Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/28c2684b-c1bd-4785-a1c4-390897be3c8d.roa
File: 28c2684b-c1bd-4785-a1c4-390897be3c8d.roa (raw, json)
Hash identifier: UHkpQ/U/KDY2XDnQt+GP1yucjtnXv4AIgZ4/PQPH0ZI=
Subject key identifier: EA:43:9A:C0:C2:14:42:72:9A:68:F0:9A:CB:C5:9E:6E:48:D9:5C:27
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 7C745DCB17FC52A07D4ED3998278AB4D48ED3CA6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/28c2684b-c1bd-4785-a1c4-390897be3c8d.roa
Signing time: Mon 06 Oct 2025 16:41:08 +0000
ROA not before: Mon 06 Oct 2025 16:41:08 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 50.18.208.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:74:5d:cb:17:fc:52:a0:7d:4e:d3:99:82:78:ab:4d:48:ed:3c:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 6 16:41:08 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=7dd236b47a9a9d509b630b164186a0ae50da989bcac11a1125092a82124a8aed, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:49:37:ec:d6:7d:bb:3c:ef:98:ef:fd:6b:99:
70:5e:0b:22:29:0d:ec:ee:ee:61:f2:78:ea:88:fa:
18:a4:3b:f3:68:28:e9:72:78:40:c1:08:c7:68:c5:
51:88:fc:77:ec:49:98:15:bb:2c:ef:20:89:f2:47:
e2:17:33:e3:b3:9b:35:07:a7:b1:e3:fd:56:0e:25:
5e:e6:47:75:3b:4a:67:17:8b:1d:40:2a:ee:b5:fd:
3e:7a:b7:e3:86:c4:80:4d:19:77:d6:90:2f:82:b2:
46:31:bf:90:9a:6a:9b:37:e7:ed:4e:36:0b:79:49:
3d:9a:99:20:03:c8:08:6c:2d:0a:43:b5:bb:c2:da:
f3:7b:48:7b:e2:56:fd:60:cf:d5:88:ef:f3:41:41:
3d:77:ed:73:57:9f:9b:0f:f5:09:f5:86:8c:65:db:
c1:33:c4:de:3a:d8:94:53:b8:38:ad:7f:db:4b:ed:
00:de:09:3f:da:37:e1:02:1a:ca:3e:a6:c9:86:e5:
f3:0e:b5:0b:c4:52:18:c8:06:76:f1:fd:a7:f5:be:
fd:74:1c:5c:c4:08:11:ea:30:f3:bf:03:24:2e:eb:
ff:9d:56:89:2f:20:32:29:45:e8:49:89:b5:e9:a5:
ba:50:46:39:3f:92:68:be:fa:9c:db:c9:cc:85:91:
4b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:43:9A:C0:C2:14:42:72:9A:68:F0:9A:CB:C5:9E:6E:48:D9:5C:27
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/28c2684b-c1bd-4785-a1c4-390897be3c8d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
50.18.208.0/20
Signature Algorithm: sha256WithRSAEncryption
85:a9:69:9e:8b:ab:3c:03:04:d5:cc:6a:0f:c8:3c:ab:2c:c7:
76:4b:85:14:ed:d9:91:ae:29:80:20:eb:e3:c4:e5:63:76:f9:
8e:ca:c5:3f:d2:d8:9a:22:13:d1:b7:53:13:3b:b8:89:0c:dd:
64:a5:a5:5c:4d:d6:d0:87:4d:82:a4:43:72:5c:29:9d:7a:67:
51:bd:5d:05:6a:24:55:89:c3:aa:0d:f6:95:74:ac:37:e7:14:
9b:c6:af:a3:c2:88:1c:10:bc:df:d7:74:ff:79:ca:a2:88:dc:
08:93:f8:cb:cd:47:fc:fd:93:da:73:d9:74:4f:a7:75:a3:1b:
21:fd:42:fc:25:f3:5e:82:73:3f:0c:06:bb:dc:5f:5c:01:87:
9f:fe:24:2c:41:9a:37:98:0f:f0:b1:0f:88:ee:b3:b5:b7:1d:
94:2e:3c:39:6b:a1:59:90:1f:9b:95:05:ad:10:12:25:06:d2:
b5:b2:4f:b8:e2:16:94:c6:f2:85:26:20:77:f4:62:08:0a:bb:
71:ca:68:25:df:34:64:c8:62:2d:e4:6c:1d:6f:8a:2f:43:d4:
af:03:9a:b3:77:64:05:16:77:47:f5:f1:ea:b9:55:b2:ea:21:
6e:c7:88:05:e4:26:87:ff:89:d8:6f:1c:b1:95:5c:6d:3c:51:
12:a7:8a:82
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfHRdyxf8UqB9TtOZgnirTUjtPKYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA2MTY0MTA4WhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A3ZGQyMzZiNDdhOWE5ZDUwOWI2MzBiMTY0MTg2YTBhZTUw
ZGE5ODliY2FjMTFhMTEyNTA5MmE4MjEyNGE4YWVkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCySTfs1n27PO+Y7/1rmXBeCyIpDezu7mHyeOqI+hikO/No
KOlyeEDBCMdoxVGI/HfsSZgVuyzvIInyR+IXM+OzmzUHp7Hj/VYOJV7mR3U7SmcX
ix1AKu61/T56t+OGxIBNGXfWkC+CskYxv5Caaps35+1ONgt5ST2amSADyAhsLQpD
tbvC2vN7SHviVv1gz9WI7/NBQT137XNXn5sP9Qn1hoxl28EzxN462JRTuDitf9tL
7QDeCT/aN+ECGso+psmG5fMOtQvEUhjIBnbx/af1vv10HFzECBHqMPO/AyQu6/+d
VokvIDIpRehJibXppbpQRjk/kmi++pzbycyFkUs5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU6kOawMIUQnKaaPCay8WebkjZXCcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI4YzI2ODRiLWMxYmQtNDc4NS1hMWM0LTM5MDg5N2JlM2M4ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQyEtAwDQYJKoZIhvcNAQELBQADggEBAIWpaZ6LqzwDBNXMag/IPKssx3ZL
hRTt2ZGuKYAg6+PE5WN2+Y7KxT/S2JoiE9G3UxM7uIkM3WSlpVxN1tCHTYKkQ3Jc
KZ16Z1G9XQVqJFWJw6oN9pV0rDfnFJvGr6PCiBwQvN/XdP95yqKI3AiT+MvNR/z9
k9pz2XRPp3WjGyH9Qvwl816Ccz8MBrvcX1wBh5/+JCxBmjeYD/CxD4jus7W3HZQu
PDlroVmQH5uVBa0QEiUG0rWyT7jiFpTG8oUmIHf0YggKu3HKaCXfNGTIYi3kbB1v
ii9D1K8DmrN3ZAUWd0f18eq5VbLqIW7HiAXkJof/idhvHLGVXG08URKnioI=
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:52:12 2025 by rpki-client