Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5423a80a-be1f-4708-a5ef-17ccc2a1a025.roa
File: 5423a80a-be1f-4708-a5ef-17ccc2a1a025.roa (raw, json)
Hash identifier: ARhynkJl+aG8Gogf3tBro9fTZwzdWuLIeQ0dzC0W9gA=
Subject key identifier: 2D:02:87:AC:D8:F6:C1:22:F4:55:97:CC:A0:97:A3:98:53:64:40:26
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 055148072EE0A839F26B58BA346B0138B2E8494D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5423a80a-be1f-4708-a5ef-17ccc2a1a025.roa
Signing time: Sat 27 Sep 2025 00:12:05 +0000
ROA not before: Sat 27 Sep 2025 00:12:05 +0000
ROA not after: Sat 01 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 23.228.192.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:51:48:07:2e:e0:a8:39:f2:6b:58:ba:34:6b:01:38:b2:e8:49:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Sep 27 00:12:05 2025 GMT
Not After : Nov 1 23:59:59 2025 GMT
Subject: serialNumber=2700156995fe27c10ff42913f9e0a11b10e17a4c5eb1e4b7d537dafa69d7d53d, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b7:7a:e3:d4:aa:5a:22:82:7a:49:de:7c:98:
c7:00:81:2e:ef:73:d0:67:11:ef:f4:15:e4:fe:ea:
e3:da:9b:a5:66:44:1a:4a:13:c8:6e:31:30:14:4f:
db:e0:09:33:e2:d3:da:4b:6a:be:97:97:bd:53:8f:
7a:bd:b5:3a:0d:ed:c7:50:39:c3:10:22:8e:e6:a7:
0e:de:6f:60:5e:54:a4:a2:12:fa:d9:cb:c4:b5:25:
ac:17:f4:8d:ec:52:e7:6d:cc:51:50:52:4f:92:60:
34:98:cc:c1:a7:4f:c9:3a:4e:9f:a0:35:c5:70:31:
0d:07:af:d9:55:a5:c8:53:19:c0:c7:2b:07:5e:68:
a1:90:a3:f6:c7:e8:0c:58:f8:e3:5c:98:3e:84:e2:
70:46:2b:02:ca:46:e9:69:82:49:53:26:0d:dd:44:
a6:8e:06:01:1b:2e:da:3e:41:aa:36:79:81:3b:07:
d8:98:78:fd:bf:6b:ee:06:58:66:dc:dd:d9:ee:66:
e5:f6:74:3d:bf:25:e9:c3:f5:ae:06:bd:66:03:5e:
df:c2:af:0f:0e:28:8f:c0:b9:05:c3:d2:0f:95:93:
72:bc:d1:43:1e:60:22:b0:a7:23:45:5e:24:e0:d5:
1e:27:8b:10:4b:c9:a0:29:6c:ed:0e:87:a0:e8:c8:
3b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:02:87:AC:D8:F6:C1:22:F4:55:97:CC:A0:97:A3:98:53:64:40:26
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5423a80a-be1f-4708-a5ef-17ccc2a1a025.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.228.192.0/18
Signature Algorithm: sha256WithRSAEncryption
22:98:08:5e:72:dc:8f:4a:6a:35:08:fd:4c:00:6f:04:ac:1d:
22:7a:da:46:78:86:d7:67:d7:45:c4:bc:ac:f8:d3:b1:a9:17:
0f:b2:d6:9a:89:e1:5e:27:93:5d:0d:be:8a:65:2c:0d:ae:ae:
01:08:c9:9f:87:01:1d:b9:0d:1f:4d:8f:68:28:c5:ff:e5:10:
14:b9:f8:7a:bc:d9:14:91:b9:c9:e9:23:5c:da:de:da:0a:6e:
da:bd:c6:94:2e:ce:98:81:3b:e0:fa:d7:d3:52:0c:bb:47:75:
8c:0e:f7:2b:48:88:7f:cd:5a:2e:13:1e:bb:6a:7a:0f:f9:81:
4d:48:45:48:7e:fe:bb:4b:48:87:da:35:2d:48:e2:24:99:9d:
f9:50:6d:14:d1:e1:ed:5c:50:37:06:c2:5c:8c:9f:a6:1b:db:
1c:85:6d:9e:40:4e:a6:99:9b:8b:de:a7:9b:54:48:5d:29:b4:
00:8b:09:0f:d2:ba:e5:17:bb:fb:e1:11:0a:3a:c0:9e:65:3c:
d8:d5:18:db:ae:b3:df:7a:ff:d6:00:9b:7b:71:90:24:9f:23:
5c:81:fc:16:e8:05:c1:6a:2a:f9:c4:0c:5e:50:f1:79:55:22:
98:9c:01:b7:5b:87:53:ae:d0:07:9c:c0:f4:6d:88:a0:98:51:
cc:56:a1:f4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBVFIBy7gqDnya1i6NGsBOLLoSU0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI3MDAxMjA1WhcNMjUxMTAxMjM1OTU5
WjB6MUkwRwYDVQQFE0AyNzAwMTU2OTk1ZmUyN2MxMGZmNDI5MTNmOWUwYTExYjEw
ZTE3YTRjNWViMWU0YjdkNTM3ZGFmYTY5ZDdkNTNkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCot3rj1KpaIoJ6Sd58mMcAgS7vc9BnEe/0FeT+6uPam6Vm
RBpKE8huMTAUT9vgCTPi09pLar6Xl71Tj3q9tToN7cdQOcMQIo7mpw7eb2BeVKSi
EvrZy8S1JawX9I3sUudtzFFQUk+SYDSYzMGnT8k6Tp+gNcVwMQ0Hr9lVpchTGcDH
KwdeaKGQo/bH6AxY+ONcmD6E4nBGKwLKRulpgklTJg3dRKaOBgEbLto+Qao2eYE7
B9iYeP2/a+4GWGbc3dnuZuX2dD2/JenD9a4GvWYDXt/Crw8OKI/AuQXD0g+Vk3K8
0UMeYCKwpyNFXiTg1R4nixBLyaApbO0Oh6DoyDvDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQULQKHrNj2wSL0VZfMoJejmFNkQCYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzU0MjNhODBhLWJlMWYtNDcwOC1hNWVmLTE3Y2NjMmExYTAyNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAYX5MAwDQYJKoZIhvcNAQELBQADggEBACKYCF5y3I9KajUI/UwAbwSsHSJ6
2kZ4htdn10XEvKz407GpFw+y1pqJ4V4nk10NvoplLA2urgEIyZ+HAR25DR9Nj2go
xf/lEBS5+Hq82RSRucnpI1za3toKbtq9xpQuzpiBO+D619NSDLtHdYwO9ytIiH/N
Wi4THrtqeg/5gU1IRUh+/rtLSIfaNS1I4iSZnflQbRTR4e1cUDcGwlyMn6Yb2xyF
bZ5ATqaZm4vep5tUSF0ptACLCQ/SuuUXu/vhEQo6wJ5lPNjVGNuus996/9YAm3tx
kCSfI1yB/BboBcFqKvnEDF5Q8XlVIpicAbdbh1Ou0AecwPRtiKCYUcxWofQ=
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:11:37 2025 by rpki-client