Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/829833e2-4bd5-44b5-ae26-554c86468938.roa
File: 829833e2-4bd5-44b5-ae26-554c86468938.roa (raw, json)
Hash identifier: eL3QRrqIzBbjZHmd8DzcXlYBfCkthiYEKeAbQhygwzc=
Subject key identifier: 6E:B8:A0:23:16:13:17:EC:39:55:6E:25:FA:CD:78:A4:F7:9F:69:E7
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2435A4A251BB649A940783D1C734A7BC59A16068
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/829833e2-4bd5-44b5-ae26-554c86468938.roa
Signing time: Tue 07 Oct 2025 15:01:19 +0000
ROA not before: Tue 07 Oct 2025 15:01:19 +0000
ROA not after: Tue 11 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 65.17.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:35:a4:a2:51:bb:64:9a:94:07:83:d1:c7:34:a7:bc:59:a1:60:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 7 15:01:19 2025 GMT
Not After : Nov 11 23:59:59 2025 GMT
Subject: serialNumber=4968c4fb5ae11a67adb1ff82bb3f8d031ad845bece082b94e3753cc1166a7539, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:d5:7d:e5:48:97:57:02:d8:a1:46:e2:51:55:
67:14:b2:44:a4:5e:58:80:52:11:bc:a9:b5:d7:89:
4d:40:45:e0:0a:18:f9:3e:88:f8:15:0b:eb:62:e7:
a6:a9:1b:bb:09:13:70:34:28:ea:85:78:7c:a6:50:
87:32:1d:a3:15:c3:60:0c:7d:8f:ab:5b:9e:37:ce:
b0:c9:1e:2a:8c:e2:af:19:ba:67:99:c7:a9:e1:65:
39:a3:23:b7:0d:b3:01:ff:19:52:da:70:b7:4f:97:
fc:80:18:66:27:68:a6:c2:ee:e1:42:b3:6b:49:79:
0a:50:07:e0:96:51:e1:e5:e5:3a:6d:9b:43:b0:4e:
c9:12:27:ae:e3:47:17:c4:e5:63:9d:3d:48:32:c7:
fd:12:f5:4d:2b:86:06:8e:27:a9:0a:15:cd:ea:44:
d9:27:3f:e2:71:18:f6:1f:5d:7d:b1:f6:26:d0:d0:
4a:15:0a:33:bb:9d:6f:fb:8c:b2:52:3d:54:02:7b:
e0:c7:b3:6d:30:89:af:c0:95:09:70:83:20:dd:27:
72:ed:ca:3b:df:a3:db:5b:bd:0c:ae:e1:52:0f:7b:
c9:67:ed:3f:a0:f7:73:cb:af:b8:2b:29:77:6c:72:
c3:0b:e2:58:4d:b4:a4:6c:d4:97:84:d5:be:ac:fb:
c3:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:B8:A0:23:16:13:17:EC:39:55:6E:25:FA:CD:78:A4:F7:9F:69:E7
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/829833e2-4bd5-44b5-ae26-554c86468938.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
65.17.0.0/17
Signature Algorithm: sha256WithRSAEncryption
a5:93:b1:47:54:af:3f:d1:5c:9a:72:ca:44:32:f5:03:6c:10:
cc:b7:e1:5e:46:ce:5f:63:65:01:85:76:d6:bb:5b:04:d7:3b:
aa:10:a5:34:63:2d:23:44:25:26:16:97:d8:34:a1:84:24:62:
82:45:0a:fc:ad:17:af:05:06:e7:80:72:4a:5d:d8:41:f4:a4:
f6:bf:c8:3d:db:81:e4:ea:a4:6b:cb:25:77:73:dd:7c:0b:82:
33:03:d0:2c:e2:31:2b:d3:70:fd:2e:e7:fa:0f:b4:ab:e5:73:
70:68:3f:88:6b:7d:17:7d:79:0a:86:e6:12:73:ef:b9:ef:6f:
09:5a:3a:62:fd:45:1f:90:1d:3d:05:c9:d0:35:71:b4:82:11:
ef:c6:da:ee:f3:22:f3:cf:78:95:7a:2b:4b:65:96:d0:b2:99:
3f:55:72:e3:ba:f0:5f:56:c8:07:26:65:fa:13:0c:e4:ad:4d:
a2:bc:2b:f2:9e:33:c4:66:e0:47:fc:20:4d:3a:82:82:de:29:
1f:96:71:a6:ac:0d:c7:5d:65:71:00:f1:8b:e8:7d:33:78:2a:
d9:b9:d9:aa:84:c1:66:da:fb:41:70:b1:34:d4:8f:19:96:cd:
20:9b:68:c4:c6:08:7b:0e:31:08:2b:59:9a:ab:60:8f:c0:b0:
5a:4a:79:b6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJDWkolG7ZJqUB4PRxzSnvFmhYGgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA3MTUwMTE5WhcNMjUxMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0A0OTY4YzRmYjVhZTExYTY3YWRiMWZmODJiYjNmOGQwMzFh
ZDg0NWJlY2UwODJiOTRlMzc1M2NjMTE2NmE3NTM5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDT1X3lSJdXAtihRuJRVWcUskSkXliAUhG8qbXXiU1AReAK
GPk+iPgVC+ti56apG7sJE3A0KOqFeHymUIcyHaMVw2AMfY+rW543zrDJHiqM4q8Z
umeZx6nhZTmjI7cNswH/GVLacLdPl/yAGGYnaKbC7uFCs2tJeQpQB+CWUeHl5Tpt
m0OwTskSJ67jRxfE5WOdPUgyx/0S9U0rhgaOJ6kKFc3qRNknP+JxGPYfXX2x9ibQ
0EoVCjO7nW/7jLJSPVQCe+DHs20wia/AlQlwgyDdJ3Ltyjvfo9tbvQyu4VIPe8ln
7T+g93PLr7grKXdscsML4lhNtKRs1JeE1b6s+8PrAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUbrigIxYTF+w5VW4l+s14pPefaecwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzgyOTgzM2UyLTRiZDUtNDRiNS1hZTI2LTU1NGM4NjQ2ODkzOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAdBEQAwDQYJKoZIhvcNAQELBQADggEBAKWTsUdUrz/RXJpyykQy9QNsEMy3
4V5Gzl9jZQGFdta7WwTXO6oQpTRjLSNEJSYWl9g0oYQkYoJFCvytF68FBueAckpd
2EH0pPa/yD3bgeTqpGvLJXdz3XwLgjMD0CziMSvTcP0u5/oPtKvlc3BoP4hrfRd9
eQqG5hJz77nvbwlaOmL9RR+QHT0FydA1cbSCEe/G2u7zIvPPeJV6K0tlltCymT9V
cuO68F9WyAcmZfoTDOStTaK8K/KeM8Rm4Ef8IE06goLeKR+WcaasDcddZXEA8Yvo
fTN4Ktm52aqEwWba+0FwsTTUjxmWzSCbaMTGCHsOMQgrWZqrYI/AsFpKebY=
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:24:26 2025 by rpki-client