Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1f7eeb32-d339-4a93-a800-a390010eb44a.roa
File: 1f7eeb32-d339-4a93-a800-a390010eb44a.roa (raw, json)
Hash identifier: O92HkzeoyGp2z89GyPeSGht88xLNKPDKf9+ef8xYT/0=
Subject key identifier: C9:DA:4E:A9:AA:BE:D2:1E:70:4D:99:29:5B:DE:3A:F1:B3:67:69:83
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3A55B7970FD32453410F9199A857D8EC008B8042
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1f7eeb32-d339-4a93-a800-a390010eb44a.roa
Signing time: Wed 08 Oct 2025 00:01:19 +0000
ROA not before: Wed 08 Oct 2025 00:01:19 +0000
ROA not after: Wed 12 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 16.140.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:55:b7:97:0f:d3:24:53:41:0f:91:99:a8:57:d8:ec:00:8b:80:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 8 00:01:19 2025 GMT
Not After : Nov 12 23:59:59 2025 GMT
Subject: serialNumber=e21b6d5514cc0038df38d0368bbbcbf9af53afab36a67c9f7702b35296a08485, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:57:24:31:a5:54:b5:b7:b4:90:43:00:e3:a5:
56:7e:09:55:9e:fa:42:9e:c6:f8:6f:be:13:a4:b3:
2c:4e:cf:b2:fe:f2:00:c7:39:a7:a8:ab:46:47:42:
a4:9c:35:20:28:14:b8:90:54:24:9d:a6:82:ab:b7:
e1:c2:5c:cf:92:5d:d1:eb:89:65:7d:bd:78:16:ed:
92:87:a2:47:a9:44:e0:d6:14:40:17:5c:67:f8:ce:
64:56:7f:0d:f8:3c:95:1a:66:90:af:96:e3:c5:9e:
32:10:ed:84:48:ad:3b:62:3c:39:78:71:c5:9c:b3:
84:4d:ac:87:29:ee:1a:5a:c7:6b:89:c8:55:a8:e8:
21:cf:ca:09:c9:d1:a5:8e:d6:c5:28:00:e5:e5:0a:
46:a4:8d:7a:08:ba:23:78:fa:a9:8f:7c:33:3c:aa:
09:57:10:7b:70:20:99:ab:a5:99:ec:2a:4f:d0:e0:
2b:4b:74:c4:f6:30:00:c3:30:4f:1b:24:7f:0c:4f:
a8:61:d2:d1:41:4b:00:6f:f9:92:5f:90:d2:0a:20:
f6:07:ba:3d:da:91:f5:9f:f4:ae:77:cc:5c:a5:d5:
88:04:c3:31:65:9b:5f:17:4b:15:f1:36:e7:ea:ea:
7e:e2:d3:fc:a6:ca:70:97:50:f1:fc:fe:70:9b:9a:
02:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:DA:4E:A9:AA:BE:D2:1E:70:4D:99:29:5B:DE:3A:F1:B3:67:69:83
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1f7eeb32-d339-4a93-a800-a390010eb44a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.140.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ce:d2:1e:56:6d:2c:5d:0b:88:dd:c0:0e:61:ab:26:15:31:27:
ba:d5:07:5b:f2:55:b8:ab:b7:94:ec:70:52:cc:9a:3e:46:88:
e5:40:69:c5:82:c2:bd:fe:c8:57:d2:ec:e8:28:2a:81:3e:9a:
c7:41:90:40:52:5c:6f:01:3a:5a:53:e6:6a:2b:b2:ab:6a:7e:
9c:05:2a:ae:5c:3e:f9:46:b7:3d:8e:59:df:f0:d5:f3:fc:fd:
7d:90:06:79:22:ec:c6:e9:60:73:ab:c4:64:ff:65:ec:65:cf:
9a:1d:51:7f:92:b9:f0:09:74:26:4a:49:13:0f:25:bf:5e:6e:
35:d4:c3:fd:78:52:21:3b:00:32:bd:69:64:1a:25:62:a8:04:
dd:f2:92:67:b3:ab:5f:2c:55:c4:2d:ac:57:11:b5:25:59:ff:
0e:ad:7e:91:3d:4c:1d:63:e7:19:1b:91:61:b0:a7:2f:38:13:
17:0b:99:73:d5:8d:22:89:5d:24:69:05:56:a2:42:00:96:b1:
98:fd:67:94:85:0e:f9:38:a0:70:c2:76:33:a9:3f:03:a1:00:
78:02:b7:e7:d5:d3:fa:49:92:df:73:bb:98:b4:c0:10:96:e5:
64:fe:9f:53:df:37:54:ce:69:1a:19:87:22:2d:33:b7:e8:e3:
a4:84:be:eb
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUOlW3lw/TJFNBD5GZqFfY7ACLgEIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA4MDAwMTE5WhcNMjUxMTEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BlMjFiNmQ1NTE0Y2MwMDM4ZGYzOGQwMzY4YmJiY2JmOWFm
NTNhZmFiMzZhNjdjOWY3NzAyYjM1Mjk2YTA4NDg1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCtVyQxpVS1t7SQQwDjpVZ+CVWe+kKexvhvvhOksyxOz7L+
8gDHOaeoq0ZHQqScNSAoFLiQVCSdpoKrt+HCXM+SXdHriWV9vXgW7ZKHokepRODW
FEAXXGf4zmRWfw34PJUaZpCvluPFnjIQ7YRIrTtiPDl4ccWcs4RNrIcp7hpax2uJ
yFWo6CHPygnJ0aWO1sUoAOXlCkakjXoIuiN4+qmPfDM8qglXEHtwIJmrpZnsKk/Q
4CtLdMT2MADDME8bJH8MT6hh0tFBSwBv+ZJfkNIKIPYHuj3akfWf9K53zFyl1YgE
wzFlm18XSxXxNufq6n7i0/ymynCXUPH8/nCbmgLdAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUydpOqaq+0h5wTZkpW9468bNnaYMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzFmN2VlYjMyLWQzMzktNGE5My1hODAwLWEzOTAwMTBlYjQ0YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQjDANBgkqhkiG9w0BAQsFAAOCAQEAztIeVm0sXQuI3cAOYasmFTEnutUH
W/JVuKu3lOxwUsyaPkaI5UBpxYLCvf7IV9Ls6CgqgT6ax0GQQFJcbwE6WlPmaiuy
q2p+nAUqrlw++Ua3PY5Z3/DV8/z9fZAGeSLsxulgc6vEZP9l7GXPmh1Rf5K58Al0
JkpJEw8lv15uNdTD/XhSITsAMr1pZBolYqgE3fKSZ7OrXyxVxC2sVxG1JVn/Dq1+
kT1MHWPnGRuRYbCnLzgTFwuZc9WNIoldJGkFVqJCAJaxmP1nlIUO+TigcMJ2M6k/
A6EAeAK359XT+kmS33O7mLTAEJblZP6fU983VM5pGhmHIi0zt+jjpIS+6w==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:11:26 2025 by rpki-client