Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2c8703a1-34ff-445a-83d6-9423df90d41e.roa
File: 2c8703a1-34ff-445a-83d6-9423df90d41e.roa (raw, json)
Hash identifier: dr4+QThOxb2uWcu5m1p+BW1WA1XYVu/CRDAkaFlAguw=
Subject key identifier: 5A:E9:40:4D:6D:38:83:BB:81:FE:BF:FF:E9:11:85:08:2D:CE:7E:4F
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 6AFE712E012FA8CB5AB2A3DF6832888971149788
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2c8703a1-34ff-445a-83d6-9423df90d41e.roa
Signing time: Wed 08 Oct 2025 00:40:53 +0000
ROA not before: Wed 08 Oct 2025 00:40:53 +0000
ROA not after: Wed 12 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 99.150.0.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:fe:71:2e:01:2f:a8:cb:5a:b2:a3:df:68:32:88:89:71:14:97:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 8 00:40:53 2025 GMT
Not After : Nov 12 23:59:59 2025 GMT
Subject: serialNumber=619f33bc09b84a7c748ea05c1e5842d9ef66de52e81c4e964c545785d4dd3b7e, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:c0:03:fd:24:e0:e2:04:cc:fe:6d:58:e8:09:
5c:f1:5e:76:fd:b1:18:40:b3:d3:96:35:d5:24:9e:
63:e1:03:33:ce:74:a0:5e:9c:3b:b7:1e:e4:63:14:
5f:d0:8b:7f:ec:92:65:97:a5:d5:01:48:b1:31:4e:
25:27:1a:17:c0:90:af:90:2a:8c:1d:e3:c4:f3:da:
f4:2b:7e:f1:02:3a:60:d8:59:e0:92:19:c6:4f:24:
b7:89:17:83:59:bb:20:a1:e2:e4:9a:7c:cc:03:6f:
b0:e9:b7:4e:b6:52:a1:09:c1:94:7d:5b:62:d3:05:
73:66:57:b7:39:35:35:52:8b:1e:11:fa:7f:ba:7b:
16:7a:47:48:d6:0d:9c:4d:90:bc:b7:e4:c8:ef:ec:
2e:a1:a7:b1:4a:2f:a4:41:47:ef:6a:28:62:c3:4b:
7e:f1:8e:76:14:d9:7d:a2:d2:40:c9:39:54:aa:14:
0d:b6:1b:4f:06:73:a0:4b:74:5b:34:d2:2f:ac:c3:
54:84:6f:50:e1:9c:6e:ea:06:6b:01:7d:6f:ea:18:
f8:1c:e9:ec:c0:7f:e8:b1:13:bd:8b:dc:85:b3:2e:
a4:a1:5b:f1:59:56:6f:bd:25:93:32:07:53:ed:72:
1f:11:64:9e:58:d5:b4:64:80:d3:7e:9c:24:54:b0:
8c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:E9:40:4D:6D:38:83:BB:81:FE:BF:FF:E9:11:85:08:2D:CE:7E:4F
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2c8703a1-34ff-445a-83d6-9423df90d41e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
99.150.0.0/22
Signature Algorithm: sha256WithRSAEncryption
cb:b1:5b:b4:66:bb:f0:04:16:a0:3f:cf:9e:84:25:f9:81:15:
a8:3f:a0:5f:5b:95:6e:c9:a0:79:f2:1b:26:42:de:31:ca:e4:
46:2f:82:6b:9b:1c:d0:e7:4f:08:9b:6d:53:84:cd:6b:aa:81:
d4:f6:bf:1d:b1:bd:99:83:b7:ad:bf:be:84:74:43:95:80:e6:
87:be:0c:6a:18:b2:7c:de:02:80:64:97:60:ce:6e:7e:b7:e4:
ec:11:6e:df:89:f2:8a:91:0a:ce:75:a7:9d:b8:a8:19:4e:b0:
78:d9:f4:09:3a:6c:20:6f:68:2c:28:e5:0e:2b:22:07:a5:7a:
4d:3a:07:4a:f4:ba:62:80:ac:b8:1e:57:bb:08:1f:e5:5c:93:
9c:51:51:1f:42:88:dc:19:c5:ed:40:03:19:cb:54:ac:86:37:
b7:94:2f:01:51:fb:43:10:05:6b:c1:e6:5b:b5:22:03:0c:03:
12:48:68:9c:2c:be:b2:b3:4c:a5:50:76:99:67:0d:df:58:74:
44:48:72:43:2a:72:77:e8:f2:57:95:40:80:20:4d:a0:96:aa:
11:c1:04:dc:4a:0c:aa:b9:12:02:a0:22:8a:c1:96:c1:5e:de:
63:bb:3a:2c:b9:56:62:0c:9e:14:1b:1b:7e:50:95:da:c3:bf:
da:ab:5b:2a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUav5xLgEvqMtasqPfaDKIiXEUl4gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA4MDA0MDUzWhcNMjUxMTEyMjM1OTU5
WjB6MUkwRwYDVQQFE0A2MTlmMzNiYzA5Yjg0YTdjNzQ4ZWEwNWMxZTU4NDJkOWVm
NjZkZTUyZTgxYzRlOTY0YzU0NTc4NWQ0ZGQzYjdlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDYwAP9JODiBMz+bVjoCVzxXnb9sRhAs9OWNdUknmPhAzPO
dKBenDu3HuRjFF/Qi3/skmWXpdUBSLExTiUnGhfAkK+QKowd48Tz2vQrfvECOmDY
WeCSGcZPJLeJF4NZuyCh4uSafMwDb7Dpt062UqEJwZR9W2LTBXNmV7c5NTVSix4R
+n+6exZ6R0jWDZxNkLy35Mjv7C6hp7FKL6RBR+9qKGLDS37xjnYU2X2i0kDJOVSq
FA22G08Gc6BLdFs00i+sw1SEb1DhnG7qBmsBfW/qGPgc6ezAf+ixE72L3IWzLqSh
W/FZVm+9JZMyB1Ptch8RZJ5Y1bRkgNN+nCRUsIyDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUWulATW04g7uB/r//6RGFCC3Ofk8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJjODcwM2ExLTM0ZmYtNDQ1YS04M2Q2LTk0MjNkZjkwZDQxZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJjlgAwDQYJKoZIhvcNAQELBQADggEBAMuxW7Rmu/AEFqA/z56EJfmBFag/
oF9blW7JoHnyGyZC3jHK5EYvgmubHNDnTwibbVOEzWuqgdT2vx2xvZmDt62/voR0
Q5WA5oe+DGoYsnzeAoBkl2DObn635OwRbt+J8oqRCs51p524qBlOsHjZ9Ak6bCBv
aCwo5Q4rIgelek06B0r0umKArLgeV7sIH+Vck5xRUR9CiNwZxe1AAxnLVKyGN7eU
LwFR+0MQBWvB5lu1IgMMAxJIaJwsvrKzTKVQdplnDd9YdERIckMqcnfo8leVQIAg
TaCWqhHBBNxKDKq5EgKgIorBlsFe3mO7Oiy5VmIMnhQbG35QldrDv9qrWyo=
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:01:58 2025 by rpki-client