Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/de392b28-93ff-4f43-b542-a0fdae0876f8.roa
File: de392b28-93ff-4f43-b542-a0fdae0876f8.roa (raw, json)
Hash identifier: YofH2r/RtorAW0+iE1NTwiDYHEteTHlcxseroWAPXdk=
Subject key identifier: 0A:43:74:BB:AC:26:DE:3E:A9:9B:DA:4B:72:E2:E3:F8:F4:EC:A2:59
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 729B97CB474B4FC0B9D00C63A59C2883F79170CF
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/de392b28-93ff-4f43-b542-a0fdae0876f8.roa
Signing time: Fri 31 Oct 2025 21:36:48 +0000
ROA not before: Fri 31 Oct 2025 21:36:48 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 99.83.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:9b:97:cb:47:4b:4f:c0:b9:d0:0c:63:a5:9c:28:83:f7:91:70:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 31 21:36:48 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=05bcdff554b8dd2dcdff2af2d73dc51f07209f4155a67727072a69050fac6a34, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:35:76:f2:fb:0d:8b:76:34:7d:a7:eb:bc:f9:
a5:ff:94:bd:11:5e:21:4d:82:e9:2f:f8:7d:fb:4a:
08:32:ae:40:d3:96:c2:3f:88:b6:74:bc:7f:fb:56:
5b:a6:cd:4a:1c:0d:b4:fa:81:42:cd:25:bf:ba:45:
59:31:49:7f:c7:45:39:fb:3b:e1:80:c8:de:db:db:
b7:b9:60:35:ea:47:75:b0:36:b4:4f:69:7d:84:f3:
8c:3c:85:33:64:30:b5:b2:67:39:3d:ce:30:8d:02:
08:74:7c:f8:07:77:75:6f:9d:72:e2:01:13:54:de:
1a:d5:9e:13:a6:e8:27:88:3c:b9:9e:07:86:c2:43:
76:89:c6:d8:39:8d:c7:2e:1d:53:2a:cf:7f:8f:76:
38:af:54:28:5d:cc:7e:49:61:2b:80:d2:a6:f8:7f:
1b:a2:92:80:69:c8:cf:6e:b6:9f:c1:05:b8:59:dc:
04:9d:55:48:68:59:5e:32:6a:88:30:54:5b:e5:79:
32:8b:bd:1e:7a:94:4e:19:aa:c6:51:fc:a9:1d:88:
d2:ee:4a:76:8c:e5:58:7c:76:63:2a:02:e8:7e:91:
5d:27:8f:e5:41:7d:20:1a:13:58:07:7c:7a:3b:a8:
5b:79:e5:8a:c6:46:01:11:68:aa:52:2e:3e:ec:ca:
b4:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:43:74:BB:AC:26:DE:3E:A9:9B:DA:4B:72:E2:E3:F8:F4:EC:A2:59
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/de392b28-93ff-4f43-b542-a0fdae0876f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
99.83.254.0/24
Signature Algorithm: sha256WithRSAEncryption
62:cf:af:f5:b2:46:8d:fb:c0:3f:e3:73:fc:8d:86:fb:f3:18:
c8:a4:19:34:00:98:fa:a2:25:d9:21:35:9e:f9:4b:7b:31:e5:
17:d2:76:b4:ab:88:e7:f3:96:95:22:1d:c6:0d:0e:9a:55:78:
5f:dc:8d:d5:6f:43:03:9a:4d:40:5d:f5:af:39:4c:8e:b1:d7:
b9:89:98:c9:cd:ed:b6:f3:90:a3:5d:32:af:99:b0:d6:da:fb:
e5:cc:1d:a5:66:25:a3:a5:9f:ac:54:07:ac:67:55:42:76:2c:
f5:2c:ea:17:97:91:eb:06:2d:30:0b:43:a2:4f:8a:3c:06:d8:
04:b6:bd:21:d8:f2:1f:13:17:b7:c9:bb:e9:6a:b3:46:07:63:
8d:cd:ff:d5:78:36:64:9d:fd:3e:0f:cc:2b:85:77:9f:ae:22:
b2:ff:66:f8:0d:a7:d9:d8:91:44:bb:be:fe:cf:6a:40:3b:52:
a5:7f:a9:5c:91:c5:d2:b6:b2:80:d4:da:23:80:44:d5:aa:7c:
3d:68:17:27:25:f3:c7:38:5a:7a:fb:72:f3:1b:e5:d3:0f:f9:
d2:b1:c0:7d:75:2c:6f:83:44:7e:6f:63:cd:25:68:07:9a:ef:
79:36:a1:c1:d7:0f:26:40:1d:72:e1:8d:0c:0d:74:d4:4f:b0:
6b:3f:3f:30
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcpuXy0dLT8C50AxjpZwog/eRcM8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDMxMjEzNjQ4WhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNWJjZGZmNTU0YjhkZDJkY2RmZjJhZjJkNzNkYzUxZjA3
MjA5ZjQxNTVhNjc3MjcwNzJhNjkwNTBmYWM2YTM0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0NXby+w2LdjR9p+u8+aX/lL0RXiFNgukv+H37SggyrkDT
lsI/iLZ0vH/7VlumzUocDbT6gULNJb+6RVkxSX/HRTn7O+GAyN7b27e5YDXqR3Ww
NrRPaX2E84w8hTNkMLWyZzk9zjCNAgh0fPgHd3VvnXLiARNU3hrVnhOm6CeIPLme
B4bCQ3aJxtg5jccuHVMqz3+PdjivVChdzH5JYSuA0qb4fxuikoBpyM9utp/BBbhZ
3ASdVUhoWV4yaogwVFvleTKLvR56lE4ZqsZR/KkdiNLuSnaM5Vh8dmMqAuh+kV0n
j+VBfSAaE1gHfHo7qFt55YrGRgERaKpSLj7syrRNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUCkN0u6wm3j6pm9pLcuLj+PTsolkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2RlMzkyYjI4LTkzZmYtNGY0My1iNTQyLWEwZmRhZTA4NzZmOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjU/4wDQYJKoZIhvcNAQELBQADggEBAGLPr/WyRo37wD/jc/yNhvvzGMik
GTQAmPqiJdkhNZ75S3sx5RfSdrSriOfzlpUiHcYNDppVeF/cjdVvQwOaTUBd9a85
TI6x17mJmMnN7bbzkKNdMq+ZsNba++XMHaVmJaOln6xUB6xnVUJ2LPUs6heXkesG
LTALQ6JPijwG2AS2vSHY8h8TF7fJu+lqs0YHY43N/9V4NmSd/T4PzCuFd5+uIrL/
ZvgNp9nYkUS7vv7PakA7UqV/qVyRxdK2soDU2iOARNWqfD1oFycl88c4Wnr7cvMb
5dMP+dKxwH11LG+DRH5vY80laAea73k2ocHXDyZAHXLhjQwNdNRPsGs/PzA=
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:38:40 2025 by rpki-client