Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/03c5f8dc-cd1f-4a60-a94f-cbb895913462.roa
File: 03c5f8dc-cd1f-4a60-a94f-cbb895913462.roa (raw, json)
Hash identifier: hOyO4hkWSrHuUn9al2MkfzN1ocITQlVJv693VsVrTp0=
Subject key identifier: E4:40:08:5A:E6:3A:57:5B:10:26:FE:D5:3D:9E:A7:A9:93:72:D7:D9
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 794D40F254432CBAAB571293AF97D23E67C8F337
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/03c5f8dc-cd1f-4a60-a94f-cbb895913462.roa
Signing time: Wed 01 Oct 2025 00:01:19 +0000
ROA not before: Wed 01 Oct 2025 00:01:19 +0000
ROA not after: Wed 05 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 16.208.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:4d:40:f2:54:43:2c:ba:ab:57:12:93:af:97:d2:3e:67:c8:f3:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 1 00:01:19 2025 GMT
Not After : Nov 5 23:59:59 2025 GMT
Subject: serialNumber=d307753b6cd06bb35f6a90b757492b7985c500539628bf1c066139a279f74df5, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:55:be:aa:0e:04:28:38:67:aa:7c:ad:fa:d8:
c7:11:4d:c4:f8:04:ad:75:4b:fd:e6:a3:96:11:70:
72:33:ed:68:dd:61:41:08:6c:c0:18:11:72:76:37:
8d:a5:e5:98:6f:d9:90:43:0f:39:19:cb:a9:8c:6b:
e0:ec:87:0b:28:a4:20:8b:f5:de:19:ea:9f:8b:af:
9e:1d:a0:bd:f3:0a:ae:cd:ec:0d:a5:85:0d:7b:47:
02:ce:0a:44:7c:2e:7f:a5:a1:af:18:b2:86:74:85:
65:e3:56:e3:93:c5:ea:88:7d:f0:39:bb:76:77:4a:
89:2a:12:6a:55:ba:31:99:c5:fa:1e:79:5a:78:68:
33:dd:5f:85:8e:e4:b5:a0:78:22:31:c6:57:0b:5b:
d7:3f:49:09:fb:b2:be:22:2e:30:5b:be:eb:1c:de:
b9:2d:b6:1a:54:5f:07:55:67:95:58:bc:91:c9:98:
14:dc:b8:80:cb:d8:59:db:de:40:a3:af:5c:a8:44:
ef:82:09:1b:35:83:aa:ee:08:14:4d:5e:e2:8c:c6:
12:3b:b5:f8:18:83:c1:a7:f2:39:20:3f:b9:77:e1:
85:ce:09:b0:2f:83:ef:cb:42:d5:02:11:e5:12:d7:
ce:0e:bb:be:e2:d0:f9:e8:6e:32:30:e5:5c:f8:4f:
b4:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:40:08:5A:E6:3A:57:5B:10:26:FE:D5:3D:9E:A7:A9:93:72:D7:D9
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/03c5f8dc-cd1f-4a60-a94f-cbb895913462.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.208.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a1:a9:83:6f:0f:02:47:c9:b6:80:3a:73:50:47:8e:a1:e3:97:
df:b7:0c:92:92:79:80:2e:ea:15:63:34:ca:30:d0:c7:e2:89:
f6:c2:fd:c5:04:9b:85:df:99:1a:7a:09:fb:5b:e6:a4:bf:74:
c2:18:15:6f:ea:e6:c6:88:ff:94:29:dc:ac:d5:ed:d2:79:c0:
b3:b0:aa:01:c2:1a:29:f2:c4:2e:4c:88:aa:d9:1b:aa:ba:6d:
2e:24:a5:23:94:17:62:14:6a:14:f7:7a:56:8e:44:a4:4b:88:
19:fb:b5:3c:49:d0:c2:65:e7:90:25:c4:02:75:7b:97:9d:ef:
b8:db:52:77:35:1d:88:76:da:19:4d:92:7f:97:fd:60:53:b0:
8f:cd:ab:e8:ee:a9:61:9b:70:31:d1:54:4c:d4:e7:49:8b:5f:
a9:45:d8:b3:f1:65:d3:17:f8:e9:e7:d5:4b:4f:24:78:3b:55:
0f:d3:6c:cb:87:de:05:cc:68:e5:5f:30:1f:e2:5b:37:32:fa:
51:d2:97:bd:c0:6e:66:4f:c3:92:b3:8d:6d:22:75:c2:43:a5:
c0:70:d2:c6:8f:f4:a6:48:fa:ae:84:08:a3:29:b3:62:e8:41:
74:07:06:13:99:17:f8:72:11:a3:b9:2f:54:be:7e:50:b7:c3:
42:02:d1:1e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUeU1A8lRDLLqrVxKTr5fSPmfI8zcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDAwMTE5WhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BkMzA3NzUzYjZjZDA2YmIzNWY2YTkwYjc1NzQ5MmI3OTg1
YzUwMDUzOTYyOGJmMWMwNjYxMzlhMjc5Zjc0ZGY1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+Vb6qDgQoOGeqfK362McRTcT4BK11S/3mo5YRcHIz7Wjd
YUEIbMAYEXJ2N42l5Zhv2ZBDDzkZy6mMa+DshwsopCCL9d4Z6p+Lr54doL3zCq7N
7A2lhQ17RwLOCkR8Ln+loa8YsoZ0hWXjVuOTxeqIffA5u3Z3SokqEmpVujGZxfoe
eVp4aDPdX4WO5LWgeCIxxlcLW9c/SQn7sr4iLjBbvusc3rktthpUXwdVZ5VYvJHJ
mBTcuIDL2Fnb3kCjr1yoRO+CCRs1g6ruCBRNXuKMxhI7tfgYg8Gn8jkgP7l34YXO
CbAvg+/LQtUCEeUS184Ou77i0PnobjIw5Vz4T7RdAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU5EAIWuY6V1sQJv7VPZ6nqZNy19kwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzAzYzVmOGRjLWNkMWYtNGE2MC1hOTRmLWNiYjg5NTkxMzQ2Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQ0DANBgkqhkiG9w0BAQsFAAOCAQEAoamDbw8CR8m2gDpzUEeOoeOX37cM
kpJ5gC7qFWM0yjDQx+KJ9sL9xQSbhd+ZGnoJ+1vmpL90whgVb+rmxoj/lCncrNXt
0nnAs7CqAcIaKfLELkyIqtkbqrptLiSlI5QXYhRqFPd6Vo5EpEuIGfu1PEnQwmXn
kCXEAnV7l53vuNtSdzUdiHbaGU2Sf5f9YFOwj82r6O6pYZtwMdFUTNTnSYtfqUXY
s/Fl0xf46efVS08keDtVD9Nsy4feBcxo5V8wH+JbNzL6UdKXvcBuZk/DkrONbSJ1
wkOlwHDSxo/0pkj6roQIoymzYuhBdAcGE5kX+HIRo7kvVL5+ULfDQgLRHg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 20:43:16 2025 by rpki-client