Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/799c386f-67bd-428b-8c5a-c04024c7aaf2.roa
File: 799c386f-67bd-428b-8c5a-c04024c7aaf2.roa (raw, json)
Hash identifier: USVJVwRicuaTKbRUSfp9beUoouLVNCsNeXnGujvhANs=
Subject key identifier: 4E:6F:34:CF:80:F3:D9:FB:BF:84:A1:BE:C7:4B:F6:13:B5:30:CB:1B
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 5ADE91276D8E119A3BCC3B8A85F9F6ADEB803EE9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/799c386f-67bd-428b-8c5a-c04024c7aaf2.roa
Signing time: Wed 01 Oct 2025 00:01:16 +0000
ROA not before: Wed 01 Oct 2025 00:01:16 +0000
ROA not after: Wed 05 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 16.137.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:de:91:27:6d:8e:11:9a:3b:cc:3b:8a:85:f9:f6:ad:eb:80:3e:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 1 00:01:16 2025 GMT
Not After : Nov 5 23:59:59 2025 GMT
Subject: serialNumber=a710b95371c9324d0013f3032a0335ec24db8a505c43f7875be6f85e0df7704a, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:bc:5d:fc:4c:8d:2d:89:8c:01:8d:e4:c9:86:
f8:db:6b:3c:53:05:a6:62:d4:14:14:55:30:03:17:
bb:be:dc:15:19:97:57:18:fb:c5:c5:de:08:03:a4:
e7:0c:77:a0:b1:10:99:05:cc:cd:0b:45:20:db:77:
8d:8d:ba:66:41:e7:7b:f3:da:75:c3:f0:d3:91:01:
cb:41:0f:31:ac:89:d5:a4:37:a7:e7:cb:59:d2:1e:
d5:cc:e5:ea:78:76:67:ce:46:27:74:3b:04:0e:90:
fd:f9:da:b9:b0:3d:54:e4:97:4d:35:14:6b:b1:e6:
38:7d:58:ee:c4:25:ac:29:b5:92:83:2f:dc:0a:72:
6c:da:65:f1:14:eb:b8:6c:ef:6d:e6:d8:61:32:a9:
df:59:cb:60:bb:40:ce:7b:7a:b2:02:4e:93:e1:1e:
ca:99:be:ff:9b:36:86:55:e4:f1:f6:e5:b2:7b:a4:
a9:a6:fa:77:1e:a7:be:98:f5:07:07:35:ff:d5:5a:
78:d7:ea:99:82:9f:05:b7:a0:40:f1:c1:de:de:f3:
28:13:a0:e3:c2:96:78:84:44:2e:31:ec:ef:57:c5:
72:fa:01:cb:3e:51:0a:2d:b7:80:b7:48:9d:68:88:
0a:1a:a4:06:77:75:6d:f1:f3:eb:46:e3:21:c4:5a:
ff:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:6F:34:CF:80:F3:D9:FB:BF:84:A1:BE:C7:4B:F6:13:B5:30:CB:1B
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/799c386f-67bd-428b-8c5a-c04024c7aaf2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.137.0.0/16
Signature Algorithm: sha256WithRSAEncryption
61:d7:3d:5e:5f:54:eb:d9:6b:0d:4a:b7:50:44:a6:be:6d:89:
a9:f3:76:a0:83:67:a4:dc:7b:30:a4:69:3e:25:12:8f:bb:5b:
d0:6e:99:a3:1c:18:be:19:03:a3:9a:78:5c:4f:86:6d:24:3a:
10:1e:5f:06:c0:c9:49:5a:9c:39:87:0d:5c:08:41:aa:c1:58:
cf:9e:f3:ba:12:a4:52:3c:60:76:7e:ce:15:c9:72:8f:d4:37:
5f:85:eb:37:62:da:b7:e3:25:f8:a8:8c:aa:16:3b:da:f5:21:
59:a4:33:0d:9f:87:11:4d:d3:1a:1a:46:a1:05:84:2d:d2:c4:
4a:f7:8a:28:e8:40:96:01:0b:8b:07:ab:dc:19:bc:e4:51:b7:
a8:32:13:a6:57:1e:a3:00:0c:32:7e:56:f3:c5:d0:aa:db:e6:
50:7b:5b:e1:d0:1b:38:0c:9a:95:c1:20:5a:3f:2b:a3:a6:6c:
df:17:10:02:e7:3b:66:ed:bc:ca:f9:4c:ee:80:cf:da:ef:e3:
e7:3f:64:3c:8a:67:86:94:f4:9f:6a:fb:15:64:c8:ac:66:69:
33:cf:4d:2d:48:d4:1f:5d:35:63:41:bb:8a:f8:e0:e0:97:36:
b1:97:de:09:fd:e9:1d:2b:ba:d9:79:a1:e4:22:e0:cd:5d:92:
5c:ba:2d:97
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUWt6RJ22OEZo7zDuKhfn2reuAPukwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDAwMTE2WhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BhNzEwYjk1MzcxYzkzMjRkMDAxM2YzMDMyYTAzMzVlYzI0
ZGI4YTUwNWM0M2Y3ODc1YmU2Zjg1ZTBkZjc3MDRhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4vF38TI0tiYwBjeTJhvjbazxTBaZi1BQUVTADF7u+3BUZ
l1cY+8XF3ggDpOcMd6CxEJkFzM0LRSDbd42NumZB53vz2nXD8NORActBDzGsidWk
N6fny1nSHtXM5ep4dmfORid0OwQOkP352rmwPVTkl001FGux5jh9WO7EJawptZKD
L9wKcmzaZfEU67hs723m2GEyqd9Zy2C7QM57erICTpPhHsqZvv+bNoZV5PH25bJ7
pKmm+ncep76Y9QcHNf/VWnjX6pmCnwW3oEDxwd7e8ygToOPClniERC4x7O9XxXL6
Acs+UQott4C3SJ1oiAoapAZ3dW3x8+tG4yHEWv/VAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUTm80z4Dz2fu/hKG+x0v2E7UwyxswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc5OWMzODZmLTY3YmQtNDI4Yi04YzVhLWMwNDAyNGM3YWFmMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQiTANBgkqhkiG9w0BAQsFAAOCAQEAYdc9Xl9U69lrDUq3UESmvm2JqfN2
oINnpNx7MKRpPiUSj7tb0G6ZoxwYvhkDo5p4XE+GbSQ6EB5fBsDJSVqcOYcNXAhB
qsFYz57zuhKkUjxgdn7OFclyj9Q3X4XrN2Lat+Ml+KiMqhY72vUhWaQzDZ+HEU3T
GhpGoQWELdLESveKKOhAlgELiwer3Bm85FG3qDITplceowAMMn5W88XQqtvmUHtb
4dAbOAyalcEgWj8ro6Zs3xcQAuc7Zu28yvlM7oDP2u/j5z9kPIpnhpT0n2r7FWTI
rGZpM89NLUjUH101Y0G7ivjg4Jc2sZfeCf3pHSu62Xmh5CLgzV2SXLotlw==
-----END CERTIFICATE-----
Generated at Tue Oct 21 02:09:09 2025 by rpki-client