Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/533f99b1-b818-4380-8b49-b128210a3f25.roa
File: 533f99b1-b818-4380-8b49-b128210a3f25.roa (raw, json)
Hash identifier: UlxH8wFavyz3yQfF2/6Xxe2T7gHA8HjhW/I3ck8iNy4=
Subject key identifier: F6:9F:3E:F5:46:EE:73:F5:C0:B7:F1:E2:60:32:3A:4A:53:03:52:D6
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 58ED2BAF2CE98226057FD6EF90529F6B94525B5C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/533f99b1-b818-4380-8b49-b128210a3f25.roa
Signing time: Wed 01 Oct 2025 00:03:07 +0000
ROA not before: Wed 01 Oct 2025 00:03:07 +0000
ROA not after: Wed 05 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 207.221.0.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:ed:2b:af:2c:e9:82:26:05:7f:d6:ef:90:52:9f:6b:94:52:5b:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 1 00:03:07 2025 GMT
Not After : Nov 5 23:59:59 2025 GMT
Subject: serialNumber=403606bca36e172f8c8bf54a6c5548546ed3f00a3ee555abd79904a6a9f6a445, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:6d:85:99:61:48:0d:25:7c:11:29:97:57:92:
40:28:93:df:8f:e8:61:1c:88:2a:26:e1:10:78:53:
f3:17:60:5c:77:33:c2:49:c7:a7:55:79:1c:4b:5d:
15:a1:ed:70:9e:b3:63:da:09:6a:db:94:0b:e5:5a:
b6:3c:05:72:73:29:98:a9:53:03:2b:c9:84:27:84:
36:86:f2:db:44:4f:97:c0:37:b7:d5:e0:04:de:74:
d5:04:5b:bd:5c:38:c3:7e:a4:f2:c4:77:de:9e:04:
79:5e:85:aa:85:e9:b6:09:e9:2b:10:87:57:ff:dc:
49:16:83:4c:92:59:36:c4:13:a4:25:9f:24:7e:06:
1f:d3:19:cf:2c:3d:c0:d4:83:23:e9:ad:64:c3:2b:
00:a8:04:09:2a:e3:53:38:5b:76:3f:98:80:4f:33:
f2:54:a0:39:2a:a3:76:22:a0:30:9d:19:91:23:b5:
29:97:37:4e:f4:f8:9b:ec:82:a7:7f:a9:05:ef:f5:
66:11:b3:9a:da:7c:d4:4d:aa:25:77:88:2b:0a:e9:
72:4e:d0:84:47:2b:5c:ef:ef:fb:40:1f:64:76:85:
6f:62:97:85:22:97:d2:1c:b6:ce:15:20:bc:ec:4a:
96:c6:7a:22:48:72:88:19:1b:f1:ab:c7:2d:bf:e0:
d7:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:9F:3E:F5:46:EE:73:F5:C0:B7:F1:E2:60:32:3A:4A:53:03:52:D6
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/533f99b1-b818-4380-8b49-b128210a3f25.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
207.221.0.0/19
Signature Algorithm: sha256WithRSAEncryption
48:92:c9:eb:d2:b5:c6:4c:25:e2:67:44:f9:36:f8:d7:78:a5:
1f:31:ea:a6:b0:3a:53:93:3b:1b:15:b4:08:91:db:02:16:bd:
cb:33:e5:e1:de:4f:2c:a8:2a:84:02:38:5c:5d:55:ae:d6:4a:
60:f8:99:49:f1:99:56:e8:81:f7:68:fd:94:92:a3:ce:03:40:
55:7c:68:fd:c3:e1:f4:1c:77:bb:67:97:b9:15:6b:11:19:13:
67:1b:fd:46:93:0b:14:e9:04:42:a1:12:e1:4b:e3:d4:02:88:
0b:93:28:5d:c7:66:47:02:a9:05:11:59:41:c2:a8:c7:1c:fe:
2d:9d:68:01:cd:51:ee:d2:af:52:50:bb:70:05:d4:4f:68:33:
81:3a:e5:8e:06:c3:77:18:87:f9:03:e2:37:f6:de:07:92:2d:
3a:97:f8:f8:a9:6a:41:0b:bf:c6:69:58:d5:6c:0a:bd:b3:46:
ba:a2:c5:28:77:d6:cb:c9:7a:b0:dc:7a:f8:dc:b5:e0:5d:89:
2b:92:0d:a2:f6:6e:38:51:a4:ad:59:bb:82:27:04:6a:b9:5b:
32:6e:d4:4a:dd:09:90:1b:99:7a:f8:e0:fe:19:a8:90:72:7c:
46:7e:78:a6:29:01:3e:fd:46:18:fc:b1:69:bb:78:d6:d2:35:
88:a9:86:07
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWO0rryzpgiYFf9bvkFKfa5RSW1wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDAwMzA3WhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A0MDM2MDZiY2EzNmUxNzJmOGM4YmY1NGE2YzU1NDg1NDZl
ZDNmMDBhM2VlNTU1YWJkNzk5MDRhNmE5ZjZhNDQ1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/bYWZYUgNJXwRKZdXkkAok9+P6GEciCom4RB4U/MXYFx3
M8JJx6dVeRxLXRWh7XCes2PaCWrblAvlWrY8BXJzKZipUwMryYQnhDaG8ttET5fA
N7fV4ATedNUEW71cOMN+pPLEd96eBHlehaqF6bYJ6SsQh1f/3EkWg0ySWTbEE6Ql
nyR+Bh/TGc8sPcDUgyPprWTDKwCoBAkq41M4W3Y/mIBPM/JUoDkqo3YioDCdGZEj
tSmXN070+Jvsgqd/qQXv9WYRs5rafNRNqiV3iCsK6XJO0IRHK1zv7/tAH2R2hW9i
l4Uil9Icts4VILzsSpbGeiJIcogZG/Grxy2/4Nd5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU9p8+9Ubuc/XAt/HiYDI6SlMDUtYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzUzM2Y5OWIxLWI4MTgtNDM4MC04YjQ5LWIxMjgyMTBhM2YyNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXP3QAwDQYJKoZIhvcNAQELBQADggEBAEiSyevStcZMJeJnRPk2+Nd4pR8x
6qawOlOTOxsVtAiR2wIWvcsz5eHeTyyoKoQCOFxdVa7WSmD4mUnxmVbogfdo/ZSS
o84DQFV8aP3D4fQcd7tnl7kVaxEZE2cb/UaTCxTpBEKhEuFL49QCiAuTKF3HZkcC
qQURWUHCqMcc/i2daAHNUe7Sr1JQu3AF1E9oM4E65Y4Gw3cYh/kD4jf23geSLTqX
+PipakELv8ZpWNVsCr2zRrqixSh31svJerDcevjcteBdiSuSDaL2bjhRpK1Zu4In
BGq5WzJu1ErdCZAbmXr44P4ZqJByfEZ+eKYpAT79Rhj8sWm7eNbSNYiphgc=
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:08:14 2025 by rpki-client