Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9828e12c-04d6-4dbc-9148-52b1e1984a93.roa
File: 9828e12c-04d6-4dbc-9148-52b1e1984a93.roa (raw, json)
Hash identifier: iSyO1DH5xAEIqIVGXt9SGgxuMyd+Mjytvgnlr+JpmOo=
Subject key identifier: 77:7B:A5:5A:CB:8C:AF:1D:E1:A4:7B:42:36:DC:F6:90:AD:55:7E:53
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2C4A4C5DBB9A0FBAFEF5C75DBD3154308E415423
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9828e12c-04d6-4dbc-9148-52b1e1984a93.roa
Signing time: Tue 14 Oct 2025 16:51:19 +0000
ROA not before: Tue 14 Oct 2025 16:51:19 +0000
ROA not after: Tue 18 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 64.252.141.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:4a:4c:5d:bb:9a:0f:ba:fe:f5:c7:5d:bd:31:54:30:8e:41:54:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 14 16:51:19 2025 GMT
Not After : Nov 18 23:59:59 2025 GMT
Subject: serialNumber=3eafd061c73cdb3101b2333c5100c2e8671548c3241c2d47b66b0162fb600431, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:44:66:9a:78:14:f3:b4:46:5a:28:2e:f9:cc:
33:3c:c9:ae:03:73:65:59:f6:5c:da:7f:57:21:9f:
a3:67:ae:cb:48:b5:29:56:67:5c:b2:ab:a4:11:da:
9c:e2:ea:26:23:82:8f:0f:e5:19:d6:45:a2:7b:60:
9f:73:2f:9d:4e:1d:cf:1b:ce:fd:e2:a4:51:d7:fc:
76:e3:27:9f:6f:f1:18:38:de:bd:2e:99:45:da:dc:
cf:fa:a1:cd:e4:cf:1a:18:3a:b6:ad:bc:1a:df:6e:
1c:28:f4:20:22:e0:73:1e:45:b7:bb:3b:f3:6d:fe:
46:07:17:43:fa:b7:6d:7e:cd:db:24:44:0c:8c:4f:
52:d2:65:79:49:e1:f8:e7:8b:a7:fe:25:7a:5a:3f:
d5:ef:3f:69:c5:40:3c:61:22:10:e6:ad:49:6f:69:
16:6e:1f:59:c1:0d:ad:a6:3f:50:f2:99:b0:4c:11:
57:38:fb:67:50:41:7b:dc:17:ce:20:82:25:df:5a:
56:c6:5a:c4:b1:23:9c:21:f7:bf:c3:07:83:a6:78:
d5:fa:19:36:ce:18:2b:6c:84:d5:68:e0:1f:b6:d5:
bf:54:80:3c:02:a8:1a:6e:75:fa:8a:1c:16:02:de:
46:a3:69:11:93:ac:5b:78:4b:48:8b:a1:dc:65:ac:
c8:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:7B:A5:5A:CB:8C:AF:1D:E1:A4:7B:42:36:DC:F6:90:AD:55:7E:53
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9828e12c-04d6-4dbc-9148-52b1e1984a93.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.252.141.0/24
Signature Algorithm: sha256WithRSAEncryption
52:ed:7a:3a:62:b5:4d:d1:72:1f:4b:2d:18:73:2e:f8:a3:5d:
09:d5:06:c5:6b:26:f7:f1:82:8d:98:37:45:e1:c4:ea:88:98:
11:4a:13:3e:6e:b8:07:0d:fa:8a:0f:a7:b9:64:46:31:01:40:
58:dc:f6:1f:3e:a9:e3:a9:65:9a:88:41:3f:8c:6d:91:8a:66:
4a:16:07:5a:c9:81:eb:ff:e3:9e:d7:32:c8:3c:4a:93:67:cd:
e6:b1:71:2e:e7:48:25:9b:b0:9d:de:84:72:2a:1e:27:d7:0a:
ae:c9:20:c4:e3:f5:4a:19:f5:24:53:73:e6:a4:57:13:15:e8:
1b:53:b4:fc:e7:04:ec:ce:d9:bf:60:5c:0f:c5:72:dd:13:25:
46:c6:d8:f6:99:31:9e:56:3f:6d:e4:83:ad:76:66:61:fb:f9:
27:ce:5a:70:07:01:70:92:6a:06:99:10:d2:55:6f:14:dd:af:
82:8f:7d:a6:33:14:23:4a:49:14:e1:dc:89:76:ac:98:bf:1c:
9f:66:f7:39:1c:28:54:0c:c0:98:54:f6:9b:32:12:d8:79:bf:
f4:08:06:01:5a:56:06:32:b2:56:60:4c:da:c6:99:c5:f2:c2:
19:d0:c9:b9:d6:98:c2:09:89:12:2e:c8:20:09:86:76:4e:e3:
cd:09:71:cf
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULEpMXbuaD7r+9cddvTFUMI5BVCMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE0MTY1MTE5WhcNMjUxMTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AzZWFmZDA2MWM3M2NkYjMxMDFiMjMzM2M1MTAwYzJlODY3
MTU0OGMzMjQxYzJkNDdiNjZiMDE2MmZiNjAwNDMxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD0RGaaeBTztEZaKC75zDM8ya4Dc2VZ9lzaf1chn6NnrstI
tSlWZ1yyq6QR2pzi6iYjgo8P5RnWRaJ7YJ9zL51OHc8bzv3ipFHX/HbjJ59v8Rg4
3r0umUXa3M/6oc3kzxoYOratvBrfbhwo9CAi4HMeRbe7O/Nt/kYHF0P6t21+zdsk
RAyMT1LSZXlJ4fjni6f+JXpaP9XvP2nFQDxhIhDmrUlvaRZuH1nBDa2mP1DymbBM
EVc4+2dQQXvcF84ggiXfWlbGWsSxI5wh97/DB4OmeNX6GTbOGCtshNVo4B+21b9U
gDwCqBpudfqKHBYC3kajaRGTrFt4S0iLodxlrMj9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUd3ulWsuMrx3hpHtCNtz2kK1VflMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk4MjhlMTJjLTA0ZDYtNGRiYy05MTQ4LTUyYjFlMTk4NGE5My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABA/I0wDQYJKoZIhvcNAQELBQADggEBAFLtejpitU3Rch9LLRhzLvijXQnV
BsVrJvfxgo2YN0XhxOqImBFKEz5uuAcN+ooPp7lkRjEBQFjc9h8+qeOpZZqIQT+M
bZGKZkoWB1rJgev/457XMsg8SpNnzeaxcS7nSCWbsJ3ehHIqHifXCq7JIMTj9UoZ
9SRTc+akVxMV6BtTtPznBOzO2b9gXA/Fct0TJUbG2PaZMZ5WP23kg612ZmH7+SfO
WnAHAXCSagaZENJVbxTdr4KPfaYzFCNKSRTh3Il2rJi/HJ9m9zkcKFQMwJhU9psy
Eth5v/QIBgFaVgYyslZgTNrGmcXywhnQybnWmMIJiRIuyCAJhnZO480Jcc8=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:47:37 2025 by rpki-client