Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e968971f-95ed-4299-906a-f72c00ea6e69.roa
File: e968971f-95ed-4299-906a-f72c00ea6e69.roa (raw, json)
Hash identifier: 33KkeYxFlDE2EySBczfgxYQMr3qkV72QfliRC2MtANE=
Subject key identifier: 68:D5:F2:C6:41:3C:E5:09:93:80:15:42:6D:CD:2A:D4:81:D8:46:87
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 1EF7A5528460E92A544438EA78B5A68F7F35B5BF
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e968971f-95ed-4299-906a-f72c00ea6e69.roa
Signing time: Wed 22 Oct 2025 00:40:03 +0000
ROA not before: Wed 22 Oct 2025 00:40:03 +0000
ROA not after: Wed 26 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 161.228.64.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:f7:a5:52:84:60:e9:2a:54:44:38:ea:78:b5:a6:8f:7f:35:b5:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 22 00:40:03 2025 GMT
Not After : Nov 26 23:59:59 2025 GMT
Subject: serialNumber=6cbfff9b362a6467afc7157bbaf5847ceac75341542f03f62938ae6766e0699d, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:ec:ff:78:e6:85:1d:63:6e:79:d8:b9:92:7d:
ba:da:0a:a0:38:b2:66:bc:e8:48:80:5f:e1:8b:17:
88:a5:52:75:c1:27:d5:bb:d6:f7:71:42:f4:43:95:
83:4e:41:1d:d7:83:71:5e:85:1c:8a:d3:ff:f1:4b:
4b:a3:4e:26:32:c3:26:b7:43:09:13:e6:dd:dd:02:
6d:5a:84:5b:8c:7f:3d:e0:da:d2:b4:bc:e7:c8:4c:
16:d5:0b:27:ab:23:47:c8:f6:31:8a:c2:be:36:1d:
7d:09:bc:23:d5:98:99:db:85:41:c8:9d:89:d2:96:
cb:d1:a9:87:34:99:c3:63:9a:af:0c:e3:29:c6:89:
19:2b:a2:f1:b8:76:7f:7a:ab:c1:27:3c:68:38:89:
2d:fc:b8:ba:5f:36:bb:82:e9:39:a7:1b:0c:cb:e7:
43:9d:c3:cd:40:53:dc:17:3d:06:43:6e:32:05:cf:
31:a8:45:3d:f9:c4:81:0b:83:5a:0f:a3:04:fd:35:
66:8c:79:95:57:24:68:50:f9:56:69:a8:22:81:80:
4e:04:c7:73:b0:3d:32:e6:72:41:8a:0e:77:a5:b5:
2f:0a:b1:fa:fa:37:81:32:dd:42:83:01:f3:e3:68:
1e:f5:ad:0a:6c:94:a0:6f:0f:0e:7c:62:61:1d:79:
76:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:D5:F2:C6:41:3C:E5:09:93:80:15:42:6D:CD:2A:D4:81:D8:46:87
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e968971f-95ed-4299-906a-f72c00ea6e69.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
161.228.64.0/18
Signature Algorithm: sha256WithRSAEncryption
79:0b:c5:e7:5f:ef:c5:aa:54:5a:f4:85:7a:09:e2:83:68:b4:
a2:2a:40:91:1e:ce:f9:3b:8b:d5:63:af:52:18:15:ae:19:b7:
ee:15:7d:92:4b:2d:b6:d2:d4:1d:e2:6b:66:f1:eb:0f:74:93:
7e:bc:1e:5e:f7:7b:5d:ad:06:ca:df:5a:0e:d5:de:35:97:37:
e4:38:b9:25:d0:c8:98:3b:d4:05:c9:b7:c8:65:2a:d0:16:66:
b0:bc:52:6e:92:4d:6f:ed:41:32:90:25:a5:bf:19:2d:5e:17:
c6:98:62:ee:21:46:f4:66:fa:91:5b:ac:b2:1a:2d:f9:e5:c3:
af:8f:a6:e8:51:60:ef:8f:a9:6d:58:8d:f0:57:3e:be:a5:f0:
b1:5c:b9:05:d3:33:68:81:07:65:04:2f:38:6e:78:4e:94:7b:
c2:b7:aa:24:a9:9b:cb:11:14:68:6b:62:d2:3e:cc:d0:4f:07:
c5:9d:37:e7:68:c7:85:a5:69:dc:62:80:f7:56:52:88:a7:91:
56:1d:80:e0:3d:d7:3c:37:e8:06:87:0d:8c:29:20:00:ee:1a:
57:83:4a:98:c9:63:1e:1a:3d:68:30:c9:10:a0:9a:68:65:ad:
58:d1:31:ae:15:4e:45:11:08:bc:57:65:1c:5f:29:75:f1:e7:
b7:a7:35:46
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUHvelUoRg6SpURDjqeLWmj381tb8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIyMDA0MDAzWhcNMjUxMTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0A2Y2JmZmY5YjM2MmE2NDY3YWZjNzE1N2JiYWY1ODQ3Y2Vh
Yzc1MzQxNTQyZjAzZjYyOTM4YWU2NzY2ZTA2OTlkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDh7P945oUdY2552LmSfbraCqA4sma86EiAX+GLF4ilUnXB
J9W71vdxQvRDlYNOQR3Xg3FehRyK0//xS0ujTiYywya3QwkT5t3dAm1ahFuMfz3g
2tK0vOfITBbVCyerI0fI9jGKwr42HX0JvCPVmJnbhUHInYnSlsvRqYc0mcNjmq8M
4ynGiRkrovG4dn96q8EnPGg4iS38uLpfNruC6TmnGwzL50Odw81AU9wXPQZDbjIF
zzGoRT35xIELg1oPowT9NWaMeZVXJGhQ+VZpqCKBgE4Ex3OwPTLmckGKDneltS8K
sfr6N4Ey3UKDAfPjaB71rQpslKBvDw58YmEdeXZnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUaNXyxkE85QmTgBVCbc0q1IHYRocwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U5Njg5NzFmLTk1ZWQtNDI5OS05MDZhLWY3MmMwMGVhNmU2OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAah5EAwDQYJKoZIhvcNAQELBQADggEBAHkLxedf78WqVFr0hXoJ4oNotKIq
QJEezvk7i9Vjr1IYFa4Zt+4VfZJLLbbS1B3ia2bx6w90k368Hl73e12tBsrfWg7V
3jWXN+Q4uSXQyJg71AXJt8hlKtAWZrC8Um6STW/tQTKQJaW/GS1eF8aYYu4hRvRm
+pFbrLIaLfnlw6+PpuhRYO+PqW1YjfBXPr6l8LFcuQXTM2iBB2UELzhueE6Ue8K3
qiSpm8sRFGhrYtI+zNBPB8WdN+dox4WladxigPdWUoinkVYdgOA91zw36AaHDYwp
IADuGleDSpjJYx4aPWgwyRCgmmhlrVjRMa4VTkURCLxXZRxfKXXx57enNUY=
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:45:15 2025 by rpki-client