Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8d6a073e-457b-4a4f-9f39-59ba5c5efc92.roa
File: 8d6a073e-457b-4a4f-9f39-59ba5c5efc92.roa (raw, json)
Hash identifier: Zndlp1UCSqVN26Gn6GLfIoSnoRIIw80aJ3au5g1n3Jk=
Subject key identifier: 2D:70:31:1A:37:17:31:C5:19:68:39:0A:44:1F:C3:D0:AA:A5:2F:00
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 300ACCC027E6766509BECAB1FE085244D01DF635
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8d6a073e-457b-4a4f-9f39-59ba5c5efc92.roa
Signing time: Wed 01 Oct 2025 00:01:13 +0000
ROA not before: Wed 01 Oct 2025 00:01:13 +0000
ROA not after: Wed 05 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 158.80.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:0a:cc:c0:27:e6:76:65:09:be:ca:b1:fe:08:52:44:d0:1d:f6:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 1 00:01:13 2025 GMT
Not After : Nov 5 23:59:59 2025 GMT
Subject: serialNumber=94dbd5202bf95a64e52747a40441bd9d0af3954ad1dff0ae1b025bfbd8df8f37, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:5a:7b:d6:b0:09:2f:c8:0a:99:2d:0d:94:a3:
73:80:ab:b4:6e:da:09:61:54:b3:51:61:6a:4c:c2:
5d:58:a3:c9:e1:2c:e1:10:57:7a:b0:7a:d8:98:3b:
8f:ce:9f:3e:b7:fc:10:a8:2f:a9:f5:d1:bd:ef:89:
be:2a:2c:cd:b0:b2:3a:b2:dc:85:1f:86:94:1e:44:
68:c2:6c:45:eb:45:ba:54:f5:11:5b:1c:af:26:e6:
b8:31:6b:3b:25:ff:e8:b6:6a:b9:ce:a3:e0:30:8e:
1d:d9:ef:96:f1:fc:2a:5a:03:ac:14:be:33:ec:75:
1d:7f:bc:8d:53:2e:a8:9c:a7:a7:7c:76:1d:b6:8e:
cd:3c:f1:0f:62:f6:8f:45:bd:83:f3:ab:54:92:0a:
da:bc:4b:58:62:b4:f9:a3:bc:8a:db:c4:08:73:d5:
43:2f:d3:bf:3a:8f:07:e0:07:a4:b4:6f:25:25:68:
f1:3d:e5:92:a6:89:a9:c9:29:b7:d0:a1:7a:e6:42:
96:12:e6:82:6a:8a:6b:dd:5d:8c:c1:18:62:5f:29:
44:77:e4:19:e4:52:27:ca:d3:c2:a5:2a:66:8f:9f:
15:2e:77:2b:e4:28:bc:7a:2f:fa:98:19:a7:b2:1d:
a0:1c:73:31:30:a5:a8:4d:88:a4:99:0d:6f:64:e4:
51:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:70:31:1A:37:17:31:C5:19:68:39:0A:44:1F:C3:D0:AA:A5:2F:00
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8d6a073e-457b-4a4f-9f39-59ba5c5efc92.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.80.0.0/17
Signature Algorithm: sha256WithRSAEncryption
26:4e:6b:bb:82:ec:4a:58:61:b3:e9:10:32:99:94:fa:ed:3c:
85:b7:74:ab:7f:57:a4:49:85:55:85:3d:20:05:b5:9a:da:82:
a4:e5:64:f5:6b:03:aa:36:35:e9:ca:2d:49:7f:93:9c:16:c8:
c0:db:9a:f1:80:31:5e:0b:c6:28:4c:da:bd:42:27:8d:62:23:
ce:23:b8:40:28:a5:42:1f:3d:f4:61:49:83:71:d4:27:7f:65:
80:33:9b:f0:49:35:91:dc:88:5e:27:0b:86:c1:eb:79:90:f1:
8e:44:42:e5:90:89:50:f3:d1:24:e0:6c:c8:98:6a:70:2a:a8:
01:88:ee:2a:2d:93:93:ce:b1:8c:40:df:6a:76:73:d3:bb:fd:
38:78:0d:f2:0a:10:f2:d1:52:cc:2d:2a:2d:62:2b:91:83:9d:
4f:be:ef:7d:63:e1:ca:21:5d:05:fe:92:a5:aa:e7:82:d7:73:
9a:93:06:ee:8a:4d:6b:66:17:17:c6:bd:8e:a5:ea:f5:14:3e:
72:df:f0:62:bc:6c:53:f3:a7:1d:ab:0d:ef:98:01:a6:33:40:
84:41:d4:d2:1b:e0:73:f8:b9:5f:a3:4f:c1:a6:a3:c4:e1:e5:
29:3d:65:d8:47:a8:97:6b:9f:63:df:12:d8:91:a7:0d:d3:7a:
93:d1:d3:18
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMArMwCfmdmUJvsqx/ghSRNAd9jUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDAwMTEzWhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A5NGRiZDUyMDJiZjk1YTY0ZTUyNzQ3YTQwNDQxYmQ5ZDBh
ZjM5NTRhZDFkZmYwYWUxYjAyNWJmYmQ4ZGY4ZjM3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDAWnvWsAkvyAqZLQ2Uo3OAq7Ru2glhVLNRYWpMwl1Yo8nh
LOEQV3qwetiYO4/Onz63/BCoL6n10b3vib4qLM2wsjqy3IUfhpQeRGjCbEXrRbpU
9RFbHK8m5rgxazsl/+i2arnOo+Awjh3Z75bx/CpaA6wUvjPsdR1/vI1TLqicp6d8
dh22js088Q9i9o9FvYPzq1SSCtq8S1hitPmjvIrbxAhz1UMv0786jwfgB6S0byUl
aPE95ZKmianJKbfQoXrmQpYS5oJqimvdXYzBGGJfKUR35BnkUifK08KlKmaPnxUu
dyvkKLx6L/qYGaeyHaAcczEwpahNiKSZDW9k5FE3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQULXAxGjcXMcUZaDkKRB/D0KqlLwAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhkNmEwNzNlLTQ1N2ItNGE0Zi05ZjM5LTU5YmE1YzVlZmM5Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAeeUAAwDQYJKoZIhvcNAQELBQADggEBACZOa7uC7EpYYbPpEDKZlPrtPIW3
dKt/V6RJhVWFPSAFtZragqTlZPVrA6o2NenKLUl/k5wWyMDbmvGAMV4LxihM2r1C
J41iI84juEAopUIfPfRhSYNx1Cd/ZYAzm/BJNZHciF4nC4bB63mQ8Y5EQuWQiVDz
0STgbMiYanAqqAGI7iotk5POsYxA32p2c9O7/Th4DfIKEPLRUswtKi1iK5GDnU++
731j4cohXQX+kqWq54LXc5qTBu6KTWtmFxfGvY6l6vUUPnLf8GK8bFPzpx2rDe+Y
AaYzQIRB1NIb4HP4uV+jT8Gmo8Th5Sk9ZdhHqJdrn2PfEtiRpw3TepPR0xg=
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:10:34 2025 by rpki-client