Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/69829938-06a4-482d-9a69-118d0b32c04c.roa
File: 69829938-06a4-482d-9a69-118d0b32c04c.roa (raw, json)
Hash identifier: j5xlqtdKpjv4rBZxU8OKl8kHjkOfO8vLPhm/yTgB4AE=
Subject key identifier: B2:ED:A7:0B:90:A9:78:B5:62:B1:03:89:FE:CF:72:88:D3:BB:70:8B
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3F65DA5CB70ECD99274A6DA3A6F29B54D86E2E71
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/69829938-06a4-482d-9a69-118d0b32c04c.roa
Signing time: Sat 11 Oct 2025 00:41:22 +0000
ROA not before: Sat 11 Oct 2025 00:41:22 +0000
ROA not after: Sat 15 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 69.0.248.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:65:da:5c:b7:0e:cd:99:27:4a:6d:a3:a6:f2:9b:54:d8:6e:2e:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 11 00:41:22 2025 GMT
Not After : Nov 15 23:59:59 2025 GMT
Subject: serialNumber=7c2b43080fcbac8f1f9516165556f179599ee1d0efdfe5076bc4aa3118f899ea, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ea:56:42:4e:24:88:2e:f3:e1:72:4d:cc:ab:
00:ab:02:b3:da:49:6b:30:7c:ea:9a:74:8e:08:51:
b7:80:df:1f:95:03:11:b4:10:61:ce:0a:d4:98:28:
0c:04:7a:2b:f9:96:ad:b0:33:76:ae:d5:ad:6a:c6:
87:89:3d:7e:2b:1d:71:e3:4a:61:db:b9:78:f2:d4:
95:70:c2:77:a8:4d:6e:e9:42:4d:f5:3d:6f:8f:c1:
30:5c:26:59:bb:ae:b9:f0:07:f6:be:34:92:b2:f7:
ab:40:fd:62:d8:02:8c:08:3a:3d:09:e4:cc:01:bc:
f9:5f:a9:b0:7e:c8:3c:c6:cd:12:96:49:8d:40:ff:
d1:f5:ea:2f:9e:6f:d0:58:8e:db:95:70:79:b4:dd:
57:cf:35:99:22:c6:91:eb:92:a9:df:fe:21:af:53:
fe:87:bf:4e:2d:c4:6e:af:a9:c4:9b:36:b1:b2:ac:
2c:19:a0:23:05:74:f8:48:fd:78:97:81:19:ff:85:
8d:84:e0:36:e9:d5:22:57:64:5c:f4:af:85:b2:4c:
7d:b6:fe:41:9b:a4:46:99:25:ce:f5:2b:d7:70:1b:
fd:70:83:cb:e8:d3:49:04:6a:91:74:2e:0d:72:d8:
03:63:e3:de:23:5f:eb:bb:bf:bf:0d:cf:81:81:d1:
d1:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:ED:A7:0B:90:A9:78:B5:62:B1:03:89:FE:CF:72:88:D3:BB:70:8B
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/69829938-06a4-482d-9a69-118d0b32c04c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
69.0.248.0/21
Signature Algorithm: sha256WithRSAEncryption
ce:e8:43:e0:0d:a6:aa:d6:ca:16:93:b0:21:8b:c6:1a:9c:c4:
31:8b:3b:16:bb:fe:2c:dd:61:e2:d6:eb:c9:a2:9d:3b:fd:79:
9c:8f:ea:04:c3:4c:11:5c:18:dd:0f:20:d4:fa:f3:3c:cc:f3:
61:af:bd:3e:8f:f9:1e:95:66:6c:70:7c:ea:f9:78:48:e6:6e:
99:f4:7e:55:23:60:e4:58:d9:42:45:d8:65:69:7e:9a:45:ae:
3a:be:08:9d:9e:a2:4e:42:21:39:73:bf:fa:fb:44:29:0f:a3:
07:83:cf:35:f0:df:5c:5e:79:c7:c8:47:07:e1:98:c7:dd:a4:
1f:d9:f1:5b:78:f0:1d:ab:b5:c5:10:09:6a:fc:49:0e:dd:c1:
a6:8f:df:16:7a:b7:66:44:d6:22:5d:a8:ce:32:d1:3d:d2:4d:
bd:d2:30:ec:f4:f8:de:48:13:8e:56:b9:54:4f:79:6a:c2:2c:
69:f6:03:60:ef:9b:29:99:25:8a:92:82:1a:e8:f8:09:94:09:
05:21:c6:be:c0:6c:b8:f9:95:bc:f7:e8:6a:6c:62:a8:23:ce:
00:d3:3a:2b:c7:84:9c:c1:27:8b:2a:9c:27:1e:bf:03:4a:40:
51:07:94:25:02:76:3d:fa:f6:37:ec:a5:04:4d:79:3c:19:65:
be:f7:f3:c2
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUP2XaXLcOzZknSm2jpvKbVNhuLnEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDExMDA0MTIyWhcNMjUxMTE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A3YzJiNDMwODBmY2JhYzhmMWY5NTE2MTY1NTU2ZjE3OTU5
OWVlMWQwZWZkZmU1MDc2YmM0YWEzMTE4Zjg5OWVhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCk6lZCTiSILvPhck3MqwCrArPaSWswfOqadI4IUbeA3x+V
AxG0EGHOCtSYKAwEeiv5lq2wM3au1a1qxoeJPX4rHXHjSmHbuXjy1JVwwneoTW7p
Qk31PW+PwTBcJlm7rrnwB/a+NJKy96tA/WLYAowIOj0J5MwBvPlfqbB+yDzGzRKW
SY1A/9H16i+eb9BYjtuVcHm03VfPNZkixpHrkqnf/iGvU/6Hv04txG6vqcSbNrGy
rCwZoCMFdPhI/XiXgRn/hY2E4Dbp1SJXZFz0r4WyTH22/kGbpEaZJc71K9dwG/1w
g8vo00kEapF0Lg1y2ANj494jX+u7v78Nz4GB0dE9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUsu2nC5CpeLVisQOJ/s9yiNO7cIswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY5ODI5OTM4LTA2YTQtNDgyZC05YTY5LTExOGQwYjMyYzA0Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANFAPgwDQYJKoZIhvcNAQELBQADggEBAM7oQ+ANpqrWyhaTsCGLxhqcxDGL
Oxa7/izdYeLW68minTv9eZyP6gTDTBFcGN0PINT68zzM82GvvT6P+R6VZmxwfOr5
eEjmbpn0flUjYORY2UJF2GVpfppFrjq+CJ2eok5CITlzv/r7RCkPoweDzzXw31xe
ecfIRwfhmMfdpB/Z8Vt48B2rtcUQCWr8SQ7dwaaP3xZ6t2ZE1iJdqM4y0T3STb3S
MOz0+N5IE45WuVRPeWrCLGn2A2DvmymZJYqSghro+AmUCQUhxr7AbLj5lbz36Gps
YqgjzgDTOivHhJzBJ4sqnCcevwNKQFEHlCUCdj369jfspQRNeTwZZb7388I=
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:16:25 2025 by rpki-client