Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/30a99871-ae35-4d50-8e6a-d2849f20a0bd.roa
File: 30a99871-ae35-4d50-8e6a-d2849f20a0bd.roa (raw, json)
Hash identifier: MNtu/BjS0AA9tEDrjamURnOxVKrJ2KyRRP7lvLYtwH0=
Subject key identifier: 3F:A2:70:D5:91:A3:C9:96:A8:B8:60:DC:98:CD:BA:EA:96:42:62:01
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2ABA174A535CB837ECFD157C54CDA48CDA96DBBE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/30a99871-ae35-4d50-8e6a-d2849f20a0bd.roa
Signing time: Wed 08 Oct 2025 00:22:54 +0000
ROA not before: Wed 08 Oct 2025 00:22:54 +0000
ROA not after: Wed 12 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 68.67.224.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:ba:17:4a:53:5c:b8:37:ec:fd:15:7c:54:cd:a4:8c:da:96:db:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 8 00:22:54 2025 GMT
Not After : Nov 12 23:59:59 2025 GMT
Subject: serialNumber=241abbea2b3ed98aa38f98dade0d499721b55830c27cd4d4d30dcd32cc9d48b9, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:bd:f0:0d:e8:21:c6:f9:12:e5:59:cd:35:5a:
c9:c8:ab:27:36:34:5a:70:f6:d6:13:32:c3:fa:9c:
9c:b1:aa:95:30:48:57:75:03:72:ba:48:31:b0:60:
47:6f:16:e1:f3:9b:9c:74:08:19:71:f8:41:f4:cc:
07:38:6f:3f:1a:02:0d:7b:dd:b4:f0:ae:99:10:ff:
9d:57:fc:50:b3:bb:d6:58:92:2a:0e:ce:cd:33:09:
fd:4b:60:d3:34:17:fe:45:49:22:f6:75:04:04:40:
b0:f6:07:9f:73:f2:75:62:83:6d:c4:63:41:9e:a7:
4b:ed:52:41:77:c7:69:b6:a8:05:85:c2:68:8d:9d:
0a:75:b2:a5:71:2d:5e:70:a4:2e:db:12:93:ca:96:
88:7c:83:3a:07:9f:35:cc:2f:ff:7a:a6:d3:67:1a:
13:0c:67:dc:b4:3a:60:d4:9c:b6:76:51:56:c2:53:
bc:18:25:c9:af:db:67:1c:47:e7:6f:9c:e9:f2:79:
9d:5d:8f:15:3d:67:f3:c7:f2:6b:a4:d1:f6:c6:96:
07:15:c4:ab:51:fc:f2:06:92:10:7a:e3:3c:58:cc:
dc:10:58:4f:9d:1f:15:b5:84:87:bf:62:97:41:bc:
42:93:d0:47:57:78:25:8a:6e:32:eb:60:47:d8:29:
fc:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:A2:70:D5:91:A3:C9:96:A8:B8:60:DC:98:CD:BA:EA:96:42:62:01
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/30a99871-ae35-4d50-8e6a-d2849f20a0bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
68.67.224.0/20
Signature Algorithm: sha256WithRSAEncryption
97:3d:d9:98:96:93:d4:0e:af:8e:d3:41:c0:d7:38:a8:46:12:
d9:02:00:51:ed:d8:ce:ca:ee:c3:09:f9:58:d5:3d:68:1c:fc:
51:86:d0:c4:6a:31:15:06:e2:7c:80:26:4a:1c:0c:4e:01:58:
51:57:e5:c4:57:00:76:c1:c3:ed:a0:64:59:6d:ea:69:65:b3:
35:fe:00:c6:6e:b3:c9:1c:d5:73:d5:87:1d:ad:e5:a2:76:f9:
96:93:5d:a5:50:3e:2a:d9:37:7f:b3:60:94:35:64:be:b7:4d:
a0:b7:e8:73:86:1c:cf:d9:28:14:07:24:6f:17:ef:1e:40:f9:
69:7f:7e:f9:76:c3:57:1c:a1:e6:87:59:b0:69:12:d4:73:c6:
65:4b:e6:c2:0e:54:0d:4e:6e:13:69:ac:45:52:a4:8c:b6:00:
2b:88:fc:b1:d5:4e:00:e4:6a:28:8f:db:88:47:4d:f5:3a:9e:
46:03:4b:44:31:f5:9e:3e:39:f2:2f:75:62:f9:40:59:30:65:
b3:40:79:4c:f8:26:cc:74:31:54:0d:49:57:27:9f:60:9e:a6:
35:00:c8:08:5c:db:0d:b8:1a:d3:12:f5:38:42:e0:29:1d:4c:
ef:b7:cb:7a:c8:e2:fd:7f:22:45:20:4b:8e:99:62:26:ce:02:
0e:a7:e0:40
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKroXSlNcuDfs/RV8VM2kjNqW274wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA4MDAyMjU0WhcNMjUxMTEyMjM1OTU5
WjB6MUkwRwYDVQQFE0AyNDFhYmJlYTJiM2VkOThhYTM4Zjk4ZGFkZTBkNDk5NzIx
YjU1ODMwYzI3Y2Q0ZDRkMzBkY2QzMmNjOWQ0OGI5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCbvfAN6CHG+RLlWc01WsnIqyc2NFpw9tYTMsP6nJyxqpUw
SFd1A3K6SDGwYEdvFuHzm5x0CBlx+EH0zAc4bz8aAg173bTwrpkQ/51X/FCzu9ZY
kioOzs0zCf1LYNM0F/5FSSL2dQQEQLD2B59z8nVig23EY0Gep0vtUkF3x2m2qAWF
wmiNnQp1sqVxLV5wpC7bEpPKloh8gzoHnzXML/96ptNnGhMMZ9y0OmDUnLZ2UVbC
U7wYJcmv22ccR+dvnOnyeZ1djxU9Z/PH8muk0fbGlgcVxKtR/PIGkhB64zxYzNwQ
WE+dHxW1hIe/YpdBvEKT0EdXeCWKbjLrYEfYKfx9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUP6Jw1ZGjyZaouGDcmM266pZCYgEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMwYTk5ODcxLWFlMzUtNGQ1MC04ZTZhLWQyODQ5ZjIwYTBiZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAREQ+AwDQYJKoZIhvcNAQELBQADggEBAJc92ZiWk9QOr47TQcDXOKhGEtkC
AFHt2M7K7sMJ+VjVPWgc/FGG0MRqMRUG4nyAJkocDE4BWFFX5cRXAHbBw+2gZFlt
6mllszX+AMZus8kc1XPVhx2t5aJ2+ZaTXaVQPirZN3+zYJQ1ZL63TaC36HOGHM/Z
KBQHJG8X7x5A+Wl/fvl2w1ccoeaHWbBpEtRzxmVL5sIOVA1ObhNprEVSpIy2ACuI
/LHVTgDkaiiP24hHTfU6nkYDS0Qx9Z4+OfIvdWL5QFkwZbNAeUz4Jsx0MVQNSVcn
n2CepjUAyAhc2w24GtMS9ThC4CkdTO+3y3rI4v1/IkUgS46ZYibOAg6n4EA=
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:38:59 2025 by rpki-client