Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/538d0377-3611-4c1a-a172-2e35b6509d3f.roa
File: 538d0377-3611-4c1a-a172-2e35b6509d3f.roa (raw, json)
Hash identifier: ugisJNBwqONB95jKwJPI947aJOCRWRCWEK9SB00/lX4=
Subject key identifier: E8:A2:C8:68:42:7E:B7:D8:08:9C:AD:E7:73:C7:D7:BC:F1:F6:F4:02
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4641B969DA246AB59A7C868797A454872C0B21A6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/538d0377-3611-4c1a-a172-2e35b6509d3f.roa
Signing time: Fri 17 Oct 2025 20:11:19 +0000
ROA not before: Fri 17 Oct 2025 20:11:19 +0000
ROA not after: Fri 21 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1fff:80a0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:41:b9:69:da:24:6a:b5:9a:7c:86:87:97:a4:54:87:2c:0b:21:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 17 20:11:19 2025 GMT
Not After : Nov 21 23:59:59 2025 GMT
Subject: serialNumber=20a751f3d49a194bbea160dd885eb10dbcc9153a759f14cd896f01f860b947c4, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:2f:fa:ab:d1:8f:50:99:69:b2:17:8f:5d:52:
73:b0:77:e7:a1:0b:d9:e0:23:68:e3:30:e7:1d:93:
42:6a:27:7c:a9:75:23:ad:c3:7e:80:6b:65:a6:cf:
37:14:78:1f:f1:92:9b:4d:07:4d:47:3b:c2:83:f9:
71:01:db:3f:29:09:86:d3:da:c7:e8:82:ed:30:f7:
a9:ab:a0:3a:b4:62:63:d5:ed:d0:07:17:56:72:fa:
da:8f:66:56:d1:f1:88:e1:27:3b:61:c5:d7:2a:9c:
c0:45:a4:0b:e8:e3:d1:31:02:fc:27:42:f8:7e:4e:
4e:94:54:a0:6b:2e:19:1e:8f:6a:e0:a7:d3:e0:2b:
ca:4d:08:d9:00:6c:f8:82:1f:f3:96:88:fc:6b:e7:
ef:f7:8b:b5:8f:e2:01:3d:34:9c:2e:c0:15:9d:5b:
dc:e2:3b:7e:86:19:67:23:57:43:58:27:df:ef:1e:
ef:ce:96:fa:84:b5:b2:0f:75:23:4b:9b:1d:67:34:
9f:36:82:0e:16:72:0a:ba:4a:1e:10:2f:48:3a:ab:
93:98:43:be:73:8d:ac:29:57:41:aa:a9:48:18:c2:
c7:4e:8e:3d:0d:3a:57:5d:35:6b:f6:34:dc:f2:46:
6a:31:23:aa:5f:c7:8f:68:64:d8:7c:6e:02:d9:eb:
97:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:A2:C8:68:42:7E:B7:D8:08:9C:AD:E7:73:C7:D7:BC:F1:F6:F4:02
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/538d0377-3611-4c1a-a172-2e35b6509d3f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1fff:80a0::/48
Signature Algorithm: sha256WithRSAEncryption
0d:86:04:06:b5:ce:f6:9f:d1:a0:0d:f1:83:cc:ae:93:5c:7b:
42:37:b2:32:e1:cf:d8:72:64:25:bb:e5:d7:8b:9a:6f:5f:0f:
ae:06:01:72:ba:b1:60:b1:55:9e:47:e5:f0:25:bb:83:80:c3:
c6:91:cc:7f:9a:b8:9c:05:70:2a:46:bc:a5:09:74:59:23:69:
38:c8:fa:d3:02:14:75:1f:0b:ce:df:39:71:ef:ae:af:a0:42:
e4:4e:2d:05:72:d0:10:42:f5:4e:77:14:de:80:f0:6f:c3:74:
70:04:4c:54:e5:49:3a:b2:ce:fd:2c:84:6a:18:d6:a3:3d:50:
0d:22:b7:8e:fe:17:dd:da:18:d4:45:8d:f4:e1:a2:b0:48:d3:
1b:f4:ca:a6:70:12:ec:91:07:1b:5d:b8:d9:ae:2c:e8:3d:0e:
b8:e7:a9:23:58:21:e4:79:9f:4d:e4:05:76:85:44:f7:56:73:
26:39:7e:9d:a5:1c:dd:c6:2d:0d:d1:45:5f:5e:44:77:4b:94:
a9:eb:55:3a:2c:f6:1d:c3:03:02:b0:13:76:1a:2e:c8:73:95:
cd:a0:00:93:ac:4d:69:73:f2:85:77:b9:f3:a1:36:24:b5:3c:
f4:c4:96:d4:2f:4e:07:35:7b:8b:b2:fa:1c:a5:e1:5a:30:4c:
0c:19:02:11
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIURkG5adokarWafIaHl6RUhywLIaYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE3MjAxMTE5WhcNMjUxMTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0AyMGE3NTFmM2Q0OWExOTRiYmVhMTYwZGQ4ODVlYjEwZGJj
YzkxNTNhNzU5ZjE0Y2Q4OTZmMDFmODYwYjk0N2M0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDDL/qr0Y9QmWmyF49dUnOwd+ehC9ngI2jjMOcdk0JqJ3yp
dSOtw36Aa2WmzzcUeB/xkptNB01HO8KD+XEB2z8pCYbT2sfogu0w96mroDq0YmPV
7dAHF1Zy+tqPZlbR8YjhJzthxdcqnMBFpAvo49ExAvwnQvh+Tk6UVKBrLhkej2rg
p9PgK8pNCNkAbPiCH/OWiPxr5+/3i7WP4gE9NJwuwBWdW9ziO36GGWcjV0NYJ9/v
Hu/OlvqEtbIPdSNLmx1nNJ82gg4Wcgq6Sh4QL0g6q5OYQ75zjawpV0GqqUgYwsdO
jj0NOlddNWv2NNzyRmoxI6pfx49oZNh8bgLZ65dDAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU6KLIaEJ+t9gInK3nc8fXvPH29AIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzUzOGQwMzc3LTM2MTEtNGMxYS1hMTcyLTJlMzViNjUwOWQzZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB//gKAwDQYJKoZIhvcNAQELBQADggEBAA2GBAa1zvaf0aAN8YPMrpNc
e0I3sjLhz9hyZCW75deLmm9fD64GAXK6sWCxVZ5H5fAlu4OAw8aRzH+auJwFcCpG
vKUJdFkjaTjI+tMCFHUfC87fOXHvrq+gQuROLQVy0BBC9U53FN6A8G/DdHAETFTl
STqyzv0shGoY1qM9UA0it47+F93aGNRFjfThorBI0xv0yqZwEuyRBxtduNmuLOg9
DrjnqSNYIeR5n03kBXaFRPdWcyY5fp2lHN3GLQ3RRV9eRHdLlKnrVTos9h3DAwKw
E3YaLshzlc2gAJOsTWlz8oV3ufOhNiS1PPTEltQvTgc1e4uy+hyl4VowTAwZAhE=
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:06:47 2025 by rpki-client