Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3ac220a6-0e06-40a8-b44e-4fbb37349986.roa
File: 3ac220a6-0e06-40a8-b44e-4fbb37349986.roa (raw, json)
Hash identifier: niMRxSQYBLDzJES7cR5E7yHiV+xkFeLbMOwk5OcsL6I=
Subject key identifier: B6:C0:EA:8A:78:5C:14:32:42:39:FF:1A:B2:A1:CE:EB:57:BF:7E:79
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 13D733C9E0E65D8C41FBD2F640BD52A0DD9F8B1D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3ac220a6-0e06-40a8-b44e-4fbb37349986.roa
Signing time: Wed 08 Oct 2025 00:22:57 +0000
ROA not before: Wed 08 Oct 2025 00:22:57 +0000
ROA not after: Wed 12 Nov 2025 23:59:59 +0000
asID: 9498
IP address blocks: 70.130.228.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:d7:33:c9:e0:e6:5d:8c:41:fb:d2:f6:40:bd:52:a0:dd:9f:8b:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 8 00:22:57 2025 GMT
Not After : Nov 12 23:59:59 2025 GMT
Subject: serialNumber=d570fd95131d8ed40df923176be214e02d71eb84e1371cac040f34f48d6a023d, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b2:c7:00:df:94:2b:2d:91:a3:4a:c2:1f:44:
34:e1:7f:2b:13:bc:a5:c3:0a:3d:fd:7b:0d:0b:d3:
5f:9b:25:a6:ca:12:bb:60:d6:e4:3e:36:1d:65:2f:
62:9d:21:39:8f:7e:69:b2:35:0b:dd:bb:6f:af:82:
6f:8e:d0:1f:70:24:ea:52:00:0f:20:06:02:56:af:
5f:0d:0c:63:e4:f7:7d:a5:22:ba:5f:4b:14:b3:a2:
59:62:c4:81:47:dc:1c:10:76:04:8e:25:5f:e4:54:
e4:df:9a:b2:b1:d1:86:f5:1d:62:bb:12:83:c3:d9:
fc:08:18:2e:55:76:af:dd:ea:48:40:b5:72:87:ea:
e9:a6:8f:9a:0f:58:95:d3:e0:ed:26:0d:49:d6:c2:
66:02:ff:23:74:ce:08:78:a9:8d:fc:01:43:64:d5:
c1:44:57:a3:31:45:fe:bb:e5:5b:8a:d9:bd:2a:74:
87:4f:c2:21:2f:eb:d6:69:3a:b9:af:3a:8d:00:52:
93:dd:86:d8:55:bb:75:8c:88:60:72:05:03:6a:ad:
1a:8d:b3:53:5b:2c:22:b5:aa:c4:07:c8:0b:aa:9c:
96:1b:6c:7b:e2:27:9c:4a:df:d4:d0:6e:80:8d:30:
ed:f2:6e:4f:77:77:a6:b3:02:a8:78:5f:66:8c:e4:
57:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:C0:EA:8A:78:5C:14:32:42:39:FF:1A:B2:A1:CE:EB:57:BF:7E:79
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3ac220a6-0e06-40a8-b44e-4fbb37349986.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
70.130.228.0/24
Signature Algorithm: sha256WithRSAEncryption
11:87:38:61:f0:bf:04:d3:f3:6d:15:a8:c9:4e:5d:3a:a5:70:
c7:df:c9:3f:1f:db:58:0a:4b:89:8b:7b:25:ce:e7:eb:87:1c:
97:94:12:b0:0f:16:1a:74:8b:d3:b5:8d:82:6a:08:3f:f5:e2:
25:bb:36:9c:2e:a2:46:7c:a5:df:4e:2c:b4:88:6d:bf:a8:7e:
39:ea:83:7e:2f:96:08:ca:21:2d:f6:25:1f:24:9c:4b:f1:fc:
c4:5e:a8:9a:db:6c:19:2e:a0:e4:8f:ec:c9:e8:5a:8d:c7:06:
6d:c9:aa:0c:d7:50:65:b6:27:a9:c9:2e:04:ba:64:7e:8b:63:
6f:68:99:21:21:1f:a0:db:ad:49:0e:5c:ce:f8:df:da:45:84:
c6:7e:18:88:25:20:8b:08:3b:b0:ef:e3:3b:7c:36:d7:35:17:
b2:8c:2a:b5:0f:37:a8:64:93:1a:97:a4:97:f7:4c:63:6d:92:
00:5b:ba:f4:41:40:d0:8d:1a:d1:38:f8:1a:16:d6:3d:2e:62:
a8:9a:8f:28:55:8a:2f:00:43:86:c0:40:3f:5a:e6:2c:d7:7f:
ab:a9:21:38:62:da:2f:22:e1:20:4f:9d:e6:09:4b:69:1d:f9:
da:b7:3d:ff:5e:51:b4:89:11:07:ba:de:9c:04:4d:25:bf:da:
11:51:58:3c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUE9czyeDmXYxB+9L2QL1SoN2fix0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA4MDAyMjU3WhcNMjUxMTEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BkNTcwZmQ5NTEzMWQ4ZWQ0MGRmOTIzMTc2YmUyMTRlMDJk
NzFlYjg0ZTEzNzFjYWMwNDBmMzRmNDhkNmEwMjNkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7sscA35QrLZGjSsIfRDThfysTvKXDCj39ew0L01+bJabK
Ertg1uQ+Nh1lL2KdITmPfmmyNQvdu2+vgm+O0B9wJOpSAA8gBgJWr18NDGPk932l
IrpfSxSzollixIFH3BwQdgSOJV/kVOTfmrKx0Yb1HWK7EoPD2fwIGC5Vdq/d6khA
tXKH6ummj5oPWJXT4O0mDUnWwmYC/yN0zgh4qY38AUNk1cFEV6MxRf675VuK2b0q
dIdPwiEv69ZpOrmvOo0AUpPdhthVu3WMiGByBQNqrRqNs1NbLCK1qsQHyAuqnJYb
bHviJ5xK39TQboCNMO3ybk93d6azAqh4X2aM5FcbAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUtsDqinhcFDJCOf8asqHO61e/fnkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNhYzIyMGE2LTBlMDYtNDBhOC1iNDRlLTRmYmIzNzM0OTk4Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABGguQwDQYJKoZIhvcNAQELBQADggEBABGHOGHwvwTT820VqMlOXTqlcMff
yT8f21gKS4mLeyXO5+uHHJeUErAPFhp0i9O1jYJqCD/14iW7NpwuokZ8pd9OLLSI
bb+ofjnqg34vlgjKIS32JR8knEvx/MReqJrbbBkuoOSP7MnoWo3HBm3JqgzXUGW2
J6nJLgS6ZH6LY29omSEhH6DbrUkOXM7439pFhMZ+GIglIIsIO7Dv4zt8Ntc1F7KM
KrUPN6hkkxqXpJf3TGNtkgBbuvRBQNCNGtE4+BoW1j0uYqiajyhVii8AQ4bAQD9a
5izXf6upIThi2i8i4SBPneYJS2kd+dq3Pf9eUbSJEQe63pwETSW/2hFRWDw=
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:53:44 2025 by rpki-client