Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f6ffcfb4-93c2-49ca-8723-e0124cd03717.roa
File: f6ffcfb4-93c2-49ca-8723-e0124cd03717.roa (raw, json)
Hash identifier: HlBiVl3NThEHifDKjBzjGhjsZdJpy3GWopr5L2jKa2E=
Subject key identifier: 77:61:C6:ED:E1:33:33:94:35:7A:20:DB:C7:CA:4C:3A:62:39:13:0B
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 796197783BCB2D39E958251C470D123A2E13C059
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f6ffcfb4-93c2-49ca-8723-e0124cd03717.roa
Signing time: Sun 26 Oct 2025 00:11:28 +0000
ROA not before: Sun 26 Oct 2025 00:11:28 +0000
ROA not after: Sun 30 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 56.242.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:61:97:78:3b:cb:2d:39:e9:58:25:1c:47:0d:12:3a:2e:13:c0:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 26 00:11:28 2025 GMT
Not After : Nov 30 23:59:59 2025 GMT
Subject: serialNumber=1f3c5611785ab1f84968f5f548a73ee17a2463fff6f3435d4cae512c59bd37a9, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b0:9d:d5:b7:1d:6a:3e:76:0e:ce:d9:42:42:
da:a7:02:d4:9c:c3:db:6d:f1:ef:ce:0e:b7:b1:e0:
df:94:65:8f:d6:5a:e6:02:a5:03:9f:23:71:47:30:
ae:86:b9:18:8c:f3:bf:ca:73:40:e9:18:e0:74:55:
f0:ee:ac:7a:eb:d4:9e:5e:4e:03:b4:ea:db:1a:d1:
65:86:44:08:3a:62:59:7f:4c:25:03:44:06:e5:70:
ac:71:f9:49:5a:72:34:21:94:c5:28:02:11:a8:7b:
f9:a3:49:4e:2d:32:3e:3f:01:e2:2a:02:ef:e5:a0:
55:1e:f4:f8:d1:d0:25:be:99:93:ae:96:c2:95:3e:
07:bf:fa:6e:89:0c:2b:ee:3a:ea:3e:b4:c3:4b:c6:
7b:69:0a:83:25:8c:3d:ca:d9:fa:10:e4:b8:2f:13:
d4:39:69:04:fa:f2:81:16:12:45:04:03:46:f6:68:
01:90:94:f7:c5:ad:11:3c:43:05:ac:ad:47:14:7b:
49:45:0a:5a:d9:49:14:1b:57:63:30:58:3b:0f:c0:
61:61:1e:a2:70:a3:76:e9:b7:dd:2e:e2:9b:61:2b:
15:1c:8a:7a:81:fb:6a:96:e6:18:ce:85:00:78:89:
05:ef:a9:cb:83:fa:bd:36:9e:ab:54:d6:af:94:e0:
c8:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:61:C6:ED:E1:33:33:94:35:7A:20:DB:C7:CA:4C:3A:62:39:13:0B
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f6ffcfb4-93c2-49ca-8723-e0124cd03717.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
56.242.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4a:96:eb:27:9c:17:3f:01:21:6d:86:bd:e1:13:75:f0:a2:75:
49:19:be:fd:d9:00:fa:b8:26:9d:1d:82:4f:4c:37:7c:b0:dd:
b7:cf:8c:21:cc:43:96:76:17:dc:32:54:6e:49:af:1b:e2:54:
25:aa:64:7a:e5:72:9a:c8:eb:2c:81:df:3c:f5:9f:a2:96:4b:
1e:67:b9:b0:31:a7:44:e3:7f:75:d6:a4:89:71:04:32:ec:4d:
29:34:25:a6:ea:8a:0e:ad:09:38:da:a6:3f:ba:2b:6e:c7:cd:
81:75:79:a4:40:29:77:04:5b:16:46:fd:d3:34:4f:55:d9:bf:
f0:c1:6f:0c:2c:55:c8:94:42:e5:99:fb:65:4b:aa:34:ac:6c:
d2:56:8f:5a:43:36:c7:18:ba:59:22:ab:39:f1:ab:31:bf:ae:
73:99:4f:4e:7b:48:9e:7b:0c:f9:49:46:c6:07:2a:90:f1:98:
ff:71:b4:6b:eb:0c:5d:e0:2d:45:2a:d3:61:93:25:c5:1a:a8:
d2:98:22:20:58:fd:3e:ff:76:07:1d:6f:1a:8c:1c:7b:69:b1:
2d:2e:a3:db:4d:3b:e0:00:ea:1e:26:a5:39:17:35:6d:5d:7e:
59:f2:35:5c:2c:fb:7c:fc:28:41:da:c9:1d:7e:c9:57:48:e6:
b3:95:2d:de
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUeWGXeDvLLTnpWCUcRw0SOi4TwFkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI2MDAxMTI4WhcNMjUxMTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0AxZjNjNTYxMTc4NWFiMWY4NDk2OGY1ZjU0OGE3M2VlMTdh
MjQ2M2ZmZjZmMzQzNWQ0Y2FlNTEyYzU5YmQzN2E5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDMsJ3Vtx1qPnYOztlCQtqnAtScw9tt8e/ODrex4N+UZY/W
WuYCpQOfI3FHMK6GuRiM87/Kc0DpGOB0VfDurHrr1J5eTgO06tsa0WWGRAg6Yll/
TCUDRAblcKxx+UlacjQhlMUoAhGoe/mjSU4tMj4/AeIqAu/loFUe9PjR0CW+mZOu
lsKVPge/+m6JDCvuOuo+tMNLxntpCoMljD3K2foQ5LgvE9Q5aQT68oEWEkUEA0b2
aAGQlPfFrRE8QwWsrUcUe0lFClrZSRQbV2MwWDsPwGFhHqJwo3bpt90u4pthKxUc
inqB+2qW5hjOhQB4iQXvqcuD+r02nqtU1q+U4MgdAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUd2HG7eEzM5Q1eiDbx8pMOmI5EwswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Y2ZmZjZmI0LTkzYzItNDljYS04NzIzLWUwMTI0Y2QwMzcxNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA48jANBgkqhkiG9w0BAQsFAAOCAQEASpbrJ5wXPwEhbYa94RN18KJ1SRm+
/dkA+rgmnR2CT0w3fLDdt8+MIcxDlnYX3DJUbkmvG+JUJapkeuVymsjrLIHfPPWf
opZLHme5sDGnRON/ddakiXEEMuxNKTQlpuqKDq0JONqmP7orbsfNgXV5pEApdwRb
Fkb90zRPVdm/8MFvDCxVyJRC5Zn7ZUuqNKxs0laPWkM2xxi6WSKrOfGrMb+uc5lP
TntInnsM+UlGxgcqkPGY/3G0a+sMXeAtRSrTYZMlxRqo0pgiIFj9Pv92Bx1vGowc
e2mxLS6j20074ADqHialORc1bV1+WfI1XCz7fPwoQdrJHX7JV0jms5Ut3g==
-----END CERTIFICATE-----
Generated at Wed Nov 5 13:26:46 2025 by rpki-client