Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8b42cb5f-7b5f-4b99-a5c4-d40f3ee3356a.roa
File: 8b42cb5f-7b5f-4b99-a5c4-d40f3ee3356a.roa (raw, json)
Hash identifier: nlhS9YgIVmNt3MufMERh9ImvwgYTJWtyEf1LteOBgQI=
Subject key identifier: A4:B6:29:38:31:54:86:77:DD:D7:F6:2D:F7:39:F2:BA:7C:D2:70:76
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 0AC7816EB552B9A3ACF00CBA0E8EBE4C63A9D023
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8b42cb5f-7b5f-4b99-a5c4-d40f3ee3356a.roa
Signing time: Wed 01 Oct 2025 00:38:51 +0000
ROA not before: Wed 01 Oct 2025 00:38:51 +0000
ROA not after: Wed 05 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 54.22.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:c7:81:6e:b5:52:b9:a3:ac:f0:0c:ba:0e:8e:be:4c:63:a9:d0:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 1 00:38:51 2025 GMT
Not After : Nov 5 23:59:59 2025 GMT
Subject: serialNumber=8d39c57c62c20ddff1986e121b91f3f1f66aa8120da1588625fe5593f73a5686, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3d:88:03:06:8e:8d:3f:9c:c7:a5:48:bd:f5:
a3:b8:6b:9e:8c:de:af:e5:dd:04:c7:86:c1:6d:da:
ab:34:7e:b8:30:cf:2e:d5:d5:a6:b2:8c:fd:b4:41:
b9:cd:8b:fd:14:97:ee:1b:7a:b9:46:cd:6b:c0:a7:
ff:65:44:68:62:cc:28:6d:6f:39:c5:66:e6:26:9f:
32:74:c9:0a:d1:cf:f5:60:71:4e:3d:b9:a2:b1:98:
45:d5:ea:4a:84:a5:b9:2d:87:4b:bc:3f:1f:95:01:
83:e1:ed:75:b9:51:c5:a5:9f:2a:0c:c2:3b:76:86:
b3:76:95:39:c8:0d:26:79:b3:cd:23:d7:a8:6d:ba:
2b:28:9c:c7:09:61:d9:c6:e0:cc:11:58:d9:fd:a6:
df:32:ea:3d:82:d8:ea:3d:9d:6a:be:73:71:cb:28:
3b:7e:7e:7b:f7:4e:b6:4a:53:13:5e:50:17:6f:23:
06:56:6d:95:a6:47:d2:86:ea:a4:e7:23:dd:25:63:
45:fa:2d:58:b8:cc:34:c8:1c:a9:d6:03:f9:e5:f3:
17:fe:56:0b:0c:5e:bb:97:0f:3d:5b:75:32:0e:fd:
a0:cf:1a:32:58:c0:c5:46:ce:11:bf:dd:0d:ae:d1:
c3:da:a8:fb:5b:c1:da:14:7f:6d:2c:ce:f5:29:ff:
4f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:B6:29:38:31:54:86:77:DD:D7:F6:2D:F7:39:F2:BA:7C:D2:70:76
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8b42cb5f-7b5f-4b99-a5c4-d40f3ee3356a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
54.22.0.0/16
Signature Algorithm: sha256WithRSAEncryption
91:54:ac:5a:a1:df:b4:8a:da:bc:b7:85:7a:17:fb:f4:c8:ac:
c3:fd:1c:90:8d:cc:81:70:31:d7:17:77:57:43:87:f6:1d:21:
46:7c:e4:aa:48:12:9e:37:10:5b:4c:69:0c:89:74:61:25:32:
28:5b:d7:9f:8d:5e:ae:02:c2:12:76:ca:46:3c:bf:c9:91:97:
e0:c6:a0:82:db:e3:7a:97:37:23:53:e1:4e:b5:09:2f:c8:95:
67:50:67:72:c6:14:05:e2:65:fa:f8:23:ca:20:91:12:e7:bd:
80:d7:65:da:23:35:60:84:7b:3b:34:3a:4a:fa:ad:2a:fa:3c:
19:57:28:28:85:09:21:ef:3b:61:f4:ea:27:3d:ec:9c:a4:d5:
2c:f0:5f:b7:cf:2d:e1:5d:55:df:21:91:9c:34:d0:11:ee:ef:
f4:a0:27:5b:51:f4:52:b3:cf:16:25:8b:31:0a:ac:66:bd:b0:
4d:05:c6:24:f9:8f:f3:8b:fc:2f:81:73:86:5d:22:e4:9e:5d:
15:b1:cc:ee:d4:48:52:12:5e:75:1e:45:8a:c5:2e:ad:25:4d:
dd:bb:cb:8a:b3:ca:a5:16:22:fe:0f:42:3f:25:2b:71:5f:03:
fc:41:d0:f2:aa:0e:d0:ad:cc:30:67:24:c2:ac:71:b6:f8:38:
0e:92:2e:42
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUCseBbrVSuaOs8Ay6Do6+TGOp0CMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDAzODUxWhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZDM5YzU3YzYyYzIwZGRmZjE5ODZlMTIxYjkxZjNmMWY2
NmFhODEyMGRhMTU4ODYyNWZlNTU5M2Y3M2E1Njg2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4PYgDBo6NP5zHpUi99aO4a56M3q/l3QTHhsFt2qs0frgw
zy7V1aayjP20QbnNi/0Ul+4berlGzWvAp/9lRGhizChtbznFZuYmnzJ0yQrRz/Vg
cU49uaKxmEXV6kqEpbkth0u8Px+VAYPh7XW5UcWlnyoMwjt2hrN2lTnIDSZ5s80j
16htuisonMcJYdnG4MwRWNn9pt8y6j2C2Oo9nWq+c3HLKDt+fnv3TrZKUxNeUBdv
IwZWbZWmR9KG6qTnI90lY0X6LVi4zDTIHKnWA/nl8xf+VgsMXruXDz1bdTIO/aDP
GjJYwMVGzhG/3Q2u0cPaqPtbwdoUf20szvUp/09bAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUpLYpODFUhnfd1/Yt9znyunzScHYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhiNDJjYjVmLTdiNWYtNGI5OS1hNWM0LWQ0MGYzZWUzMzU2YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA2FjANBgkqhkiG9w0BAQsFAAOCAQEAkVSsWqHftIravLeFehf79Misw/0c
kI3MgXAx1xd3V0OH9h0hRnzkqkgSnjcQW0xpDIl0YSUyKFvXn41ergLCEnbKRjy/
yZGX4Maggtvjepc3I1PhTrUJL8iVZ1BncsYUBeJl+vgjyiCREue9gNdl2iM1YIR7
OzQ6SvqtKvo8GVcoKIUJIe87YfTqJz3snKTVLPBft88t4V1V3yGRnDTQEe7v9KAn
W1H0UrPPFiWLMQqsZr2wTQXGJPmP84v8L4Fzhl0i5J5dFbHM7tRIUhJedR5FisUu
rSVN3bvLirPKpRYi/g9CPyUrcV8D/EHQ8qoO0K3MMGckwqxxtvg4DpIuQg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:15:49 2025 by rpki-client