Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/72a7c231-dc49-4e1e-8a38-37649f06c626.roa
File: 72a7c231-dc49-4e1e-8a38-37649f06c626.roa (raw, json)
Hash identifier: 2kydT0sxdMRRNAnBpACqPe2veLrCNVMkl6+kbjvbe3Y=
Subject key identifier: EA:D8:6B:4C:44:C9:56:44:96:4E:99:30:29:72:EC:DB:05:A5:C6:CF
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 6C9672C123E40B9B4E9291EBD17BF0BA2347156B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/72a7c231-dc49-4e1e-8a38-37649f06c626.roa
Signing time: Fri 17 Oct 2025 20:30:31 +0000
ROA not before: Fri 17 Oct 2025 20:30:31 +0000
ROA not after: Fri 21 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1f38:7480::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:96:72:c1:23:e4:0b:9b:4e:92:91:eb:d1:7b:f0:ba:23:47:15:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 17 20:30:31 2025 GMT
Not After : Nov 21 23:59:59 2025 GMT
Subject: serialNumber=e110fa53b9b387adbfaa73ffb5af00e473b38f6518f82392a9d9f9c118a68634, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:66:9d:00:b0:91:c5:2c:f5:0c:ae:e5:dd:d4:
38:4d:94:76:1f:28:7a:8c:8a:7e:aa:7f:38:d8:71:
2c:a1:b1:f3:4c:a7:6f:80:fa:4f:1a:d3:76:f9:87:
78:b1:d2:54:ec:a9:d2:9d:5b:3d:74:ba:98:08:e4:
b8:34:9d:38:38:51:30:aa:5d:bd:52:73:08:cb:9d:
c4:fd:03:56:00:d5:91:fa:d8:6a:c2:90:e7:0a:72:
7a:78:35:23:85:de:d2:4d:c7:b9:30:78:4c:cd:56:
24:9b:25:58:a0:98:09:f6:69:8d:47:ac:c5:bc:99:
29:1c:ce:08:f8:6a:9d:f3:84:77:94:b9:d2:e7:3d:
de:06:bb:30:61:b8:f6:1c:01:3b:aa:89:ff:ce:6b:
98:2b:4d:2b:b5:28:36:7d:63:c9:1d:91:c1:ab:cb:
09:c2:f3:62:24:58:2b:f5:37:a6:4e:cb:bb:88:2f:
65:32:0b:58:f7:73:2b:5f:45:e0:9d:58:52:37:27:
28:c2:59:c6:77:3b:71:2d:9f:cc:15:5c:80:e4:9b:
15:f9:96:81:47:cd:c5:7c:2c:8a:25:52:23:47:3d:
a5:e0:1b:d2:13:8a:bb:39:d8:45:62:9c:c7:88:d9:
15:07:22:be:de:ce:8e:03:e1:ab:49:f9:58:12:17:
52:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:D8:6B:4C:44:C9:56:44:96:4E:99:30:29:72:EC:DB:05:A5:C6:CF
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/72a7c231-dc49-4e1e-8a38-37649f06c626.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1f38:7480::/48
Signature Algorithm: sha256WithRSAEncryption
91:4f:f1:68:0e:94:d8:b0:be:83:f8:3c:99:30:79:51:6d:e7:
32:b7:2b:5c:60:c9:84:68:d8:9d:63:69:2b:75:0f:c0:ae:50:
06:c0:79:04:a8:be:e6:62:90:74:70:8e:7b:bb:7d:c9:8b:a2:
7a:f3:2a:ed:96:4f:31:1d:57:79:1b:ff:07:45:f2:ab:8d:1a:
87:02:90:b9:d9:11:31:ca:78:54:73:7e:90:8c:13:66:74:b4:
3e:c8:0b:ab:96:f1:de:1b:d9:75:bc:9c:a8:f7:97:66:fb:3e:
a1:a7:6a:12:e2:48:90:46:f0:b7:dc:fc:78:37:4e:2b:5f:36:
4f:21:b4:9b:e7:14:f8:53:94:f7:b3:1d:c7:d1:f0:80:f6:54:
5e:df:7a:44:55:74:52:6e:1e:bb:66:83:d5:c5:d3:02:e3:e3:
fa:9c:a6:cd:6c:b6:9a:aa:7c:40:45:17:67:78:f6:fa:31:5e:
36:9e:44:e8:c2:b8:82:b4:27:52:a1:12:d2:16:a0:44:9b:c8:
d5:f2:c5:03:96:7d:db:c8:32:0b:73:46:60:2b:86:ae:5f:0d:
ee:ee:ac:55:ed:c2:22:c1:b0:48:68:b2:a4:e9:bd:b1:a3:7d:
b4:da:68:3b:c7:95:4f:57:a3:fb:26:aa:96:5f:fd:7a:87:87:
df:08:21:a9
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUbJZywSPkC5tOkpHr0XvwuiNHFWswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE3MjAzMDMxWhcNMjUxMTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0BlMTEwZmE1M2I5YjM4N2FkYmZhYTczZmZiNWFmMDBlNDcz
YjM4ZjY1MThmODIzOTJhOWQ5ZjljMTE4YTY4NjM0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDtZp0AsJHFLPUMruXd1DhNlHYfKHqMin6qfzjYcSyhsfNM
p2+A+k8a03b5h3ix0lTsqdKdWz10upgI5Lg0nTg4UTCqXb1ScwjLncT9A1YA1ZH6
2GrCkOcKcnp4NSOF3tJNx7kweEzNViSbJVigmAn2aY1HrMW8mSkczgj4ap3zhHeU
udLnPd4GuzBhuPYcATuqif/Oa5grTSu1KDZ9Y8kdkcGrywnC82IkWCv1N6ZOy7uI
L2UyC1j3cytfReCdWFI3JyjCWcZ3O3Etn8wVXIDkmxX5loFHzcV8LIolUiNHPaXg
G9ITirs52EVinMeI2RUHIr7ezo4D4atJ+VgSF1JrAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU6thrTETJVkSWTpkwKXLs2wWlxs8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzcyYTdjMjMxLWRjNDktNGUxZS04YTM4LTM3NjQ5ZjA2YzYyNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB84dIAwDQYJKoZIhvcNAQELBQADggEBAJFP8WgOlNiwvoP4PJkweVFt
5zK3K1xgyYRo2J1jaSt1D8CuUAbAeQSovuZikHRwjnu7fcmLonrzKu2WTzEdV3kb
/wdF8quNGocCkLnZETHKeFRzfpCME2Z0tD7IC6uW8d4b2XW8nKj3l2b7PqGnahLi
SJBG8Lfc/Hg3TitfNk8htJvnFPhTlPezHcfR8ID2VF7fekRVdFJuHrtmg9XF0wLj
4/qcps1stpqqfEBFF2d49voxXjaeROjCuIK0J1KhEtIWoESbyNXyxQOWfdvIMgtz
RmArhq5fDe7urFXtwiLBsEhosqTpvbGjfbTaaDvHlU9Xo/smqpZf/XqHh98IIak=
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:38:33 2025 by rpki-client