Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/20a8d1d7-3bfc-4928-91be-6fe72d40652c.roa
File: 20a8d1d7-3bfc-4928-91be-6fe72d40652c.roa (raw, json)
Hash identifier: DaBw9hHp35WvSUZ8sRruLAcbEUZ8CGtSKskbT6jw/mA=
Subject key identifier: A3:FF:92:2B:D5:9C:98:20:AF:4C:C1:62:A6:1C:07:5C:DC:05:40:16
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 7C3CD169AD61215A992D882258EBA5D7576FD864
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/20a8d1d7-3bfc-4928-91be-6fe72d40652c.roa
Signing time: Mon 06 Oct 2025 16:11:09 +0000
ROA not before: Mon 06 Oct 2025 16:11:09 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 44.210.202.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:3c:d1:69:ad:61:21:5a:99:2d:88:22:58:eb:a5:d7:57:6f:d8:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 6 16:11:09 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=bfad4f19ef3ad88367c1839e8a675358a6a525d5b5789fd2b36825244a48b7dd, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c6:f4:94:de:30:a6:2a:a9:99:76:a1:4d:2f:
91:44:41:85:30:00:7c:0e:11:f6:18:8d:56:6a:5d:
ad:36:f2:70:f5:f3:40:32:f6:2b:a1:91:0c:55:19:
a9:e4:55:39:24:1c:27:4a:04:b0:0b:72:85:bd:4a:
0b:d2:33:76:93:ba:27:99:bb:ef:96:c4:d3:69:54:
91:3a:74:2b:0a:6b:22:60:70:be:32:85:ec:93:50:
30:3f:10:62:42:f1:eb:7f:68:51:c6:07:c6:b6:1f:
67:ae:e6:ad:83:d8:24:27:05:4c:20:45:91:e8:d5:
65:28:f3:8c:84:d4:69:c8:15:c3:89:19:99:fa:cf:
26:ac:89:39:73:c9:a6:b6:0f:e4:5f:23:ad:23:ce:
6d:84:73:ae:8e:38:b8:f5:49:61:73:fd:44:d0:76:
a2:25:52:e7:d6:61:ea:ca:18:c1:70:2b:ea:ce:00:
b6:45:b3:a1:55:4d:b1:3a:72:b5:59:c5:c2:f5:cd:
d3:6e:74:34:a5:e7:29:ec:26:a0:ae:93:17:83:84:
0e:72:dc:61:e2:d7:88:3e:36:c6:72:e9:e1:99:d9:
2d:11:62:b9:fd:05:5e:0d:66:b4:db:c9:21:57:62:
50:5d:24:09:69:41:f9:38:19:0c:a5:3c:b3:e8:4a:
43:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:FF:92:2B:D5:9C:98:20:AF:4C:C1:62:A6:1C:07:5C:DC:05:40:16
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/20a8d1d7-3bfc-4928-91be-6fe72d40652c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
44.210.202.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:0d:c3:67:35:9a:04:b4:b8:b2:c0:d6:52:55:64:e5:db:3c:
07:2a:65:fe:d2:bd:59:de:92:63:5d:ea:42:d1:5b:ca:dc:a0:
bc:d2:b8:a9:99:2c:cf:97:ae:48:7e:0e:e5:45:3e:a6:75:22:
b4:c8:24:6b:2a:b6:0b:4e:42:8d:71:e0:3b:85:6e:f6:a0:eb:
0d:81:0e:42:a2:97:ef:62:ca:89:f4:65:9e:c1:f9:6a:ed:84:
b4:1c:fa:18:19:5f:d2:ab:03:d3:72:e6:f8:f4:f7:a8:1b:84:
d4:dd:9c:5a:8e:b3:d6:f9:d1:04:2c:c1:3e:2a:74:d0:8e:68:
c4:db:5f:70:43:26:0c:18:80:76:a9:4a:93:58:27:a8:b2:d5:
19:d3:f2:68:59:0a:1e:e8:b6:28:86:56:3d:18:7c:82:ad:36:
75:b2:2c:43:9d:67:34:f9:13:3e:ff:20:d7:5a:4a:3f:49:1e:
55:54:e4:87:a0:d2:e9:46:08:b5:52:f3:98:b7:87:70:f9:75:
15:96:f6:b6:d5:15:6e:45:10:8e:19:d6:16:66:bd:ee:16:c4:
f8:32:7e:23:ab:ee:ff:a8:1e:fb:d7:56:55:1a:eb:d5:20:5b:
4c:a3:45:8a:eb:ac:bd:ed:e3:97:dc:a9:e9:a9:94:89:db:00:
5f:df:e4:29
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfDzRaa1hIVqZLYgiWOul11dv2GQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA2MTYxMTA5WhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BiZmFkNGYxOWVmM2FkODgzNjdjMTgzOWU4YTY3NTM1OGE2
YTUyNWQ1YjU3ODlmZDJiMzY4MjUyNDRhNDhiN2RkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDSxvSU3jCmKqmZdqFNL5FEQYUwAHwOEfYYjVZqXa028nD1
80Ay9iuhkQxVGankVTkkHCdKBLALcoW9SgvSM3aTuieZu++WxNNpVJE6dCsKayJg
cL4yheyTUDA/EGJC8et/aFHGB8a2H2eu5q2D2CQnBUwgRZHo1WUo84yE1GnIFcOJ
GZn6zyasiTlzyaa2D+RfI60jzm2Ec66OOLj1SWFz/UTQdqIlUufWYerKGMFwK+rO
ALZFs6FVTbE6crVZxcL1zdNudDSl5ynsJqCukxeDhA5y3GHi14g+NsZy6eGZ2S0R
Yrn9BV4NZrTbySFXYlBdJAlpQfk4GQylPLPoSkNPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUo/+SK9WcmCCvTMFiphwHXNwFQBYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzIwYThkMWQ3LTNiZmMtNDkyOC05MWJlLTZmZTcyZDQwNjUyYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAs0sowDQYJKoZIhvcNAQELBQADggEBAC0Nw2c1mgS0uLLA1lJVZOXbPAcq
Zf7SvVnekmNd6kLRW8rcoLzSuKmZLM+Xrkh+DuVFPqZ1IrTIJGsqtgtOQo1x4DuF
bvag6w2BDkKil+9iyon0ZZ7B+WrthLQc+hgZX9KrA9Ny5vj096gbhNTdnFqOs9b5
0QQswT4qdNCOaMTbX3BDJgwYgHapSpNYJ6iy1RnT8mhZCh7otiiGVj0YfIKtNnWy
LEOdZzT5Ez7/INdaSj9JHlVU5Ieg0ulGCLVS85i3h3D5dRWW9rbVFW5FEI4Z1hZm
ve4WxPgyfiOr7v+oHvvXVlUa69UgW0yjRYrrrL3t45fcqemplInbAF/f5Ck=
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:05:35 2025 by rpki-client