Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/51f5b9b5-7986-48f5-b8ca-65770c13d249.roa
File: 51f5b9b5-7986-48f5-b8ca-65770c13d249.roa (raw, json)
Hash identifier: 2hkN4Xlipaso0VyVyN32lhUt4AIKn7OqANuWB/GX9u8=
Subject key identifier: 34:F7:B1:C3:F9:74:21:14:1F:04:92:9B:6A:73:8A:BD:59:D7:3A:86
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 394264233B45759033BCBAA3831293C1E4E8E885
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/51f5b9b5-7986-48f5-b8ca-65770c13d249.roa
Signing time: Sat 27 Sep 2025 00:11:17 +0000
ROA not before: Sat 27 Sep 2025 00:11:17 +0000
ROA not after: Sat 01 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1f68:6000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:42:64:23:3b:45:75:90:33:bc:ba:a3:83:12:93:c1:e4:e8:e8:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Sep 27 00:11:17 2025 GMT
Not After : Nov 1 23:59:59 2025 GMT
Subject: serialNumber=a91b553c9da71857a11184790a4bd4a6bb29fcb91a9e3d424d62e38c072ca826, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6d:e2:39:9c:73:39:f8:31:0e:80:ad:ab:38:
be:d0:f1:92:e1:8f:77:52:41:d7:ac:4a:45:86:7e:
a4:75:63:df:d2:30:4d:8a:ad:36:3b:49:25:3f:21:
7d:81:7f:a6:d0:ae:ad:78:69:dd:f8:77:2c:e4:29:
db:e9:69:59:ef:ba:eb:ef:9f:28:f8:98:76:af:20:
ff:9f:9e:80:f9:7c:48:22:6e:24:72:87:dd:c1:1a:
d4:f5:15:31:21:de:b3:1d:99:64:56:4f:f8:67:fa:
8f:79:28:2b:e9:b1:4d:76:24:f4:54:31:26:c7:8b:
d7:35:a3:77:35:c7:09:03:84:25:6c:b6:31:ee:15:
3d:6e:2e:05:fe:e4:af:6c:f5:b0:f2:ba:ef:41:dc:
04:67:4d:1c:3a:e3:a1:4a:7a:24:5a:e4:21:a4:cd:
eb:e2:d3:15:1c:c6:1c:3d:56:75:a2:b6:6c:09:e4:
18:4b:c2:88:a5:20:e8:27:c8:f3:0a:5e:8d:d2:b9:
f1:ca:65:22:ff:2f:61:85:b5:22:77:88:48:29:c3:
78:ad:c1:2e:8c:ff:4f:fe:a6:19:51:de:0f:a1:95:
8f:10:e1:c0:89:b9:07:20:83:0a:fd:55:ea:07:d0:
ef:34:18:7f:05:09:06:f2:c0:ab:ef:83:3a:e5:a5:
69:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:F7:B1:C3:F9:74:21:14:1F:04:92:9B:6A:73:8A:BD:59:D7:3A:86
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/51f5b9b5-7986-48f5-b8ca-65770c13d249.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1f68:6000::/40
Signature Algorithm: sha256WithRSAEncryption
1e:44:c8:b7:2a:39:8c:29:0f:66:60:54:be:38:04:da:7b:4e:
f4:3d:28:7e:9f:33:0e:c1:7d:0d:88:0d:7c:41:1e:34:53:42:
a8:7e:9e:43:8e:05:2d:0b:9d:61:7f:00:62:d0:ec:15:cc:c9:
1e:b3:48:13:30:f5:25:70:61:87:03:e7:90:0e:52:c5:88:7a:
78:f0:19:98:76:3d:0d:fb:71:41:f6:c5:d9:62:4d:1e:dd:11:
b7:04:07:85:4c:8d:3b:e1:a1:a5:bd:60:2b:fa:ba:49:29:7e:
de:96:45:67:59:13:66:61:87:13:36:84:8c:63:ec:ec:2b:bf:
b4:fc:53:c5:fa:d3:cd:95:04:df:68:13:71:b0:6d:c6:c6:90:
02:8c:62:93:43:11:38:39:80:bc:54:3b:8c:3e:ef:df:83:96:
fc:f9:94:51:e2:bb:d5:5c:15:1b:07:12:59:30:6b:a3:69:5e:
ef:ed:c9:13:2f:ba:c5:bc:a8:d6:dd:ab:1a:26:ac:21:2f:a4:
5f:09:4a:a1:d4:2c:6f:55:71:38:db:c9:2d:d7:76:75:a0:fd:
c8:ec:c9:fc:f6:8a:39:b6:70:6a:e4:ae:c0:19:be:04:d6:e5:
a5:04:15:f6:30:ca:3b:01:db:40:9e:30:90:a6:96:33:af:cb:
af:d0:01:66
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUOUJkIztFdZAzvLqjgxKTweTo6IUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI3MDAxMTE3WhcNMjUxMTAxMjM1OTU5
WjB6MUkwRwYDVQQFE0BhOTFiNTUzYzlkYTcxODU3YTExMTg0NzkwYTRiZDRhNmJi
MjlmY2I5MWE5ZTNkNDI0ZDYyZTM4YzA3MmNhODI2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCnbeI5nHM5+DEOgK2rOL7Q8ZLhj3dSQdesSkWGfqR1Y9/S
ME2KrTY7SSU/IX2Bf6bQrq14ad34dyzkKdvpaVnvuuvvnyj4mHavIP+fnoD5fEgi
biRyh93BGtT1FTEh3rMdmWRWT/hn+o95KCvpsU12JPRUMSbHi9c1o3c1xwkDhCVs
tjHuFT1uLgX+5K9s9bDyuu9B3ARnTRw646FKeiRa5CGkzevi0xUcxhw9VnWitmwJ
5BhLwoilIOgnyPMKXo3SufHKZSL/L2GFtSJ3iEgpw3itwS6M/0/+phlR3g+hlY8Q
4cCJuQcggwr9VeoH0O80GH8FCQbywKvvgzrlpWnzAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUNPexw/l0IRQfBJKbanOKvVnXOoYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzUxZjViOWI1LTc5ODYtNDhmNS1iOGNhLTY1NzcwYzEzZDI0OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9oYDANBgkqhkiG9w0BAQsFAAOCAQEAHkTItyo5jCkPZmBUvjgE2ntO
9D0ofp8zDsF9DYgNfEEeNFNCqH6eQ44FLQudYX8AYtDsFczJHrNIEzD1JXBhhwPn
kA5SxYh6ePAZmHY9DftxQfbF2WJNHt0RtwQHhUyNO+Ghpb1gK/q6SSl+3pZFZ1kT
ZmGHEzaEjGPs7Cu/tPxTxfrTzZUE32gTcbBtxsaQAoxik0MRODmAvFQ7jD7v34OW
/PmUUeK71VwVGwcSWTBro2le7+3JEy+6xbyo1t2rGiasIS+kXwlKodQsb1VxONvJ
Ldd2daD9yOzJ/PaKObZwauSuwBm+BNblpQQV9jDKOwHbQJ4wkKaWM6/Lr9ABZg==
-----END CERTIFICATE-----
Generated at Tue Oct 21 02:09:11 2025 by rpki-client