Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f2c1564a-03d7-493a-959b-6e79233e689b.roa
File: f2c1564a-03d7-493a-959b-6e79233e689b.roa (raw, json)
Hash identifier: g6NdORurAQOXOst7UpVDBCaBjtWchqznfQqUdoWL7BU=
Subject key identifier: 11:70:EF:57:D0:B6:4D:C7:B7:03:0B:52:ED:98:ED:70:91:DF:C1:54
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 6FA691CD61EFF7DDEA06ACA78BF1F5146277DAD3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f2c1564a-03d7-493a-959b-6e79233e689b.roa
Signing time: Sun 02 Nov 2025 00:20:45 +0000
ROA not before: Sun 02 Nov 2025 00:20:45 +0000
ROA not after: Sun 07 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 99.150.72.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:a6:91:cd:61:ef:f7:dd:ea:06:ac:a7:8b:f1:f5:14:62:77:da:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 2 00:20:45 2025 GMT
Not After : Dec 7 23:59:59 2025 GMT
Subject: serialNumber=51144f6b16cd6814c2f061d161ce49df1f72442ab37bb00f7884e6c5f82a4569, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:22:1a:c6:c0:00:2d:6c:68:ec:dc:8c:f9:4c:
d3:8b:ff:df:4a:ff:5f:7a:6b:8f:a3:70:cf:2a:b9:
9f:63:59:21:85:ed:52:95:ad:bc:09:bc:f0:ec:0f:
3b:f3:1c:09:97:b4:02:64:e2:e7:ec:49:18:67:95:
96:a0:5f:b4:0e:f4:94:e4:16:e4:54:9e:46:2c:d2:
5c:fe:8b:df:c9:b9:83:7a:92:03:7f:b5:6d:c6:aa:
ca:41:6d:9a:b0:9b:5c:b4:2f:7c:08:85:9f:9a:8a:
1d:40:6b:66:4e:b5:94:c1:62:c2:97:ec:2e:dd:46:
78:c3:67:23:19:62:99:b1:c6:4b:d7:c5:af:e3:d7:
cf:65:50:f5:8e:68:12:c6:11:c2:7a:c0:19:dc:e3:
e6:4c:0b:43:ef:35:0a:4e:cc:0d:ee:b7:9b:b0:35:
a9:47:ae:ad:3a:36:2d:40:31:85:e3:3c:6c:ea:9c:
2d:a6:29:6a:68:a4:00:5e:d0:de:ea:32:86:71:95:
66:48:7c:3d:7b:97:3c:6c:0f:3b:c2:11:30:e9:2b:
8c:4d:cf:64:9f:d6:c7:4a:a4:0c:0d:2e:ea:c2:27:
08:3d:7e:52:14:ea:60:4f:76:0e:58:f1:b4:32:97:
e2:0d:39:51:d0:d4:2a:5d:9d:19:85:68:d8:dc:6b:
ff:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:70:EF:57:D0:B6:4D:C7:B7:03:0B:52:ED:98:ED:70:91:DF:C1:54
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f2c1564a-03d7-493a-959b-6e79233e689b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
99.150.72.0/21
Signature Algorithm: sha256WithRSAEncryption
ca:f4:95:b5:1f:6b:c5:17:5b:a6:8e:8d:0b:50:fc:10:fc:13:
04:6e:0a:73:54:3f:ba:57:49:10:cd:cb:fc:c5:1d:a9:59:8f:
8c:01:59:ef:78:c2:53:b7:cf:c4:8b:85:4e:d7:58:ac:0f:5d:
a5:d9:4f:38:f5:23:47:65:9a:88:74:4e:64:c8:35:ae:51:d4:
b9:89:bd:17:37:56:1e:91:67:10:22:87:ec:de:07:2e:ea:6a:
a6:c1:18:a6:5e:f1:e5:75:f5:8d:bd:18:4c:27:86:ba:80:fe:
9c:aa:f6:5f:17:7c:71:a8:fd:c2:aa:22:c1:0a:ea:9c:38:a0:
79:47:10:cd:db:6f:75:4d:1c:e5:60:05:21:34:ba:20:19:b3:
63:b5:5b:5e:5a:dc:74:9c:4d:0b:67:df:12:ba:8f:04:35:29:
c5:5f:fe:28:b2:71:21:f4:ba:de:73:0c:b1:bb:d5:cc:a0:79:
ed:40:c5:75:23:9a:10:77:37:a6:d6:b0:bc:28:73:54:31:54:
95:8d:b3:00:16:82:3e:b0:4b:e6:b7:1d:ac:f3:b4:2e:99:1b:
00:2a:d3:b9:cd:dc:14:bf:4a:97:3c:3a:5c:56:25:6b:17:8b:
20:c6:15:8d:0b:0d:f4:32:3e:2e:64:4d:e1:b7:b2:c2:2b:41:
22:af:34:de
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUb6aRzWHv993qBqyni/H1FGJ32tMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTAyMDAyMDQ1WhcNMjUxMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A1MTE0NGY2YjE2Y2Q2ODE0YzJmMDYxZDE2MWNlNDlkZjFm
NzI0NDJhYjM3YmIwMGY3ODg0ZTZjNWY4MmE0NTY5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCiIhrGwAAtbGjs3Iz5TNOL/99K/196a4+jcM8quZ9jWSGF
7VKVrbwJvPDsDzvzHAmXtAJk4ufsSRhnlZagX7QO9JTkFuRUnkYs0lz+i9/JuYN6
kgN/tW3GqspBbZqwm1y0L3wIhZ+aih1Aa2ZOtZTBYsKX7C7dRnjDZyMZYpmxxkvX
xa/j189lUPWOaBLGEcJ6wBnc4+ZMC0PvNQpOzA3ut5uwNalHrq06Ni1AMYXjPGzq
nC2mKWpopABe0N7qMoZxlWZIfD17lzxsDzvCETDpK4xNz2Sf1sdKpAwNLurCJwg9
flIU6mBPdg5Y8bQyl+INOVHQ1CpdnRmFaNjca//PAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUEXDvV9C2Tce3AwtS7ZjtcJHfwVQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2YyYzE1NjRhLTAzZDctNDkzYS05NTliLTZlNzkyMzNlNjg5Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANjlkgwDQYJKoZIhvcNAQELBQADggEBAMr0lbUfa8UXW6aOjQtQ/BD8EwRu
CnNUP7pXSRDNy/zFHalZj4wBWe94wlO3z8SLhU7XWKwPXaXZTzj1I0dlmoh0TmTI
Na5R1LmJvRc3Vh6RZxAih+zeBy7qaqbBGKZe8eV19Y29GEwnhrqA/pyq9l8XfHGo
/cKqIsEK6pw4oHlHEM3bb3VNHOVgBSE0uiAZs2O1W15a3HScTQtn3xK6jwQ1KcVf
/iiycSH0ut5zDLG71cygee1AxXUjmhB3N6bWsLwoc1QxVJWNswAWgj6wS+a3Hazz
tC6ZGwAq07nN3BS/Spc8OlxWJWsXiyDGFY0LDfQyPi5kTeG3ssIrQSKvNN4=
-----END CERTIFICATE-----
Generated at Wed Nov 5 10:01:54 2025 by rpki-client