Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e5f18579-4226-47e9-b74a-e5c188798d56.roa
File: e5f18579-4226-47e9-b74a-e5c188798d56.roa (raw, json)
Hash identifier: nauRxi3ii4ayjehUxSXgxA+B6vq9Pyvvu1uD94jO/JE=
Subject key identifier: 6D:8C:C4:89:B4:B7:91:62:C6:83:B6:68:26:96:2E:2F:3E:7A:85:41
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 0D4F4A87E59FE6289B208E1069F69221B9CBC74C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e5f18579-4226-47e9-b74a-e5c188798d56.roa
Signing time: Sat 01 Nov 2025 00:40:16 +0000
ROA not before: Sat 01 Nov 2025 00:40:16 +0000
ROA not after: Sat 06 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1fff:4000::/39 maxlen: 39
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:4f:4a:87:e5:9f:e6:28:9b:20:8e:10:69:f6:92:21:b9:cb:c7:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 1 00:40:16 2025 GMT
Not After : Dec 6 23:59:59 2025 GMT
Subject: serialNumber=fd56caa0cbc6d2148b79b556b7117509dd024cc9e14f844d827e86ecf547949a, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d8:f5:aa:67:0b:dc:cb:62:ea:03:41:8d:08:
2c:f6:aa:bb:6b:8d:68:f7:61:3c:1f:f3:4c:cc:19:
87:c9:1b:4b:0e:a4:e6:59:84:da:d0:2a:02:fd:4d:
e7:b1:74:42:74:11:d4:21:65:19:b1:61:3f:73:8d:
c5:f4:fd:9b:bf:8a:92:8d:93:57:0f:c0:e8:73:bd:
7e:78:b2:14:86:81:00:a5:32:63:42:2c:1a:1e:01:
b0:77:06:a2:f4:9d:4a:b0:7a:52:51:29:d5:45:68:
4e:dd:07:49:70:f7:a3:35:a3:8e:3d:7e:00:22:d7:
99:e3:a2:82:7a:ce:95:65:5d:26:d7:9e:46:93:53:
b8:ce:d4:13:61:cf:b8:2b:15:f3:d7:a5:2d:5a:b2:
75:7e:f1:74:97:35:53:2b:0b:d3:1c:0a:f1:8e:b6:
86:9f:31:3a:1a:7c:09:1c:c2:45:95:f2:34:87:cd:
bd:49:71:90:ad:a0:e7:c8:61:2a:27:f0:bd:d1:94:
ea:05:9a:53:bb:4d:fa:a2:da:2d:0e:a9:05:9d:c6:
5b:13:8f:a4:25:ed:5a:01:2b:b6:d1:64:a9:6a:00:
61:59:3e:6c:9f:23:9c:b3:13:40:c7:4d:4b:92:04:
df:6a:ba:ac:d5:3b:6e:c0:ac:c8:d7:d7:0e:77:8d:
f4:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:8C:C4:89:B4:B7:91:62:C6:83:B6:68:26:96:2E:2F:3E:7A:85:41
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e5f18579-4226-47e9-b74a-e5c188798d56.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1fff:4000::/39
Signature Algorithm: sha256WithRSAEncryption
1a:3c:de:69:74:0f:bf:7e:31:23:49:11:45:c0:79:97:7a:f2:
de:c5:6e:55:4d:87:b7:6c:43:1d:72:5f:4c:00:02:29:84:1f:
40:9b:af:f0:b0:ee:6d:2f:2b:2c:06:98:37:22:9c:50:e7:42:
33:cf:ee:12:02:e2:02:c7:2a:92:78:b0:e7:34:6d:c5:95:b9:
67:cc:72:61:98:30:6d:19:e8:ce:b4:75:f1:77:8a:c0:a9:e5:
2c:48:ff:1e:e0:c7:0a:35:bd:eb:e5:88:9b:e0:1b:e6:19:91:
15:cc:91:09:1c:8a:9d:f1:e6:29:61:f7:da:47:d3:9f:49:99:
c3:56:91:c9:78:26:f3:c7:40:cd:7b:84:fb:d1:44:32:70:c5:
9e:31:c1:68:45:ad:31:e6:f8:db:be:9c:6b:79:32:96:ed:75:
59:3e:50:6c:af:a9:e2:f3:c0:28:b9:80:85:1d:1b:04:9c:c1:
95:a2:95:16:1c:4d:ae:06:7b:12:e0:5b:42:a9:29:61:8e:b0:
e9:ab:27:27:21:31:3c:af:05:fe:85:8b:4d:9f:88:07:6b:48:
cc:a6:85:b0:d4:34:ab:81:43:cd:8a:89:e3:4f:cd:b7:39:57:
42:5b:4a:05:2f:11:aa:65:a8:77:76:b9:b3:49:d7:b2:28:6c:
c5:cd:e2:1b
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUDU9Kh+Wf5iibII4QafaSIbnLx0wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTAxMDA0MDE2WhcNMjUxMjA2MjM1OTU5
WjB6MUkwRwYDVQQFE0BmZDU2Y2FhMGNiYzZkMjE0OGI3OWI1NTZiNzExNzUwOWRk
MDI0Y2M5ZTE0Zjg0NGQ4MjdlODZlY2Y1NDc5NDlhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCg2PWqZwvcy2LqA0GNCCz2qrtrjWj3YTwf80zMGYfJG0sO
pOZZhNrQKgL9TeexdEJ0EdQhZRmxYT9zjcX0/Zu/ipKNk1cPwOhzvX54shSGgQCl
MmNCLBoeAbB3BqL0nUqwelJRKdVFaE7dB0lw96M1o449fgAi15njooJ6zpVlXSbX
nkaTU7jO1BNhz7grFfPXpS1asnV+8XSXNVMrC9McCvGOtoafMToafAkcwkWV8jSH
zb1JcZCtoOfIYSon8L3RlOoFmlO7Tfqi2i0OqQWdxlsTj6Ql7VoBK7bRZKlqAGFZ
PmyfI5yzE0DHTUuSBN9quqzVO27ArMjX1w53jfRHAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUbYzEibS3kWLGg7ZoJpYuLz56hUEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U1ZjE4NTc5LTQyMjYtNDdlOS1iNzRhLWU1YzE4ODc5OGQ1Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAB//QDANBgkqhkiG9w0BAQsFAAOCAQEAGjzeaXQPv34xI0kRRcB5l3ry
3sVuVU2Ht2xDHXJfTAACKYQfQJuv8LDubS8rLAaYNyKcUOdCM8/uEgLiAscqkniw
5zRtxZW5Z8xyYZgwbRnozrR18XeKwKnlLEj/HuDHCjW96+WIm+Ab5hmRFcyRCRyK
nfHmKWH32kfTn0mZw1aRyXgm88dAzXuE+9FEMnDFnjHBaEWtMeb4276ca3kylu11
WT5QbK+p4vPAKLmAhR0bBJzBlaKVFhxNrgZ7EuBbQqkpYY6w6asnJyExPK8F/oWL
TZ+IB2tIzKaFsNQ0q4FDzYqJ40/NtzlXQltKBS8RqmWod3a5s0nXsihsxc3iGw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 18:01:08 2025 by rpki-client