Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/da2018ac-b866-486c-b428-f94e6186b0db.roa
File: da2018ac-b866-486c-b428-f94e6186b0db.roa (raw, json)
Hash identifier: SBmbUtH4Hdcgu9p3j8Vh+cT+bzIgFWJi74lQvFGrMYw=
Subject key identifier: 5E:7F:ED:15:BA:4E:B5:FE:7E:E4:88:81:25:CC:E8:69:26:BC:66:04
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 7AAEF5D926D4ACF28467E200B0F2A4B06C7ABDB7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/da2018ac-b866-486c-b428-f94e6186b0db.roa
Signing time: Wed 05 Nov 2025 00:10:48 +0000
ROA not before: Wed 05 Nov 2025 00:10:48 +0000
ROA not after: Wed 10 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 207.21.232.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:ae:f5:d9:26:d4:ac:f2:84:67:e2:00:b0:f2:a4:b0:6c:7a:bd:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 5 00:10:48 2025 GMT
Not After : Dec 10 23:59:59 2025 GMT
Subject: serialNumber=d4dedc76e059b1a0cc442d9032f8384fd14a4c913b2e9e49b7193a10b525df5c, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:eb:cb:b3:e9:97:df:b1:a5:d5:42:e0:bd:a6:
5e:ac:a9:5b:65:74:96:12:79:c4:b7:9c:89:30:da:
f4:c2:29:ff:2e:64:db:f4:23:88:3d:0f:0f:ff:59:
b6:50:3b:bc:f4:58:4a:d9:3a:ef:14:b1:20:d9:48:
24:cd:58:f2:97:78:e0:4b:8b:41:4a:a9:8d:5c:db:
3e:f4:cd:c1:fa:2a:f9:6d:d1:89:f0:2e:c6:22:34:
ac:5d:86:09:9d:07:3d:63:2a:f8:e6:ad:49:72:19:
7a:57:16:1b:6a:bb:0f:1a:0b:db:97:d0:b1:da:ef:
0f:55:c9:ad:32:52:b4:90:c4:b1:f4:1b:06:5e:40:
c7:38:c7:a9:d1:ca:6f:59:7d:17:d2:ce:b6:9b:54:
73:6a:41:8d:51:76:7f:a5:6f:3f:01:a5:51:80:32:
13:7a:4b:0b:80:a9:43:4f:9d:a2:bf:48:a9:ba:2d:
35:57:7a:b9:24:6a:b4:1b:c4:98:e3:35:b2:28:6c:
40:3a:61:24:4a:c8:ed:66:4a:9d:39:bb:8f:30:f3:
f5:b7:44:f2:bc:76:d2:8e:97:5e:34:d9:55:35:3e:
fc:05:ab:1b:af:8c:b3:d7:54:51:8b:f9:3a:0a:e2:
8d:06:6d:65:4e:82:1d:51:dd:cf:a3:7d:1f:13:b7:
1e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:7F:ED:15:BA:4E:B5:FE:7E:E4:88:81:25:CC:E8:69:26:BC:66:04
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/da2018ac-b866-486c-b428-f94e6186b0db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
207.21.232.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:4c:aa:dc:69:e5:af:7b:2b:36:20:e6:26:d1:86:bd:49:05:
45:f3:fb:d4:f0:e6:e2:3c:71:ae:6f:d4:00:4b:65:19:92:bc:
f0:32:d7:b5:6f:42:be:a8:4b:22:e9:cb:67:94:7f:ba:e0:81:
1c:44:08:66:4f:52:c8:02:0a:2d:1b:f5:28:ba:ae:6a:c4:b5:
0c:23:c1:b6:f7:50:6c:f8:63:ab:da:c7:78:18:87:09:f2:b9:
5e:03:d1:f1:64:f5:08:bc:2b:3f:42:24:4b:3b:6a:8d:68:fa:
d8:85:81:92:e6:cf:4f:c8:98:a9:8f:d9:0b:fc:45:04:83:ea:
01:23:5a:dc:90:41:02:d5:d8:7f:6c:03:ef:57:8f:ea:f7:f7:
15:2a:d2:66:6b:b2:d8:0f:87:a5:e8:7f:42:88:da:84:5b:7f:
bf:eb:7d:ec:10:68:35:dc:bd:97:7f:be:0c:36:59:26:04:3c:
90:da:f2:d3:f8:df:7c:be:ff:63:c0:9f:02:9c:40:ab:1c:45:
c5:3f:64:f2:4e:74:5e:2e:ad:8a:f8:8f:17:13:8b:97:8a:dc:
b2:f6:15:7d:f3:44:77:f8:21:7f:f8:7a:64:6d:d6:4f:f2:bb:
8f:8d:61:2c:9a:1e:d8:90:e8:bb:47:13:b2:d7:60:41:1c:b7:
68:90:05:52
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUeq712SbUrPKEZ+IAsPKksGx6vbcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTA1MDAxMDQ4WhcNMjUxMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BkNGRlZGM3NmUwNTliMWEwY2M0NDJkOTAzMmY4Mzg0ZmQx
NGE0YzkxM2IyZTllNDliNzE5M2ExMGI1MjVkZjVjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCm68uz6ZffsaXVQuC9pl6sqVtldJYSecS3nIkw2vTCKf8u
ZNv0I4g9Dw//WbZQO7z0WErZOu8UsSDZSCTNWPKXeOBLi0FKqY1c2z70zcH6Kvlt
0YnwLsYiNKxdhgmdBz1jKvjmrUlyGXpXFhtquw8aC9uX0LHa7w9Vya0yUrSQxLH0
GwZeQMc4x6nRym9ZfRfSzrabVHNqQY1Rdn+lbz8BpVGAMhN6SwuAqUNPnaK/SKm6
LTVXerkkarQbxJjjNbIobEA6YSRKyO1mSp05u48w8/W3RPK8dtKOl1402VU1PvwF
qxuvjLPXVFGL+ToK4o0GbWVOgh1R3c+jfR8Ttx65AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUXn/tFbpOtf5+5IiBJczoaSa8ZgQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2RhMjAxOGFjLWI4NjYtNDg2Yy1iNDI4LWY5NGU2MTg2YjBkYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALPFegwDQYJKoZIhvcNAQELBQADggEBAFtMqtxp5a97KzYg5ibRhr1JBUXz
+9Tw5uI8ca5v1ABLZRmSvPAy17VvQr6oSyLpy2eUf7rggRxECGZPUsgCCi0b9Si6
rmrEtQwjwbb3UGz4Y6vax3gYhwnyuV4D0fFk9Qi8Kz9CJEs7ao1o+tiFgZLmz0/I
mKmP2Qv8RQSD6gEjWtyQQQLV2H9sA+9Xj+r39xUq0mZrstgPh6Xof0KI2oRbf7/r
fewQaDXcvZd/vgw2WSYEPJDa8tP433y+/2PAnwKcQKscRcU/ZPJOdF4urYr4jxcT
i5eK3LL2FX3zRHf4IX/4emRt1k/yu4+NYSyaHtiQ6LtHE7LXYEEct2iQBVI=
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:00:45 2025 by rpki-client