Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4b686aa2-54bd-4401-b362-571c7282451f.roa
File: 4b686aa2-54bd-4401-b362-571c7282451f.roa (raw, json)
Hash identifier: 2IJav3wgJAvB4P7v3QT6LLi+o66yrwoZR/FCeCzJZ+E=
Subject key identifier: F8:BB:6D:DC:92:99:AE:B2:6B:21:75:F6:44:85:7E:F3:35:31:94:A6
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 06139BAA159F535E08417CFD0534869CF0C37356
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4b686aa2-54bd-4401-b362-571c7282451f.roa
Signing time: Fri 03 Oct 2025 00:51:16 +0000
ROA not before: Fri 03 Oct 2025 00:51:16 +0000
ROA not after: Fri 07 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 99.78.192.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:13:9b:aa:15:9f:53:5e:08:41:7c:fd:05:34:86:9c:f0:c3:73:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 3 00:51:16 2025 GMT
Not After : Nov 7 23:59:59 2025 GMT
Subject: serialNumber=233df6389e1e2c46188df3012bfaef1742b80565b38bb5850fce0a4ed173c1d1, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ca:e4:d4:70:01:a0:18:c7:04:6d:a2:b0:67:
d6:7e:2b:b0:4a:3b:4b:2f:80:5d:d5:5e:bb:a9:f4:
02:ce:8b:9a:ce:88:9b:71:2f:60:71:1e:06:dd:b7:
eb:3b:bb:67:38:a1:b2:b6:25:33:72:cc:09:32:35:
40:ab:f2:11:05:0f:79:98:22:35:3c:4c:91:c9:f3:
69:f1:2e:f7:d4:51:38:34:54:e1:ab:9c:28:80:7d:
9d:bd:cc:a0:cb:60:9c:f2:ce:27:40:f2:da:cb:45:
90:c6:fc:b5:aa:58:3e:8b:74:4c:6a:ab:79:11:87:
3c:a6:04:cf:0d:b0:93:56:58:71:a1:4e:c8:ed:96:
d2:5e:da:f0:e8:99:b4:b3:59:6f:18:59:a5:de:80:
57:e2:dd:48:38:9a:8c:d4:bf:13:61:93:a9:74:cb:
95:90:1d:6c:7c:c9:92:0c:60:96:eb:3a:6e:71:28:
2b:21:5b:67:22:42:ca:ad:dc:a1:f5:39:ce:31:5a:
00:69:0d:0e:5a:18:f8:bc:a8:e6:2d:f6:8c:60:14:
27:ca:c6:bb:c5:56:b3:4b:ef:82:57:fb:41:39:99:
4f:20:b0:9b:d8:e5:65:62:9f:a6:2f:46:e4:ff:3b:
81:7d:1b:7f:11:67:7b:44:b1:d2:91:7a:c3:67:cc:
65:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:BB:6D:DC:92:99:AE:B2:6B:21:75:F6:44:85:7E:F3:35:31:94:A6
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4b686aa2-54bd-4401-b362-571c7282451f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
99.78.192.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:d3:c6:c1:a6:6c:29:c8:65:b2:75:f3:29:c1:e0:d5:25:ea:
45:35:fb:d3:8f:f4:9c:69:8a:67:f7:14:a9:4d:8c:2e:28:7e:
2a:85:84:20:c5:72:56:91:53:93:36:6a:3f:26:be:0e:fd:17:
a2:38:98:ff:4c:f1:bd:9a:8f:50:10:dc:d7:44:75:36:7e:59:
fb:36:e3:09:52:4e:ef:d5:b3:04:2b:f9:80:b1:95:50:50:24:
ca:e9:44:3f:f6:eb:d6:f3:11:b4:78:81:8d:a9:70:ab:90:d8:
5a:d0:74:79:85:89:72:94:fa:2c:ac:c7:1e:b5:52:24:5a:7b:
a0:d4:ef:11:2c:51:40:3b:f3:da:2e:5b:30:5a:34:96:a3:74:
ac:f6:f0:3d:28:eb:4f:4e:c1:ab:8b:ba:29:14:c7:cb:46:c2:
5a:41:ea:7d:1f:4f:6a:f8:76:92:e2:6e:80:22:0b:45:6f:94:
15:fd:b8:1e:1e:08:8b:85:80:08:09:40:ea:87:a3:9d:0d:3a:
7a:10:1f:33:ab:61:d7:88:a6:b3:c4:19:6e:b8:16:ed:17:ad:
a7:f6:fa:c5:96:d1:96:16:f2:f0:d9:86:5f:c2:33:6d:22:3f:
5a:15:0e:72:7c:05:c1:e5:c9:26:c3:bf:e5:4d:fc:3f:bf:a1:
5b:23:ae:db
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBhObqhWfU14IQXz9BTSGnPDDc1YwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAzMDA1MTE2WhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0AyMzNkZjYzODllMWUyYzQ2MTg4ZGYzMDEyYmZhZWYxNzQy
YjgwNTY1YjM4YmI1ODUwZmNlMGE0ZWQxNzNjMWQxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDGyuTUcAGgGMcEbaKwZ9Z+K7BKO0svgF3VXrup9ALOi5rO
iJtxL2BxHgbdt+s7u2c4obK2JTNyzAkyNUCr8hEFD3mYIjU8TJHJ82nxLvfUUTg0
VOGrnCiAfZ29zKDLYJzyzidA8trLRZDG/LWqWD6LdExqq3kRhzymBM8NsJNWWHGh
TsjtltJe2vDombSzWW8YWaXegFfi3Ug4mozUvxNhk6l0y5WQHWx8yZIMYJbrOm5x
KCshW2ciQsqt3KH1Oc4xWgBpDQ5aGPi8qOYt9oxgFCfKxrvFVrNL74JX+0E5mU8g
sJvY5WVin6YvRuT/O4F9G38RZ3tEsdKResNnzGX3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU+Ltt3JKZrrJrIXX2RIV+8zUxlKYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRiNjg2YWEyLTU0YmQtNDQwMS1iMzYyLTU3MWM3MjgyNDUxZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJjTsAwDQYJKoZIhvcNAQELBQADggEBAKPTxsGmbCnIZbJ18ynB4NUl6kU1
+9OP9Jxpimf3FKlNjC4ofiqFhCDFclaRU5M2aj8mvg79F6I4mP9M8b2aj1AQ3NdE
dTZ+Wfs24wlSTu/VswQr+YCxlVBQJMrpRD/269bzEbR4gY2pcKuQ2FrQdHmFiXKU
+iysxx61UiRae6DU7xEsUUA789ouWzBaNJajdKz28D0o609OwauLuikUx8tGwlpB
6n0fT2r4dpLiboAiC0VvlBX9uB4eCIuFgAgJQOqHo50NOnoQHzOrYdeIprPEGW64
Fu0Xraf2+sWW0ZYW8vDZhl/CM20iP1oVDnJ8BcHlySbDv+VN/D+/oVsjrts=
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:19:23 2025 by rpki-client