Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/229fba94-3747-44e2-9a0d-72414597e6f0.roa
File: 229fba94-3747-44e2-9a0d-72414597e6f0.roa (raw, json)
Hash identifier: k3TS6g/+XpbIhE8QjqE9XVTPHb91bks2WE4qEOB4N58=
Subject key identifier: 27:28:49:B6:AC:CF:D4:BB:11:D8:BC:49:FE:AF:C8:2C:B2:68:A2:98
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 405E3984C5704704546E342650304506D46F1621
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/229fba94-3747-44e2-9a0d-72414597e6f0.roa
Signing time: Fri 03 Oct 2025 00:41:40 +0000
ROA not before: Fri 03 Oct 2025 00:41:40 +0000
ROA not after: Fri 07 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 76.241.64.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:5e:39:84:c5:70:47:04:54:6e:34:26:50:30:45:06:d4:6f:16:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 3 00:41:40 2025 GMT
Not After : Nov 7 23:59:59 2025 GMT
Subject: serialNumber=655d89183fc39041df466ebe9bbdffc7bc896bc0f3f7f916d785e01f9db96989, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a3:8e:24:63:1d:3a:ca:4b:de:ed:26:38:bb:
ea:61:69:84:ab:c8:f8:a8:a5:e4:f0:15:50:d2:e0:
15:86:3c:2a:8f:9a:7a:0b:b1:9c:6c:e3:32:d7:e4:
a8:84:3f:d1:22:9d:c9:8d:41:8b:33:08:a6:7e:df:
44:4e:fe:eb:e8:28:06:6b:d2:e2:92:85:ad:1c:1a:
9f:46:6b:0a:a5:9d:a4:90:a2:ec:93:c4:28:0a:14:
da:bc:90:c4:88:c1:e8:ee:22:1d:03:cc:ea:46:4c:
87:1c:63:ac:c2:aa:17:38:17:35:88:3b:44:8a:14:
6f:f4:1a:37:5f:c7:f3:16:bc:f7:df:6e:75:75:35:
a9:b0:29:63:c5:52:fd:19:70:ec:e7:59:29:58:64:
e1:a7:ce:11:7b:92:c4:ee:ea:6f:69:3d:be:8b:79:
33:ad:04:b7:08:9e:56:0b:3c:b7:08:0f:78:aa:91:
31:2e:78:c1:55:90:b0:bf:1a:b6:b9:fd:ec:0a:17:
b0:83:e2:36:ee:e1:bc:75:97:26:7c:f1:df:71:39:
ef:bb:80:29:78:1b:17:60:a3:6c:7a:8f:09:9a:76:
01:55:2b:3f:68:79:d3:4f:1e:14:0f:c6:2a:af:0c:
ea:40:bf:9e:8e:cd:71:b2:a0:e2:2e:34:1e:ff:b4:
5d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:28:49:B6:AC:CF:D4:BB:11:D8:BC:49:FE:AF:C8:2C:B2:68:A2:98
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/229fba94-3747-44e2-9a0d-72414597e6f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
76.241.64.0/18
Signature Algorithm: sha256WithRSAEncryption
26:3e:05:9d:61:68:b5:72:7d:3d:2d:89:c8:3e:bc:9c:f0:a4:
d3:c2:93:7d:a7:ec:43:d6:dd:bf:82:3a:30:e4:da:36:d7:1b:
8e:98:b4:61:27:d0:5a:25:2d:fa:4e:2d:33:1c:19:7f:33:27:
94:df:90:09:2f:dc:d4:a9:f9:9c:ab:6b:16:0c:99:f1:cb:86:
4d:32:0f:f2:83:cc:42:7c:1a:5c:d2:2c:a7:0d:df:ec:54:58:
1b:39:f8:fb:e4:29:59:9d:6a:3b:47:72:0f:5c:86:8b:a6:8f:
ad:da:ba:9f:f1:33:ca:32:4d:3a:72:0d:9f:04:2c:10:f7:f6:
58:9e:e6:05:e6:e6:a5:8f:f5:c6:4c:b1:77:06:60:8c:f9:fb:
81:42:36:b9:b8:ac:37:f5:e8:d2:28:68:5f:14:68:c6:59:9e:
db:42:dc:4e:ce:8b:8b:de:82:c9:ed:c9:21:79:2e:fa:e2:df:
55:59:61:e2:5b:4a:b5:24:66:5c:c5:4a:e6:92:96:4d:fb:3f:
42:05:b9:f5:df:3c:7b:63:b5:80:19:3f:3b:b3:01:1f:15:8a:
7f:98:a9:7a:f5:be:b6:04:1a:86:9b:37:24:ae:53:8d:82:39:
8a:a4:f6:e9:b8:2c:23:3a:4f:1c:94:a9:90:66:80:62:57:8c:
ba:c2:57:8e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQF45hMVwRwRUbjQmUDBFBtRvFiEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAzMDA0MTQwWhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A2NTVkODkxODNmYzM5MDQxZGY0NjZlYmU5YmJkZmZjN2Jj
ODk2YmMwZjNmN2Y5MTZkNzg1ZTAxZjlkYjk2OTg5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCMo44kYx06ykve7SY4u+phaYSryPiopeTwFVDS4BWGPCqP
mnoLsZxs4zLX5KiEP9EincmNQYszCKZ+30RO/uvoKAZr0uKSha0cGp9GawqlnaSQ
ouyTxCgKFNq8kMSIwejuIh0DzOpGTIccY6zCqhc4FzWIO0SKFG/0Gjdfx/MWvPff
bnV1NamwKWPFUv0ZcOznWSlYZOGnzhF7ksTu6m9pPb6LeTOtBLcInlYLPLcID3iq
kTEueMFVkLC/Gra5/ewKF7CD4jbu4bx1lyZ88d9xOe+7gCl4Gxdgo2x6jwmadgFV
Kz9oedNPHhQPxiqvDOpAv56OzXGyoOIuNB7/tF3PAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUJyhJtqzP1LsR2LxJ/q/ILLJoopgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzIyOWZiYTk0LTM3NDctNDRlMi05YTBkLTcyNDE0NTk3ZTZmMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZM8UAwDQYJKoZIhvcNAQELBQADggEBACY+BZ1haLVyfT0ticg+vJzwpNPC
k32n7EPW3b+COjDk2jbXG46YtGEn0FolLfpOLTMcGX8zJ5TfkAkv3NSp+ZyraxYM
mfHLhk0yD/KDzEJ8GlzSLKcN3+xUWBs5+PvkKVmdajtHcg9choumj63aup/xM8oy
TTpyDZ8ELBD39lie5gXm5qWP9cZMsXcGYIz5+4FCNrm4rDf16NIoaF8UaMZZnttC
3E7Oi4vegsntySF5Lvri31VZYeJbSrUkZlzFSuaSlk37P0IFufXfPHtjtYAZPzuz
AR8Vin+YqXr1vrYEGoabNySuU42COYqk9um4LCM6TxyUqZBmgGJXjLrCV44=
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:13:41 2025 by rpki-client