Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5b89ddc1-d111-41bb-9344-342f1446c197.roa
File: 5b89ddc1-d111-41bb-9344-342f1446c197.roa (raw, json)
Hash identifier: fKOaiZEguLfclTKAygl2qjmsGWht7YMcOZvTwdKS4f4=
Subject key identifier: 5A:69:DA:3D:19:EA:B1:89:ED:AB:2B:85:93:23:05:64:68:4D:22:78
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 761088FF125B88676A83691E2B02397489594935
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5b89ddc1-d111-41bb-9344-342f1446c197.roa
Signing time: Mon 13 Oct 2025 15:52:39 +0000
ROA not before: Mon 13 Oct 2025 15:52:39 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 23.91.14.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:10:88:ff:12:5b:88:67:6a:83:69:1e:2b:02:39:74:89:59:49:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 13 15:52:39 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=4b6431e3c50b1aad06a68b55bda6801af9f3908c13cde13eac8a95d89c5f202e, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:71:60:07:b9:db:15:89:d5:06:d3:1a:df:74:
ff:7b:40:83:f2:8f:d7:4b:44:3a:8d:18:5c:4c:d0:
bf:b5:26:b1:94:3e:d0:10:ab:18:f3:1e:1c:6e:79:
90:d9:a6:82:3e:c6:28:74:0e:9f:fc:5d:bd:0e:90:
8d:bb:37:81:d1:ca:f6:84:56:95:f6:81:53:d2:0d:
2d:ca:f4:99:60:92:9f:35:ab:bc:dc:3f:a8:c2:92:
2a:df:2a:1f:a2:84:90:cd:78:96:39:eb:15:ca:63:
38:af:9f:bb:01:32:45:56:e5:83:0e:4c:dd:0e:ec:
ae:de:70:99:f3:e9:7d:75:95:32:34:fc:77:c3:c3:
5d:96:99:47:c5:d0:5c:aa:41:30:ab:b2:d6:f9:7d:
d1:f4:60:34:a3:fd:36:0c:dc:8c:ec:9f:ad:af:c0:
b1:f5:7f:07:f8:30:37:71:1d:96:f9:2f:43:d8:33:
5d:32:73:19:cc:f1:9d:b9:65:3b:51:d9:0f:5b:c1:
ad:a2:a4:d7:88:c8:b3:9e:83:18:8d:2b:7f:fa:48:
51:25:aa:6b:59:4b:e3:c9:b2:92:79:03:6f:f9:e0:
cb:35:40:81:f3:ae:e2:0d:97:cf:a8:ac:e9:07:87:
ba:27:e0:67:06:38:ce:8d:e1:6c:e8:4c:43:25:74:
4f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:69:DA:3D:19:EA:B1:89:ED:AB:2B:85:93:23:05:64:68:4D:22:78
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5b89ddc1-d111-41bb-9344-342f1446c197.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.91.14.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:a6:5d:d9:42:77:9c:d0:6c:ad:4d:42:48:ae:00:b0:cc:17:
85:86:fc:1f:35:f1:b2:48:57:0b:93:dd:1c:fc:0f:96:7b:f0:
c1:92:24:29:bc:17:ae:f1:10:db:df:f4:f3:e1:50:32:1e:26:
83:da:53:c2:1e:19:ee:9f:46:cc:07:79:67:7a:81:dc:c2:1c:
22:ca:5c:26:76:00:6c:81:6f:ea:c4:d6:f8:43:11:0d:5b:4b:
1c:04:a8:f4:34:f9:a5:d1:46:ab:2e:b7:09:ee:59:b4:e4:b6:
79:bb:9c:50:a4:f9:df:4b:2d:be:bf:f8:4a:33:c3:36:56:e5:
ed:1b:86:35:84:50:50:79:c9:b2:aa:1a:1c:9b:88:65:f9:50:
a9:66:a7:44:72:f9:2e:ac:35:82:ef:f9:2f:47:39:99:16:19:
3e:2b:38:55:6c:02:fb:0a:74:21:92:03:11:79:5a:f4:db:9c:
91:9b:e5:94:ad:d6:bc:03:7c:f0:82:a0:03:f5:ae:d6:e1:3b:
e6:07:be:80:d7:a9:2a:b2:59:bb:06:90:10:04:62:ee:02:08:
4b:84:5a:08:e1:61:80:1e:72:25:be:78:85:84:f7:ae:f2:c0:
01:16:41:db:98:4e:a2:cf:9d:43:30:22:c4:22:80:28:b1:c5:
c3:a5:3c:2d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdhCI/xJbiGdqg2keKwI5dIlZSTUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDEzMTU1MjM5WhcNMjUxMTE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A0YjY0MzFlM2M1MGIxYWFkMDZhNjhiNTViZGE2ODAxYWY5
ZjM5MDhjMTNjZGUxM2VhYzhhOTVkODljNWYyMDJlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDEcWAHudsVidUG0xrfdP97QIPyj9dLRDqNGFxM0L+1JrGU
PtAQqxjzHhxueZDZpoI+xih0Dp/8Xb0OkI27N4HRyvaEVpX2gVPSDS3K9Jlgkp81
q7zcP6jCkirfKh+ihJDNeJY56xXKYzivn7sBMkVW5YMOTN0O7K7ecJnz6X11lTI0
/HfDw12WmUfF0FyqQTCrstb5fdH0YDSj/TYM3Izsn62vwLH1fwf4MDdxHZb5L0PY
M10ycxnM8Z25ZTtR2Q9bwa2ipNeIyLOegxiNK3/6SFElqmtZS+PJspJ5A2/54Ms1
QIHzruINl8+orOkHh7on4GcGOM6N4WzoTEMldE+rAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUWmnaPRnqsYntqyuFkyMFZGhNIngwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzViODlkZGMxLWQxMTEtNDFiYi05MzQ0LTM0MmYxNDQ2YzE5Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAXWw4wDQYJKoZIhvcNAQELBQADggEBAEumXdlCd5zQbK1NQkiuALDMF4WG
/B818bJIVwuT3Rz8D5Z78MGSJCm8F67xENvf9PPhUDIeJoPaU8IeGe6fRswHeWd6
gdzCHCLKXCZ2AGyBb+rE1vhDEQ1bSxwEqPQ0+aXRRqsutwnuWbTktnm7nFCk+d9L
Lb6/+EozwzZW5e0bhjWEUFB5ybKqGhybiGX5UKlmp0Ry+S6sNYLv+S9HOZkWGT4r
OFVsAvsKdCGSAxF5WvTbnJGb5ZSt1rwDfPCCoAP1rtbhO+YHvoDXqSqyWbsGkBAE
Yu4CCEuEWgjhYYAeciW+eIWE967ywAEWQduYTqLPnUMwIsQigCixxcOlPC0=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:50:42 2025 by rpki-client