Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7f3b623f-c681-4e6d-9e60-f511e1eb20c0.roa
File: 7f3b623f-c681-4e6d-9e60-f511e1eb20c0.roa (raw, json)
Hash identifier: KK3bmUY8WTJJKOxWSFedeeTN5i1eNPy2EaJmbKfblvk=
Subject key identifier: B0:FE:D5:A8:65:15:08:E8:FF:46:89:54:93:2B:9D:4E:92:37:FD:5B
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4C239A5940C759535B2ECE731B658CF7DE9F6C3E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7f3b623f-c681-4e6d-9e60-f511e1eb20c0.roa
Signing time: Tue 14 Oct 2025 15:52:00 +0000
ROA not before: Tue 14 Oct 2025 15:52:00 +0000
ROA not after: Tue 18 Nov 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2600:1f69:5000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:23:9a:59:40:c7:59:53:5b:2e:ce:73:1b:65:8c:f7:de:9f:6c:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 14 15:52:00 2025 GMT
Not After : Nov 18 23:59:59 2025 GMT
Subject: serialNumber=8172c4e512d88b428ca7e48b1e5c630488bbf72720c46d710b5bb2bdb7d39730, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:30:2d:c0:bb:f3:89:ef:55:23:49:20:23:59:
be:47:40:5e:d2:06:a1:c5:2f:77:14:43:70:c3:df:
ae:dd:1f:53:24:68:5b:59:f3:61:c9:c3:09:4c:04:
74:1a:bb:4d:5f:12:d6:f4:a1:7f:dd:06:05:69:b9:
2b:d9:5a:d4:42:85:94:78:d0:0a:55:89:4c:32:3b:
fd:23:2d:77:b1:39:0e:f8:7e:f1:16:7d:31:8c:f1:
da:42:ae:93:49:77:13:99:19:77:9f:10:48:94:01:
74:14:af:fc:a2:c9:3f:1e:3c:47:2d:cd:e3:ef:ce:
47:9e:79:c4:a9:11:e1:1e:36:cd:e4:ae:74:ba:86:
d3:18:1c:d4:07:36:b2:db:12:fe:96:95:ac:9e:ce:
58:dc:56:98:00:12:ff:60:91:db:19:06:aa:2a:0f:
1d:91:b3:5e:53:df:8a:42:e6:db:db:35:04:f4:21:
be:13:0b:1f:b5:e9:c2:de:1c:c4:a7:c6:14:db:57:
50:89:c4:d2:98:41:31:d7:fd:bd:cb:6f:28:21:17:
21:f8:e1:e7:85:3f:7c:68:30:87:e2:67:20:3d:28:
6d:9c:85:f6:a3:9a:ce:76:a4:07:d1:9a:d9:b4:39:
96:12:2a:54:83:a2:e1:3c:f0:1b:af:91:43:6f:35:
83:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:FE:D5:A8:65:15:08:E8:FF:46:89:54:93:2B:9D:4E:92:37:FD:5B
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7f3b623f-c681-4e6d-9e60-f511e1eb20c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1f69:5000::/40
Signature Algorithm: sha256WithRSAEncryption
b8:61:ad:29:3a:d9:c7:68:d6:b2:dd:d6:13:e6:ae:9f:ef:93:
e1:e2:ed:fd:a0:20:bf:eb:0f:79:fe:3d:eb:20:0a:e5:e9:96:
fa:b7:f2:f6:ee:7c:9f:bf:7c:99:07:de:e9:a5:0c:ff:85:86:
4b:ba:89:a2:0d:31:f9:32:b3:e5:9a:eb:35:65:cb:9c:59:d3:
6e:72:db:02:3a:c5:cd:f4:e9:65:cc:9f:99:ce:30:db:c0:6a:
cb:4f:30:e5:ca:92:ca:36:dd:d5:c1:81:df:6a:b1:88:0d:f1:
e4:42:fa:da:46:33:de:77:27:cd:4e:8a:81:14:21:6f:22:4d:
d0:b4:81:e1:4b:a2:79:2d:6f:a4:46:d9:30:c6:03:3c:0d:ed:
13:0b:0f:3e:47:0f:b0:39:01:64:6a:3f:a3:94:28:9d:04:33:
1d:64:56:7e:a4:18:64:97:b4:78:3f:97:5d:07:17:bb:bc:06:
14:0f:29:35:ba:98:57:a7:91:2d:b0:2c:c7:50:16:89:d5:05:
5e:e8:c5:c7:36:ea:29:80:52:d9:98:6f:a9:15:12:31:56:7e:
d1:f1:f0:59:b1:75:0a:f7:d5:00:c2:49:19:8a:6e:d1:a1:8d:
6f:86:76:d2:6b:5e:4e:4a:5f:c1:99:55:a9:ce:ca:3a:51:ba:
e2:a3:a7:9b
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUTCOaWUDHWVNbLs5zG2WM996fbD4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE0MTU1MjAwWhcNMjUxMTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A4MTcyYzRlNTEyZDg4YjQyOGNhN2U0OGIxZTVjNjMwNDg4
YmJmNzI3MjBjNDZkNzEwYjViYjJiZGI3ZDM5NzMwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCHMC3Au/OJ71UjSSAjWb5HQF7SBqHFL3cUQ3DD367dH1Mk
aFtZ82HJwwlMBHQau01fEtb0oX/dBgVpuSvZWtRChZR40ApViUwyO/0jLXexOQ74
fvEWfTGM8dpCrpNJdxOZGXefEEiUAXQUr/yiyT8ePEctzePvzkeeecSpEeEeNs3k
rnS6htMYHNQHNrLbEv6WlayezljcVpgAEv9gkdsZBqoqDx2Rs15T34pC5tvbNQT0
Ib4TCx+16cLeHMSnxhTbV1CJxNKYQTHX/b3LbyghFyH44eeFP3xoMIfiZyA9KG2c
hfajms52pAfRmtm0OZYSKlSDouE88BuvkUNvNYN9AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUsP7VqGUVCOj/RolUkyudTpI3/VswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdmM2I2MjNmLWM2ODEtNGU2ZC05ZTYwLWY1MTFlMWViMjBjMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9pUDANBgkqhkiG9w0BAQsFAAOCAQEAuGGtKTrZx2jWst3WE+aun++T
4eLt/aAgv+sPef496yAK5emW+rfy9u58n798mQfe6aUM/4WGS7qJog0x+TKz5Zrr
NWXLnFnTbnLbAjrFzfTpZcyfmc4w28Bqy08w5cqSyjbd1cGB32qxiA3x5EL62kYz
3ncnzU6KgRQhbyJN0LSB4UuieS1vpEbZMMYDPA3tEwsPPkcPsDkBZGo/o5QonQQz
HWRWfqQYZJe0eD+XXQcXu7wGFA8pNbqYV6eRLbAsx1AWidUFXujFxzbqKYBS2Zhv
qRUSMVZ+0fHwWbF1CvfVAMJJGYpu0aGNb4Z20mteTkpfwZlVqc7KOlG64qOnmw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:25:00 2025 by rpki-client