Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/566fa31f-a900-45ea-bf4f-117836ffe61b.roa
File: 566fa31f-a900-45ea-bf4f-117836ffe61b.roa (raw, json)
Hash identifier: vsba0gNRRgCKy5pwaLcaAVN71RfQiuttjBrrf2Y1CYQ=
Subject key identifier: 87:4B:B5:C2:0A:CC:A2:71:92:A8:C5:60:10:22:29:89:32:39:39:1E
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 43143A03C3A428F6258D5900EBF0F616C0DA19B2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/566fa31f-a900-45ea-bf4f-117836ffe61b.roa
Signing time: Fri 03 Oct 2025 00:41:36 +0000
ROA not before: Fri 03 Oct 2025 00:41:36 +0000
ROA not after: Fri 07 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 76.223.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:14:3a:03:c3:a4:28:f6:25:8d:59:00:eb:f0:f6:16:c0:da:19:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 3 00:41:36 2025 GMT
Not After : Nov 7 23:59:59 2025 GMT
Subject: serialNumber=e30738ca534a8f15ff4a61b465a0cd7266a701f0107ff902f6215dd00cb70e77, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:58:ca:5d:ea:17:32:44:6c:69:33:75:95:f7:
e2:8e:50:66:9b:e4:89:5f:05:f9:3b:2d:5a:fa:c6:
11:4b:b3:c5:84:f6:80:fe:90:c6:9c:b1:76:03:79:
47:fd:31:88:3a:2b:d6:e9:ff:4e:69:11:20:01:03:
8a:18:41:36:67:52:eb:a9:cb:9d:9a:56:67:d6:17:
50:1e:24:ae:83:1f:55:4c:07:8f:06:66:b3:55:33:
68:8b:d7:aa:5c:1b:d8:3f:e9:6b:6f:58:61:6e:e3:
08:4b:bf:f3:c0:35:b5:34:0e:2d:5c:90:0f:41:ec:
8f:6e:62:14:48:21:54:f0:6a:a0:07:54:5e:a6:a7:
92:53:64:a3:61:48:99:65:96:bf:34:b9:34:b8:7a:
53:a4:b5:82:0c:45:a1:b3:41:e1:27:ac:b2:0d:c5:
55:4e:1e:28:61:da:c3:24:e4:42:b1:6e:e2:7d:b7:
04:b6:93:e0:e8:7f:65:b5:1a:b4:91:32:83:ef:56:
91:14:d6:92:f3:81:40:72:a6:bd:93:02:47:04:42:
73:3c:54:e1:7b:52:f0:7f:a1:a8:df:0e:6f:39:42:
6c:fc:72:0f:8d:2e:7f:cc:b6:74:3b:ac:b0:90:69:
b8:ef:f7:83:e9:8e:ef:f7:6f:e5:31:2b:53:c8:f7:
b4:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:4B:B5:C2:0A:CC:A2:71:92:A8:C5:60:10:22:29:89:32:39:39:1E
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/566fa31f-a900-45ea-bf4f-117836ffe61b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
76.223.136.0/21
Signature Algorithm: sha256WithRSAEncryption
97:9e:e6:a5:4a:a3:af:dd:19:b1:b8:a7:ad:ca:a8:fc:58:10:
3a:fd:bf:25:70:17:43:cd:70:15:dd:a0:8b:c5:4d:9a:c7:73:
e6:a8:2c:d5:ec:4c:f0:48:02:fa:71:60:15:da:69:d0:a3:82:
fb:6d:20:13:33:c3:63:30:5d:0f:7b:1d:19:d2:ff:14:96:f9:
b9:dc:59:2d:5c:33:ea:c8:d2:63:53:06:dc:7a:dc:ad:91:47:
fd:47:e1:6d:17:1c:c0:94:44:dc:2e:51:1a:f1:aa:39:a7:7b:
7f:56:d6:6d:c9:b5:bf:cc:0b:98:8c:2d:28:35:8a:67:e0:60:
14:1f:eb:38:c1:16:72:c2:74:ff:bd:cf:42:e4:3e:93:98:8f:
a3:d8:dc:c6:5d:07:4b:8e:61:e5:0d:b4:6b:68:20:85:8b:ac:
ba:4c:ad:47:63:43:a4:ad:e4:0f:0f:df:95:a8:f3:8f:5b:f1:
4c:51:ed:5d:86:73:e4:17:bb:d1:d6:4d:8f:87:29:e5:91:e2:
f6:f9:73:dc:ea:3b:05:84:4a:30:f2:b9:eb:eb:41:51:3c:be:
a5:fe:d0:d3:33:13:8f:a6:91:dc:41:4a:f0:e0:31:0b:81:71:
8c:38:f6:16:e1:28:02:55:f2:f3:28:b5:4f:8e:72:08:50:3f:
05:41:ae:3c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQxQ6A8OkKPYljVkA6/D2FsDaGbIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAzMDA0MTM2WhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BlMzA3MzhjYTUzNGE4ZjE1ZmY0YTYxYjQ2NWEwY2Q3MjY2
YTcwMWYwMTA3ZmY5MDJmNjIxNWRkMDBjYjcwZTc3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9WMpd6hcyRGxpM3WV9+KOUGab5IlfBfk7LVr6xhFLs8WE
9oD+kMacsXYDeUf9MYg6K9bp/05pESABA4oYQTZnUuupy52aVmfWF1AeJK6DH1VM
B48GZrNVM2iL16pcG9g/6WtvWGFu4whLv/PANbU0Di1ckA9B7I9uYhRIIVTwaqAH
VF6mp5JTZKNhSJlllr80uTS4elOktYIMRaGzQeEnrLINxVVOHihh2sMk5EKxbuJ9
twS2k+Dof2W1GrSRMoPvVpEU1pLzgUBypr2TAkcEQnM8VOF7UvB/oajfDm85Qmz8
cg+NLn/MtnQ7rLCQabjv94Ppju/3b+UxK1PI97SBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUh0u1wgrMonGSqMVgECIpiTI5OR4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzU2NmZhMzFmLWE5MDAtNDVlYS1iZjRmLTExNzgzNmZmZTYxYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANM34gwDQYJKoZIhvcNAQELBQADggEBAJee5qVKo6/dGbG4p63KqPxYEDr9
vyVwF0PNcBXdoIvFTZrHc+aoLNXsTPBIAvpxYBXaadCjgvttIBMzw2MwXQ97HRnS
/xSW+bncWS1cM+rI0mNTBtx63K2RR/1H4W0XHMCURNwuURrxqjmne39W1m3Jtb/M
C5iMLSg1imfgYBQf6zjBFnLCdP+9z0LkPpOYj6PY3MZdB0uOYeUNtGtoIIWLrLpM
rUdjQ6St5A8P35Wo849b8UxR7V2Gc+QXu9HWTY+HKeWR4vb5c9zqOwWESjDyuevr
QVE8vqX+0NMzE4+mkdxBSvDgMQuBcYw49hbhKAJV8vMotU+OcghQPwVBrjw=
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:11:35 2025 by rpki-client