Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/07927291-3fc1-4e33-b87f-f263f130c6fc.roa
File: 07927291-3fc1-4e33-b87f-f263f130c6fc.roa (raw, json)
Hash identifier: Brxy4b+aeo127XoPrzf6W6KtdoiiDPUnJs/CdhstG74=
Subject key identifier: A6:28:05:99:42:30:93:6E:EB:E6:68:72:70:AA:5E:70:0D:63:3E:A8
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 7C40254814195736658763F5674BA9782054AA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/07927291-3fc1-4e33-b87f-f263f130c6fc.roa
Signing time: Tue 14 Oct 2025 15:51:18 +0000
ROA not before: Tue 14 Oct 2025 15:51:18 +0000
ROA not after: Tue 18 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1fec:f400::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:40:25:48:14:19:57:36:65:87:63:f5:67:4b:a9:78:20:54:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 14 15:51:18 2025 GMT
Not After : Nov 18 23:59:59 2025 GMT
Subject: serialNumber=e0b9820ec4b9d64aa5bf5ac45d098471307821eab252f01373a5c2d8eaba9248, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:16:78:aa:93:88:3e:08:0c:23:ef:d6:66:18:
be:f8:77:8f:b6:91:6d:bf:3d:1d:71:16:db:ce:a8:
3c:01:f3:4b:1e:5c:8c:64:e8:16:27:43:a5:0d:f3:
b8:43:ad:a9:c7:ad:51:5a:3d:19:45:d2:88:15:54:
9b:d7:bb:42:f0:98:ab:4e:cc:7c:f1:a7:f5:00:0d:
a5:bd:8d:2e:35:c3:df:7b:6d:0f:84:b5:67:b6:6c:
8f:92:4b:8a:41:6f:2b:ae:5b:29:be:83:03:5a:58:
61:6f:07:e8:14:71:aa:67:a9:ac:a6:04:bb:7d:4e:
a2:41:8f:d0:eb:27:2f:28:7d:06:48:75:46:e2:63:
77:e8:29:11:13:6d:69:f4:23:fc:bc:da:fa:86:cf:
ac:20:c7:fd:04:ca:ea:9d:d0:40:ab:81:ea:54:e4:
0c:65:38:9f:73:0d:1c:c9:6d:72:a8:3a:a8:69:21:
6e:3f:4a:dd:fa:78:2f:48:2f:e4:d2:f2:ea:0f:08:
bd:24:75:be:68:71:b2:03:34:7c:41:5f:f1:54:35:
40:e9:77:65:01:fd:93:f2:04:24:db:7c:04:32:5c:
15:4a:aa:bf:7b:ce:9c:2d:62:9e:ae:5c:e1:68:95:
ee:55:3d:f9:b9:81:a6:d7:de:15:f1:20:28:c8:9a:
28:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:28:05:99:42:30:93:6E:EB:E6:68:72:70:AA:5E:70:0D:63:3E:A8
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/07927291-3fc1-4e33-b87f-f263f130c6fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1fec:f400::/48
Signature Algorithm: sha256WithRSAEncryption
2e:27:bb:be:bc:7e:1f:5f:a9:60:f5:32:d1:63:57:09:23:22:
ce:c4:b5:76:94:b6:c6:3a:95:2f:f1:65:b3:3c:50:61:08:88:
61:4c:d3:6e:1a:aa:f7:10:df:49:82:b1:a7:cf:6d:f5:15:61:
e8:4f:e6:ac:f1:34:78:e2:f6:f0:47:f3:cb:ec:9e:50:ad:18:
cd:f0:84:2d:1f:60:61:5d:f8:55:ec:1f:94:4d:c3:e0:56:a4:
ac:db:64:ea:b0:1f:69:a1:de:50:ed:dd:54:64:cf:61:4a:a5:
28:11:82:6b:e8:43:6a:c9:98:af:de:59:dc:91:77:9a:bc:63:
43:71:12:4c:cd:3f:95:c1:48:aa:3f:2c:27:57:ed:85:9c:f2:
58:fa:4c:d4:e8:1b:51:de:67:e6:cf:c0:fd:70:56:12:95:72:
d5:c9:91:c0:31:dd:25:ec:b7:d0:07:59:0a:a7:ff:26:ed:03:
8f:23:c1:01:2d:07:e0:7a:a6:b2:a5:58:e2:04:da:34:7f:54:
ac:2a:9f:b1:0f:ce:f6:54:9d:32:13:41:47:c6:53:7a:4e:25:
f0:0c:55:96:6e:52:e4:f1:fe:a1:ef:d8:bd:fa:05:c5:5d:44:
7b:5b:dd:ac:a8:e9:da:66:94:4a:fe:8f:5c:ee:a6:89:94:f6:
19:40:b0:bb
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgITfEAlSBQZVzZlh2P1Z0upeCBUqjANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzI2ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAxOGQ0MmJlMzU4ZWIz
NzEwN2RiZThjYjcxZDBhNzAeFw0yNTEwMTQxNTUxMThaFw0yNTExMTgyMzU5NTla
MHoxSTBHBgNVBAUTQGUwYjk4MjBlYzRiOWQ2NGFhNWJmNWFjNDVkMDk4NDcxMzA3
ODIxZWFiMjUyZjAxMzczYTVjMmQ4ZWFiYTkyNDgxLTArBgNVBAMTJGIyNWM5NzBm
LWQ4MTMtNDQ1Yy1iZmUyLTYyNjY4NTE4Yzg3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKcWeKqTiD4IDCPv1mYYvvh3j7aRbb89HXEW286oPAHzSx5c
jGToFidDpQ3zuEOtqcetUVo9GUXSiBVUm9e7QvCYq07MfPGn9QANpb2NLjXD33tt
D4S1Z7Zsj5JLikFvK65bKb6DA1pYYW8H6BRxqmeprKYEu31OokGP0OsnLyh9Bkh1
RuJjd+gpERNtafQj/Lza+obPrCDH/QTK6p3QQKuB6lTkDGU4n3MNHMltcqg6qGkh
bj9K3fp4L0gv5NLy6g8IvSR1vmhxsgM0fEFf8VQ1QOl3ZQH9k/IEJNt8BDJcFUqq
v3vOnC1inq5c4WiV7lU9+bmBptfeFfEgKMiaKFcCAwEAAaOCArQwggKwMB0GA1Ud
DgQWBBSmKAWZQjCTbuvmaHJwql5wDWM+qDAfBgNVHSMEGDAWgBQQXdeNVXhAq0Nd
vRUhII8p+kk/rjAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzFiYTMwMmI4LThk
YWItNDkxZC1iOWVkLWQ3YzkyZDAzMGQ4Mi82ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAx
OGQ0MmJlMzU4ZWIzNzEwN2RiZThjYjcxZDBhNy5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8yMGFhMzI5Yi1mYzUyLTRjNjEtYmY1My0wOTcy
NWMwNDI5NDIvMDc5MjcyOTEtM2ZjMS00ZTMzLWI4N2YtZjI2M2YxMzBjNmZjLnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMt
MDk3MjVjMDQyOTQyL19xeDNSSjhCalVLLU5ZNnpjUWZiNk10eDBLYy5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACYAH+z0ADANBgkqhkiG9w0BAQsFAAOCAQEALie7vrx+H1+pYPUy0WNXCSMi
zsS1dpS2xjqVL/FlszxQYQiIYUzTbhqq9xDfSYKxp89t9RVh6E/mrPE0eOL28Efz
y+yeUK0YzfCELR9gYV34VewflE3D4FakrNtk6rAfaaHeUO3dVGTPYUqlKBGCa+hD
asmYr95Z3JF3mrxjQ3ESTM0/lcFIqj8sJ1fthZzyWPpM1OgbUd5n5s/A/XBWEpVy
1cmRwDHdJey30AdZCqf/Ju0DjyPBAS0H4HqmsqVY4gTaNH9UrCqfsQ/O9lSdMhNB
R8ZTek4l8AxVlm5S5PH+oe/YvfoFxV1Ee1vdrKjp2maUSv6PXO6miZT2GUCwuw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:29:49 2025 by rpki-client