Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/18e68abe-7bc7-448a-a48c-514f8c771290.roa
File: 18e68abe-7bc7-448a-a48c-514f8c771290.roa (raw, json)
Hash identifier: KWsB+8aojSBRj7tDWS9zAnAnElW1pZD0AZ8S22+5FnM=
Subject key identifier: 6B:B1:04:8A:50:BC:24:84:4E:63:97:4A:B9:E4:D4:BC:18:B5:EF:ED
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 367CF1C8B7EFC8E133E2FBBA17B9C8BA39A7D590
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/18e68abe-7bc7-448a-a48c-514f8c771290.roa
Signing time: Tue 14 Oct 2025 16:51:20 +0000
ROA not before: Tue 14 Oct 2025 16:51:20 +0000
ROA not after: Tue 18 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 64.252.128.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:7c:f1:c8:b7:ef:c8:e1:33:e2:fb:ba:17:b9:c8:ba:39:a7:d5:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 14 16:51:20 2025 GMT
Not After : Nov 18 23:59:59 2025 GMT
Subject: serialNumber=6d02ddee90129f29112586ba02c1a6d35c76e5c9552cf43b1c63d45f4c340bc9, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:3a:3f:4b:d0:a0:97:9c:2d:d9:d5:9a:ed:b6:
7d:4f:b6:ab:a8:68:d5:e3:e2:29:34:2a:9c:00:69:
f9:61:1a:e9:9f:bb:5c:26:85:75:38:c0:b4:fe:fa:
91:3d:57:1d:94:d7:6a:df:c9:21:6d:84:ca:06:a3:
28:61:4b:70:d9:c0:06:9b:9a:23:57:58:cd:21:de:
cc:0a:62:7b:af:45:64:14:dd:eb:f5:c0:a8:b4:fd:
82:26:d4:d8:6d:1d:a8:bd:24:71:2f:81:7e:45:09:
52:3e:9e:6a:ad:6c:1c:72:98:1e:67:3c:1d:45:15:
df:32:95:d7:a2:1e:73:21:b0:ce:60:ae:de:c0:d7:
df:b5:00:0b:7c:24:45:f0:61:15:94:97:c8:47:56:
c9:f8:db:80:0a:68:f7:7c:0b:2d:97:62:bb:26:99:
23:88:cf:1a:cb:85:c1:dd:cd:b3:99:92:7f:c3:7c:
f8:d6:69:ae:25:b6:ee:f9:c6:61:17:31:e2:ac:8b:
62:ed:dd:44:9e:72:44:82:eb:5b:da:28:76:f7:2d:
33:29:10:a1:1a:5d:8b:3a:7a:bf:1e:b1:da:8c:08:
fb:37:c3:4f:4e:3f:4a:b7:23:b1:43:9e:f6:55:3d:
80:67:17:42:a9:3e:1f:5c:02:de:83:09:46:8b:01:
a2:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:B1:04:8A:50:BC:24:84:4E:63:97:4A:B9:E4:D4:BC:18:B5:EF:ED
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/18e68abe-7bc7-448a-a48c-514f8c771290.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.252.128.0/20
Signature Algorithm: sha256WithRSAEncryption
ab:93:02:e3:98:8c:fb:0a:58:0d:21:8a:64:58:09:c9:2b:c8:
d2:b5:6e:01:65:6b:1a:3c:f8:ea:84:d1:a2:ef:05:10:65:89:
b9:a6:fd:1c:97:03:35:95:5c:28:4d:f9:03:d7:a1:ec:06:75:
a9:03:f3:02:83:90:62:fa:72:4e:e9:80:e0:b6:29:6e:02:75:
f1:51:16:1c:27:be:52:77:74:38:7a:21:2a:b6:8c:3a:90:65:
40:cf:2d:89:d8:c7:cb:41:51:64:78:46:81:2d:cc:b5:57:cc:
4b:16:28:0d:02:a5:ba:b8:df:9d:51:a0:90:4a:fe:a0:59:5c:
51:7b:31:8d:7c:89:77:1f:c6:84:23:fd:99:06:28:06:64:60:
cf:7a:91:98:da:0f:fc:49:29:d9:fc:70:57:d1:ce:f3:53:1f:
da:8f:a3:4d:04:af:49:47:2f:02:d5:9c:45:c4:3e:2a:23:fb:
d5:cd:4e:0d:38:2b:75:db:a6:33:ff:83:62:60:fc:76:66:38:
cd:30:06:11:5e:1e:95:d9:2a:52:76:49:1d:7a:9a:d0:98:17:
9d:3e:d6:32:6a:e6:21:ea:b1:88:ec:5d:2f:9a:56:44:bc:30:
59:c0:5d:7a:b6:79:e1:d3:e1:3f:ab:37:c3:28:a4:1d:33:8c:
a0:e1:9e:7e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNnzxyLfvyOEz4vu6F7nIujmn1ZAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE0MTY1MTIwWhcNMjUxMTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A2ZDAyZGRlZTkwMTI5ZjI5MTEyNTg2YmEwMmMxYTZkMzVj
NzZlNWM5NTUyY2Y0M2IxYzYzZDQ1ZjRjMzQwYmM5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQClOj9L0KCXnC3Z1Zrttn1PtquoaNXj4ik0KpwAaflhGumf
u1wmhXU4wLT++pE9Vx2U12rfySFthMoGoyhhS3DZwAabmiNXWM0h3swKYnuvRWQU
3ev1wKi0/YIm1NhtHai9JHEvgX5FCVI+nmqtbBxymB5nPB1FFd8yldeiHnMhsM5g
rt7A19+1AAt8JEXwYRWUl8hHVsn424AKaPd8Cy2XYrsmmSOIzxrLhcHdzbOZkn/D
fPjWaa4ltu75xmEXMeKsi2Lt3USeckSC61vaKHb3LTMpEKEaXYs6er8esdqMCPs3
w09OP0q3I7FDnvZVPYBnF0KpPh9cAt6DCUaLAaK9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUa7EEilC8JIROY5dKueTUvBi17+0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE4ZTY4YWJlLTdiYzctNDQ4YS1hNDhjLTUxNGY4Yzc3MTI5MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBARA/IAwDQYJKoZIhvcNAQELBQADggEBAKuTAuOYjPsKWA0himRYCckryNK1
bgFlaxo8+OqE0aLvBRBlibmm/RyXAzWVXChN+QPXoewGdakD8wKDkGL6ck7pgOC2
KW4CdfFRFhwnvlJ3dDh6ISq2jDqQZUDPLYnYx8tBUWR4RoEtzLVXzEsWKA0Cpbq4
351RoJBK/qBZXFF7MY18iXcfxoQj/ZkGKAZkYM96kZjaD/xJKdn8cFfRzvNTH9qP
o00Er0lHLwLVnEXEPioj+9XNTg04K3XbpjP/g2Jg/HZmOM0wBhFeHpXZKlJ2SR16
mtCYF50+1jJq5iHqsYjsXS+aVkS8MFnAXXq2eeHT4T+rN8MopB0zjKDhnn4=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:47:46 2025 by rpki-client