Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9a3a05cb-960b-4688-8311-ee8f2b959d5c.roa
File: 9a3a05cb-960b-4688-8311-ee8f2b959d5c.roa (raw, json)
Hash identifier: XmbH4lnUg2lPPVEJ59p6EXQIsMM8qu+psj4RRMJqfDg=
Subject key identifier: 19:3E:81:CC:63:5C:7D:FA:61:E5:29:D5:72:CB:12:A4:BD:53:9A:DF
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 518AE02754F9E86F2D2FDD115EC9CB67896729F6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9a3a05cb-960b-4688-8311-ee8f2b959d5c.roa
Signing time: Wed 01 Oct 2025 00:42:36 +0000
ROA not before: Wed 01 Oct 2025 00:42:36 +0000
ROA not after: Wed 05 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 66.165.64.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:8a:e0:27:54:f9:e8:6f:2d:2f:dd:11:5e:c9:cb:67:89:67:29:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 1 00:42:36 2025 GMT
Not After : Nov 5 23:59:59 2025 GMT
Subject: serialNumber=edfc53d10f3836ad8dc677ac092de6589667b6886dbaa165273ddb1d16bd8e0f, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f8:52:ff:35:a6:66:03:4e:72:b6:ff:0a:c8:
35:29:6d:56:45:99:67:f9:04:07:b8:f0:75:ad:8d:
c9:ed:6e:e5:96:f1:92:cd:07:0b:26:0d:ff:a0:be:
ad:e1:e4:c2:d7:ce:e5:2a:52:7d:2e:62:2e:80:5f:
b7:6f:48:9b:67:60:fb:80:2d:bb:48:1d:85:de:53:
b8:57:b8:77:6c:45:74:bf:35:1c:1c:ea:8b:b7:d8:
89:bb:2b:b2:09:fe:d6:e0:57:a4:1a:f7:07:51:5b:
7b:46:97:c3:96:55:9b:bf:d1:8e:73:3b:ea:0f:6c:
95:f0:8b:82:27:9f:cd:d3:24:af:d5:75:e5:5a:d6:
65:94:a3:b5:41:9c:ad:d4:9f:32:79:fb:ae:d6:a0:
14:d6:19:0c:6b:d1:15:16:6b:8b:23:66:fc:47:6b:
b6:e3:b9:ed:75:b2:3e:88:c6:18:2f:21:64:f3:08:
9e:4e:de:e9:4e:1b:56:e6:8d:01:71:cb:fe:5d:0e:
52:a3:b9:5f:a7:04:b1:ac:85:fd:d3:30:a7:e0:a1:
aa:41:72:ed:60:53:5e:b5:9a:c4:c0:65:6f:99:46:
65:69:6a:25:7b:24:d1:9a:42:8a:22:bd:0b:aa:e3:
e2:ba:29:37:72:10:6a:07:65:32:78:66:ff:b6:e7:
d4:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:3E:81:CC:63:5C:7D:FA:61:E5:29:D5:72:CB:12:A4:BD:53:9A:DF
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9a3a05cb-960b-4688-8311-ee8f2b959d5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.165.64.0/18
Signature Algorithm: sha256WithRSAEncryption
82:ad:1d:ca:25:40:5e:88:1e:e8:04:1f:7a:ff:df:02:06:bd:
ab:09:06:29:db:32:3f:e5:d0:6a:a3:7d:15:84:d8:4e:c0:b5:
ca:3a:43:b8:5f:1a:c8:de:16:14:fa:9b:9e:cc:a9:1e:db:79:
fb:9f:ce:15:c8:9b:2f:40:5b:18:4b:0e:c4:6a:ac:54:7b:5c:
78:d8:03:52:40:0d:f4:27:46:d4:40:b2:db:77:30:86:25:a3:
57:82:22:a4:b4:d2:95:8c:24:ec:f1:86:95:08:e8:a8:3c:46:
a3:ad:76:e6:79:5b:6e:d9:ea:b2:aa:fb:d8:26:0f:90:58:74:
73:a8:45:4f:ee:6f:52:17:8f:db:98:aa:db:a1:b8:bb:34:39:
28:8b:56:74:1f:b7:de:e7:ee:f4:c4:38:ad:b0:6c:22:78:63:
c8:98:e8:9d:0e:e1:68:45:15:a1:35:d3:8b:c2:50:a1:e9:91:
41:70:c2:fe:be:7d:b1:96:b8:b6:8a:a6:a4:5d:2c:ed:c4:d7:
63:39:03:b8:64:e1:08:67:7b:25:b8:2b:3c:94:67:ee:0d:c4:
ed:fa:0f:fb:c7:ec:b3:40:77:40:d1:f0:e9:9d:a2:9c:99:da:
2c:50:33:0c:ef:2f:fe:8c:76:f1:72:8c:31:10:24:2f:56:a6:
3a:52:2b:63
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUYrgJ1T56G8tL90RXsnLZ4lnKfYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDA0MjM2WhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZGZjNTNkMTBmMzgzNmFkOGRjNjc3YWMwOTJkZTY1ODk2
NjdiNjg4NmRiYWExNjUyNzNkZGIxZDE2YmQ4ZTBmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDF+FL/NaZmA05ytv8KyDUpbVZFmWf5BAe48HWtjcntbuWW
8ZLNBwsmDf+gvq3h5MLXzuUqUn0uYi6AX7dvSJtnYPuALbtIHYXeU7hXuHdsRXS/
NRwc6ou32Im7K7IJ/tbgV6Qa9wdRW3tGl8OWVZu/0Y5zO+oPbJXwi4Inn83TJK/V
deVa1mWUo7VBnK3UnzJ5+67WoBTWGQxr0RUWa4sjZvxHa7bjue11sj6IxhgvIWTz
CJ5O3ulOG1bmjQFxy/5dDlKjuV+nBLGshf3TMKfgoapBcu1gU161msTAZW+ZRmVp
aiV7JNGaQooivQuq4+K6KTdyEGoHZTJ4Zv+259RxAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUGT6BzGNcffph5SnVcssSpL1Tmt8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzlhM2EwNWNiLTk2MGItNDY4OC04MzExLWVlOGYyYjk1OWQ1Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZCpUAwDQYJKoZIhvcNAQELBQADggEBAIKtHcolQF6IHugEH3r/3wIGvasJ
BinbMj/l0GqjfRWE2E7Atco6Q7hfGsjeFhT6m57MqR7befufzhXImy9AWxhLDsRq
rFR7XHjYA1JADfQnRtRAstt3MIYlo1eCIqS00pWMJOzxhpUI6Kg8RqOtduZ5W27Z
6rKq+9gmD5BYdHOoRU/ub1IXj9uYqtuhuLs0OSiLVnQft97n7vTEOK2wbCJ4Y8iY
6J0O4WhFFaE104vCUKHpkUFwwv6+fbGWuLaKpqRdLO3E12M5A7hk4QhneyW4KzyU
Z+4NxO36D/vH7LNAd0DR8OmdopyZ2ixQMwzvL/6MdvFyjDEQJC9WpjpSK2M=
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:45:43 2025 by rpki-client