Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1401cfa8-ed6b-4446-9859-287d36cbeca7.roa
File: 1401cfa8-ed6b-4446-9859-287d36cbeca7.roa (raw, json)
Hash identifier: oa42gxDCdOa9XAqTgJT+Sfu30ikTIYKkHmflWba9vBE=
Subject key identifier: D1:96:1B:EA:A4:09:73:10:6C:C9:31:88:06:E9:E2:0A:CF:2B:CF:CB
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 236C4BB22101375C404D34D9E9E89201D9406FD2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1401cfa8-ed6b-4446-9859-287d36cbeca7.roa
Signing time: Tue 14 Oct 2025 21:21:54 +0000
ROA not before: Tue 14 Oct 2025 21:21:54 +0000
ROA not after: Tue 18 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 99.84.0.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:6c:4b:b2:21:01:37:5c:40:4d:34:d9:e9:e8:92:01:d9:40:6f:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 14 21:21:54 2025 GMT
Not After : Nov 18 23:59:59 2025 GMT
Subject: serialNumber=36158e7127f38bf9ca6ae2287c128961b248042da4a8e417f3beb0409d2c4539, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:b8:d5:e1:59:26:fc:e9:57:ef:c8:fa:d7:41:
e6:1e:71:14:43:e4:15:12:58:35:56:76:d5:e9:ea:
12:fb:26:02:40:5c:ce:44:ca:50:db:6b:64:c0:c1:
5a:04:b8:77:1f:ae:dc:14:f6:24:57:49:73:20:5f:
c3:65:cc:ef:42:84:9f:9e:5e:8a:1e:77:0d:84:6e:
d8:74:ea:a5:bb:5f:9e:23:fb:ee:40:9d:3a:c0:d9:
db:7c:4b:68:3f:5d:4a:76:4f:ab:4a:76:61:8b:3c:
88:2a:6f:ef:6f:9e:17:43:2c:7c:4f:93:e1:13:31:
3e:b3:a4:58:57:66:99:e8:79:55:2e:41:13:69:75:
30:8d:72:f0:5c:4f:3a:5c:79:f7:0e:b4:6d:23:bd:
2b:bb:e4:b7:bf:99:ea:80:78:61:f8:bc:4d:5f:56:
1e:aa:4a:9d:17:57:35:93:11:8c:a1:df:69:ec:52:
23:27:6a:07:ef:f4:fc:86:94:f6:e4:1b:8b:31:24:
b5:21:e9:ed:d4:85:6a:33:e0:00:e1:3d:06:3a:2e:
9d:b4:f4:6b:3d:98:5b:59:4a:95:01:0b:6b:8e:9b:
58:b5:29:1a:4f:86:d8:06:47:1c:e2:ee:9a:69:b1:
d8:dd:da:b9:3a:59:7d:94:01:94:61:a8:a0:91:41:
5f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:96:1B:EA:A4:09:73:10:6C:C9:31:88:06:E9:E2:0A:CF:2B:CF:CB
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1401cfa8-ed6b-4446-9859-287d36cbeca7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
99.84.0.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:d6:69:1e:31:12:ad:13:69:e8:a4:d2:7d:a9:01:3b:4b:8d:
49:9b:53:a1:a8:70:c7:0d:1e:37:4d:f8:8c:92:b8:e3:33:18:
e1:f8:b4:4d:b1:3f:9a:d4:26:1f:79:81:9c:09:bb:23:61:8a:
da:e3:16:75:9c:0b:c2:b2:b0:02:e0:55:e3:bc:47:2e:8a:b0:
4e:de:1d:53:15:73:be:0a:48:1e:c3:5c:65:cf:80:7c:55:6c:
3e:78:4f:a9:d5:95:13:0f:24:e1:88:0b:d1:3e:8b:ec:0a:c0:
cf:80:a0:71:6b:e5:42:38:79:78:1d:a0:f2:c0:04:d7:2f:87:
50:cd:e9:10:f6:83:91:06:2d:4a:03:d3:31:7b:45:1f:2d:1d:
0b:3d:1c:d0:dc:21:33:1b:b7:5d:cd:0d:8d:c2:7c:b8:85:aa:
07:0a:d8:92:d9:40:4a:b2:a1:48:71:e5:87:d3:2e:1e:ea:cd:
f1:86:be:a2:a7:d4:94:a9:ba:55:bb:1c:82:42:9c:3d:b4:03:
4e:da:3f:dc:f2:56:08:a1:bb:40:0f:e8:fe:e3:0e:32:3a:8f:
6e:39:13:84:29:ca:6d:7e:6d:42:87:71:bd:a7:02:84:24:19:
55:12:09:2d:0d:12:75:25:1d:13:e8:32:9a:1a:4e:5f:f2:cb:
d1:fa:91:23
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUI2xLsiEBN1xATTTZ6eiSAdlAb9IwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE0MjEyMTU0WhcNMjUxMTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNjE1OGU3MTI3ZjM4YmY5Y2E2YWUyMjg3YzEyODk2MWIy
NDgwNDJkYTRhOGU0MTdmM2JlYjA0MDlkMmM0NTM5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDauNXhWSb86VfvyPrXQeYecRRD5BUSWDVWdtXp6hL7JgJA
XM5EylDba2TAwVoEuHcfrtwU9iRXSXMgX8NlzO9ChJ+eXooedw2Ebth06qW7X54j
++5AnTrA2dt8S2g/XUp2T6tKdmGLPIgqb+9vnhdDLHxPk+ETMT6zpFhXZpnoeVUu
QRNpdTCNcvBcTzpcefcOtG0jvSu75Le/meqAeGH4vE1fVh6qSp0XVzWTEYyh32ns
UiMnagfv9PyGlPbkG4sxJLUh6e3UhWoz4ADhPQY6Lp209Gs9mFtZSpUBC2uOm1i1
KRpPhtgGRxzi7pppsdjd2rk6WX2UAZRhqKCRQV9BAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU0ZYb6qQJcxBsyTGIBuniCs8rz8swHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE0MDFjZmE4LWVkNmItNDQ0Ni05ODU5LTI4N2QzNmNiZWNhNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjVAAwDQYJKoZIhvcNAQELBQADggEBANPWaR4xEq0Taeik0n2pATtLjUmb
U6GocMcNHjdN+IySuOMzGOH4tE2xP5rUJh95gZwJuyNhitrjFnWcC8KysALgVeO8
Ry6KsE7eHVMVc74KSB7DXGXPgHxVbD54T6nVlRMPJOGIC9E+i+wKwM+AoHFr5UI4
eXgdoPLABNcvh1DN6RD2g5EGLUoD0zF7RR8tHQs9HNDcITMbt13NDY3CfLiFqgcK
2JLZQEqyoUhx5YfTLh7qzfGGvqKn1JSpulW7HIJCnD20A07aP9zyVgihu0AP6P7j
DjI6j245E4Qpym1+bUKHcb2nAoQkGVUSCS0NEnUlHRPoMpoaTl/yy9H6kSM=
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:18:55 2025 by rpki-client