Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0feab138-4c08-4231-8ce0-8948b0920e06.roa
File: 0feab138-4c08-4231-8ce0-8948b0920e06.roa (raw, json)
Hash identifier: Ix9y5zfuNE7U1tsT2q5QB9W8tXuG15ob/OveoXm4ZQ8=
Subject key identifier: 89:45:E4:61:88:FE:27:F6:50:4C:3A:4E:69:96:35:82:2B:F4:A1:9C
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4BC1EF2CB7A399CD1A37301CADD70AD78D5AEFCD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0feab138-4c08-4231-8ce0-8948b0920e06.roa
Signing time: Wed 01 Oct 2025 00:11:18 +0000
ROA not before: Wed 01 Oct 2025 00:11:18 +0000
ROA not after: Wed 05 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 209.173.64.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:c1:ef:2c:b7:a3:99:cd:1a:37:30:1c:ad:d7:0a:d7:8d:5a:ef:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 1 00:11:18 2025 GMT
Not After : Nov 5 23:59:59 2025 GMT
Subject: serialNumber=b3416c2ce3efb59e313668efaeb51a1c9117a1e230891ff49bfb6cc16b62c237, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:93:da:ae:8f:54:d5:f3:26:03:39:3e:bf:9e:
31:99:09:5b:48:bc:35:1c:a2:e1:e3:95:85:46:da:
46:2a:f1:00:0e:2f:75:c2:7c:18:aa:45:7f:b5:43:
2f:5f:de:06:35:60:f5:ba:46:5a:a8:2c:e1:7e:13:
bf:16:80:2c:7c:b5:76:84:59:cc:74:aa:16:7e:ea:
84:b5:c4:fd:a7:f4:9b:da:f4:8c:61:98:8a:74:b2:
db:d0:5f:fc:2e:8f:42:52:43:1e:32:f8:c8:7a:ac:
b3:3b:50:5d:16:37:fc:1f:15:76:cb:90:41:70:e2:
e5:0b:90:43:43:c7:8d:86:45:4d:61:74:95:88:14:
da:3d:43:a8:43:e8:ea:78:f2:37:61:f0:04:6d:96:
3b:0d:a4:92:28:51:5e:9b:c8:21:2e:66:e7:07:13:
ff:4c:66:29:06:25:db:26:b3:16:cb:bb:4d:15:87:
b0:01:38:02:25:c5:dc:0d:16:37:5a:41:1e:ca:58:
c8:a8:41:b9:d4:68:e8:e9:2c:fa:44:ca:74:40:b3:
65:8f:4e:fc:a1:42:b4:ca:a0:5e:a5:07:b9:26:3d:
44:a5:aa:0c:ab:e6:1b:1b:1d:63:e2:39:ed:5d:d7:
0f:d0:e3:17:e3:0e:2a:e0:b8:5a:56:44:1f:fa:67:
64:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:45:E4:61:88:FE:27:F6:50:4C:3A:4E:69:96:35:82:2B:F4:A1:9C
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0feab138-4c08-4231-8ce0-8948b0920e06.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
209.173.64.0/18
Signature Algorithm: sha256WithRSAEncryption
46:01:8b:e6:a3:e4:79:06:ba:a5:8c:6f:0b:a7:a8:d7:2b:94:
47:36:38:e9:29:2c:d4:9a:35:b3:d5:39:a7:62:43:35:69:f1:
fd:30:84:73:0c:bc:f7:f2:9c:52:40:09:d5:f2:3b:56:33:fa:
a8:c4:8d:13:d0:27:8d:81:9e:f8:5b:6d:3e:c8:95:e8:e5:0f:
7c:ef:37:29:bb:9a:4f:c3:27:60:c6:fb:3a:a9:a5:11:03:e7:
81:a6:55:60:13:2c:c7:79:cb:fd:94:d7:2c:a2:55:fc:79:d0:
cd:c8:88:51:69:be:88:5c:62:01:1d:a9:15:c0:75:e1:b9:01:
88:03:05:7b:f0:2b:d1:77:0d:6e:fe:16:97:66:57:39:32:a9:
1e:90:d3:75:fa:a3:61:0c:62:aa:8c:e1:9f:8c:35:b3:bd:0f:
cb:29:e2:a9:7e:a1:54:2a:d2:f2:8e:1a:89:8d:f7:e0:39:94:
0c:2e:24:5a:9c:f4:89:4f:60:5a:e2:b9:c2:1e:98:42:89:02:
1a:96:fc:17:d7:85:2c:b9:de:55:ac:5a:0e:fb:bd:3b:ae:10:
d1:1d:b4:ba:01:ff:47:74:24:33:e1:2c:bb:f6:cc:a4:14:e0:
9f:77:7e:c9:4b:c1:b6:d9:d2:87:4d:19:38:2b:e9:65:15:6e:
70:3c:d3:76
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUS8HvLLejmc0aNzAcrdcK141a780wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDAxMTE4WhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BiMzQxNmMyY2UzZWZiNTllMzEzNjY4ZWZhZWI1MWExYzkx
MTdhMWUyMzA4OTFmZjQ5YmZiNmNjMTZiNjJjMjM3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDok9quj1TV8yYDOT6/njGZCVtIvDUcouHjlYVG2kYq8QAO
L3XCfBiqRX+1Qy9f3gY1YPW6RlqoLOF+E78WgCx8tXaEWcx0qhZ+6oS1xP2n9Jva
9IxhmIp0stvQX/wuj0JSQx4y+Mh6rLM7UF0WN/wfFXbLkEFw4uULkENDx42GRU1h
dJWIFNo9Q6hD6Op48jdh8ARtljsNpJIoUV6byCEuZucHE/9MZikGJdsmsxbLu00V
h7ABOAIlxdwNFjdaQR7KWMioQbnUaOjpLPpEynRAs2WPTvyhQrTKoF6lB7kmPUSl
qgyr5hsbHWPiOe1d1w/Q4xfjDirguFpWRB/6Z2SlAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUiUXkYYj+J/ZQTDpOaZY1giv0oZwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzBmZWFiMTM4LTRjMDgtNDIzMS04Y2UwLTg5NDhiMDkyMGUwNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAbRrUAwDQYJKoZIhvcNAQELBQADggEBAEYBi+aj5HkGuqWMbwunqNcrlEc2
OOkpLNSaNbPVOadiQzVp8f0whHMMvPfynFJACdXyO1Yz+qjEjRPQJ42BnvhbbT7I
lejlD3zvNym7mk/DJ2DG+zqppRED54GmVWATLMd5y/2U1yyiVfx50M3IiFFpvohc
YgEdqRXAdeG5AYgDBXvwK9F3DW7+FpdmVzkyqR6Q03X6o2EMYqqM4Z+MNbO9D8sp
4ql+oVQq0vKOGomN9+A5lAwuJFqc9IlPYFriucIemEKJAhqW/BfXhSy53lWsWg77
vTuuENEdtLoB/0d0JDPhLLv2zKQU4J93fslLwbbZ0odNGTgr6WUVbnA803Y=
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:16:48 2025 by rpki-client