Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2651bd32-be0e-47db-b5f3-aa5e30add0da.roa
File: 2651bd32-be0e-47db-b5f3-aa5e30add0da.roa (raw, json)
Hash identifier: 5u64pGB4EaF0AaxGj35MaF63cXUtgWTpAX4XciQM2Xk=
Subject key identifier: EB:C4:FA:A7:33:AF:94:DA:A8:0F:BF:55:F8:CD:92:88:25:64:3F:2D
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 494CF4CEBF9066587DA5881F5424604BD957D767
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2651bd32-be0e-47db-b5f3-aa5e30add0da.roa
Signing time: Sat 27 Sep 2025 00:02:17 +0000
ROA not before: Sat 27 Sep 2025 00:02:17 +0000
ROA not after: Sat 01 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 136.143.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:4c:f4:ce:bf:90:66:58:7d:a5:88:1f:54:24:60:4b:d9:57:d7:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Sep 27 00:02:17 2025 GMT
Not After : Nov 1 23:59:59 2025 GMT
Subject: serialNumber=ba3bc0124f1eabfb8c0ceec2c3ea2f207f430478f14e1735209c44e8f564cb1f, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b9:14:2f:4e:a3:92:ef:10:a9:c0:a3:07:24:
fc:cf:17:ce:ac:cd:e8:7d:60:eb:77:b1:09:ad:3a:
70:06:51:67:7f:61:1d:8b:08:59:da:ca:c0:10:80:
5f:54:bc:47:f4:16:67:cc:3f:4b:26:df:7f:6e:04:
d6:0c:42:71:57:7e:a4:9c:b5:1d:8f:9f:59:05:f8:
b3:83:64:9a:3d:06:74:63:81:77:2a:3f:e2:82:3e:
9c:4e:49:6f:39:04:0b:65:83:05:30:2f:4e:73:43:
ee:ef:1c:8b:bf:da:9a:ce:76:c3:2f:e2:74:fc:90:
4d:f9:a8:9c:ee:0d:74:4a:0e:53:62:4d:b5:4e:c9:
c8:7e:64:f2:43:26:16:47:c3:f6:90:43:fb:3d:5e:
0a:f7:eb:74:4e:a0:80:66:63:09:7a:a7:1a:26:58:
0a:2a:09:2a:1a:dd:b1:27:1d:71:42:87:32:d4:5d:
b6:64:1c:e6:7f:a3:dd:3b:3c:7f:c7:bd:07:da:22:
f9:be:97:7a:66:0b:98:60:b1:d2:69:4a:b8:50:0e:
41:6b:32:bb:5f:21:ab:29:7c:96:d3:c6:b5:61:1c:
92:4b:39:a1:d4:5a:18:e9:b5:36:c7:f3:be:22:57:
aa:2a:bd:35:cf:fd:b3:92:f8:b7:5e:79:f1:09:c2:
bf:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:C4:FA:A7:33:AF:94:DA:A8:0F:BF:55:F8:CD:92:88:25:64:3F:2D
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2651bd32-be0e-47db-b5f3-aa5e30add0da.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
136.143.0.0/17
Signature Algorithm: sha256WithRSAEncryption
a8:23:2e:9c:4b:91:00:24:a0:61:28:11:a4:41:58:21:f6:a5:
38:4d:7d:7d:57:45:37:ee:31:03:9c:d7:19:5a:ed:01:f5:dd:
d5:fb:66:f5:0b:fc:82:c2:1e:d4:53:9e:20:ff:0c:62:f6:c6:
ad:44:ef:e7:50:7c:a2:30:0d:02:05:74:da:cd:61:d1:ca:de:
fa:2f:81:55:49:e5:78:5d:ed:73:3a:28:61:97:84:ba:79:7c:
3c:5c:4c:4a:a6:58:48:d3:a7:ef:2b:71:c8:0f:26:fc:b4:63:
15:09:a7:a1:a9:e6:0b:c8:6a:3e:f5:c2:5e:e0:ae:f1:55:c1:
95:5c:e8:a8:21:8d:9c:a1:75:fc:cd:d4:15:2e:e3:fc:e4:77:
f7:43:af:8c:1d:79:f1:79:7a:55:2f:88:c8:6c:a8:76:24:07:
45:c1:cd:e2:4d:d8:92:80:83:8a:3e:da:13:e3:41:7d:e9:0a:
2c:e0:3d:51:3d:e8:5d:e5:a5:9d:ef:cc:34:1e:1d:cc:17:f1:
84:e9:6c:3a:d8:61:85:10:4e:54:4b:b5:25:5b:78:f5:f7:37:
1f:5a:62:51:7f:7d:32:c1:38:ee:37:20:04:cb:3e:29:41:a0:
2c:ab:2e:34:8f:ef:6c:52:e8:9f:a3:4a:2e:8b:55:40:f0:e8:
e2:08:3f:29
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSUz0zr+QZlh9pYgfVCRgS9lX12cwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI3MDAwMjE3WhcNMjUxMTAxMjM1OTU5
WjB6MUkwRwYDVQQFE0BiYTNiYzAxMjRmMWVhYmZiOGMwY2VlYzJjM2VhMmYyMDdm
NDMwNDc4ZjE0ZTE3MzUyMDljNDRlOGY1NjRjYjFmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCFuRQvTqOS7xCpwKMHJPzPF86szeh9YOt3sQmtOnAGUWd/
YR2LCFnaysAQgF9UvEf0FmfMP0sm339uBNYMQnFXfqSctR2Pn1kF+LODZJo9BnRj
gXcqP+KCPpxOSW85BAtlgwUwL05zQ+7vHIu/2prOdsMv4nT8kE35qJzuDXRKDlNi
TbVOych+ZPJDJhZHw/aQQ/s9Xgr363ROoIBmYwl6pxomWAoqCSoa3bEnHXFChzLU
XbZkHOZ/o907PH/HvQfaIvm+l3pmC5hgsdJpSrhQDkFrMrtfIaspfJbTxrVhHJJL
OaHUWhjptTbH874iV6oqvTXP/bOS+LdeefEJwr9fAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU68T6pzOvlNqoD79V+M2SiCVkPy0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI2NTFiZDMyLWJlMGUtNDdkYi1iNWYzLWFhNWUzMGFkZDBkYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAeIjwAwDQYJKoZIhvcNAQELBQADggEBAKgjLpxLkQAkoGEoEaRBWCH2pThN
fX1XRTfuMQOc1xla7QH13dX7ZvUL/ILCHtRTniD/DGL2xq1E7+dQfKIwDQIFdNrN
YdHK3vovgVVJ5Xhd7XM6KGGXhLp5fDxcTEqmWEjTp+8rccgPJvy0YxUJp6Gp5gvI
aj71wl7grvFVwZVc6KghjZyhdfzN1BUu4/zkd/dDr4wdefF5elUviMhsqHYkB0XB
zeJN2JKAg4o+2hPjQX3pCizgPVE96F3lpZ3vzDQeHcwX8YTpbDrYYYUQTlRLtSVb
ePX3Nx9aYlF/fTLBOO43IATLPilBoCyrLjSP72xS6J+jSi6LVUDw6OIIPyk=
-----END CERTIFICATE-----
Generated at Mon Oct 20 20:44:10 2025 by rpki-client