Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/de786573-03e7-445f-8a36-996068092263.roa
File: de786573-03e7-445f-8a36-996068092263.roa (raw, json)
Hash identifier: j9Wmg9LOG2B3yMXK4Hl+mCY5WW9S60lIH9udeCbJHl4=
Subject key identifier: C2:8A:6A:4B:80:91:C6:D6:60:06:E3:3F:77:DC:D1:50:21:7D:14:F1
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4D41CB45CFA415D920B76EE4E63C128F00A678F5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/de786573-03e7-445f-8a36-996068092263.roa
Signing time: Wed 05 Nov 2025 00:30:14 +0000
ROA not before: Wed 05 Nov 2025 00:30:14 +0000
ROA not after: Wed 10 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 69.0.192.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:41:cb:45:cf:a4:15:d9:20:b7:6e:e4:e6:3c:12:8f:00:a6:78:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 5 00:30:14 2025 GMT
Not After : Dec 10 23:59:59 2025 GMT
Subject: serialNumber=876e1a4f296ffdca731db0d6316fb2c500f5c14d8c400cdc6728ac7d4afe301d, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:34:53:a0:0b:ab:67:25:66:ee:3a:40:47:38:
d1:1c:fe:28:90:b7:7b:c6:98:12:25:a2:82:79:a0:
b5:35:2d:35:42:48:1e:90:76:2e:ab:df:12:cb:83:
56:b6:c5:c1:50:f6:e3:4b:80:67:81:37:a7:01:13:
eb:7d:61:76:ac:7a:48:d3:84:07:cb:2d:d8:51:30:
f0:87:0d:ff:6a:e7:64:7d:40:5b:4b:31:fb:69:dc:
47:31:b7:64:76:3d:4f:42:0b:8d:f4:43:73:86:4b:
aa:57:0a:27:b6:f0:04:3b:fb:fb:c9:6b:1b:da:d9:
88:54:da:45:ce:d0:b5:c9:3a:3b:8d:99:e6:e4:11:
cc:27:8e:6b:26:e2:31:05:3e:ca:b9:e9:84:ee:ce:
2c:ce:75:a8:0e:21:9b:79:d1:59:f1:90:8f:4f:7d:
68:f1:4a:73:38:b1:0d:b5:1f:c0:30:83:31:df:2e:
d3:c0:c6:fd:1f:1b:db:f6:17:9f:14:59:5d:0d:e1:
00:67:e0:52:7a:7a:d0:28:10:67:d6:b2:56:66:40:
93:b7:cd:79:f9:09:76:b3:72:ba:d6:90:33:4c:72:
b8:7a:25:e3:22:71:d0:9b:34:36:84:65:dc:8c:37:
0d:e3:00:a4:1c:45:37:a8:50:ef:b0:37:44:cc:c8:
7f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:8A:6A:4B:80:91:C6:D6:60:06:E3:3F:77:DC:D1:50:21:7D:14:F1
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/de786573-03e7-445f-8a36-996068092263.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
69.0.192.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:e9:44:57:d4:94:7d:97:0e:71:c4:2b:52:56:b1:8c:8a:55:
69:f0:1a:3d:42:1f:7b:a4:9e:03:e1:81:40:75:52:0f:fd:bc:
5a:e7:da:a0:68:70:dd:2c:fb:81:63:23:04:59:ba:66:4a:91:
b1:e6:4f:9c:02:7e:e7:50:79:c8:b6:f2:11:c6:ca:d0:ab:a9:
4d:59:85:04:12:05:d1:b2:d8:21:06:28:3a:d6:5a:48:12:ab:
f0:b9:72:63:8c:5f:a0:51:1a:6d:59:39:d7:db:bf:8f:db:0b:
78:5b:99:7d:64:f2:15:91:6a:32:7c:ae:e9:da:80:ff:5d:e1:
35:58:5e:cd:da:31:bc:7f:18:85:9e:3a:9c:be:75:18:21:3b:
81:4d:3b:06:2b:b8:fc:68:b1:7a:ec:20:99:2c:6e:0c:21:d1:
06:5b:4f:fe:b5:7e:a2:76:8c:db:08:cb:88:e2:cc:09:7b:5d:
0f:ba:9c:a8:85:27:68:24:77:21:6c:5f:7a:58:ae:20:39:a2:
c2:2b:36:0d:05:e8:50:6e:06:d9:3b:fb:33:65:af:85:18:85:
a0:a4:37:b1:c0:a5:21:91:72:e6:76:bb:64:05:57:6c:d2:7c:
08:43:81:6d:c2:3e:14:21:3a:46:3e:38:57:dc:53:73:3b:a4:
b4:6a:79:9b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTUHLRc+kFdkgt27k5jwSjwCmePUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTA1MDAzMDE0WhcNMjUxMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A4NzZlMWE0ZjI5NmZmZGNhNzMxZGIwZDYzMTZmYjJjNTAw
ZjVjMTRkOGM0MDBjZGM2NzI4YWM3ZDRhZmUzMDFkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDCNFOgC6tnJWbuOkBHONEc/iiQt3vGmBIlooJ5oLU1LTVC
SB6Qdi6r3xLLg1a2xcFQ9uNLgGeBN6cBE+t9YXasekjThAfLLdhRMPCHDf9q52R9
QFtLMftp3Ecxt2R2PU9CC430Q3OGS6pXCie28AQ7+/vJaxva2YhU2kXO0LXJOjuN
mebkEcwnjmsm4jEFPsq56YTuzizOdagOIZt50VnxkI9PfWjxSnM4sQ21H8AwgzHf
LtPAxv0fG9v2F58UWV0N4QBn4FJ6etAoEGfWslZmQJO3zXn5CXazcrrWkDNMcrh6
JeMicdCbNDaEZdyMNw3jAKQcRTeoUO+wN0TMyH+ZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUwopqS4CRxtZgBuM/d9zRUCF9FPEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2RlNzg2NTczLTAzZTctNDQ1Zi04YTM2LTk5NjA2ODA5MjI2My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFFAMAwDQYJKoZIhvcNAQELBQADggEBAA7pRFfUlH2XDnHEK1JWsYyKVWnw
Gj1CH3ukngPhgUB1Ug/9vFrn2qBocN0s+4FjIwRZumZKkbHmT5wCfudQeci28hHG
ytCrqU1ZhQQSBdGy2CEGKDrWWkgSq/C5cmOMX6BRGm1ZOdfbv4/bC3hbmX1k8hWR
ajJ8runagP9d4TVYXs3aMbx/GIWeOpy+dRghO4FNOwYruPxosXrsIJksbgwh0QZb
T/61fqJ2jNsIy4jizAl7XQ+6nKiFJ2gkdyFsX3pYriA5osIrNg0F6FBuBtk7+zNl
r4UYhaCkN7HApSGRcuZ2u2QFV2zSfAhDgW3CPhQhOkY+OFfcU3M7pLRqeZs=
-----END CERTIFICATE-----
Generated at Wed Nov 5 11:47:29 2025 by rpki-client