Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d5a67cf4-10e5-4819-91b3-5293d070d97e.roa
File: d5a67cf4-10e5-4819-91b3-5293d070d97e.roa (raw, json)
Hash identifier: cdGISmWAklOeQrMIytqNjcvx8IPkx1gFcT9u25cH3U8=
Subject key identifier: DB:4A:7C:72:69:0F:CB:99:14:17:2E:AF:C7:50:81:8A:92:66:88:0F
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 0320E83B5F7EAFEAF39811649C2E0D945BF7262F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d5a67cf4-10e5-4819-91b3-5293d070d97e.roa
Signing time: Wed 22 Oct 2025 00:31:00 +0000
ROA not before: Wed 22 Oct 2025 00:31:00 +0000
ROA not after: Wed 26 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 35.54.128.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:20:e8:3b:5f:7e:af:ea:f3:98:11:64:9c:2e:0d:94:5b:f7:26:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 22 00:31:00 2025 GMT
Not After : Nov 26 23:59:59 2025 GMT
Subject: serialNumber=7c396f1796de86198ccdafbe742cbc56ad2e3a3ef6203274343422ba147bb5c3, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d3:4e:ba:5f:76:6f:aa:e5:02:37:5a:44:2d:
bd:e0:e2:a1:6e:4a:77:63:20:cb:94:e6:66:39:2e:
99:5a:8b:96:e8:8c:09:76:c2:83:ea:5b:1a:db:ff:
da:df:28:06:a1:ed:c9:10:8b:b4:30:d1:ee:e8:ea:
e9:40:d4:89:f4:99:79:20:11:ca:b3:83:fe:a0:f9:
36:99:d8:ee:ce:4b:55:60:15:65:ff:23:5c:b5:d5:
88:a7:79:8d:46:b0:99:08:a0:59:92:8b:ef:99:f0:
10:f4:a6:20:ee:80:de:11:dd:5a:93:3c:bb:fe:4e:
b5:5f:70:f1:95:27:cd:a5:66:32:f0:12:06:d4:51:
dc:e3:65:7f:bb:bd:38:1d:20:cd:ba:4a:b7:2a:b8:
db:70:bd:64:05:cb:60:d7:6a:05:d6:ec:68:a8:23:
16:d4:b0:71:c0:f4:8e:43:f4:a6:f4:d5:76:77:a3:
21:4c:ed:26:1a:ea:5f:2f:0a:ff:9d:fc:1f:03:ee:
e7:36:78:32:c1:f3:7d:81:e9:c5:62:34:7c:24:68:
49:d7:09:66:b7:7b:31:42:99:8c:da:ce:05:66:e9:
95:e7:0e:5c:37:b3:75:a0:e1:22:0f:1e:90:c7:20:
41:a8:88:52:b9:7a:c3:25:7c:b8:d5:42:0a:1b:09:
59:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:4A:7C:72:69:0F:CB:99:14:17:2E:AF:C7:50:81:8A:92:66:88:0F
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d5a67cf4-10e5-4819-91b3-5293d070d97e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
35.54.128.0/17
Signature Algorithm: sha256WithRSAEncryption
d3:b9:ce:5e:fa:46:16:7a:4e:e2:0a:bf:f9:77:1d:43:93:7d:
b1:63:94:9c:a3:84:d4:60:c4:b0:57:b5:04:87:19:d0:ae:85:
23:af:84:0c:99:fb:2d:e4:86:dd:2e:ec:74:4e:06:29:27:f5:
e2:1f:28:29:4d:d7:29:c1:a7:e6:fe:56:01:83:28:7e:d4:53:
ce:79:31:3f:b8:27:32:bc:e9:bc:52:7a:d4:2e:b1:79:71:dd:
c6:4a:74:ec:72:21:64:32:99:4e:38:27:b2:26:03:4a:01:a0:
41:4b:cd:68:6b:24:1f:7f:5e:3c:c9:63:af:af:0f:8b:29:26:
52:fb:42:e5:a5:3c:c9:4d:2d:80:9a:e2:5b:07:89:a4:48:01:
27:94:66:0d:de:8c:8e:03:c4:28:7e:d6:a3:d5:e0:ba:9b:94:
0e:e1:7c:ec:e7:5f:4e:f0:b3:16:4e:f0:ba:7b:e1:08:5a:05:
9c:d0:bb:7d:98:9e:3c:63:d4:de:5a:c3:c3:52:a4:16:cf:c9:
c3:fc:be:58:86:24:a2:b0:55:2c:1f:64:c1:d1:af:0c:63:30:
17:58:9c:99:bd:6c:47:f5:0a:e8:10:cd:5c:a7:27:15:f0:9c:
87:78:70:d3:59:b2:3d:0d:09:89:9f:93:7c:ee:8f:c5:c0:7d:
6c:08:9c:51
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAyDoO19+r+rzmBFknC4NlFv3Ji8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIyMDAzMTAwWhcNMjUxMTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0A3YzM5NmYxNzk2ZGU4NjE5OGNjZGFmYmU3NDJjYmM1NmFk
MmUzYTNlZjYyMDMyNzQzNDM0MjJiYTE0N2JiNWMzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCo0066X3ZvquUCN1pELb3g4qFuSndjIMuU5mY5Lplai5bo
jAl2woPqWxrb/9rfKAah7ckQi7Qw0e7o6ulA1In0mXkgEcqzg/6g+TaZ2O7OS1Vg
FWX/I1y11YineY1GsJkIoFmSi++Z8BD0piDugN4R3VqTPLv+TrVfcPGVJ82lZjLw
EgbUUdzjZX+7vTgdIM26SrcquNtwvWQFy2DXagXW7GioIxbUsHHA9I5D9Kb01XZ3
oyFM7SYa6l8vCv+d/B8D7uc2eDLB832B6cViNHwkaEnXCWa3ezFCmYzazgVm6ZXn
Dlw3s3Wg4SIPHpDHIEGoiFK5esMlfLjVQgobCVl5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU20p8cmkPy5kUFy6vx1CBipJmiA8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q1YTY3Y2Y0LTEwZTUtNDgxOS05MWIzLTUyOTNkMDcwZDk3ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAcjNoAwDQYJKoZIhvcNAQELBQADggEBANO5zl76RhZ6TuIKv/l3HUOTfbFj
lJyjhNRgxLBXtQSHGdCuhSOvhAyZ+y3kht0u7HROBikn9eIfKClN1ynBp+b+VgGD
KH7UU855MT+4JzK86bxSetQusXlx3cZKdOxyIWQymU44J7ImA0oBoEFLzWhrJB9/
XjzJY6+vD4spJlL7QuWlPMlNLYCa4lsHiaRIASeUZg3ejI4DxCh+1qPV4LqblA7h
fOznX07wsxZO8Lp74QhaBZzQu32Ynjxj1N5aw8NSpBbPycP8vliGJKKwVSwfZMHR
rwxjMBdYnJm9bEf1CugQzVynJxXwnId4cNNZsj0NCYmfk3zuj8XAfWwInFE=
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:43:55 2025 by rpki-client