Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8e2ea47c-7af2-420d-8695-f2f769b2008c.roa
File: 8e2ea47c-7af2-420d-8695-f2f769b2008c.roa (raw, json)
Hash identifier: 8iEgTbAI/mu6nY0l2F/pzFOvmZfvzYMLByG5OFATmHk=
Subject key identifier: 17:80:D8:E8:A3:32:83:FB:16:F5:23:67:CD:B3:AC:BC:93:91:B3:4F
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 73FDBF31398597939677EB68B1C61346E9ECA8EF
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8e2ea47c-7af2-420d-8695-f2f769b2008c.roa
Signing time: Sun 19 Oct 2025 01:20:13 +0000
ROA not before: Sun 19 Oct 2025 01:20:13 +0000
ROA not after: Sun 23 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 56.245.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:fd:bf:31:39:85:97:93:96:77:eb:68:b1:c6:13:46:e9:ec:a8:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 19 01:20:13 2025 GMT
Not After : Nov 23 23:59:59 2025 GMT
Subject: serialNumber=acf5664fe42030c9e840b7086bddb3a20db6cfe74856d38348578b5b8b76f713, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:1b:1b:0f:15:ca:aa:cf:ef:bb:27:28:a3:14:
56:73:e3:87:8e:95:d9:dd:a4:e7:b2:6e:e9:fc:47:
12:18:e5:c1:31:d1:14:1c:b9:ab:1c:c8:09:da:a8:
24:ef:15:35:88:40:d5:35:17:45:69:6e:93:9b:b5:
25:6a:31:21:df:30:09:3e:af:a1:b2:f2:74:53:2d:
09:3b:f3:a9:d5:1b:24:06:57:f3:64:65:6b:36:9d:
aa:49:d1:20:1f:0f:2f:9a:f5:bc:15:d9:b2:fd:8d:
20:7f:75:b9:20:d7:cd:cb:e8:06:00:f2:95:7a:ae:
65:b1:c5:88:a2:c7:ff:a8:17:dd:cf:0a:95:95:86:
01:9e:96:4a:e0:aa:25:30:be:0a:7b:28:da:b3:1e:
d4:95:44:96:3a:13:4f:fe:c5:01:f7:02:c0:b3:f7:
81:bc:11:f2:f0:74:51:8f:f6:f7:8a:f2:86:70:f9:
2d:d2:fc:cc:ce:8a:66:c2:17:d0:b9:32:44:10:ac:
42:22:dd:3a:55:05:28:97:7c:c1:b0:86:0b:76:0c:
98:82:75:46:40:62:61:90:32:f6:3d:55:f2:e5:54:
ec:9b:ef:df:0f:f5:7a:06:d2:32:c8:eb:65:ac:5f:
30:07:90:9b:0a:47:dc:4c:e7:01:da:6f:ef:74:aa:
21:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:80:D8:E8:A3:32:83:FB:16:F5:23:67:CD:B3:AC:BC:93:91:B3:4F
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8e2ea47c-7af2-420d-8695-f2f769b2008c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
56.245.0.0/16
Signature Algorithm: sha256WithRSAEncryption
38:8c:0d:4c:ad:86:bf:23:78:e6:06:ed:8f:cb:73:92:26:cd:
b3:98:d8:81:58:23:f2:31:26:c8:85:ce:6b:ae:57:20:7a:9b:
86:1a:c2:b7:a4:12:56:be:66:c9:5a:cf:8d:75:42:8e:3c:7f:
59:29:53:75:cd:cb:a4:54:37:1b:42:a7:3b:36:87:50:c4:0f:
1e:1b:e3:54:d9:f8:19:b2:4d:02:1e:ba:40:57:21:65:5d:23:
03:f4:fb:2a:79:2d:fe:7d:d5:b6:30:8a:5e:12:01:3a:70:9f:
48:48:bf:f7:02:bc:80:24:0d:f5:5f:13:2a:9e:82:e9:a0:0d:
23:68:67:4f:56:9f:fa:6a:6c:09:ef:19:87:ba:a0:be:fe:ff:
35:76:45:f2:2f:58:cb:7b:10:b2:c3:a9:34:ae:ca:46:27:6f:
7b:ce:cc:be:48:bb:4c:57:5a:70:81:98:59:b4:92:53:e2:ca:
83:43:de:1e:de:ea:b9:38:23:7b:22:6e:78:a3:18:a2:aa:94:
77:89:c7:e4:38:09:c1:19:8e:ed:86:54:5e:e0:78:55:28:d4:
ec:89:51:26:f7:34:e2:48:48:45:bb:dc:99:5f:75:37:d6:09:
1d:5e:76:03:82:99:3b:94:39:08:ca:d7:26:1a:10:3b:49:91:
7d:eb:31:7f
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUc/2/MTmFl5OWd+toscYTRunsqO8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE5MDEyMDEzWhcNMjUxMTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BhY2Y1NjY0ZmU0MjAzMGM5ZTg0MGI3MDg2YmRkYjNhMjBk
YjZjZmU3NDg1NmQzODM0ODU3OGI1YjhiNzZmNzEzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD1GxsPFcqqz++7JyijFFZz44eOldndpOeybun8RxIY5cEx
0RQcuascyAnaqCTvFTWIQNU1F0VpbpObtSVqMSHfMAk+r6Gy8nRTLQk786nVGyQG
V/NkZWs2napJ0SAfDy+a9bwV2bL9jSB/dbkg183L6AYA8pV6rmWxxYiix/+oF93P
CpWVhgGelkrgqiUwvgp7KNqzHtSVRJY6E0/+xQH3AsCz94G8EfLwdFGP9veK8oZw
+S3S/MzOimbCF9C5MkQQrEIi3TpVBSiXfMGwhgt2DJiCdUZAYmGQMvY9VfLlVOyb
798P9XoG0jLI62WsXzAHkJsKR9xM5wHab+90qiHDAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUF4DY6KMyg/sW9SNnzbOsvJORs08wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhlMmVhNDdjLTdhZjItNDIwZC04Njk1LWYyZjc2OWIyMDA4Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA49TANBgkqhkiG9w0BAQsFAAOCAQEAOIwNTK2GvyN45gbtj8tzkibNs5jY
gVgj8jEmyIXOa65XIHqbhhrCt6QSVr5myVrPjXVCjjx/WSlTdc3LpFQ3G0KnOzaH
UMQPHhvjVNn4GbJNAh66QFchZV0jA/T7Knkt/n3VtjCKXhIBOnCfSEi/9wK8gCQN
9V8TKp6C6aANI2hnT1af+mpsCe8Zh7qgvv7/NXZF8i9Yy3sQssOpNK7KRidve87M
vki7TFdacIGYWbSSU+LKg0PeHt7quTgjeyJueKMYoqqUd4nH5DgJwRmO7YZUXuB4
VSjU7IlRJvc04khIRbvcmV91N9YJHV52A4KZO5Q5CMrXJhoQO0mRfesxfw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:12:35 2025 by rpki-client