Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/195addb1-ddca-4750-84b6-d7a8e9c12011.roa
File: 195addb1-ddca-4750-84b6-d7a8e9c12011.roa (raw, json)
Hash identifier: fO7UzQX4DgHxGcyiRmdGzLCD0b3LWkxdXDdDCIPXPq8=
Subject key identifier: A0:1D:18:CA:B1:2B:0D:83:01:8D:1F:81:1C:52:DD:0D:C6:87:98:39
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 41B5FDEB89B1B8C05C770671877E7609EC4568ED
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/195addb1-ddca-4750-84b6-d7a8e9c12011.roa
Signing time: Mon 20 Oct 2025 05:06:50 +0000
ROA not before: Mon 20 Oct 2025 05:06:50 +0000
ROA not after: Mon 24 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 24.110.49.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:b5:fd:eb:89:b1:b8:c0:5c:77:06:71:87:7e:76:09:ec:45:68:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 20 05:06:50 2025 GMT
Not After : Nov 24 23:59:59 2025 GMT
Subject: serialNumber=51edf717e168fa9fdcf15885e1a9d5cfc0dd403fe33c44feb3c5b6893ca87b42, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d4:ec:26:bb:4a:08:54:2d:d2:5b:0d:20:bb:
81:d1:aa:42:18:b7:d5:3f:5c:51:ae:2d:94:2f:b0:
e6:c8:4d:cb:3d:09:2e:ee:d6:04:31:e0:50:36:81:
c6:78:06:cb:55:9d:34:e9:08:60:22:60:8d:67:05:
53:8b:06:02:d5:60:11:5f:f0:42:f9:05:83:16:94:
d4:fc:d5:3d:61:33:7a:2f:41:9f:68:04:ab:64:c1:
ef:03:fa:33:b9:d7:5a:7c:d5:e0:0d:37:0d:b2:8a:
52:d2:5b:cd:06:3e:91:55:75:d6:8c:66:6f:dc:56:
99:83:07:e1:df:9a:46:d9:f0:8b:d3:31:ed:61:07:
07:1a:2b:b0:11:c9:c3:51:90:bc:ad:5c:2b:7f:25:
71:cc:09:49:3a:ac:10:b1:bc:ff:e5:c8:49:4e:b4:
be:fc:62:07:a0:e5:9b:b3:98:e8:21:8a:b1:50:8d:
b5:f3:fe:fc:2b:be:8c:29:6d:2c:7e:3f:16:21:13:
11:c9:2e:f4:92:5c:59:1e:ff:5e:77:8d:3b:93:a2:
18:0e:28:76:9c:5d:4b:55:8c:5d:0f:91:70:12:df:
2f:05:e9:0c:6a:b2:97:41:2e:df:e3:a3:f2:4f:4a:
4e:1a:d9:3f:4b:80:88:18:65:5a:c4:17:09:f8:cb:
94:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:1D:18:CA:B1:2B:0D:83:01:8D:1F:81:1C:52:DD:0D:C6:87:98:39
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/195addb1-ddca-4750-84b6-d7a8e9c12011.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
24.110.49.0/24
Signature Algorithm: sha256WithRSAEncryption
97:89:0e:7f:89:1c:c5:19:08:e9:c2:e7:3f:83:6e:f3:e3:71:
c4:a9:15:17:bf:76:8c:51:93:97:54:25:1e:4e:4b:88:3e:d6:
f6:cf:59:55:6c:45:83:b3:a4:98:cf:51:82:48:19:b0:3e:d2:
00:bb:5c:69:f2:64:5d:e9:12:cf:6d:7f:cf:e2:f5:7a:c4:18:
37:a2:78:48:17:62:78:53:1a:37:3d:92:fd:d7:b3:00:40:e7:
71:c5:c6:0f:4e:4e:b3:84:41:7a:04:d1:7c:e6:2d:05:c1:6c:
7c:5e:7e:77:66:29:3e:b7:4c:eb:31:f5:f7:37:12:17:e3:eb:
5f:f1:68:87:e4:60:2d:89:e4:0f:0e:b8:9a:da:7b:03:bf:af:
69:6f:90:2c:d0:d4:b3:22:f3:5b:7d:4f:8f:a5:a7:61:06:dc:
83:f8:0f:1c:f5:51:17:5b:a0:da:b7:44:ac:74:2c:fe:96:c9:
56:8e:d7:cb:fe:73:b4:81:90:eb:53:9e:ca:88:b3:16:46:f7:
ae:1e:a8:c0:5e:c3:00:1f:34:c3:5e:40:8e:b3:04:e7:a5:dc:
9d:62:f9:6f:12:1a:fe:97:b0:ff:a4:a8:ae:08:0e:bd:58:e3:
6e:d3:74:aa:61:4d:ba:1e:02:40:ee:4e:4f:a5:ae:ba:54:7d:
ca:67:f2:1e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQbX964mxuMBcdwZxh352CexFaO0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMDUwNjUwWhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A1MWVkZjcxN2UxNjhmYTlmZGNmMTU4ODVlMWE5ZDVjZmMw
ZGQ0MDNmZTMzYzQ0ZmViM2M1YjY4OTNjYTg3YjQyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCk1Owmu0oIVC3SWw0gu4HRqkIYt9U/XFGuLZQvsObITcs9
CS7u1gQx4FA2gcZ4BstVnTTpCGAiYI1nBVOLBgLVYBFf8EL5BYMWlNT81T1hM3ov
QZ9oBKtkwe8D+jO511p81eANNw2yilLSW80GPpFVddaMZm/cVpmDB+HfmkbZ8IvT
Me1hBwcaK7ARycNRkLytXCt/JXHMCUk6rBCxvP/lyElOtL78Ygeg5ZuzmOghirFQ
jbXz/vwrvowpbSx+PxYhExHJLvSSXFke/153jTuTohgOKHacXUtVjF0PkXAS3y8F
6QxqspdBLt/jo/JPSk4a2T9LgIgYZVrEFwn4y5SPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUoB0YyrErDYMBjR+BHFLdDcaHmDkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE5NWFkZGIxLWRkY2EtNDc1MC04NGI2LWQ3YThlOWMxMjAxMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAYbjEwDQYJKoZIhvcNAQELBQADggEBAJeJDn+JHMUZCOnC5z+DbvPjccSp
FRe/doxRk5dUJR5OS4g+1vbPWVVsRYOzpJjPUYJIGbA+0gC7XGnyZF3pEs9tf8/i
9XrEGDeieEgXYnhTGjc9kv3XswBA53HFxg9OTrOEQXoE0XzmLQXBbHxefndmKT63
TOsx9fc3Ehfj61/xaIfkYC2J5A8OuJraewO/r2lvkCzQ1LMi81t9T4+lp2EG3IP4
Dxz1URdboNq3RKx0LP6WyVaO18v+c7SBkOtTnsqIsxZG964eqMBewwAfNMNeQI6z
BOel3J1i+W8SGv6XsP+kqK4IDr1Y427TdKphTboeAkDuTk+lrrpUfcpn8h4=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:51:22 2025 by rpki-client