Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/940d4db1-8435-4b14-9f65-40384956f3cf.roa
File: 940d4db1-8435-4b14-9f65-40384956f3cf.roa (raw, json)
Hash identifier: 1JyuUsyFpFrVXbR9u/XBdGZeTSqB+JrefvSmSZOKScA=
Subject key identifier: AE:A4:15:C8:70:0C:E5:22:1F:9E:9A:68:7E:94:83:3C:82:B3:FB:AA
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2B746F24DDB7C8CA0BE7B1BFF7B99D68D6F6F2FC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/940d4db1-8435-4b14-9f65-40384956f3cf.roa
Signing time: Sat 27 Sep 2025 00:23:26 +0000
ROA not before: Sat 27 Sep 2025 00:23:26 +0000
ROA not after: Sat 01 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 35.51.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:74:6f:24:dd:b7:c8:ca:0b:e7:b1:bf:f7:b9:9d:68:d6:f6:f2:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Sep 27 00:23:26 2025 GMT
Not After : Nov 1 23:59:59 2025 GMT
Subject: serialNumber=5e53bd58501cb587a6e747c7776075f70caff8e15c173e19cb1be0c93c893c70, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:eb:ca:55:15:d1:2d:c0:14:5e:45:4f:e5:5c:
b4:37:be:dd:47:ab:0b:d1:6e:27:94:be:f9:a9:45:
ff:a7:39:ef:8e:19:f6:bb:83:93:5c:e7:0e:92:0e:
9a:fa:ff:cd:30:6c:f5:7e:91:49:4e:7b:ad:b3:a4:
38:63:03:de:aa:0d:2a:a1:c2:5c:5a:7e:21:72:dd:
6c:bf:88:6d:07:33:8f:30:6f:1f:2a:71:4b:bd:f1:
f5:e3:a6:26:3f:84:67:9b:03:d2:32:37:e3:92:20:
69:e4:b4:0e:d6:2c:11:ac:3f:85:64:28:d1:aa:82:
ca:69:8c:03:71:0a:d0:aa:e5:81:b0:6f:26:c9:d0:
36:ac:53:d2:75:73:3d:c1:e0:6e:7d:6f:91:2b:50:
50:f3:22:40:91:57:ff:6e:b5:35:20:ef:e1:2a:31:
1f:64:9b:11:55:e9:9d:ec:39:7f:da:f0:09:95:00:
02:81:aa:c2:41:36:91:5b:d1:92:fd:ea:ee:51:e1:
d5:9d:89:e4:dd:c6:01:0a:5f:82:3d:98:04:2c:5f:
74:5c:71:ad:a0:61:d7:55:04:16:cc:82:48:00:e2:
18:8f:63:07:94:5c:e2:ef:fb:6e:67:13:c8:4f:e8:
10:b0:2f:8f:0c:6e:4d:d2:b2:ab:1f:fb:66:3c:02:
82:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:A4:15:C8:70:0C:E5:22:1F:9E:9A:68:7E:94:83:3C:82:B3:FB:AA
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/940d4db1-8435-4b14-9f65-40384956f3cf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
35.51.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b9:19:6c:42:da:00:7f:79:12:d6:9c:fe:19:04:82:11:80:97:
fc:ef:e3:9c:e4:ed:66:e8:f0:37:5c:40:98:ed:8a:b4:bf:7a:
dd:8c:be:b3:46:7b:f9:cb:cb:b4:75:9e:6f:8f:cc:50:ed:18:
82:8b:1d:13:2d:66:0e:1f:6c:eb:2c:9c:08:9a:d6:7d:25:43:
83:1e:a9:c9:c8:9f:1a:26:fa:38:b0:ee:40:b5:68:fe:85:32:
d8:83:fe:86:9f:3f:49:7e:84:27:ca:9f:58:80:e6:7d:1e:a0:
1e:8e:45:61:fa:c1:e8:4d:95:3b:6b:e1:94:d3:35:9f:f6:0d:
db:03:94:3a:c1:2a:83:8b:78:bd:fe:39:f3:6d:db:93:f6:24:
35:47:b1:af:90:ef:7f:7d:ea:f0:7e:b0:74:01:71:c1:17:5c:
5e:2b:7f:a3:66:76:ec:39:42:ea:1e:0a:40:46:19:14:1c:c3:
59:5a:e3:98:e8:20:c2:ba:e7:a2:e0:47:78:f8:1d:5f:45:3e:
51:2c:de:31:93:cd:8e:c2:91:64:9c:2a:d8:c6:72:5b:2b:98:
23:2a:cc:6c:0f:40:1a:32:87:b1:a6:ea:9e:b6:3c:a9:96:fa:
9c:3c:61:f1:8f:17:48:61:ea:c5:32:bd:75:fa:62:33:c2:8b:
3b:66:85:d2
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUK3RvJN23yMoL57G/97mdaNb28vwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI3MDAyMzI2WhcNMjUxMTAxMjM1OTU5
WjB6MUkwRwYDVQQFE0A1ZTUzYmQ1ODUwMWNiNTg3YTZlNzQ3Yzc3NzYwNzVmNzBj
YWZmOGUxNWMxNzNlMTljYjFiZTBjOTNjODkzYzcwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCK68pVFdEtwBReRU/lXLQ3vt1HqwvRbieUvvmpRf+nOe+O
Gfa7g5Nc5w6SDpr6/80wbPV+kUlOe62zpDhjA96qDSqhwlxafiFy3Wy/iG0HM48w
bx8qcUu98fXjpiY/hGebA9IyN+OSIGnktA7WLBGsP4VkKNGqgsppjANxCtCq5YGw
bybJ0DasU9J1cz3B4G59b5ErUFDzIkCRV/9utTUg7+EqMR9kmxFV6Z3sOX/a8AmV
AAKBqsJBNpFb0ZL96u5R4dWdieTdxgEKX4I9mAQsX3Rcca2gYddVBBbMgkgA4hiP
YweUXOLv+25nE8hP6BCwL48Mbk3Ssqsf+2Y8AoIjAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUrqQVyHAM5SIfnppofpSDPIKz+6owHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk0MGQ0ZGIxLTg0MzUtNGIxNC05ZjY1LTQwMzg0OTU2ZjNjZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAjMzANBgkqhkiG9w0BAQsFAAOCAQEAuRlsQtoAf3kS1pz+GQSCEYCX/O/j
nOTtZujwN1xAmO2KtL963Yy+s0Z7+cvLtHWeb4/MUO0YgosdEy1mDh9s6yycCJrW
fSVDgx6pycifGib6OLDuQLVo/oUy2IP+hp8/SX6EJ8qfWIDmfR6gHo5FYfrB6E2V
O2vhlNM1n/YN2wOUOsEqg4t4vf45823bk/YkNUexr5Dvf33q8H6wdAFxwRdcXit/
o2Z27DlC6h4KQEYZFBzDWVrjmOggwrrnouBHePgdX0U+USzeMZPNjsKRZJwq2MZy
WyuYIyrMbA9AGjKHsabqnrY8qZb6nDxh8Y8XSGHqxTK9dfpiM8KLO2aF0g==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:45:01 2025 by rpki-client