Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6928a406-38e7-41d6-a4c4-6665e62bdcea.roa
File: 6928a406-38e7-41d6-a4c4-6665e62bdcea.roa (raw, json)
Hash identifier: R0POaAndT4VQfR3N9DDPWOSv9LB/D++gphzr8z+2Kkc=
Subject key identifier: 72:D4:25:77:A0:EB:4D:7C:D5:5B:1D:37:4A:35:5C:CA:83:C7:60:AA
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 466D507F556E223CCBB60852E5D1DB4F32706F1F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6928a406-38e7-41d6-a4c4-6665e62bdcea.roa
Signing time: Mon 06 Oct 2025 15:22:01 +0000
ROA not before: Mon 06 Oct 2025 15:22:01 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 13.144.32.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:6d:50:7f:55:6e:22:3c:cb:b6:08:52:e5:d1:db:4f:32:70:6f:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 6 15:22:01 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=328527203c33d13d388e3f414c223eeeb24d080f3c8a246d171b6cee135a1147, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ec:95:ee:af:f3:7b:db:69:a9:c0:b0:e2:36:
68:6e:73:8a:b3:6e:74:50:bc:b7:5b:44:3d:ea:39:
cb:d1:52:55:d3:03:63:e0:37:6d:b3:47:7d:73:ba:
8b:af:81:8d:e5:41:5d:66:92:ba:24:48:3d:16:34:
ee:fc:ed:9f:7e:42:72:aa:68:f8:3a:e8:38:87:f3:
72:e0:93:eb:cb:37:7d:a1:4d:86:9a:76:a1:a0:7b:
71:fe:19:9f:02:92:d1:a5:7a:e9:f8:39:91:da:a7:
d7:fe:5c:8b:9e:a5:69:8b:e2:ab:78:c1:02:44:7c:
70:c7:94:00:4e:82:23:c2:87:f4:da:5a:de:63:90:
df:a8:db:3e:55:b1:e0:6f:7f:34:a1:7b:c4:38:e0:
4f:87:27:50:d3:b6:99:6f:df:25:de:78:34:c6:53:
ee:c1:66:e1:94:2d:b3:2f:a3:55:e9:7e:14:47:7f:
49:d1:43:83:fd:8b:cd:28:81:2a:35:4c:3c:29:f8:
41:83:fe:dd:bb:2a:1a:5d:4b:ca:e3:a2:b7:e6:e5:
66:bb:93:d3:4d:39:27:89:3f:4b:24:d6:86:a3:f8:
9b:df:34:07:57:5e:63:2a:af:bf:20:f6:b6:44:69:
c7:59:b0:e3:66:21:69:1b:fe:a4:d7:47:13:14:5c:
ab:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:D4:25:77:A0:EB:4D:7C:D5:5B:1D:37:4A:35:5C:CA:83:C7:60:AA
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6928a406-38e7-41d6-a4c4-6665e62bdcea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
13.144.32.0/20
Signature Algorithm: sha256WithRSAEncryption
8c:6e:e8:2e:cb:83:da:06:25:1e:66:db:79:2e:e8:d1:67:02:
51:11:c5:0c:42:f5:b4:a9:c1:bf:f3:d7:6d:cf:01:23:93:45:
de:7a:ef:3d:83:64:27:de:ae:f3:f7:10:53:34:21:5a:b1:88:
33:98:07:0b:ce:48:07:42:b5:1b:b1:5c:ba:cf:f8:5b:51:8d:
4a:03:f9:18:ba:d5:70:e9:a3:72:dc:2b:d9:fd:93:30:4f:27:
8b:22:61:10:7e:4d:bc:72:5a:f7:90:35:27:3a:fb:26:3a:f1:
cc:1d:a1:aa:f3:a4:45:99:6b:95:0f:5b:10:eb:71:98:62:24:
58:e9:48:88:42:f2:df:42:2e:de:c6:70:23:de:5c:ab:29:d7:
7e:3e:7b:62:d9:d8:c1:2d:b1:58:5d:9e:89:2a:08:5f:89:19:
0c:47:b2:a7:e6:05:00:ec:02:6d:61:09:65:ab:06:3d:cf:6e:
fb:5d:bc:16:f6:05:18:18:90:b1:e5:97:75:4b:af:07:b3:37:
ef:21:ef:ff:17:fe:aa:72:1e:93:59:94:9f:4d:df:14:80:5a:
22:ca:b0:d1:fa:a5:89:97:a7:ca:b4:7c:be:09:e9:c2:70:41:
54:cf:ac:bc:e6:d5:bb:84:c3:a3:d6:10:be:42:97:b9:ed:dd:
c2:69:fd:87
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURm1Qf1VuIjzLtghS5dHbTzJwbx8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA2MTUyMjAxWhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AzMjg1MjcyMDNjMzNkMTNkMzg4ZTNmNDE0YzIyM2VlZWIy
NGQwODBmM2M4YTI0NmQxNzFiNmNlZTEzNWExMTQ3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCQ7JXur/N722mpwLDiNmhuc4qzbnRQvLdbRD3qOcvRUlXT
A2PgN22zR31zuouvgY3lQV1mkrokSD0WNO787Z9+QnKqaPg66DiH83Lgk+vLN32h
TYaadqGge3H+GZ8CktGleun4OZHap9f+XIuepWmL4qt4wQJEfHDHlABOgiPCh/Ta
Wt5jkN+o2z5VseBvfzShe8Q44E+HJ1DTtplv3yXeeDTGU+7BZuGULbMvo1XpfhRH
f0nRQ4P9i80ogSo1TDwp+EGD/t27KhpdS8rjorfm5Wa7k9NNOSeJP0sk1oaj+Jvf
NAdXXmMqr78g9rZEacdZsONmIWkb/qTXRxMUXKuZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUctQld6DrTXzVWx03SjVcyoPHYKowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY5MjhhNDA2LTM4ZTctNDFkNi1hNGM0LTY2NjVlNjJiZGNlYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQNkCAwDQYJKoZIhvcNAQELBQADggEBAIxu6C7Lg9oGJR5m23ku6NFnAlER
xQxC9bSpwb/z123PASOTRd567z2DZCfervP3EFM0IVqxiDOYBwvOSAdCtRuxXLrP
+FtRjUoD+Ri61XDpo3LcK9n9kzBPJ4siYRB+TbxyWveQNSc6+yY68cwdoarzpEWZ
a5UPWxDrcZhiJFjpSIhC8t9CLt7GcCPeXKsp134+e2LZ2MEtsVhdnokqCF+JGQxH
sqfmBQDsAm1hCWWrBj3PbvtdvBb2BRgYkLHll3VLrwezN+8h7/8X/qpyHpNZlJ9N
3xSAWiLKsNH6pYmXp8q0fL4J6cJwQVTPrLzm1buEw6PWEL5Cl7nt3cJp/Yc=
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:13:11 2025 by rpki-client