Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4a65165a-7d2e-48ce-a1b5-ba82dcc89d14.roa
File: 4a65165a-7d2e-48ce-a1b5-ba82dcc89d14.roa (raw, json)
Hash identifier: y6qKVCbnGgrSjJJ17TlredL+G3Hs0EHT8gziwCCo/t0=
Subject key identifier: 2E:9D:80:F3:AD:D3:12:77:A4:00:A9:0D:31:B0:8F:3A:72:DC:CD:87
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 587962A95FA65ECAD5E3FD58CD58AD1D7B4FF80E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4a65165a-7d2e-48ce-a1b5-ba82dcc89d14.roa
Signing time: Sat 27 Sep 2025 00:03:24 +0000
ROA not before: Sat 27 Sep 2025 00:03:24 +0000
ROA not after: Sat 01 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 202.174.144.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:79:62:a9:5f:a6:5e:ca:d5:e3:fd:58:cd:58:ad:1d:7b:4f:f8:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Sep 27 00:03:24 2025 GMT
Not After : Nov 1 23:59:59 2025 GMT
Subject: serialNumber=32e3e8200b9a1be72472b4d2afbcc604864f70ffc2120ec508b86a414e051c83, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d8:79:b7:8c:8b:1d:57:f5:cc:81:dc:c2:9d:
4e:34:cf:e2:3b:a7:cf:bd:41:9d:03:db:30:e7:a3:
46:ef:cd:29:9f:81:22:9d:8d:e3:d9:72:1c:7e:54:
e3:50:ce:06:f0:0b:0a:d3:33:d5:c0:92:ad:8b:45:
fc:7a:ed:55:aa:ed:d8:05:db:cc:ed:ef:92:98:fe:
c3:09:69:08:c0:49:ef:3e:7a:43:76:33:59:8f:44:
95:08:8d:69:c2:6b:a9:44:5c:19:72:7a:df:56:06:
9c:34:e5:06:c1:53:fc:92:1a:d0:34:5c:ca:9a:17:
16:5f:74:d4:5f:ea:0f:4b:0e:3d:58:eb:8c:1d:4f:
99:ab:46:64:19:a4:c7:0b:da:a6:eb:be:c4:7f:e6:
d2:3d:ea:91:dc:eb:6a:0e:5c:cb:0f:fd:f5:ab:4c:
cc:fa:42:67:e4:0e:78:ba:6e:57:cd:e6:df:55:f8:
a2:08:5d:2c:b8:e8:64:5f:32:49:ea:ed:08:d9:78:
c0:29:8b:0a:ea:39:4f:bf:20:f8:61:1f:e8:ea:6c:
77:f6:06:7e:37:44:23:37:16:1a:59:f5:55:d0:c9:
1e:a0:12:f8:c5:04:b1:32:2f:6b:f2:d1:55:bf:47:
8c:f5:9a:4f:50:72:f5:df:b0:ae:b9:81:e4:ea:fe:
5d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:9D:80:F3:AD:D3:12:77:A4:00:A9:0D:31:B0:8F:3A:72:DC:CD:87
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4a65165a-7d2e-48ce-a1b5-ba82dcc89d14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.174.144.0/21
Signature Algorithm: sha256WithRSAEncryption
d4:de:b6:16:44:86:31:92:6b:62:0e:30:f5:fe:86:f6:79:49:
e6:61:26:75:76:cb:23:02:59:6e:c9:ae:5d:cc:4b:ad:da:52:
0a:f8:f5:d4:fd:2d:6b:49:0c:d2:14:39:db:9f:f4:9b:97:99:
a9:26:a1:77:5e:cb:db:19:22:63:8f:19:b2:ce:86:81:61:31:
66:62:b7:98:28:51:2c:c1:03:68:24:76:c3:9e:c2:59:bd:96:
6c:f5:a7:6b:0a:bc:c5:c4:64:2c:7d:93:85:d6:1b:a8:36:bf:
2a:91:af:8b:fc:ea:64:06:89:6f:4c:e1:23:ae:56:f6:49:95:
d0:0c:bb:30:0b:97:b4:29:45:8e:df:e7:35:27:9e:f4:81:16:
c0:99:58:ba:9c:7d:ab:c1:f9:de:e1:29:fa:88:db:22:f1:03:
e4:1e:e0:59:44:17:ab:4b:57:c5:43:46:87:46:52:97:28:b5:
3b:08:f8:79:91:4a:72:07:be:07:00:2f:4e:fd:3e:fd:0e:2e:
a6:a4:45:2d:44:bc:c7:b9:4e:08:a0:6f:06:c2:9c:2a:b6:40:
d6:ae:31:76:cc:ea:19:f2:77:77:65:f1:0b:f1:ed:0f:b6:2a:
1f:a4:36:b0:b4:73:c3:cc:f8:a7:d0:d6:a6:ee:5a:a6:90:ce:
2d:44:36:1e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWHliqV+mXsrV4/1YzVitHXtP+A4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI3MDAwMzI0WhcNMjUxMTAxMjM1OTU5
WjB6MUkwRwYDVQQFE0AzMmUzZTgyMDBiOWExYmU3MjQ3MmI0ZDJhZmJjYzYwNDg2
NGY3MGZmYzIxMjBlYzUwOGI4NmE0MTRlMDUxYzgzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDP2Hm3jIsdV/XMgdzCnU40z+I7p8+9QZ0D2zDno0bvzSmf
gSKdjePZchx+VONQzgbwCwrTM9XAkq2LRfx67VWq7dgF28zt75KY/sMJaQjASe8+
ekN2M1mPRJUIjWnCa6lEXBlyet9WBpw05QbBU/ySGtA0XMqaFxZfdNRf6g9LDj1Y
64wdT5mrRmQZpMcL2qbrvsR/5tI96pHc62oOXMsP/fWrTMz6QmfkDni6blfN5t9V
+KIIXSy46GRfMknq7QjZeMApiwrqOU+/IPhhH+jqbHf2Bn43RCM3FhpZ9VXQyR6g
EvjFBLEyL2vy0VW/R4z1mk9QcvXfsK65geTq/l1vAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQULp2A863TEnekAKkNMbCPOnLczYcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRhNjUxNjVhLTdkMmUtNDhjZS1hMWI1LWJhODJkY2M4OWQxNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAPKrpAwDQYJKoZIhvcNAQELBQADggEBANTethZEhjGSa2IOMPX+hvZ5SeZh
JnV2yyMCWW7Jrl3MS63aUgr49dT9LWtJDNIUOduf9JuXmakmoXdey9sZImOPGbLO
hoFhMWZit5goUSzBA2gkdsOewlm9lmz1p2sKvMXEZCx9k4XWG6g2vyqRr4v86mQG
iW9M4SOuVvZJldAMuzALl7QpRY7f5zUnnvSBFsCZWLqcfavB+d7hKfqI2yLxA+Qe
4FlEF6tLV8VDRodGUpcotTsI+HmRSnIHvgcAL079Pv0OLqakRS1EvMe5TgigbwbC
nCq2QNauMXbM6hnyd3dl8Qvx7Q+2Kh+kNrC0c8PM+KfQ1qbuWqaQzi1ENh4=
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:01:32 2025 by rpki-client