Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ee072b22-d511-4e36-bf63-9dea3fed9955.roa
File: ee072b22-d511-4e36-bf63-9dea3fed9955.roa (raw, json)
Hash identifier: 2t6lKOBB3E2HwSqnzAgX5/F2nXOicQPBAO/Kqvdv+LU=
Subject key identifier: 00:DC:F0:C2:5E:DC:25:AF:2C:FC:D7:AB:BA:CF:AE:CE:46:0E:4C:16
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 73C44500D65DE458FE6DF3D02850BDC35D0E7DFF
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ee072b22-d511-4e36-bf63-9dea3fed9955.roa
Signing time: Tue 21 Oct 2025 00:00:07 +0000
ROA not before: Tue 21 Oct 2025 00:00:07 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 56.40.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:c4:45:00:d6:5d:e4:58:fe:6d:f3:d0:28:50:bd:c3:5d:0e:7d:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 21 00:00:07 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=dc3ab874b392e675c126d522a64885e74eed4239de5fcb4e798d5de9274f5eae, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b5:d3:a8:24:1c:03:72:b2:73:56:b2:87:81:
5b:ad:ce:7f:51:c5:b4:bb:2d:a0:0b:e4:b8:c4:68:
26:c8:4b:5e:5a:b7:91:36:c2:db:29:66:cf:a4:0a:
f5:3e:c2:fa:1f:99:9c:ae:13:2c:80:87:50:45:c9:
c3:0d:b9:c9:be:e6:5c:62:b6:66:57:61:cf:90:83:
21:b3:7d:23:b1:53:aa:2e:1f:1f:2b:7e:40:9a:6d:
34:e0:65:ad:cc:95:98:c7:e2:d2:00:e5:b6:21:00:
cc:25:9a:c0:4e:70:f3:e3:3a:db:55:4b:81:0d:14:
5d:4f:17:85:27:2c:de:d7:bc:bc:bb:32:33:ff:f4:
61:88:a0:cb:31:9e:3e:ef:9e:c3:a6:e9:2d:21:16:
c1:7b:c3:6e:db:9a:4a:6c:f1:eb:4b:02:72:e4:20:
fb:79:31:b9:ca:95:e5:8c:bc:d7:27:2f:6c:b1:b7:
6b:0f:e7:f7:d1:6f:6a:a7:64:a2:34:ba:f6:27:9d:
f4:61:33:80:47:ef:9f:35:49:e2:d9:f0:e2:67:55:
a8:62:c6:96:35:a4:34:17:c3:4d:78:26:bb:cb:01:
77:60:76:4e:22:96:a9:1c:d7:ce:2f:74:7c:b2:00:
58:f8:6f:ac:f2:64:4f:7f:f1:66:a3:60:8a:f5:c0:
b0:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:DC:F0:C2:5E:DC:25:AF:2C:FC:D7:AB:BA:CF:AE:CE:46:0E:4C:16
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ee072b22-d511-4e36-bf63-9dea3fed9955.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
56.40.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d8:0b:ab:80:85:3b:6c:51:8e:33:31:c8:bd:cb:58:85:70:79:
c9:08:c3:3f:12:f1:60:52:16:bf:7e:36:35:9a:09:10:58:d7:
e8:b3:ad:ca:30:f9:63:b2:29:18:e8:3a:54:55:08:ed:95:51:
9d:d7:07:df:87:8a:b6:a4:30:f7:44:6b:56:54:84:df:e3:eb:
5d:d3:dd:e5:7c:cb:04:72:5b:f4:90:45:3b:48:01:96:e6:74:
d4:fe:ae:2f:a9:45:e5:76:a5:17:c2:60:62:59:88:c0:7a:6b:
c7:69:98:dd:15:cd:18:60:b4:f7:3b:88:17:13:9e:97:e4:81:
d4:d4:48:f3:d7:ec:25:cb:45:8e:b0:eb:00:05:69:c7:0e:e4:
4d:fa:8e:76:ac:e5:fb:03:b5:75:45:05:ab:69:b0:5c:f8:08:
82:bd:75:40:97:36:0a:03:45:e0:2e:2d:d9:45:23:38:ed:cb:
e2:f8:d8:07:dd:59:36:55:ce:9a:62:2d:e2:7b:2b:e8:a3:ea:
e9:88:7d:89:ed:6d:b9:ec:48:ce:b3:9d:83:2a:95:50:e9:74:
4c:05:a4:61:4e:21:09:ba:be:e0:86:6f:39:65:e9:a6:a6:78:
d6:21:f8:8b:46:ae:c4:53:3e:84:f7:4e:47:0c:4e:9d:a0:e7:
f6:35:80:2d
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUc8RFANZd5Fj+bfPQKFC9w10Off8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIxMDAwMDA3WhcNMjUxMTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BkYzNhYjg3NGIzOTJlNjc1YzEyNmQ1MjJhNjQ4ODVlNzRl
ZWQ0MjM5ZGU1ZmNiNGU3OThkNWRlOTI3NGY1ZWFlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDItdOoJBwDcrJzVrKHgVutzn9RxbS7LaAL5LjEaCbIS15a
t5E2wtspZs+kCvU+wvofmZyuEyyAh1BFycMNucm+5lxitmZXYc+QgyGzfSOxU6ou
Hx8rfkCabTTgZa3MlZjH4tIA5bYhAMwlmsBOcPPjOttVS4ENFF1PF4UnLN7XvLy7
MjP/9GGIoMsxnj7vnsOm6S0hFsF7w27bmkps8etLAnLkIPt5MbnKleWMvNcnL2yx
t2sP5/fRb2qnZKI0uvYnnfRhM4BH7581SeLZ8OJnVahixpY1pDQXw014JrvLAXdg
dk4ilqkc184vdHyyAFj4b6zyZE9/8WajYIr1wLBjAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUANzwwl7cJa8s/Nerus+uzkYOTBYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VlMDcyYjIyLWQ1MTEtNGUzNi1iZjYzLTlkZWEzZmVkOTk1NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4KDANBgkqhkiG9w0BAQsFAAOCAQEA2AurgIU7bFGOMzHIvctYhXB5yQjD
PxLxYFIWv342NZoJEFjX6LOtyjD5Y7IpGOg6VFUI7ZVRndcH34eKtqQw90RrVlSE
3+PrXdPd5XzLBHJb9JBFO0gBluZ01P6uL6lF5XalF8JgYlmIwHprx2mY3RXNGGC0
9zuIFxOel+SB1NRI89fsJctFjrDrAAVpxw7kTfqOdqzl+wO1dUUFq2mwXPgIgr11
QJc2CgNF4C4t2UUjOO3L4vjYB91ZNlXOmmIt4nsr6KPq6Yh9ie1tuexIzrOdgyqV
UOl0TAWkYU4hCbq+4IZvOWXppqZ41iH4i0auxFM+hPdORwxOnaDn9jWALQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:00:43 2025 by rpki-client