Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9f6d0499-6523-42dc-96f7-6d729660d8b6.roa
File: 9f6d0499-6523-42dc-96f7-6d729660d8b6.roa (raw, json)
Hash identifier: YjTA30/KRWiCg6mk51SranYPNov/0tMhGJ6LSIWeCEE=
Subject key identifier: 40:96:E8:22:F5:9F:B0:E3:03:AE:95:37:64:C2:91:F6:7D:7C:2F:AC
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 57396B959D24E6EEFC1F5BF5811604FCBFC69DCA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9f6d0499-6523-42dc-96f7-6d729660d8b6.roa
Signing time: Mon 06 Oct 2025 15:39:01 +0000
ROA not before: Mon 06 Oct 2025 15:39:01 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 23.238.128.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:39:6b:95:9d:24:e6:ee:fc:1f:5b:f5:81:16:04:fc:bf:c6:9d:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 6 15:39:01 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=b3c1d16289c3ee65c6b9bc354bc628789e577fb7a5df57de1789f458dd875ccb, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a3:b8:1c:95:ec:d6:4d:1f:e6:50:a3:0f:bd:
a9:db:14:08:17:e3:e5:02:bf:69:5b:bf:58:ef:8e:
1b:88:c5:f8:31:fb:e8:80:c6:ca:ff:41:7d:98:57:
23:36:f9:ad:57:e6:5b:12:76:24:da:be:38:8e:b1:
67:35:d3:a8:47:0d:b0:dd:61:6e:5c:3e:b0:4f:eb:
c0:44:57:3f:ad:6f:9d:16:f6:9f:96:8f:47:60:fe:
60:81:dc:22:5b:ee:03:9c:7a:4f:4a:ba:36:0a:be:
3d:12:9b:31:23:59:3a:32:3a:8b:b7:32:9c:3a:6d:
fc:4c:65:73:26:5b:06:0c:12:db:45:f6:69:34:4a:
16:f9:76:58:fa:02:f4:c5:46:8f:11:eb:b9:b9:56:
eb:c6:96:5f:b9:31:a3:8d:41:6d:c6:72:f7:af:d6:
25:55:08:72:9a:b9:e9:6b:3f:d4:3f:af:e8:74:8b:
71:57:3d:b0:6a:f5:73:aa:b3:42:03:fe:c8:d9:20:
99:e1:82:7a:5e:26:6e:ab:39:f5:a9:36:7b:00:c4:
ee:61:bd:d7:d5:b9:7a:f1:fe:a8:0d:12:5c:e9:29:
d4:b0:d9:a5:d8:53:4a:c2:8e:0e:68:5a:0b:0e:16:
83:17:95:61:fd:88:f5:65:e6:0e:e4:7a:88:b6:dc:
95:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:96:E8:22:F5:9F:B0:E3:03:AE:95:37:64:C2:91:F6:7D:7C:2F:AC
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9f6d0499-6523-42dc-96f7-6d729660d8b6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.238.128.0/17
Signature Algorithm: sha256WithRSAEncryption
4c:d2:ba:78:71:af:30:0f:b9:c3:f9:d0:fb:4a:8c:b2:73:e9:
43:a5:39:73:d6:b9:87:2f:93:8e:42:45:ff:db:6c:c4:91:27:
59:a8:25:10:8b:f8:31:94:e5:d9:75:25:7f:d3:07:2b:7c:4c:
b6:0b:5a:8c:5f:43:e1:da:6e:86:ac:3b:b2:6f:1c:76:63:fa:
42:e2:0f:3e:01:de:aa:b3:0d:fe:38:4c:26:e1:7f:7b:3e:7c:
77:7e:40:8a:75:8b:e6:dc:08:af:5f:91:80:53:c9:db:13:3b:
3e:e6:39:fa:1a:4c:c8:67:c8:14:ff:a4:15:e2:29:80:f4:ac:
e1:f0:33:d3:10:ec:ab:7b:bf:f9:df:93:2d:ae:15:a8:cd:fb:
14:36:81:e2:9c:d5:b1:b4:3a:5c:27:65:aa:45:ce:53:84:32:
e2:aa:53:e1:9f:2b:2c:76:92:71:03:62:ad:05:5f:d3:7d:da:
f8:14:00:80:07:ad:ba:d2:71:61:bf:4b:2c:2d:ea:7e:fa:b4:
bc:68:91:d8:a1:54:96:12:f6:da:22:34:84:a0:90:93:70:cb:
c8:98:41:7f:4e:7c:3c:ad:32:47:8f:1e:f3:40:fc:c5:1c:58:
7f:ad:bf:9a:ff:70:0a:3f:80:35:18:0c:8f:a2:61:ff:1e:0a:
83:05:c8:bc
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVzlrlZ0k5u78H1v1gRYE/L/GncowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA2MTUzOTAxWhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BiM2MxZDE2Mjg5YzNlZTY1YzZiOWJjMzU0YmM2Mjg3ODll
NTc3ZmI3YTVkZjU3ZGUxNzg5ZjQ1OGRkODc1Y2NiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4o7gclezWTR/mUKMPvanbFAgX4+UCv2lbv1jvjhuIxfgx
++iAxsr/QX2YVyM2+a1X5lsSdiTavjiOsWc106hHDbDdYW5cPrBP68BEVz+tb50W
9p+Wj0dg/mCB3CJb7gOcek9KujYKvj0SmzEjWToyOou3Mpw6bfxMZXMmWwYMEttF
9mk0Shb5dlj6AvTFRo8R67m5VuvGll+5MaONQW3Gcvev1iVVCHKauelrP9Q/r+h0
i3FXPbBq9XOqs0ID/sjZIJnhgnpeJm6rOfWpNnsAxO5hvdfVuXrx/qgNElzpKdSw
2aXYU0rCjg5oWgsOFoMXlWH9iPVl5g7keoi23JX7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUQJboIvWfsOMDrpU3ZMKR9n18L6wwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzlmNmQwNDk5LTY1MjMtNDJkYy05NmY3LTZkNzI5NjYwZDhiNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAcX7oAwDQYJKoZIhvcNAQELBQADggEBAEzSunhxrzAPucP50PtKjLJz6UOl
OXPWuYcvk45CRf/bbMSRJ1moJRCL+DGU5dl1JX/TByt8TLYLWoxfQ+HaboasO7Jv
HHZj+kLiDz4B3qqzDf44TCbhf3s+fHd+QIp1i+bcCK9fkYBTydsTOz7mOfoaTMhn
yBT/pBXiKYD0rOHwM9MQ7Kt7v/nfky2uFajN+xQ2geKc1bG0OlwnZapFzlOEMuKq
U+GfKyx2knEDYq0FX9N92vgUAIAHrbrScWG/Sywt6n76tLxokdihVJYS9toiNISg
kJNwy8iYQX9OfDytMkePHvNA/MUcWH+tv5r/cAo/gDUYDI+iYf8eCoMFyLw=
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:52:58 2025 by rpki-client