Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/927e4be9-2462-477d-ae39-3b134f607354.roa
File: 927e4be9-2462-477d-ae39-3b134f607354.roa (raw, json)
Hash identifier: 3dWgJuplPS83CrvwS9bSg+cwQVti35EMvY5OQmd/j9A=
Subject key identifier: 5D:A0:D7:FD:98:C9:17:64:42:8D:EE:A0:CA:C8:10:77:24:7A:88:F0
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 32AA9FE3EFE12900661A9BF61D9B03D075DD9164
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/927e4be9-2462-477d-ae39-3b134f607354.roa
Signing time: Fri 10 Oct 2025 00:01:12 +0000
ROA not before: Fri 10 Oct 2025 00:01:12 +0000
ROA not after: Fri 14 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 114.56.130.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:aa:9f:e3:ef:e1:29:00:66:1a:9b:f6:1d:9b:03:d0:75:dd:91:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 10 00:01:12 2025 GMT
Not After : Nov 14 23:59:59 2025 GMT
Subject: serialNumber=7deac4cfe1cf34df2a0866289d57213e4e72f69e351f52cd5141970b8faf0a1e, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ca:db:b7:55:30:15:cf:c0:d9:0c:ba:86:9b:
e0:a0:79:35:15:a7:0d:58:4c:e7:f1:b1:0f:26:de:
14:8d:11:4f:06:f2:84:d2:f4:53:58:8a:f9:7e:30:
52:46:87:97:73:f2:ee:a6:54:08:c5:52:f6:2d:f4:
6b:96:66:16:82:f2:5f:cc:fa:df:d9:04:e3:ab:bd:
cd:e1:a4:ac:35:85:08:55:98:86:91:4b:b8:14:a6:
a2:1d:e1:3f:8d:41:72:2f:67:34:62:8b:ed:a7:d9:
8d:9e:d0:00:ef:e3:29:28:d1:f3:5c:bc:a4:63:eb:
c0:25:f5:f7:10:f4:9f:b9:f1:69:7f:0f:8b:bd:4a:
ec:b4:6a:28:f0:17:63:61:58:c6:d2:32:40:fd:69:
91:35:94:1f:40:91:28:d1:c7:0b:1f:a1:d7:71:36:
7a:a3:ce:5e:92:b4:d8:12:39:f3:aa:a2:a0:00:c7:
cd:89:d7:34:34:2e:17:e1:c3:3e:8c:8e:53:98:60:
5c:c3:56:75:2d:d9:87:48:d3:59:dd:8d:ed:1d:b4:
f2:4d:e9:e9:06:3c:f0:ed:5d:f3:7f:b5:8b:cb:d1:
7e:d6:b1:2a:ff:47:99:d7:78:03:4e:3e:72:89:3f:
4d:fe:76:27:b7:e9:47:a3:68:6c:1f:91:b6:1c:a9:
81:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:A0:D7:FD:98:C9:17:64:42:8D:EE:A0:CA:C8:10:77:24:7A:88:F0
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/927e4be9-2462-477d-ae39-3b134f607354.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
114.56.130.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:8c:ac:e7:e0:c2:24:0b:c0:16:71:59:c7:b8:d4:75:72:47:
a2:6f:1e:38:e8:92:e5:2b:94:48:96:32:c4:4b:8e:53:63:52:
a6:9b:d1:59:03:65:5c:b5:5e:9d:23:a9:e8:00:f1:79:99:b7:
a6:07:d1:a8:5d:d5:77:1d:c2:d2:21:f5:54:db:fa:b6:d6:39:
13:c9:b7:4a:b9:76:3a:a8:06:20:74:08:3b:86:46:26:26:58:
b1:19:e2:4b:8a:99:b9:b8:b8:ba:ea:59:3b:4a:88:dc:b5:46:
13:7e:4e:ff:62:ed:f3:da:66:e9:c2:14:a8:e0:c4:cd:72:cf:
5f:ef:c1:26:74:ff:99:93:dd:55:64:9b:d0:93:1e:54:07:d6:
f4:e0:96:fd:c7:86:fd:a5:50:17:82:20:08:a6:7e:18:09:e7:
dc:74:c6:2d:17:8f:4f:8b:3f:03:9c:93:9a:6d:24:5e:ef:ce:
49:75:eb:89:c2:e4:a1:b4:99:dd:c5:33:97:ca:a0:b8:d7:17:
5a:87:2c:8f:d4:2a:cb:5c:ce:c8:b0:d2:29:79:46:54:dc:b8:
3d:69:ad:03:bd:e1:c3:02:57:3b:9c:9a:f8:27:94:2e:6c:cf:
7f:21:2d:fc:78:3d:e8:02:2f:ce:7c:fe:f1:34:1e:72:10:84:
43:f9:1c:12
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMqqf4+/hKQBmGpv2HZsD0HXdkWQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDEwMDAwMTEyWhcNMjUxMTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A3ZGVhYzRjZmUxY2YzNGRmMmEwODY2Mjg5ZDU3MjEzZTRl
NzJmNjllMzUxZjUyY2Q1MTQxOTcwYjhmYWYwYTFlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFytu3VTAVz8DZDLqGm+CgeTUVpw1YTOfxsQ8m3hSNEU8G
8oTS9FNYivl+MFJGh5dz8u6mVAjFUvYt9GuWZhaC8l/M+t/ZBOOrvc3hpKw1hQhV
mIaRS7gUpqId4T+NQXIvZzRii+2n2Y2e0ADv4yko0fNcvKRj68Al9fcQ9J+58Wl/
D4u9Suy0aijwF2NhWMbSMkD9aZE1lB9AkSjRxwsfoddxNnqjzl6StNgSOfOqoqAA
x82J1zQ0Lhfhwz6MjlOYYFzDVnUt2YdI01ndje0dtPJN6ekGPPDtXfN/tYvL0X7W
sSr/R5nXeANOPnKJP03+die36UejaGwfkbYcqYH9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUXaDX/ZjJF2RCje6gysgQdyR6iPAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzkyN2U0YmU5LTI0NjItNDc3ZC1hZTM5LTNiMTM0ZjYwNzM1NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAByOIIwDQYJKoZIhvcNAQELBQADggEBAL+MrOfgwiQLwBZxWce41HVyR6Jv
HjjokuUrlEiWMsRLjlNjUqab0VkDZVy1Xp0jqegA8XmZt6YH0ahd1XcdwtIh9VTb
+rbWORPJt0q5djqoBiB0CDuGRiYmWLEZ4kuKmbm4uLrqWTtKiNy1RhN+Tv9i7fPa
ZunCFKjgxM1yz1/vwSZ0/5mT3VVkm9CTHlQH1vTglv3Hhv2lUBeCIAimfhgJ59x0
xi0Xj0+LPwOck5ptJF7vzkl164nC5KG0md3FM5fKoLjXF1qHLI/UKstczsiw0il5
RlTcuD1prQO94cMCVzucmvgnlC5sz38hLfx4PegCL858/vE0HnIQhEP5HBI=
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:18:54 2025 by rpki-client