Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/68598716-8ef3-4659-8c2a-ea94e7225c46.roa
File: 68598716-8ef3-4659-8c2a-ea94e7225c46.roa (raw, json)
Hash identifier: M3Nx3ldgk9CigjUb1S8cnUSVi7Fz0Hb69EaMWQvx91E=
Subject key identifier: 00:8B:C3:B9:E2:0A:B6:88:31:94:04:CB:95:2E:40:E1:35:D8:68:11
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 51C3C7AC8D5FF540B1740B54600905824CB2AF97
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/68598716-8ef3-4659-8c2a-ea94e7225c46.roa
Signing time: Fri 26 Sep 2025 00:39:41 +0000
ROA not before: Fri 26 Sep 2025 00:39:41 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 40.167.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:c3:c7:ac:8d:5f:f5:40:b1:74:0b:54:60:09:05:82:4c:b2:af:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Sep 26 00:39:41 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=078a4c009faa52226b9eb474702da632e387b3e7b2893c92f942ba933cfb8250, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:25:50:80:5a:aa:2e:1f:3b:bd:1c:8b:24:e3:
5a:94:11:f0:f7:31:eb:85:2a:32:04:ca:8d:74:66:
3f:0b:dc:df:46:e4:b1:9e:d5:9c:b4:e3:7a:07:f1:
cd:ea:b3:97:52:e5:6e:05:2f:0d:09:37:63:06:7e:
5b:28:9b:a8:e3:97:62:b3:16:93:d4:f5:2b:4c:a7:
d7:51:a4:64:a5:55:89:34:6c:c5:43:70:93:30:8a:
e7:91:53:46:68:e5:1b:28:d8:e0:8c:a5:63:49:86:
ff:ad:0b:ca:d1:7b:10:1f:46:c9:fa:6e:17:e3:f6:
fa:0e:cd:54:f8:87:8c:87:c9:61:53:7c:39:88:05:
72:de:b3:67:48:92:34:ff:c9:9d:fd:1c:24:64:11:
3d:22:d6:3e:05:ed:76:fd:a7:33:b6:42:5b:0c:99:
98:df:a8:52:b4:46:6b:a4:f5:f2:c3:6a:90:54:2c:
8f:25:5a:8a:6b:1a:1c:ba:fd:17:82:5e:81:b9:fd:
80:79:56:ab:0b:55:ca:3d:50:f9:73:d1:47:9b:85:
e8:d7:3b:fe:ba:88:7e:26:e3:95:f6:56:64:c9:3d:
b2:3b:d9:6c:55:ee:e3:0a:ae:f7:da:10:88:df:30:
26:31:55:c2:e1:3c:7c:32:54:53:d1:f0:44:82:2a:
18:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:8B:C3:B9:E2:0A:B6:88:31:94:04:CB:95:2E:40:E1:35:D8:68:11
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/68598716-8ef3-4659-8c2a-ea94e7225c46.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
40.167.0.0/16
Signature Algorithm: sha256WithRSAEncryption
38:92:cb:9f:a4:98:42:4b:4d:66:f0:19:02:05:6b:f4:b8:81:
92:06:80:41:d0:17:b6:d9:7c:5a:92:29:06:91:b4:70:78:f2:
9e:b0:4c:71:f6:71:fa:75:9c:13:ca:ab:87:82:cc:38:70:67:
f8:46:e3:94:e9:62:a5:78:57:e6:fe:f9:cb:0d:0b:07:9a:55:
f2:8b:83:70:68:92:ed:e6:d7:83:62:86:8c:57:3f:5f:4f:cf:
6b:a0:9a:58:dc:9f:0a:72:55:48:13:20:c2:28:91:26:01:ea:
18:5e:4b:d6:23:83:af:3b:59:ab:90:ef:43:74:09:35:55:66:
2b:90:d7:d8:18:1c:4b:2f:a4:81:44:52:b7:01:ce:0b:95:aa:
c3:79:45:9a:e3:b9:ff:b1:ba:b9:e2:71:74:80:74:6a:27:53:
3c:00:08:27:63:6e:d7:0c:5c:3d:ff:43:4b:26:b0:d0:8f:1b:
ac:bb:5a:81:0d:4b:c1:8e:ad:71:f8:4f:6f:c1:34:d2:4d:9d:
75:a3:57:17:e5:8b:27:02:1a:33:ba:f4:51:d5:6e:d6:b8:4c:
2b:19:8c:72:8c:0a:5c:55:a4:16:0b:2a:46:cf:3d:59:7e:7e:
97:74:c9:76:df:d7:20:b8:d8:a8:6e:2e:85:b8:7f:c4:23:71:
50:3b:62:39
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUUcPHrI1f9UCxdAtUYAkFgkyyr5cwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI2MDAzOTQxWhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AwNzhhNGMwMDlmYWE1MjIyNmI5ZWI0NzQ3MDJkYTYzMmUz
ODdiM2U3YjI4OTNjOTJmOTQyYmE5MzNjZmI4MjUwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDZJVCAWqouHzu9HIsk41qUEfD3MeuFKjIEyo10Zj8L3N9G
5LGe1Zy043oH8c3qs5dS5W4FLw0JN2MGflsom6jjl2KzFpPU9StMp9dRpGSlVYk0
bMVDcJMwiueRU0Zo5Rso2OCMpWNJhv+tC8rRexAfRsn6bhfj9voOzVT4h4yHyWFT
fDmIBXLes2dIkjT/yZ39HCRkET0i1j4F7Xb9pzO2QlsMmZjfqFK0Rmuk9fLDapBU
LI8lWoprGhy6/ReCXoG5/YB5VqsLVco9UPlz0UebhejXO/66iH4m45X2VmTJPbI7
2WxV7uMKrvfaEIjfMCYxVcLhPHwyVFPR8ESCKhjnAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUAIvDueIKtogxlATLlS5A4TXYaBEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY4NTk4NzE2LThlZjMtNDY1OS04YzJhLWVhOTRlNzIyNWM0Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAopzANBgkqhkiG9w0BAQsFAAOCAQEAOJLLn6SYQktNZvAZAgVr9LiBkgaA
QdAXttl8WpIpBpG0cHjynrBMcfZx+nWcE8qrh4LMOHBn+EbjlOlipXhX5v75yw0L
B5pV8ouDcGiS7ebXg2KGjFc/X0/Pa6CaWNyfCnJVSBMgwiiRJgHqGF5L1iODrztZ
q5DvQ3QJNVVmK5DX2BgcSy+kgURStwHOC5Wqw3lFmuO5/7G6ueJxdIB0aidTPAAI
J2Nu1wxcPf9DSyaw0I8brLtagQ1LwY6tcfhPb8E00k2ddaNXF+WLJwIaM7r0UdVu
1rhMKxmMcowKXFWkFgsqRs89WX5+l3TJdt/XILjYqG4uhbh/xCNxUDtiOQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:04:55 2025 by rpki-client