Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1c90bc2f-3486-456a-9d24-2194e5e63b08.roa
File: 1c90bc2f-3486-456a-9d24-2194e5e63b08.roa (raw, json)
Hash identifier: QL6WVqVp62dBrO0llybpmGRkXi0xjA+2eoQTZOkt5/Y=
Subject key identifier: 49:E2:92:CC:39:06:17:4B:1A:8A:31:70:DB:5F:04:3A:54:41:B0:5E
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 62F1A12A03F192C09476FE0AB6004289084FE273
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1c90bc2f-3486-456a-9d24-2194e5e63b08.roa
Signing time: Wed 01 Oct 2025 00:03:02 +0000
ROA not before: Wed 01 Oct 2025 00:03:02 +0000
ROA not after: Wed 05 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 165.81.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:f1:a1:2a:03:f1:92:c0:94:76:fe:0a:b6:00:42:89:08:4f:e2:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 1 00:03:02 2025 GMT
Not After : Nov 5 23:59:59 2025 GMT
Subject: serialNumber=d73a6665d4e679098a2022809ff72fff0754acb20e900829bd6d0ee9e616166b, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:44:5e:49:9e:90:52:73:f2:a2:48:60:a5:be:
b3:e3:b1:44:a8:da:09:01:9b:85:e5:24:17:3d:5f:
e7:32:f4:6e:a6:c5:8a:eb:e0:a5:fc:b4:14:d7:c8:
08:02:66:b0:f9:69:3a:55:7b:d1:b9:1d:30:79:93:
78:52:a7:0f:cd:06:f3:3e:3f:f5:4c:7f:25:48:75:
72:46:21:f3:1e:68:3d:ee:48:97:37:e4:5d:a5:17:
1b:22:98:02:8f:5b:8a:b0:18:5d:37:04:37:d2:5f:
a0:e1:6b:a3:de:ae:b4:c7:35:50:2b:c8:d3:b5:b6:
b7:c1:2b:49:f4:20:c0:30:7d:90:2d:8d:33:32:5c:
2f:42:a0:ac:e3:e3:a5:b8:e6:8d:f2:46:46:a9:4b:
51:b6:a0:51:85:04:37:38:6e:92:a8:bd:ee:f0:b6:
14:7f:d6:72:46:89:ac:72:85:4e:ed:74:2a:b0:6c:
10:85:12:49:4b:54:7b:9a:6e:33:57:d9:ca:e4:bb:
c5:f2:8a:1f:db:43:22:d4:95:48:59:52:6b:71:ff:
4a:fb:1a:79:0f:ce:ba:08:b4:0a:32:d0:80:1f:6c:
68:97:06:9d:c8:ee:2a:8b:cc:9f:01:81:9e:2f:2e:
1b:2a:db:6b:b5:29:b5:c6:67:6f:18:2d:26:db:65:
37:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:E2:92:CC:39:06:17:4B:1A:8A:31:70:DB:5F:04:3A:54:41:B0:5E
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1c90bc2f-3486-456a-9d24-2194e5e63b08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
165.81.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5d:4b:bb:a4:bf:56:2e:a2:d2:18:f0:00:fc:24:be:34:13:6c:
04:58:17:a6:7d:5f:4a:77:0d:54:43:b9:fa:f2:63:00:77:d8:
f9:5c:a7:1e:1f:79:ef:16:36:6a:6a:8e:74:43:7d:d8:06:27:
74:b3:2d:3d:8d:cf:40:c7:53:fd:0f:9e:de:50:d9:aa:e6:cb:
22:b2:8c:64:9c:59:a5:d9:b7:71:34:a8:e1:a1:76:08:6c:5a:
43:15:49:4c:62:b6:a4:9b:5a:02:09:3f:ad:82:4f:7d:8f:be:
2a:54:88:cf:2e:a8:d4:37:0d:52:67:55:e0:80:de:11:70:b6:
1f:b8:5c:da:5a:4f:eb:0a:2c:44:8c:b2:54:e5:68:56:b5:9d:
dd:dd:03:57:42:ca:12:93:09:30:f9:a4:88:13:19:bf:b8:14:
88:a6:c4:d1:e5:8b:6f:de:10:f0:0a:d9:e1:e5:6a:1b:18:e1:
2a:b7:76:52:fc:fd:b4:a2:57:3f:62:b8:19:7d:2f:ac:a9:38:
1a:4a:f7:91:e9:5b:8f:70:ac:55:0d:6f:3c:02:04:d1:19:4a:
bd:b9:8f:e6:a5:d6:0f:1e:a8:a3:b5:04:5a:e7:a9:6e:92:a0:
b8:5f:45:f0:c1:ac:f1:ca:c3:cb:b4:32:ca:c4:76:a6:eb:23:
eb:7b:e0:5b
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUYvGhKgPxksCUdv4KtgBCiQhP4nMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDAwMzAyWhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BkNzNhNjY2NWQ0ZTY3OTA5OGEyMDIyODA5ZmY3MmZmZjA3
NTRhY2IyMGU5MDA4MjliZDZkMGVlOWU2MTYxNjZiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCGRF5JnpBSc/KiSGClvrPjsUSo2gkBm4XlJBc9X+cy9G6m
xYrr4KX8tBTXyAgCZrD5aTpVe9G5HTB5k3hSpw/NBvM+P/VMfyVIdXJGIfMeaD3u
SJc35F2lFxsimAKPW4qwGF03BDfSX6Dha6PerrTHNVAryNO1trfBK0n0IMAwfZAt
jTMyXC9CoKzj46W45o3yRkapS1G2oFGFBDc4bpKove7wthR/1nJGiaxyhU7tdCqw
bBCFEklLVHuabjNX2crku8Xyih/bQyLUlUhZUmtx/0r7GnkPzroItAoy0IAfbGiX
Bp3I7iqLzJ8BgZ4vLhsq22u1KbXGZ28YLSbbZTctAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUSeKSzDkGF0saijFw218EOlRBsF4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzFjOTBiYzJmLTM0ODYtNDU2YS05ZDI0LTIxOTRlNWU2M2IwOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwClUTANBgkqhkiG9w0BAQsFAAOCAQEAXUu7pL9WLqLSGPAA/CS+NBNsBFgX
pn1fSncNVEO5+vJjAHfY+VynHh957xY2amqOdEN92AYndLMtPY3PQMdT/Q+e3lDZ
qubLIrKMZJxZpdm3cTSo4aF2CGxaQxVJTGK2pJtaAgk/rYJPfY++KlSIzy6o1DcN
UmdV4IDeEXC2H7hc2lpP6wosRIyyVOVoVrWd3d0DV0LKEpMJMPmkiBMZv7gUiKbE
0eWLb94Q8ArZ4eVqGxjhKrd2Uvz9tKJXP2K4GX0vrKk4Gkr3kelbj3CsVQ1vPAIE
0RlKvbmP5qXWDx6oo7UEWuepbpKguF9F8MGs8crDy7QyysR2pusj63vgWw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:53:25 2025 by rpki-client