Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ffe12830-146b-4ace-aa76-00c674bbaa36.roa
File: ffe12830-146b-4ace-aa76-00c674bbaa36.roa (raw, json)
Hash identifier: YKCF61hbBUQv0Oa7+IHmvMSeNYW1JONf4VKZJF01W4Q=
Subject key identifier: 2D:D6:FC:D5:D4:6E:66:84:AD:05:2F:82:8E:36:77:F1:32:D9:88:E2
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 22C4B965E49E30605CBADC2037B6EDD27A558DB4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ffe12830-146b-4ace-aa76-00c674bbaa36.roa
Signing time: Wed 22 Oct 2025 00:01:46 +0000
ROA not before: Wed 22 Oct 2025 00:01:46 +0000
ROA not after: Wed 26 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 45.72.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:c4:b9:65:e4:9e:30:60:5c:ba:dc:20:37:b6:ed:d2:7a:55:8d:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 22 00:01:46 2025 GMT
Not After : Nov 26 23:59:59 2025 GMT
Subject: serialNumber=bbad53368bbe5b46d17c6277c93f406924e8781f6cbd18de93d56af9d765ec32, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:32:c3:65:23:9d:33:5e:28:87:10:fa:b2:a9:
4f:f9:c0:23:08:c9:9a:77:6a:bd:5e:21:69:26:5a:
10:97:02:85:07:28:26:1a:83:09:95:a0:7e:e7:44:
92:bc:0f:c5:a5:6d:a6:e9:17:d5:cc:d9:6b:ab:1b:
53:83:b7:5a:72:12:1c:ab:ba:54:00:05:5c:e7:67:
1e:4e:b6:d2:2b:66:8c:ec:6d:9b:65:cb:3e:3d:9f:
af:17:f0:d8:00:ba:70:c5:b1:13:16:3d:3b:e8:8b:
71:92:4a:05:86:1f:8e:e5:76:47:72:ed:c7:a6:e9:
e1:de:36:3c:bd:1d:fc:6f:15:07:22:fa:14:2c:4a:
8a:44:16:e2:42:fc:e0:c9:96:f1:bf:54:0e:1a:09:
68:70:f2:3a:70:80:a8:2d:c3:1e:07:fd:83:8b:26:
b3:ec:d6:c2:d2:e6:62:2c:c8:35:a9:42:f5:42:f6:
b7:da:52:2e:12:34:6b:90:ac:7c:d2:06:b6:0c:f9:
fe:63:9b:d1:5c:34:bc:5c:60:ff:d7:33:52:54:47:
58:46:c4:3b:7e:c8:2c:9b:09:1b:e1:f5:bd:40:bb:
f1:36:b9:b9:ad:96:a3:66:31:8a:2e:b0:41:06:3a:
7f:50:f1:24:66:38:65:bc:e6:15:da:ae:74:b0:d0:
72:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:D6:FC:D5:D4:6E:66:84:AD:05:2F:82:8E:36:77:F1:32:D9:88:E2
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ffe12830-146b-4ace-aa76-00c674bbaa36.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.72.0.0/17
Signature Algorithm: sha256WithRSAEncryption
08:ae:d8:df:88:51:b9:70:21:c5:0e:06:e0:7d:5e:15:dd:28:
a1:65:25:65:7f:10:79:cf:1d:11:52:db:35:1e:6f:7b:19:89:
55:26:c0:fa:f5:47:60:6c:a1:58:cf:20:4f:72:72:de:e1:e6:
bf:f3:0d:d5:1e:72:cb:87:72:6e:04:19:01:a5:aa:db:1b:a3:
93:60:22:2a:b0:62:16:1f:1c:e7:44:ff:92:96:14:62:61:e2:
a0:ea:ef:d1:2f:72:dd:21:01:ff:0c:61:e7:a5:47:e3:05:b8:
b1:93:aa:43:56:8e:c4:f1:3a:2d:fd:e8:c1:e0:4d:8b:62:41:
86:6a:28:18:72:12:51:9e:08:cc:c8:56:ec:3a:2e:25:a8:bf:
4b:74:5a:83:2c:e7:32:4c:e5:77:e0:29:09:37:e0:a8:af:cc:
a6:b4:83:06:47:d8:4b:b8:78:d2:6a:7c:e2:54:51:10:c3:be:
d4:77:6d:70:ce:e4:b8:ad:0b:15:32:38:ba:ce:f6:c3:36:06:
6c:23:c3:6a:b8:c8:fd:cb:0b:24:3e:39:74:38:38:fe:54:18:
5d:6f:07:94:66:ea:d7:e7:8c:d7:cd:44:da:4e:6a:54:7a:db:
3f:d4:3f:2f:ff:de:67:f6:0d:f6:4e:23:38:79:5f:a0:1a:8f:
67:52:4f:67
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIsS5ZeSeMGBcutwgN7bt0npVjbQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIyMDAwMTQ2WhcNMjUxMTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0BiYmFkNTMzNjhiYmU1YjQ2ZDE3YzYyNzdjOTNmNDA2OTI0
ZTg3ODFmNmNiZDE4ZGU5M2Q1NmFmOWQ3NjVlYzMyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCrMsNlI50zXiiHEPqyqU/5wCMIyZp3ar1eIWkmWhCXAoUH
KCYagwmVoH7nRJK8D8WlbabpF9XM2WurG1ODt1pyEhyrulQABVznZx5OttIrZozs
bZtlyz49n68X8NgAunDFsRMWPTvoi3GSSgWGH47ldkdy7cem6eHeNjy9HfxvFQci
+hQsSopEFuJC/ODJlvG/VA4aCWhw8jpwgKgtwx4H/YOLJrPs1sLS5mIsyDWpQvVC
9rfaUi4SNGuQrHzSBrYM+f5jm9FcNLxcYP/XM1JUR1hGxDt+yCybCRvh9b1Au/E2
ubmtlqNmMYousEEGOn9Q8SRmOGW85hXarnSw0HJ/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQULdb81dRuZoStBS+CjjZ38TLZiOIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ZmZTEyODMwLTE0NmItNGFjZS1hYTc2LTAwYzY3NGJiYWEzNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBActSAAwDQYJKoZIhvcNAQELBQADggEBAAiu2N+IUblwIcUOBuB9XhXdKKFl
JWV/EHnPHRFS2zUeb3sZiVUmwPr1R2BsoVjPIE9yct7h5r/zDdUecsuHcm4EGQGl
qtsbo5NgIiqwYhYfHOdE/5KWFGJh4qDq79Evct0hAf8MYeelR+MFuLGTqkNWjsTx
Oi396MHgTYtiQYZqKBhyElGeCMzIVuw6LiWov0t0WoMs5zJM5XfgKQk34KivzKa0
gwZH2Eu4eNJqfOJUURDDvtR3bXDO5LitCxUyOLrO9sM2Bmwjw2q4yP3LCyQ+OXQ4
OP5UGF1vB5Rm6tfnjNfNRNpOalR62z/UPy//3mf2DfZOIzh5X6Aaj2dST2c=
-----END CERTIFICATE-----
Generated at Wed Nov 5 13:08:43 2025 by rpki-client