Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9f86ba14-ad5b-430e-a38d-fd5a48004721.roa
File: 9f86ba14-ad5b-430e-a38d-fd5a48004721.roa (raw, json)
Hash identifier: 2xxJgMgMjJgAsCmJdiZcgOMBMTdMjP6h/zwlOmmDtOw=
Subject key identifier: 70:30:2A:6C:AC:7D:34:88:3C:86:28:82:E2:D4:BA:3D:A2:F5:4D:E8
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2B0FC23EED27CD7314FF55369477F41E0FC8422A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9f86ba14-ad5b-430e-a38d-fd5a48004721.roa
Signing time: Sat 27 Sep 2025 00:11:23 +0000
ROA not before: Sat 27 Sep 2025 00:11:23 +0000
ROA not after: Sat 01 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1ffe:6000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:0f:c2:3e:ed:27:cd:73:14:ff:55:36:94:77:f4:1e:0f:c8:42:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Sep 27 00:11:23 2025 GMT
Not After : Nov 1 23:59:59 2025 GMT
Subject: serialNumber=66568554d30f16828aa7e1e836dc356ff97dfe1e514cf25cd3a9abf88149c443, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f2:99:a0:f9:c7:59:10:26:85:1f:23:26:c5:
d9:e2:c2:fd:22:13:6c:43:5d:ad:14:b3:01:d0:17:
6a:e3:7d:6d:b4:82:07:b0:d9:30:4a:01:19:55:7d:
4c:f3:c4:7a:09:91:83:3b:5a:69:83:3e:f7:96:fd:
b5:fd:b0:64:f4:22:db:4c:0a:11:c9:30:7f:3e:73:
8f:49:e2:d7:e5:00:cd:e6:b9:b1:f3:68:1d:70:da:
d5:5d:78:4c:b3:94:b1:ec:f5:90:e7:ac:be:76:52:
38:62:d6:93:ca:38:63:68:9a:de:83:66:43:1f:55:
28:a6:b2:d9:56:2b:06:e5:8f:30:88:63:fd:23:a9:
50:13:32:9d:f1:69:83:b1:1c:82:d0:f2:6e:06:00:
bd:eb:16:04:1d:fd:91:35:57:7f:45:4b:fb:51:96:
5e:d7:76:f7:f6:50:aa:f6:62:71:e4:00:c6:80:4e:
5f:f0:3f:da:44:cd:0c:e5:e0:c0:f6:0c:ac:4e:3f:
d3:e3:e9:93:bc:d7:f4:86:11:c7:84:9f:1a:4c:85:
45:5c:25:7b:60:bd:ea:b4:cc:dd:d7:6f:f7:f3:61:
83:15:9c:3a:e7:40:eb:61:2b:26:25:ee:7c:6f:ee:
26:b7:28:4c:0b:6e:b8:6f:56:b1:e9:76:b8:11:ce:
ca:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:30:2A:6C:AC:7D:34:88:3C:86:28:82:E2:D4:BA:3D:A2:F5:4D:E8
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9f86ba14-ad5b-430e-a38d-fd5a48004721.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1ffe:6000::/40
Signature Algorithm: sha256WithRSAEncryption
78:47:c3:e6:79:1d:70:21:ce:b5:c2:21:44:b0:af:0b:97:2c:
85:a0:3e:7f:34:87:1b:ae:2b:be:f0:3d:6a:cf:39:af:d9:ab:
cc:d1:b6:cc:d7:1c:8a:f8:ae:be:95:fc:ab:2e:7d:27:67:5b:
89:d8:82:8c:50:55:7f:7a:c9:10:8a:bd:68:02:e5:1f:96:5d:
fd:fc:79:8a:0f:50:3d:87:57:e0:e3:31:97:84:90:c1:0d:22:
6f:60:bd:1b:d1:61:8d:38:3c:3a:2e:a7:c7:80:ef:13:97:e6:
0c:97:78:b3:e4:94:eb:8b:15:68:91:fc:11:56:58:08:17:f3:
71:43:51:35:b1:15:54:7f:ea:9e:12:f3:6f:fa:6c:09:da:0a:
b0:d7:cd:ab:ad:9b:81:9e:32:28:46:94:39:e8:20:e0:34:14:
bf:a9:32:9f:c7:de:24:73:4f:1d:96:e9:f2:48:9e:ec:de:40:
55:d8:b5:dc:27:f6:f0:fc:f4:05:02:44:95:32:93:f6:63:79:
3d:35:93:ba:3e:ca:e1:37:bc:50:2f:8b:1f:af:84:bd:6e:44:
b2:2b:2e:26:3e:91:81:3c:c3:37:c9:a4:dd:66:e0:16:9a:4a:
10:ce:db:6c:84:02:b1:79:20:21:8e:ca:60:7d:cd:d1:83:05:
02:ff:f5:76
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUKw/CPu0nzXMU/1U2lHf0Hg/IQiowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI3MDAxMTIzWhcNMjUxMTAxMjM1OTU5
WjB6MUkwRwYDVQQFE0A2NjU2ODU1NGQzMGYxNjgyOGFhN2UxZTgzNmRjMzU2ZmY5
N2RmZTFlNTE0Y2YyNWNkM2E5YWJmODgxNDljNDQzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCh8pmg+cdZECaFHyMmxdniwv0iE2xDXa0UswHQF2rjfW20
ggew2TBKARlVfUzzxHoJkYM7WmmDPveW/bX9sGT0IttMChHJMH8+c49J4tflAM3m
ubHzaB1w2tVdeEyzlLHs9ZDnrL52Ujhi1pPKOGNomt6DZkMfVSimstlWKwbljzCI
Y/0jqVATMp3xaYOxHILQ8m4GAL3rFgQd/ZE1V39FS/tRll7Xdvf2UKr2YnHkAMaA
Tl/wP9pEzQzl4MD2DKxOP9Pj6ZO81/SGEceEnxpMhUVcJXtgveq0zN3Xb/fzYYMV
nDrnQOthKyYl7nxv7ia3KEwLbrhvVrHpdrgRzsp7AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUcDAqbKx9NIg8hiiC4tS6PaL1TegwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzlmODZiYTE0LWFkNWItNDMwZS1hMzhkLWZkNWE0ODAwNDcyMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/+YDANBgkqhkiG9w0BAQsFAAOCAQEAeEfD5nkdcCHOtcIhRLCvC5cs
haA+fzSHG64rvvA9as85r9mrzNG2zNcciviuvpX8qy59J2dbidiCjFBVf3rJEIq9
aALlH5Zd/fx5ig9QPYdX4OMxl4SQwQ0ib2C9G9FhjTg8Oi6nx4DvE5fmDJd4s+SU
64sVaJH8EVZYCBfzcUNRNbEVVH/qnhLzb/psCdoKsNfNq62bgZ4yKEaUOegg4DQU
v6kyn8feJHNPHZbp8kie7N5AVdi13Cf28Pz0BQJElTKT9mN5PTWTuj7K4Te8UC+L
H6+EvW5EsisuJj6RgTzDN8mk3WbgFppKEM7bbIQCsXkgIY7KYH3N0YMFAv/1dg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:19:51 2025 by rpki-client