Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/05d7f342-6157-48d6-afa9-e8e77d622676.roa
File: 05d7f342-6157-48d6-afa9-e8e77d622676.roa (raw, json)
Hash identifier: RZRoZmJ9XM9dsdH6VELnREEewAG0MZL9uMUZzA6/yys=
Subject key identifier: 19:39:DB:4D:8D:3C:1A:56:E6:C6:9B:79:C4:A7:ED:B2:43:39:D0:F3
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 0C0B5D8323F5A1AE69676E790A8A4077F3B5C705
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/05d7f342-6157-48d6-afa9-e8e77d622676.roa
Signing time: Mon 29 Sep 2025 15:13:29 +0000
ROA not before: Mon 29 Sep 2025 15:13:29 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 136.18.52.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:0b:5d:83:23:f5:a1:ae:69:67:6e:79:0a:8a:40:77:f3:b5:c7:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Sep 29 15:13:29 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=bff70389eef587fac1eca5dd1339b3e20868f2d6774f240a32e78e2836bfd7b4, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0c:2f:80:48:3c:08:a6:e9:11:ca:ff:e2:64:
7d:74:41:7c:ab:ec:77:b3:03:77:c0:b1:47:22:4a:
46:a6:fa:94:01:d1:53:31:06:18:c7:52:68:6c:3d:
c0:dd:32:34:7f:f6:59:f3:13:d6:f9:4a:1b:0d:f8:
e0:c7:fa:0f:ec:68:0c:df:41:73:81:8d:73:95:ed:
d8:fe:72:19:99:35:e4:c1:84:f0:d4:ee:6e:69:ac:
b3:45:15:1b:17:75:06:13:17:9e:24:2f:86:81:a7:
5e:c7:6d:ca:83:31:90:53:d9:d6:00:86:74:a8:9f:
94:10:ac:4d:41:cc:31:17:62:54:d1:f0:a4:3f:9e:
78:6c:24:26:64:1b:2a:51:dd:7c:6e:d0:b8:65:03:
11:ce:85:70:9b:0f:e4:a3:f6:60:be:d3:cc:34:c8:
9a:ea:a8:7a:12:72:89:92:59:26:b5:8e:a0:9b:d1:
21:c6:db:2d:d6:96:1a:89:bf:39:88:50:1c:de:36:
bb:74:46:1f:79:e8:c3:1b:c1:25:84:c6:9e:fa:d2:
ed:39:3e:b3:48:11:b5:13:c3:f4:cd:3e:79:5d:b5:
4d:f2:4a:c4:91:68:70:39:5e:3a:06:b9:98:94:3e:
fc:1d:de:fa:c9:b0:68:18:d6:13:78:50:51:a3:d0:
3f:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:39:DB:4D:8D:3C:1A:56:E6:C6:9B:79:C4:A7:ED:B2:43:39:D0:F3
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/05d7f342-6157-48d6-afa9-e8e77d622676.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
136.18.52.0/22
Signature Algorithm: sha256WithRSAEncryption
ce:79:54:6c:1f:55:1b:6a:b6:b3:cc:3f:5c:25:fa:25:1a:c9:
3e:9e:20:aa:a8:6d:80:28:d3:d4:a4:5c:16:e9:65:9f:27:60:
40:ac:95:52:11:ab:85:9a:45:3a:ca:c4:78:5d:f6:1b:cb:b0:
bb:b3:ed:cb:e5:0c:6d:43:7d:6f:46:af:2a:d0:b0:53:1b:d0:
7d:76:b7:85:ae:d8:54:c0:22:34:e6:98:1f:ce:65:1f:9d:c5:
d8:72:4a:6e:97:72:85:fa:32:be:6a:70:c5:ad:61:f6:e1:02:
9e:08:d0:9e:19:36:6d:e4:42:f1:0c:82:8c:8f:7e:dc:44:3a:
8b:95:96:5e:39:f3:39:f3:ec:00:1c:c3:32:78:c2:e4:12:f9:
1b:fe:22:66:8d:c7:3f:0c:48:ce:f4:08:dc:55:79:53:61:42:
0f:b1:e7:1d:d3:2f:ec:87:3f:e0:c4:33:59:81:fb:34:91:10:
1c:fc:4b:31:48:3d:c8:95:41:fd:80:4c:59:51:fe:17:f6:c9:
37:b3:85:b4:cf:97:5c:67:88:b1:45:dd:b8:45:fc:91:e2:d0:
7b:dd:44:77:d1:9b:97:78:01:a9:f3:35:fe:7c:84:96:5b:b8:
86:e6:2f:a5:cb:9a:7c:5c:56:f1:0f:fc:f1:b2:0e:9b:b3:c0:
5d:d4:72:0f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDAtdgyP1oa5pZ255CopAd/O1xwUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI5MTUxMzI5WhcNMjUxMTAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BiZmY3MDM4OWVlZjU4N2ZhYzFlY2E1ZGQxMzM5YjNlMjA4
NjhmMmQ2Nzc0ZjI0MGEzMmU3OGUyODM2YmZkN2I0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDHDC+ASDwIpukRyv/iZH10QXyr7HezA3fAsUciSkam+pQB
0VMxBhjHUmhsPcDdMjR/9lnzE9b5ShsN+ODH+g/saAzfQXOBjXOV7dj+chmZNeTB
hPDU7m5prLNFFRsXdQYTF54kL4aBp17HbcqDMZBT2dYAhnSon5QQrE1BzDEXYlTR
8KQ/nnhsJCZkGypR3Xxu0LhlAxHOhXCbD+Sj9mC+08w0yJrqqHoScomSWSa1jqCb
0SHG2y3WlhqJvzmIUBzeNrt0Rh956MMbwSWExp760u05PrNIEbUTw/TNPnldtU3y
SsSRaHA5XjoGuZiUPvwd3vrJsGgY1hN4UFGj0D+/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUGTnbTY08Glbmxpt5xKftskM50PMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzA1ZDdmMzQyLTYxNTctNDhkNi1hZmE5LWU4ZTc3ZDYyMjY3Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAKIEjQwDQYJKoZIhvcNAQELBQADggEBAM55VGwfVRtqtrPMP1wl+iUayT6e
IKqobYAo09SkXBbpZZ8nYECslVIRq4WaRTrKxHhd9hvLsLuz7cvlDG1DfW9GryrQ
sFMb0H12t4Wu2FTAIjTmmB/OZR+dxdhySm6XcoX6Mr5qcMWtYfbhAp4I0J4ZNm3k
QvEMgoyPftxEOouVll458znz7AAcwzJ4wuQS+Rv+ImaNxz8MSM70CNxVeVNhQg+x
5x3TL+yHP+DEM1mB+zSREBz8SzFIPciVQf2ATFlR/hf2yTezhbTPl1xniLFF3bhF
/JHi0HvdRHfRm5d4AanzNf58hJZbuIbmL6XLmnxcVvEP/PGyDpuzwF3Ucg8=
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:05:33 2025 by rpki-client