Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6fbdea52-d793-4be9-81a1-89ad122859f8.roa
File: 6fbdea52-d793-4be9-81a1-89ad122859f8.roa (raw, json)
Hash identifier: fp4IpsfKpkJVZPrhPcdXfjSKj8DwTXi4oYeN7SJH8pM=
Subject key identifier: BF:C4:8E:17:66:2E:B7:BD:00:97:5B:21:E4:C3:0A:2D:52:DB:19:86
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3E060B67F35B9BD6445A20835528C79C1BE6CAD4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6fbdea52-d793-4be9-81a1-89ad122859f8.roa
Signing time: Tue 14 Oct 2025 18:02:39 +0000
ROA not before: Tue 14 Oct 2025 18:02:39 +0000
ROA not after: Tue 18 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 71.152.115.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:06:0b:67:f3:5b:9b:d6:44:5a:20:83:55:28:c7:9c:1b:e6:ca:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 14 18:02:39 2025 GMT
Not After : Nov 18 23:59:59 2025 GMT
Subject: serialNumber=c216b42a8ff6236d4b8021dd674924961f59a60d3c91f03cb9d226e5ffa0c033, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:17:30:9d:3f:6d:aa:50:8e:99:4b:b2:51:14:
03:86:bc:1a:f4:27:d5:58:be:c0:71:31:06:f3:0b:
40:ba:9c:ae:49:08:37:96:a9:8f:43:0d:71:8f:d1:
24:eb:7a:7d:ca:7b:a1:d8:c4:1e:bd:5c:05:02:d5:
f3:5b:5a:33:60:04:14:f2:f9:0c:b7:c0:77:29:b3:
2b:cc:04:60:68:e4:a9:d3:c4:ff:3b:f7:d2:b9:85:
78:5f:25:58:e8:90:a2:47:0a:dd:ef:09:8a:24:c1:
ff:ec:75:40:6c:67:c5:c8:1e:7b:d3:12:1e:d9:4b:
c9:f5:e9:d9:c3:7a:42:ca:89:83:a2:ed:67:f1:f6:
06:bd:c2:9b:f1:39:e0:72:c1:8a:59:3b:bf:82:2e:
c6:d7:5d:b0:b2:17:0c:5f:14:57:8a:f4:00:87:2b:
44:39:83:18:1a:3b:44:44:af:5e:86:c8:e4:8a:f8:
a3:e0:27:77:03:f4:31:b7:d5:a3:3d:b3:dd:15:a9:
68:2e:f8:1b:4f:33:b0:12:44:3d:6e:6b:32:83:fd:
21:dc:1d:ba:e7:93:29:69:d8:cd:1a:64:67:41:99:
c6:39:aa:52:cd:f7:34:38:4b:b4:3b:b8:82:ad:10:
21:cb:49:86:e5:0c:ae:05:50:2c:38:79:e9:2e:e6:
5a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:C4:8E:17:66:2E:B7:BD:00:97:5B:21:E4:C3:0A:2D:52:DB:19:86
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6fbdea52-d793-4be9-81a1-89ad122859f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
71.152.115.0/24
Signature Algorithm: sha256WithRSAEncryption
88:8a:6e:5c:ea:f7:31:a1:e4:78:76:6d:f1:b4:03:3d:64:d6:
79:e0:6b:6a:b5:c7:d1:ba:62:04:59:8c:37:3b:61:6b:bb:80:
c1:cb:94:17:ef:91:52:d8:9d:e0:3e:cc:19:10:aa:a1:e1:a9:
7c:f3:d1:3e:ec:36:ac:a8:9d:08:1c:13:55:b1:a0:c1:a2:e5:
5e:ba:2d:13:86:fa:c2:c8:8a:ec:e7:cb:0b:8e:55:c1:06:4d:
c3:df:9d:97:97:85:d0:45:95:3e:8a:d5:30:de:a5:fe:be:57:
45:1c:b2:68:b8:2c:92:6e:42:61:f2:5f:78:15:48:97:0e:5f:
d0:fb:77:57:be:04:13:96:dc:02:52:50:60:41:69:2c:ed:64:
bf:36:76:ef:7c:b4:de:8d:75:74:f3:77:05:1f:4c:a8:6c:a2:
97:1d:f4:37:59:0a:9c:bb:9f:c0:fb:0c:39:95:d8:3d:6e:bf:
e2:0a:f8:05:c0:d5:a8:86:4d:db:78:ff:e0:94:ab:27:04:ac:
84:a7:7c:3d:24:5e:c2:6c:0a:f6:50:de:6a:b1:78:70:eb:8e:
eb:ca:36:23:eb:a4:ed:74:3d:a1:da:15:2b:ba:9c:8d:ad:bd:
01:ef:7f:c7:82:ac:8b:7f:93:3c:bc:87:e2:a6:d9:08:a1:0f:
6f:89:e9:3c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPgYLZ/Nbm9ZEWiCDVSjHnBvmytQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE0MTgwMjM5WhcNMjUxMTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BjMjE2YjQyYThmZjYyMzZkNGI4MDIxZGQ2NzQ5MjQ5NjFm
NTlhNjBkM2M5MWYwM2NiOWQyMjZlNWZmYTBjMDMzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDmFzCdP22qUI6ZS7JRFAOGvBr0J9VYvsBxMQbzC0C6nK5J
CDeWqY9DDXGP0STren3Ke6HYxB69XAUC1fNbWjNgBBTy+Qy3wHcpsyvMBGBo5KnT
xP8799K5hXhfJVjokKJHCt3vCYokwf/sdUBsZ8XIHnvTEh7ZS8n16dnDekLKiYOi
7Wfx9ga9wpvxOeBywYpZO7+CLsbXXbCyFwxfFFeK9ACHK0Q5gxgaO0REr16GyOSK
+KPgJ3cD9DG31aM9s90VqWgu+BtPM7ASRD1uazKD/SHcHbrnkylp2M0aZGdBmcY5
qlLN9zQ4S7Q7uIKtECHLSYblDK4FUCw4eeku5lotAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUv8SOF2Yut70Al1sh5MMKLVLbGYYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZmYmRlYTUyLWQ3OTMtNGJlOS04MWExLTg5YWQxMjI4NTlmOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABHmHMwDQYJKoZIhvcNAQELBQADggEBAIiKblzq9zGh5Hh2bfG0Az1k1nng
a2q1x9G6YgRZjDc7YWu7gMHLlBfvkVLYneA+zBkQqqHhqXzz0T7sNqyonQgcE1Wx
oMGi5V66LROG+sLIiuznywuOVcEGTcPfnZeXhdBFlT6K1TDepf6+V0Ucsmi4LJJu
QmHyX3gVSJcOX9D7d1e+BBOW3AJSUGBBaSztZL82du98tN6NdXTzdwUfTKhsopcd
9DdZCpy7n8D7DDmV2D1uv+IK+AXA1aiGTdt4/+CUqycErISnfD0kXsJsCvZQ3mqx
eHDrjuvKNiPrpO10PaHaFSu6nI2tvQHvf8eCrIt/kzy8h+Km2QihD2+J6Tw=
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:19:26 2025 by rpki-client