Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/03ae4e74-5acd-4e00-b992-05190479b91d.roa
File: 03ae4e74-5acd-4e00-b992-05190479b91d.roa (raw, json)
Hash identifier: qLH1PftUbGadKdeXREe/9ltoJCCQ7n7oIU4/1V95Uxg=
Subject key identifier: C8:71:88:F7:E4:21:F2:7F:B8:6C:CE:DE:73:B0:CB:6F:AB:EB:53:1B
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 1AC4EE8D49F77A0D239BFC7021A932637417D742
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/03ae4e74-5acd-4e00-b992-05190479b91d.roa
Signing time: Wed 01 Oct 2025 00:21:14 +0000
ROA not before: Wed 01 Oct 2025 00:21:14 +0000
ROA not after: Wed 05 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1f12:8000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:c4:ee:8d:49:f7:7a:0d:23:9b:fc:70:21:a9:32:63:74:17:d7:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 1 00:21:14 2025 GMT
Not After : Nov 5 23:59:59 2025 GMT
Subject: serialNumber=2c3a1d7fe468e7805a0d22658f3de36204df74f07f08462728fdda57e6ed9f64, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2d:8a:26:b3:2f:7b:3f:97:07:59:2a:79:c1:
c2:a4:5a:d7:f0:e1:21:36:08:ce:ab:9f:f3:c2:db:
5b:bf:94:44:ad:e7:f6:5d:c9:10:a7:18:a3:aa:3b:
be:04:ce:93:1d:b6:f8:d6:5d:c3:52:8f:6d:98:01:
5c:90:d5:f4:5a:08:2c:b9:c1:77:db:b9:65:10:80:
9c:25:35:a7:46:f9:a0:fa:97:c1:17:1c:1a:9e:15:
9d:3e:37:3e:fe:5b:75:33:7e:b0:9e:84:92:3f:9e:
02:16:56:f2:a3:f2:fb:8b:5c:30:bb:4e:f5:85:35:
59:ea:b1:55:6a:50:0a:e2:c4:b3:dd:2c:8a:6a:4f:
67:0c:1a:40:7b:95:09:2d:d5:05:24:61:6b:22:d9:
de:9f:28:cb:ca:2f:00:4e:20:fd:68:ec:2b:45:41:
a6:63:48:42:f4:f8:29:c3:45:40:ff:86:b3:23:6b:
36:6a:d6:01:e8:f4:97:db:21:97:4a:49:dd:45:85:
9e:82:2b:7f:6f:73:16:c9:7f:1f:33:b0:db:09:c9:
3c:fa:7d:d8:c8:29:82:69:85:9a:76:32:f3:2a:68:
bf:17:5f:e2:ae:60:94:33:31:a1:24:63:b4:a3:81:
a6:56:04:38:fa:4b:13:2b:32:70:97:16:87:43:b8:
59:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:71:88:F7:E4:21:F2:7F:B8:6C:CE:DE:73:B0:CB:6F:AB:EB:53:1B
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/03ae4e74-5acd-4e00-b992-05190479b91d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1f12:8000::/36
Signature Algorithm: sha256WithRSAEncryption
b0:4f:a2:a1:f4:74:0f:77:47:02:3d:a6:eb:03:0d:cc:58:7f:
25:2f:bd:b9:72:33:e5:48:f1:b1:57:1f:9b:7e:17:e0:65:02:
0e:f4:05:79:0c:9d:25:af:e1:43:77:c8:07:be:71:5b:41:30:
e5:be:b5:9f:72:4e:16:80:32:df:34:fa:83:da:2d:30:0f:8c:
56:4d:ea:98:28:64:e3:e0:66:68:ee:31:21:af:f7:b1:89:7d:
93:14:13:37:e5:45:57:8c:7c:e7:3a:01:4c:b9:1c:12:80:52:
16:a5:9d:24:09:34:47:6e:97:10:b3:73:5b:a8:a0:8e:69:d5:
fa:5c:b7:06:4b:73:60:ca:bb:48:b8:a1:a4:4c:97:09:c1:54:
27:0d:71:19:31:05:87:3f:69:36:f7:f9:b5:dc:8d:61:7f:4e:
90:57:21:49:3b:0c:3d:67:94:32:82:6c:36:b8:45:ea:81:b3:
83:7f:15:ea:81:ef:40:4c:d3:e8:a8:07:e4:a5:95:81:e0:19:
f7:d7:f0:28:ff:e4:3e:1c:37:0c:4b:1c:ce:f9:c7:37:3a:32:
ee:90:02:42:c4:e0:a6:d4:04:49:78:5a:c7:66:85:c0:79:0e:
00:e2:19:e8:1d:c9:d8:f9:c8:53:86:4c:7f:13:31:a1:0f:91:
a3:c5:64:45
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUGsTujUn3eg0jm/xwIakyY3QX10IwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDAyMTE0WhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0AyYzNhMWQ3ZmU0NjhlNzgwNWEwZDIyNjU4ZjNkZTM2MjA0
ZGY3NGYwN2YwODQ2MjcyOGZkZGE1N2U2ZWQ5ZjY0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvLYomsy97P5cHWSp5wcKkWtfw4SE2CM6rn/PC21u/lESt
5/ZdyRCnGKOqO74EzpMdtvjWXcNSj22YAVyQ1fRaCCy5wXfbuWUQgJwlNadG+aD6
l8EXHBqeFZ0+Nz7+W3UzfrCehJI/ngIWVvKj8vuLXDC7TvWFNVnqsVVqUArixLPd
LIpqT2cMGkB7lQkt1QUkYWsi2d6fKMvKLwBOIP1o7CtFQaZjSEL0+CnDRUD/hrMj
azZq1gHo9JfbIZdKSd1FhZ6CK39vcxbJfx8zsNsJyTz6fdjIKYJphZp2MvMqaL8X
X+KuYJQzMaEkY7SjgaZWBDj6SxMrMnCXFodDuFlRAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUyHGI9+Qh8n+4bM7ec7DLb6vrUxswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzAzYWU0ZTc0LTVhY2QtNGUwMC1iOTkyLTA1MTkwNDc5YjkxZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8SgDANBgkqhkiG9w0BAQsFAAOCAQEAsE+iofR0D3dHAj2m6wMNzFh/
JS+9uXIz5UjxsVcfm34X4GUCDvQFeQydJa/hQ3fIB75xW0Ew5b61n3JOFoAy3zT6
g9otMA+MVk3qmChk4+BmaO4xIa/3sYl9kxQTN+VFV4x85zoBTLkcEoBSFqWdJAk0
R26XELNzW6igjmnV+ly3BktzYMq7SLihpEyXCcFUJw1xGTEFhz9pNvf5tdyNYX9O
kFchSTsMPWeUMoJsNrhF6oGzg38V6oHvQEzT6KgH5KWVgeAZ99fwKP/kPhw3DEsc
zvnHNzoy7pACQsTgptQESXhax2aFwHkOAOIZ6B3J2PnIU4ZMfxMxoQ+Ro8VkRQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:34:56 2025 by rpki-client