Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6f785be2-50dd-45bd-9ac2-90d8990855f4.roa
File: 6f785be2-50dd-45bd-9ac2-90d8990855f4.roa (raw, json)
Hash identifier: i+iQ4qAThe3a68SDPH1+kiQMZB03Ois/Q8ihC/XjBiA=
Subject key identifier: 16:83:DB:9F:10:61:05:A4:8F:1C:07:BB:A3:44:B9:E8:5E:3F:CC:9E
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 713D3FCC442A764278B1743860AD65B28A4A4F52
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6f785be2-50dd-45bd-9ac2-90d8990855f4.roa
Signing time: Tue 30 Sep 2025 00:11:58 +0000
ROA not before: Tue 30 Sep 2025 00:11:58 +0000
ROA not after: Tue 04 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 16.154.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:3d:3f:cc:44:2a:76:42:78:b1:74:38:60:ad:65:b2:8a:4a:4f:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Sep 30 00:11:58 2025 GMT
Not After : Nov 4 23:59:59 2025 GMT
Subject: serialNumber=62c69270e2148fef3a33af4621018e794ada3d617e68f20cb663cd3177e49d3f, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a7:89:17:45:44:67:a5:52:dc:81:c0:9c:ce:
c7:31:94:bf:f8:ce:0b:2f:e2:3e:a9:12:ab:64:1c:
ed:8a:d3:b5:da:70:28:53:58:a0:9c:f6:7c:eb:ca:
37:da:ed:05:9a:60:2a:19:bd:1a:30:00:e7:23:97:
72:92:58:cd:1a:b1:e3:17:f6:aa:1a:c4:37:ea:ec:
55:6e:d1:a5:5f:1d:a1:85:04:5d:78:ca:82:f1:80:
f1:97:16:61:89:d0:32:f2:ed:b8:d8:4e:5e:d3:9a:
f7:86:7b:3e:c2:80:c8:0e:b8:a4:a3:e3:a0:c7:77:
31:0b:3a:9a:df:00:0b:d4:ed:ca:af:06:aa:a5:02:
cd:15:e4:53:a0:8a:94:05:cf:b0:a6:cf:ff:00:ac:
c9:4f:ec:95:4a:44:60:b5:3d:77:5a:ac:6a:96:19:
52:5a:5c:bc:32:fd:57:ed:1d:67:45:9e:ac:fb:ff:
fe:9b:35:bc:5f:dc:be:55:bd:18:b5:7f:a5:37:28:
34:6d:8b:36:16:db:21:56:fe:f6:e4:5c:ac:3c:f9:
7a:94:a8:f8:d9:1d:3e:83:73:54:0a:03:a7:fa:c2:
3e:19:16:31:ed:c5:15:b4:5a:9d:7a:4a:18:57:e3:
70:97:e8:cb:ed:b3:45:ce:6a:f6:14:bd:5b:76:1b:
ab:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:83:DB:9F:10:61:05:A4:8F:1C:07:BB:A3:44:B9:E8:5E:3F:CC:9E
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6f785be2-50dd-45bd-9ac2-90d8990855f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.154.0.0/15
Signature Algorithm: sha256WithRSAEncryption
40:13:ed:8e:71:ee:3f:46:2e:d3:99:9d:ae:1f:6d:96:e4:8a:
8c:4b:b6:b9:9d:47:c1:85:f1:57:45:f5:79:ed:8a:3b:51:61:
56:75:81:c1:05:1b:9e:11:04:8c:0d:62:06:d5:9d:69:e8:77:
97:25:0c:50:1e:23:6b:e8:74:5c:9d:34:29:be:d9:69:be:5c:
4d:da:87:09:12:53:e9:ea:92:48:2f:a6:b3:f0:5a:12:d4:94:
53:82:24:2f:33:98:9b:f1:b2:d8:9f:f6:10:65:95:a6:4a:20:
a3:f8:ba:eb:4f:19:43:b6:59:dd:42:5c:a9:4c:7a:43:ca:eb:
0a:c5:ca:bd:fa:07:55:40:c9:e4:a4:02:6a:f0:c5:19:b1:ea:
bc:94:36:5c:a7:27:1b:53:de:88:a7:62:63:09:0c:8c:b5:1a:
21:f7:e3:75:74:d7:ae:07:4f:3e:4c:d0:42:86:f2:a7:0a:13:
60:74:e2:a3:e7:b1:6c:97:1a:81:de:de:49:2b:5d:7d:99:46:
0c:72:e1:64:89:ef:68:fc:d8:1c:b4:33:48:d4:43:92:16:89:
61:c1:b5:af:9a:35:96:d8:46:e8:06:18:c0:58:c9:03:60:23:
df:76:64:78:37:b3:79:d1:a7:a0:ce:29:b9:e8:04:8e:6c:fa:
3e:30:1b:95
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUcT0/zEQqdkJ4sXQ4YK1lsopKT1IwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTMwMDAxMTU4WhcNMjUxMTA0MjM1OTU5
WjB6MUkwRwYDVQQFE0A2MmM2OTI3MGUyMTQ4ZmVmM2EzM2FmNDYyMTAxOGU3OTRh
ZGEzZDYxN2U2OGYyMGNiNjYzY2QzMTc3ZTQ5ZDNmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCSp4kXRURnpVLcgcCczscxlL/4zgsv4j6pEqtkHO2K07Xa
cChTWKCc9nzryjfa7QWaYCoZvRowAOcjl3KSWM0aseMX9qoaxDfq7FVu0aVfHaGF
BF14yoLxgPGXFmGJ0DLy7bjYTl7TmveGez7CgMgOuKSj46DHdzELOprfAAvU7cqv
BqqlAs0V5FOgipQFz7Cmz/8ArMlP7JVKRGC1PXdarGqWGVJaXLwy/VftHWdFnqz7
//6bNbxf3L5VvRi1f6U3KDRtizYW2yFW/vbkXKw8+XqUqPjZHT6Dc1QKA6f6wj4Z
FjHtxRW0Wp16ShhX43CX6Mvts0XOavYUvVt2G6tfAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUFoPbnxBhBaSPHAe7o0S56F4/zJ4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZmNzg1YmUyLTUwZGQtNDViZC05YWMyLTkwZDg5OTA4NTVmNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEQmjANBgkqhkiG9w0BAQsFAAOCAQEAQBPtjnHuP0Yu05mdrh9tluSKjEu2
uZ1HwYXxV0X1ee2KO1FhVnWBwQUbnhEEjA1iBtWdaeh3lyUMUB4ja+h0XJ00Kb7Z
ab5cTdqHCRJT6eqSSC+ms/BaEtSUU4IkLzOYm/Gy2J/2EGWVpkogo/i6608ZQ7ZZ
3UJcqUx6Q8rrCsXKvfoHVUDJ5KQCavDFGbHqvJQ2XKcnG1PeiKdiYwkMjLUaIffj
dXTXrgdPPkzQQobypwoTYHTio+exbJcagd7eSStdfZlGDHLhZInvaPzYHLQzSNRD
khaJYcG1r5o1lthG6AYYwFjJA2Aj33ZkeDezedGnoM4puegEjmz6PjAblQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:18:51 2025 by rpki-client