Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/47a95b2d-b390-454d-b7fe-61f0be7e13af.roa
File: 47a95b2d-b390-454d-b7fe-61f0be7e13af.roa (raw, json)
Hash identifier: bsKkyBqooBJs8LZB5yrxqcT24qD/SEBMesAvIik48KU=
Subject key identifier: 7B:AD:25:A7:20:25:41:BC:29:3B:97:54:2E:99:22:BD:C1:94:2D:BD
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 5F41B2614C8316EBB8DEEFA586AE4B348F4F2F2F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/47a95b2d-b390-454d-b7fe-61f0be7e13af.roa
Signing time: Mon 29 Sep 2025 15:02:06 +0000
ROA not before: Mon 29 Sep 2025 15:02:06 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 131.127.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:41:b2:61:4c:83:16:eb:b8:de:ef:a5:86:ae:4b:34:8f:4f:2f:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Sep 29 15:02:06 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=6847b5d20878b8f3870995b680b888e45c60db86ea3edbb6d5058ce7180e9872, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:3d:b8:63:27:61:1a:a4:10:fc:be:b7:f3:cc:
b7:46:53:fe:c5:b2:98:88:3c:e8:8d:65:d8:28:4d:
1d:46:7f:cf:e0:f9:9c:b3:4d:e8:3e:1d:b5:96:06:
2f:c0:56:e9:b6:84:a6:6f:15:53:97:4f:ff:0b:c4:
54:00:1a:b4:41:29:e5:b2:45:d7:09:e9:ae:05:71:
fc:f8:4a:48:10:36:e9:fd:dd:7f:29:bd:33:b9:60:
b1:af:a7:bd:46:36:e1:16:67:d7:f1:ae:9b:3f:34:
cc:ba:0b:6b:61:08:f4:a5:32:6f:9e:1b:46:d2:96:
b1:00:d4:16:69:45:90:d7:52:4f:99:69:9f:2c:ed:
22:77:1f:ed:4d:5e:6c:8d:e6:9c:54:45:9b:8b:09:
17:c4:07:b4:8c:39:3e:6a:f8:a2:43:52:51:a4:2c:
81:37:8c:61:3e:ef:b4:01:07:4f:b7:7f:30:6c:08:
ff:0c:31:c0:b5:f3:90:89:92:14:88:79:25:18:2f:
f3:ab:19:fa:08:44:ad:67:5d:aa:2e:0a:5a:d1:8d:
65:6f:55:75:1f:6e:1b:bb:f5:1c:d2:25:a3:87:94:
2b:f4:12:44:a5:98:85:dd:84:71:77:5c:e8:e3:5f:
6e:d1:7c:ae:a7:a1:24:61:94:fb:7e:9c:a5:83:a8:
25:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:AD:25:A7:20:25:41:BC:29:3B:97:54:2E:99:22:BD:C1:94:2D:BD
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/47a95b2d-b390-454d-b7fe-61f0be7e13af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.127.0.0/16
Signature Algorithm: sha256WithRSAEncryption
19:f0:e1:c5:3e:61:83:87:a7:bf:25:83:38:40:c3:23:81:c1:
50:76:0d:dc:ef:cb:97:c4:93:cb:64:1e:37:38:3b:26:d1:7a:
f3:ef:de:42:ac:cf:d8:23:6c:a4:ed:59:2d:93:b4:eb:d9:06:
a5:89:5c:a4:ab:ba:d2:2b:a2:a8:27:68:f1:1b:c9:0a:88:00:
7b:e0:88:2d:03:10:66:38:16:00:ca:f6:4a:c0:8e:66:4d:94:
05:ad:19:f0:8b:84:6e:0b:43:0f:28:77:52:49:42:ee:99:7d:
a8:7e:86:60:12:e3:f5:26:05:36:d3:9f:6b:6d:a0:6b:79:bd:
5c:24:74:28:a3:0e:5f:0c:1f:68:f3:6e:04:99:50:a5:e0:8f:
b8:07:e1:e8:f5:02:bd:95:5c:72:2d:d6:36:d3:43:c4:bf:e7:
41:ab:81:30:1b:69:7b:d6:6d:94:55:0a:90:a8:8c:3b:93:f1:
33:ea:01:7f:45:08:e3:03:72:43:51:2b:06:51:8f:ca:ca:45:
8a:23:23:f4:9c:3c:06:88:a3:27:0f:bd:d2:c1:13:e1:8f:46:
b0:b6:f2:79:ea:10:ba:a5:1b:4c:34:7d:5a:e1:90:63:0e:e0:
03:38:d7:0f:10:0e:68:45:ca:45:f5:5f:dc:e8:41:54:a0:c5:
89:cf:c0:da
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUX0GyYUyDFuu43u+lhq5LNI9PLy8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI5MTUwMjA2WhcNMjUxMTAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A2ODQ3YjVkMjA4NzhiOGYzODcwOTk1YjY4MGI4ODhlNDVj
NjBkYjg2ZWEzZWRiYjZkNTA1OGNlNzE4MGU5ODcyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpPbhjJ2EapBD8vrfzzLdGU/7FspiIPOiNZdgoTR1Gf8/g
+ZyzTeg+HbWWBi/AVum2hKZvFVOXT/8LxFQAGrRBKeWyRdcJ6a4Fcfz4SkgQNun9
3X8pvTO5YLGvp71GNuEWZ9fxrps/NMy6C2thCPSlMm+eG0bSlrEA1BZpRZDXUk+Z
aZ8s7SJ3H+1NXmyN5pxURZuLCRfEB7SMOT5q+KJDUlGkLIE3jGE+77QBB0+3fzBs
CP8MMcC185CJkhSIeSUYL/OrGfoIRK1nXaouClrRjWVvVXUfbhu79RzSJaOHlCv0
EkSlmIXdhHF3XOjjX27RfK6noSRhlPt+nKWDqCUrAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUe60lpyAlQbwpO5dULpkivcGULb0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ3YTk1YjJkLWIzOTAtNDU0ZC1iN2ZlLTYxZjBiZTdlMTNhZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCDfzANBgkqhkiG9w0BAQsFAAOCAQEAGfDhxT5hg4envyWDOEDDI4HBUHYN
3O/Ll8STy2QeNzg7JtF68+/eQqzP2CNspO1ZLZO069kGpYlcpKu60iuiqCdo8RvJ
CogAe+CILQMQZjgWAMr2SsCOZk2UBa0Z8IuEbgtDDyh3UklC7pl9qH6GYBLj9SYF
NtOfa22ga3m9XCR0KKMOXwwfaPNuBJlQpeCPuAfh6PUCvZVcci3WNtNDxL/nQauB
MBtpe9ZtlFUKkKiMO5PxM+oBf0UI4wNyQ1ErBlGPyspFiiMj9Jw8BoijJw+90sET
4Y9GsLbyeeoQuqUbTDR9WuGQYw7gAzjXDxAOaEXKRfVf3OhBVKDFic/A2g==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:45:10 2025 by rpki-client