Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9042db9e-5d32-4ee2-947c-ababef047f42.roa
File: 9042db9e-5d32-4ee2-947c-ababef047f42.roa (raw, json)
Hash identifier: GKrzR34Od1zWcuC3F05TQbJuUAY1610PtmIFS4KtfWE=
Subject key identifier: 8B:2F:1F:C1:6A:11:B8:DA:8C:89:1A:DC:8E:66:C1:B5:5E:71:B4:62
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4E41AD2B459AADCE41F2874FDAA8C9B68A553138
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9042db9e-5d32-4ee2-947c-ababef047f42.roa
Signing time: Fri 26 Sep 2025 00:22:53 +0000
ROA not before: Fri 26 Sep 2025 00:22:53 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1f60:5000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:41:ad:2b:45:9a:ad:ce:41:f2:87:4f:da:a8:c9:b6:8a:55:31:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Sep 26 00:22:53 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=330e4b45e8559ad0b115513512ae6108c6c87c2adb9b90eb7ddce064c16e3fb8, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2f:d4:fc:83:1f:01:03:76:01:e8:62:a5:43:
26:ba:6d:bf:f7:f3:29:68:20:3a:2f:49:6a:b1:c9:
2c:c8:4e:81:0b:7b:41:48:73:34:0e:8b:65:67:32:
2f:9c:75:13:f0:e3:e9:eb:e2:fc:27:04:9b:62:ab:
15:e3:58:3b:a7:33:cb:5b:0c:94:c6:b6:91:0b:59:
25:35:23:e4:a6:db:1b:8a:fb:90:91:1e:e0:87:d7:
7a:6e:59:dc:6b:6a:db:37:94:7c:56:2b:a9:b3:20:
f1:9c:77:44:f3:bb:b2:29:4c:70:96:0f:0f:6c:d0:
41:d0:ed:92:fd:e3:50:f9:a3:68:8b:41:43:41:f4:
2e:bb:ea:d8:bd:13:4c:0a:6c:4c:36:3e:63:bd:54:
b5:45:3b:d8:53:a3:b2:f2:a7:6b:c1:c5:30:4e:a9:
20:a3:99:06:a8:67:17:2f:24:72:f9:93:c9:fe:60:
54:b4:68:b6:8f:f6:84:60:a4:ac:c8:54:1c:b9:0f:
25:fa:77:17:5e:69:14:3f:31:3b:9d:53:1e:9b:98:
39:1f:85:15:98:f7:1a:8d:e3:0a:cc:32:0a:00:ac:
f8:77:78:e2:95:c8:e8:28:ef:fa:6e:2e:7a:81:e6:
d0:d4:d7:ca:39:14:c5:87:b7:96:17:52:96:3e:cc:
c2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:2F:1F:C1:6A:11:B8:DA:8C:89:1A:DC:8E:66:C1:B5:5E:71:B4:62
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9042db9e-5d32-4ee2-947c-ababef047f42.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1f60:5000::/40
Signature Algorithm: sha256WithRSAEncryption
50:64:5e:e3:fb:e5:9a:bc:56:91:8a:46:71:3f:48:85:40:92:
ca:c8:1d:98:01:af:b7:fe:41:30:38:8c:be:49:d2:ca:d1:52:
48:e4:8d:d4:27:19:34:1a:4e:7c:44:1e:90:ba:eb:18:fd:1a:
e5:e5:85:f5:b4:f6:a9:bf:4a:14:5c:6c:43:16:a8:94:8c:c6:
2c:6c:e3:85:e1:f4:f6:74:fc:80:e8:70:e8:cc:8e:d8:cb:1d:
00:61:e3:84:06:f8:c7:92:67:df:7a:5c:2d:4e:bd:a1:9b:ad:
e2:18:c2:dd:73:0b:8b:94:d8:27:45:08:b0:a7:b4:fc:ad:07:
36:44:63:e1:e5:94:fd:17:82:c8:26:8d:0c:92:14:c1:70:99:
46:51:43:da:a5:73:26:89:6c:cf:b8:02:0c:61:d5:bd:fa:6a:
f5:84:73:7b:4f:b7:30:e0:3d:45:ee:e0:3f:bd:ca:ed:14:47:
4b:44:54:42:6c:c4:81:ef:99:a7:94:33:fb:81:ea:27:b2:a7:
e1:17:b5:fe:ad:4f:60:18:e7:8f:22:b5:47:a6:d2:3b:c9:90:
2e:82:1e:04:31:71:53:22:65:84:a6:cf:3a:1b:b4:d0:4d:f7:
b0:5b:0f:0c:86:c2:80:f4:72:3d:1c:4e:7e:6f:20:51:b0:4f:
72:e8:92:d8
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUTkGtK0Warc5B8odP2qjJtopVMTgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI2MDAyMjUzWhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AzMzBlNGI0NWU4NTU5YWQwYjExNTUxMzUxMmFlNjEwOGM2
Yzg3YzJhZGI5YjkwZWI3ZGRjZTA2NGMxNmUzZmI4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3L9T8gx8BA3YB6GKlQya6bb/38yloIDovSWqxySzIToEL
e0FIczQOi2VnMi+cdRPw4+nr4vwnBJtiqxXjWDunM8tbDJTGtpELWSU1I+Sm2xuK
+5CRHuCH13puWdxrats3lHxWK6mzIPGcd0Tzu7IpTHCWDw9s0EHQ7ZL941D5o2iL
QUNB9C676ti9E0wKbEw2PmO9VLVFO9hTo7Lyp2vBxTBOqSCjmQaoZxcvJHL5k8n+
YFS0aLaP9oRgpKzIVBy5DyX6dxdeaRQ/MTudUx6bmDkfhRWY9xqN4wrMMgoArPh3
eOKVyOgo7/puLnqB5tDU18o5FMWHt5YXUpY+zMK1AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUiy8fwWoRuNqMiRrcjmbBtV5xtGIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzkwNDJkYjllLTVkMzItNGVlMi05NDdjLWFiYWJlZjA0N2Y0Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9gUDANBgkqhkiG9w0BAQsFAAOCAQEAUGRe4/vlmrxWkYpGcT9IhUCS
ysgdmAGvt/5BMDiMvknSytFSSOSN1CcZNBpOfEQekLrrGP0a5eWF9bT2qb9KFFxs
QxaolIzGLGzjheH09nT8gOhw6MyO2MsdAGHjhAb4x5Jn33pcLU69oZut4hjC3XML
i5TYJ0UIsKe0/K0HNkRj4eWU/ReCyCaNDJIUwXCZRlFD2qVzJolsz7gCDGHVvfpq
9YRze0+3MOA9Re7gP73K7RRHS0RUQmzEge+Zp5Qz+4HqJ7Kn4Re1/q1PYBjnjyK1
R6bSO8mQLoIeBDFxUyJlhKbPOhu00E33sFsPDIbCgPRyPRxOfm8gUbBPcuiS2A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:01:41 2025 by rpki-client