Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c2629315-55fc-4ccb-bd08-0655076226c5.roa
File: c2629315-55fc-4ccb-bd08-0655076226c5.roa (raw, json)
Hash identifier: Lok/pkc9ClwGp/oXcfpV8xqEyXSvk2wsWR+UlKs6m5E=
Subject key identifier: 2A:04:13:FD:24:B0:84:2F:40:05:7E:B6:AA:98:74:39:1A:6D:4A:FC
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 20C68B3AB915DAD976AE77D0B5206A7A2D38CE12
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c2629315-55fc-4ccb-bd08-0655076226c5.roa
Signing time: Tue 21 Oct 2025 00:30:14 +0000
ROA not before: Tue 21 Oct 2025 00:30:14 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 24.110.37.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:c6:8b:3a:b9:15:da:d9:76:ae:77:d0:b5:20:6a:7a:2d:38:ce:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 21 00:30:14 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=1d388c77abe78329735f64a5c3173c155c2ec99ba068c72620ad38afcb97a41c, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c1:f2:94:bb:a8:08:44:31:89:ff:9c:a5:80:
6e:67:62:d7:9a:d1:2e:81:dd:1b:9f:0a:0b:fe:90:
9c:a9:d1:65:dc:6f:1b:d0:3d:78:dc:56:ed:44:15:
58:a2:5d:0d:32:7a:ea:fb:1e:a0:57:ea:c9:99:7f:
3a:ac:97:38:f8:e8:bf:9b:7b:59:c8:15:01:b9:d4:
47:3a:5f:4e:c8:ee:3b:e7:30:ed:51:c3:b2:10:68:
03:83:eb:b4:e7:e2:65:b8:d7:be:ed:52:cf:b1:fb:
b3:ac:eb:01:6c:be:a8:d9:cb:9c:c7:15:1f:d8:52:
d5:b6:39:dc:af:cd:af:55:58:d9:ff:b2:1b:0c:21:
c7:a5:07:98:fc:72:68:c0:b1:c5:80:5f:cc:b7:6f:
e5:b8:47:5e:50:9d:c6:70:29:a4:67:fc:18:df:02:
7e:34:83:7f:15:5d:9f:42:42:5d:44:29:39:bf:4e:
16:9f:46:e8:8a:34:d9:b6:68:08:3a:5a:e7:c1:75:
13:78:61:b6:fd:49:65:35:9d:61:3a:15:15:2e:69:
66:91:d0:2d:b7:e1:21:bb:15:d9:8a:1b:04:00:b5:
af:c1:90:f8:1a:52:03:df:90:24:cb:a6:79:d7:57:
7c:67:cc:77:ed:06:7c:01:52:32:01:19:f8:98:ee:
65:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:04:13:FD:24:B0:84:2F:40:05:7E:B6:AA:98:74:39:1A:6D:4A:FC
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c2629315-55fc-4ccb-bd08-0655076226c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
24.110.37.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:aa:f0:43:15:e0:f3:32:18:b4:01:94:dd:b1:59:06:7b:5c:
3a:f4:de:92:7c:e3:b2:67:76:07:6f:31:64:82:50:d4:d0:e4:
ea:77:d3:1c:d1:b8:0c:a5:a3:ad:9e:d8:69:45:3c:91:6d:68:
8e:74:77:48:3d:4d:ef:7b:fe:70:78:39:96:d1:bf:b4:51:fe:
48:9f:2a:22:65:59:3b:1f:32:45:b8:d4:be:3c:9e:76:9f:12:
cd:01:fd:e4:a5:2b:c9:27:31:ef:8c:06:ef:74:39:02:f9:1e:
f8:30:ed:94:f7:9f:be:01:b7:96:d1:61:b1:84:25:9d:84:01:
60:79:b8:2e:c8:4f:76:61:94:7d:bf:6c:d5:30:d5:7c:f2:6d:
da:ec:c3:99:5a:ac:67:cb:f4:6e:98:97:03:24:4b:4d:80:cd:
0a:2d:68:72:8d:b0:01:2b:ee:09:53:6a:f4:cd:2f:8b:3e:85:
81:1b:58:e5:db:be:6d:43:ba:60:30:08:ad:3d:ca:d3:c4:90:
be:24:5c:77:b9:7d:e5:82:44:6f:7a:f2:53:22:93:a3:16:98:
9d:8e:5a:62:a9:a1:0e:1e:f1:9a:f3:e5:cf:a7:59:06:84:f8:
96:fb:e0:d1:8b:55:0e:41:36:de:b7:06:da:fe:9d:8e:a4:74:
8e:c6:da:eb
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIMaLOrkV2tl2rnfQtSBqei04zhIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIxMDAzMDE0WhcNMjUxMTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0AxZDM4OGM3N2FiZTc4MzI5NzM1ZjY0YTVjMzE3M2MxNTVj
MmVjOTliYTA2OGM3MjYyMGFkMzhhZmNiOTdhNDFjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxwfKUu6gIRDGJ/5ylgG5nYtea0S6B3RufCgv+kJyp0WXc
bxvQPXjcVu1EFViiXQ0yeur7HqBX6smZfzqslzj46L+be1nIFQG51Ec6X07I7jvn
MO1Rw7IQaAOD67Tn4mW4177tUs+x+7Os6wFsvqjZy5zHFR/YUtW2Odyvza9VWNn/
shsMIcelB5j8cmjAscWAX8y3b+W4R15QncZwKaRn/BjfAn40g38VXZ9CQl1EKTm/
ThafRuiKNNm2aAg6WufBdRN4Ybb9SWU1nWE6FRUuaWaR0C234SG7FdmKGwQAta/B
kPgaUgPfkCTLpnnXV3xnzHftBnwBUjIBGfiY7mWjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUKgQT/SSwhC9ABX62qph0ORptSvwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2MyNjI5MzE1LTU1ZmMtNGNjYi1iZDA4LTA2NTUwNzYyMjZjNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAYbiUwDQYJKoZIhvcNAQELBQADggEBALOq8EMV4PMyGLQBlN2xWQZ7XDr0
3pJ847JndgdvMWSCUNTQ5Op30xzRuAylo62e2GlFPJFtaI50d0g9Te97/nB4OZbR
v7RR/kifKiJlWTsfMkW41L48nnafEs0B/eSlK8knMe+MBu90OQL5Hvgw7ZT3n74B
t5bRYbGEJZ2EAWB5uC7IT3ZhlH2/bNUw1Xzybdrsw5larGfL9G6YlwMkS02AzQot
aHKNsAEr7glTavTNL4s+hYEbWOXbvm1DumAwCK09ytPEkL4kXHe5feWCRG968lMi
k6MWmJ2OWmKpoQ4e8Zrz5c+nWQaE+Jb74NGLVQ5BNt63Btr+nY6kdI7G2us=
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:38:21 2025 by rpki-client