpVw32eQp4iPEWjNpVtvaGvtISZ7rwaGouFlfFc4HB2ZYqzgHFRJtBSLCa97pc2
3tdXz7WXztV5RD/mUqo7h4y8RU4GSknAbZztiBUsdOStQArSUxXYgszQLbntDFoB
SDE2Ki7z3ZWKJ/LjkOpFjKiQItvKEcKxoXB/4wYAkCAjjsYCuYhj4Fjwx4s=
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:48:28 2025 by rpki-client