Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/403ca52e-d3b9-48df-9d71-d68c184dfd1e.roa
File: 403ca52e-d3b9-48df-9d71-d68c184dfd1e.roa (raw, json)
Hash identifier: eng8JauPksQcTFrhmex0wYkMgKGbAkMoS6z5Nb8dvwE=
Subject key identifier: 71:9C:41:4B:68:6E:A9:29:42:E0:4E:F7:A2:54:BC:3E:1D:6B:A5:D8
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 77DD54B0BA7021DA5D5FF0B0B37EE884306A0A1D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/403ca52e-d3b9-48df-9d71-d68c184dfd1e.roa
Signing time: Tue 14 Oct 2025 17:42:52 +0000
ROA not before: Tue 14 Oct 2025 17:42:52 +0000
ROA not after: Tue 18 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 71.152.123.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:dd:54:b0:ba:70:21:da:5d:5f:f0:b0:b3:7e:e8:84:30:6a:0a:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 14 17:42:52 2025 GMT
Not After : Nov 18 23:59:59 2025 GMT
Subject: serialNumber=469bfff40d0b74de1f533ce106d49fdb6d1ac31f995ba965c03dee178652ced1, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:16:fb:21:f6:ef:f5:5f:61:4f:d8:bf:a6:f9:
9e:0a:e5:7d:64:cd:f3:94:bb:98:5f:a8:8f:03:41:
bc:f6:d1:70:ef:99:98:d7:de:19:f3:c0:23:bd:30:
c7:e9:b9:0e:6d:dc:a8:dd:c6:ca:44:20:0a:ae:5f:
08:be:01:7c:f9:bf:21:35:1e:b6:95:b9:22:38:6d:
c5:0e:8d:0c:af:dd:08:81:36:5d:fb:09:a3:4c:64:
94:0c:a4:bf:6e:a6:60:b9:69:84:5c:ed:ce:94:e0:
8e:23:ba:90:e4:c6:66:e1:d2:a5:c3:0a:79:ad:82:
2c:f0:73:f3:cf:46:09:af:01:2f:d2:62:d8:d8:5a:
0a:b3:b1:f0:d0:77:a8:ac:9b:3c:cc:2f:7b:3d:34:
c5:93:a6:e2:d5:b8:13:db:8d:4c:02:4b:ac:b4:ef:
31:ad:a4:ab:13:df:a1:84:7e:e3:21:68:f2:8d:69:
6e:13:f5:39:c6:6e:56:20:2a:c3:55:55:19:cc:4d:
d0:b5:97:0a:eb:46:ce:47:73:66:08:d9:77:26:2a:
1a:58:ca:48:1a:40:82:7e:00:4b:ca:02:44:e6:9a:
6c:07:55:0e:00:7d:55:62:82:41:02:64:be:6d:db:
c8:34:98:77:ff:b8:05:2c:a1:03:96:a6:e3:7f:b4:
e0:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:9C:41:4B:68:6E:A9:29:42:E0:4E:F7:A2:54:BC:3E:1D:6B:A5:D8
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/403ca52e-d3b9-48df-9d71-d68c184dfd1e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
71.152.123.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:9d:36:f9:95:06:0e:cd:93:88:99:68:a3:0e:e2:bd:07:bb:
31:97:7a:1b:cf:78:a2:22:68:67:65:1a:63:14:43:ba:1a:5d:
9e:03:7e:4f:01:76:68:42:e1:c1:82:fd:3b:91:d9:e7:69:d2:
b1:5b:11:9b:f9:94:9b:97:35:65:38:70:2c:a7:ef:73:04:75:
dc:43:18:36:c5:d6:1a:3e:75:7e:6c:b6:de:17:ab:37:b0:86:
ba:79:82:df:6e:63:28:b7:bb:9b:e0:26:d9:cd:92:51:ce:13:
43:81:ee:c4:93:ff:3c:e9:36:3d:ab:da:f3:1d:38:96:4d:57:
ca:cc:94:03:44:b4:6a:e7:52:2e:0d:35:64:7a:50:f9:9b:98:
12:80:b4:0f:40:de:df:46:0c:44:4a:d7:9d:8f:99:55:6c:23:
84:c5:fe:bc:01:f9:70:f0:81:0f:4f:2f:43:50:1a:c6:9b:a3:
23:b3:dc:4e:e5:b0:4e:4f:d0:50:2a:58:cc:92:23:14:cc:ee:
b6:6f:f3:54:cb:93:c8:ac:aa:21:4c:59:a5:cc:40:53:7b:be:
47:63:42:b0:26:3a:1c:4d:90:71:4c:de:59:b5:d0:32:dd:c4:
80:73:7e:c7:2a:f5:a5:b9:2b:fd:46:e1:9c:90:cb:15:0a:c5:
f0:fd:a7:dd
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUd91UsLpwIdpdX/Cws37ohDBqCh0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE0MTc0MjUyWhcNMjUxMTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A0NjliZmZmNDBkMGI3NGRlMWY1MzNjZTEwNmQ0OWZkYjZk
MWFjMzFmOTk1YmE5NjVjMDNkZWUxNzg2NTJjZWQxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDWFvsh9u/1X2FP2L+m+Z4K5X1kzfOUu5hfqI8DQbz20XDv
mZjX3hnzwCO9MMfpuQ5t3KjdxspEIAquXwi+AXz5vyE1HraVuSI4bcUOjQyv3QiB
Nl37CaNMZJQMpL9upmC5aYRc7c6U4I4jupDkxmbh0qXDCnmtgizwc/PPRgmvAS/S
YtjYWgqzsfDQd6ismzzML3s9NMWTpuLVuBPbjUwCS6y07zGtpKsT36GEfuMhaPKN
aW4T9TnGblYgKsNVVRnMTdC1lwrrRs5Hc2YI2XcmKhpYykgaQIJ+AEvKAkTmmmwH
VQ4AfVVigkECZL5t28g0mHf/uAUsoQOWpuN/tOCbAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUcZxBS2huqSlC4E73olS8Ph1rpdgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQwM2NhNTJlLWQzYjktNDhkZi05ZDcxLWQ2OGMxODRkZmQxZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABHmHswDQYJKoZIhvcNAQELBQADggEBADqdNvmVBg7Nk4iZaKMO4r0HuzGX
ehvPeKIiaGdlGmMUQ7oaXZ4Dfk8BdmhC4cGC/TuR2edp0rFbEZv5lJuXNWU4cCyn
73MEddxDGDbF1ho+dX5stt4Xqzewhrp5gt9uYyi3u5vgJtnNklHOE0OB7sST/zzp
Nj2r2vMdOJZNV8rMlANEtGrnUi4NNWR6UPmbmBKAtA9A3t9GDERK152PmVVsI4TF
/rwB+XDwgQ9PL0NQGsaboyOz3E7lsE5P0FAqWMySIxTM7rZv81TLk8isqiFMWaXM
QFN7vkdjQrAmOhxNkHFM3lm10DLdxIBzfscq9aW5K/1G4ZyQyxUKxfD9p90=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:48:58 2025 by rpki-client