Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2403d3e2-d51c-4024-837b-566d9deaa1d5.roa
File: 2403d3e2-d51c-4024-837b-566d9deaa1d5.roa (raw, json)
Hash identifier: m9plVV6/HuzCtN1ZDE6V5iL2TK3KKUeydF9TZKmW9FA=
Subject key identifier: 8D:C6:17:E2:79:A7:63:8C:8F:E2:55:2D:92:59:04:B8:48:72:75:D2
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 0D387540DA16912D1A5C34FF044A2742869AB6D7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2403d3e2-d51c-4024-837b-566d9deaa1d5.roa
Signing time: Sat 18 Oct 2025 00:30:15 +0000
ROA not before: Sat 18 Oct 2025 00:30:15 +0000
ROA not after: Sat 22 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 204.236.192.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:38:75:40:da:16:91:2d:1a:5c:34:ff:04:4a:27:42:86:9a:b6:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 18 00:30:15 2025 GMT
Not After : Nov 22 23:59:59 2025 GMT
Subject: serialNumber=05ebdba11cac0d0f22fc05ffc09f1deb182cb26cc9757510602c5fe85fd530f1, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c0:3e:7f:91:f1:71:f5:f2:bf:8e:4d:a0:60:
78:60:b8:cb:79:7d:f8:1a:03:37:9a:ed:83:68:fa:
4c:ef:9a:2f:76:d2:62:26:db:fc:64:8a:e4:11:34:
1c:40:46:e5:c8:84:77:71:3e:5d:00:04:cf:6f:60:
51:86:4f:71:41:de:cb:ad:c3:1c:3e:de:c8:48:84:
cd:7f:a1:91:29:94:70:ea:3a:81:dd:6b:43:8a:ae:
51:32:c0:fd:1b:b4:74:ef:53:69:79:7e:dd:7f:6b:
be:bf:73:96:8f:f9:43:60:98:a2:be:58:5f:a5:f5:
f8:67:9c:4f:04:03:54:66:23:65:1d:b4:16:ed:9d:
b0:74:ce:6c:c0:25:74:d2:6a:c9:ac:a4:58:c4:6e:
17:6b:a8:5c:48:e9:de:01:ba:9e:a5:d7:6b:6f:bd:
8b:79:b7:fd:b1:14:f3:9d:fc:b5:5d:6a:26:3f:22:
c9:22:a5:4d:90:f6:4f:cd:d0:01:ad:da:e5:bb:4d:
f7:44:79:25:05:b9:01:b5:93:8a:c5:91:6d:67:8a:
09:10:e3:30:95:d2:91:77:86:92:fb:56:d3:96:dc:
8a:b0:b3:db:c2:53:ed:f8:86:3b:05:da:88:18:8e:
73:b5:a9:06:9a:98:6a:fb:23:2f:71:e3:7e:ce:d4:
d9:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:C6:17:E2:79:A7:63:8C:8F:E2:55:2D:92:59:04:B8:48:72:75:D2
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2403d3e2-d51c-4024-837b-566d9deaa1d5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
204.236.192.0/18
Signature Algorithm: sha256WithRSAEncryption
0f:10:8c:61:bc:8a:a6:68:f2:21:15:b0:a1:92:2f:19:8f:26:
2c:e8:33:a8:f7:2e:14:73:79:5c:b7:46:df:4b:7d:a2:11:4e:
c8:cc:4d:b7:bd:f3:e2:38:bb:39:f7:63:4e:94:a1:e3:ad:08:
f6:af:b3:0b:f7:8b:aa:a9:39:47:85:00:e6:41:0f:29:a5:94:
e7:d8:b3:89:ef:3c:22:69:aa:27:1b:21:f1:84:e0:32:e0:d3:
9b:7f:b9:18:6f:68:a7:c0:80:95:86:63:fb:e1:5f:b0:3a:a9:
be:27:15:14:70:18:fa:92:f3:78:fa:00:23:91:62:73:1a:cd:
2b:f6:2c:96:85:30:a7:e8:8d:68:96:61:ba:28:18:ef:6d:08:
8b:2f:c0:cd:d4:d4:c6:94:65:74:d4:7f:04:66:58:af:98:4e:
8c:05:cf:07:15:b6:60:18:50:bf:76:23:67:3e:00:88:62:39:
08:91:64:1c:e7:34:34:cc:24:ba:49:1c:e7:aa:5b:de:48:77:
ef:63:86:9f:c0:e8:73:0a:b7:83:dd:d0:91:90:20:53:d2:15:
4e:7e:23:e7:b5:c6:3f:87:a8:80:2c:91:e8:d8:bd:50:35:f3:
0f:35:e7:ed:32:de:f4:24:45:f7:d2:ac:4c:02:81:a7:e1:81:
1a:8d:4d:7e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDTh1QNoWkS0aXDT/BEonQoaattcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE4MDAzMDE1WhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0AwNWViZGJhMTFjYWMwZDBmMjJmYzA1ZmZjMDlmMWRlYjE4
MmNiMjZjYzk3NTc1MTA2MDJjNWZlODVmZDUzMGYxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDMwD5/kfFx9fK/jk2gYHhguMt5ffgaAzea7YNo+kzvmi92
0mIm2/xkiuQRNBxARuXIhHdxPl0ABM9vYFGGT3FB3sutwxw+3shIhM1/oZEplHDq
OoHda0OKrlEywP0btHTvU2l5ft1/a76/c5aP+UNgmKK+WF+l9fhnnE8EA1RmI2Ud
tBbtnbB0zmzAJXTSasmspFjEbhdrqFxI6d4Bup6l12tvvYt5t/2xFPOd/LVdaiY/
IskipU2Q9k/N0AGt2uW7TfdEeSUFuQG1k4rFkW1nigkQ4zCV0pF3hpL7VtOW3Iqw
s9vCU+34hjsF2ogYjnO1qQaamGr7Iy9x437O1Nk1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUjcYX4nmnY4yP4lUtklkEuEhyddIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI0MDNkM2UyLWQ1MWMtNDAyNC04MzdiLTU2NmQ5ZGVhYTFkNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAbM7MAwDQYJKoZIhvcNAQELBQADggEBAA8QjGG8iqZo8iEVsKGSLxmPJizo
M6j3LhRzeVy3Rt9LfaIRTsjMTbe98+I4uzn3Y06UoeOtCPavswv3i6qpOUeFAOZB
DymllOfYs4nvPCJpqicbIfGE4DLg05t/uRhvaKfAgJWGY/vhX7A6qb4nFRRwGPqS
83j6ACORYnMazSv2LJaFMKfojWiWYbooGO9tCIsvwM3U1MaUZXTUfwRmWK+YTowF
zwcVtmAYUL92I2c+AIhiOQiRZBznNDTMJLpJHOeqW95Id+9jhp/A6HMKt4Pd0JGQ
IFPSFU5+I+e1xj+HqIAskejYvVA18w815+0y3vQkRffSrEwCgafhgRqNTX4=
-----END CERTIFICATE-----
Generated at Mon Oct 20 20:44:07 2025 by rpki-client