Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0c9829f8-1c99-458b-b95d-c9e61c884641.roa
File: 0c9829f8-1c99-458b-b95d-c9e61c884641.roa (raw, json)
Hash identifier: XYbdZmjLlqARCVH7AWuRSZLB+VBsmelcKCMASrJkj8I=
Subject key identifier: 37:38:4A:4F:FC:37:0E:49:56:7B:D3:1E:1C:DA:C4:F2:0B:B0:AF:C8
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 665EAD2A449BAE89BEEABC1BEA9C1B25E7DD06CB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0c9829f8-1c99-458b-b95d-c9e61c884641.roa
Signing time: Sat 18 Oct 2025 03:41:50 +0000
ROA not before: Sat 18 Oct 2025 03:41:50 +0000
ROA not after: Sat 22 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 65.8.49.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:5e:ad:2a:44:9b:ae:89:be:ea:bc:1b:ea:9c:1b:25:e7:dd:06:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 18 03:41:50 2025 GMT
Not After : Nov 22 23:59:59 2025 GMT
Subject: serialNumber=41308aa1e9c25af526ce76e0601616b0841b341aa6f63be613ea30ca54cc38e4, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:34:37:79:38:5e:92:87:29:61:d4:bc:ae:82:
92:de:fb:a4:8a:73:95:ac:4e:f5:d6:04:d9:fd:c1:
64:be:3a:fc:1e:78:b7:da:33:75:26:7a:ae:a8:de:
b9:67:cf:67:73:c6:e2:1b:19:9e:6a:34:a5:f3:da:
27:81:91:ae:36:e3:b2:c2:79:53:f0:5c:ce:95:d1:
b7:89:3d:7a:c0:9c:13:2b:64:6f:58:55:28:3a:ce:
1b:73:6a:14:86:c6:f4:6d:c4:76:81:34:38:21:65:
85:b9:23:da:ab:13:be:07:2d:a1:bf:60:c8:88:72:
7e:a6:e9:d7:b1:af:e9:aa:1f:e8:69:de:c4:80:53:
3d:50:9b:2b:cc:5c:2f:2b:05:b1:5f:63:65:ea:ac:
1e:74:50:7c:72:c4:5d:36:02:96:f9:32:1e:49:b9:
9d:40:ee:88:be:27:87:75:88:7c:5a:29:74:59:ba:
2d:85:5f:bd:eb:c3:b9:3a:07:ec:be:5c:27:32:45:
d3:3a:28:05:55:ed:50:6f:ec:41:37:67:4f:f5:5c:
02:cc:27:7c:71:81:1c:1b:7a:44:d9:de:0e:8e:63:
aa:85:68:11:12:1b:f8:5d:dc:2c:22:9b:0f:ad:af:
f9:b0:7b:88:8d:ef:e3:a0:60:f7:11:d8:c5:b5:94:
89:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:38:4A:4F:FC:37:0E:49:56:7B:D3:1E:1C:DA:C4:F2:0B:B0:AF:C8
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0c9829f8-1c99-458b-b95d-c9e61c884641.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
65.8.49.0/24
Signature Algorithm: sha256WithRSAEncryption
20:4c:dd:f1:38:8f:1a:60:92:eb:25:70:be:27:b5:8e:03:fe:
d3:b5:b1:0e:20:c1:c7:21:6e:b2:2f:69:2c:21:7c:07:d9:58:
ac:3d:ff:d3:b7:f4:29:8b:23:00:d3:6f:7e:5d:6a:85:0a:58:
9b:64:0d:59:c2:16:d7:8c:cd:db:7d:a4:fe:6a:df:05:e6:c6:
8b:89:d8:49:f0:67:98:7e:1b:e8:f1:63:fb:52:73:50:82:1b:
11:7a:0f:38:71:1c:f9:ea:39:a6:f7:35:78:ed:76:9b:21:ca:
ae:1e:e3:f2:8a:d2:5e:ab:9a:4f:4a:d3:60:57:c4:0a:c8:57:
b6:c4:bc:63:39:fb:5a:59:f6:42:a3:45:2f:47:76:c9:fa:e1:
a6:76:f1:bd:fd:bd:3e:df:6f:6e:48:d7:13:1e:84:38:cd:d6:
36:0a:e2:ba:ca:33:b1:c8:34:02:b9:65:66:07:47:b0:31:a5:
cd:a8:a7:ab:43:3d:fc:ad:b4:fa:ee:e2:cf:0e:e4:b9:3f:70:
68:68:de:fd:96:8a:40:1f:8b:54:e2:f5:27:1c:1e:01:52:e1:
1e:d9:63:76:c6:b6:b3:d2:14:60:ee:e6:c0:7c:57:45:ec:5d:
07:59:e6:34:b8:da:8d:2c:e6:69:5e:e3:09:ab:47:72:c5:b0:
e9:71:9e:50
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZl6tKkSbrom+6rwb6pwbJefdBsswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE4MDM0MTUwWhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A0MTMwOGFhMWU5YzI1YWY1MjZjZTc2ZTA2MDE2MTZiMDg0
MWIzNDFhYTZmNjNiZTYxM2VhMzBjYTU0Y2MzOGU0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvNDd5OF6Shylh1LyugpLe+6SKc5WsTvXWBNn9wWS+Ovwe
eLfaM3Umeq6o3rlnz2dzxuIbGZ5qNKXz2ieBka4247LCeVPwXM6V0beJPXrAnBMr
ZG9YVSg6zhtzahSGxvRtxHaBNDghZYW5I9qrE74HLaG/YMiIcn6m6dexr+mqH+hp
3sSAUz1QmyvMXC8rBbFfY2XqrB50UHxyxF02Apb5Mh5JuZ1A7oi+J4d1iHxaKXRZ
ui2FX73rw7k6B+y+XCcyRdM6KAVV7VBv7EE3Z0/1XALMJ3xxgRwbekTZ3g6OY6qF
aBESG/hd3Cwimw+tr/mwe4iN7+OgYPcR2MW1lImbAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUNzhKT/w3DklWe9MeHNrE8guwr8gwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzBjOTgyOWY4LTFjOTktNDU4Yi1iOTVkLWM5ZTYxYzg4NDY0MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABBCDEwDQYJKoZIhvcNAQELBQADggEBACBM3fE4jxpgkuslcL4ntY4D/tO1
sQ4gwcchbrIvaSwhfAfZWKw9/9O39CmLIwDTb35daoUKWJtkDVnCFteMzdt9pP5q
3wXmxouJ2EnwZ5h+G+jxY/tSc1CCGxF6DzhxHPnqOab3NXjtdpshyq4e4/KK0l6r
mk9K02BXxArIV7bEvGM5+1pZ9kKjRS9Hdsn64aZ28b39vT7fb25I1xMehDjN1jYK
4rrKM7HINAK5ZWYHR7Axpc2op6tDPfyttPru4s8O5Lk/cGho3v2WikAfi1Ti9Scc
HgFS4R7ZY3bGtrPSFGDu5sB8V0XsXQdZ5jS42o0s5mle4wmrR3LFsOlxnlA=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:48:58 2025 by rpki-client