Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a3189a3e-1053-49b0-891d-b315bf3a899d.roa
File: a3189a3e-1053-49b0-891d-b315bf3a899d.roa (raw, json)
Hash identifier: nq0ZlEQz4ieDf9LPcIgmi7RGb6HPKCD7y6V1uxIO22M=
Subject key identifier: C4:4B:04:F1:EC:AF:96:7D:92:D8:FD:91:AB:98:12:EC:15:C3:F2:FC
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 1A0EA737F26CD9E6344D3B83FFEB5F0285BDB667
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a3189a3e-1053-49b0-891d-b315bf3a899d.roa
Signing time: Wed 01 Oct 2025 00:38:47 +0000
ROA not before: Wed 01 Oct 2025 00:38:47 +0000
ROA not after: Wed 05 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 54.109.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:0e:a7:37:f2:6c:d9:e6:34:4d:3b:83:ff:eb:5f:02:85:bd:b6:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 1 00:38:47 2025 GMT
Not After : Nov 5 23:59:59 2025 GMT
Subject: serialNumber=20523177c3c98b3d7883901b4e3bae436ffe960e9187ff447751fa0ef3e25029, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:0d:18:7a:b3:d7:9c:8b:a0:77:3e:81:d5:fc:
11:51:04:fe:c5:6f:d1:88:86:0a:17:96:69:51:5a:
b6:67:d0:7d:b4:30:4b:a1:bb:96:50:92:9a:96:ac:
6e:8b:fb:c0:06:2e:5e:81:06:9a:e8:0f:f5:6f:79:
ff:07:13:89:89:11:c6:e1:74:23:1c:be:57:77:6d:
81:88:62:64:68:10:24:81:25:15:ab:88:2c:8b:ee:
b5:7d:36:39:4d:18:a2:39:fb:4f:f4:16:91:49:69:
05:bc:ca:f4:5c:2c:b0:30:14:4e:99:de:87:6a:0b:
99:6a:b6:e3:52:93:f9:42:34:da:c1:cc:cc:c0:b2:
94:d2:5f:c5:1b:31:5e:a7:9d:7d:b0:61:0a:c9:79:
f4:b6:63:55:56:e6:2e:7d:ba:bc:6b:5a:de:f5:3b:
48:8e:67:44:61:f0:e1:8b:5b:34:e5:ae:21:95:7d:
cb:23:d5:11:8c:75:ef:37:82:3d:82:42:f8:ab:bb:
b2:ee:93:1d:3c:a0:67:73:6a:9f:9d:c4:59:66:e0:
2f:0c:f7:17:53:65:77:a7:d9:7a:0f:3d:48:2d:d4:
c8:f1:14:11:cb:0f:c2:45:09:d8:c4:d7:d8:1c:ad:
57:ad:bc:7b:84:0e:bb:04:c0:40:0d:9e:8f:9c:18:
f5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:4B:04:F1:EC:AF:96:7D:92:D8:FD:91:AB:98:12:EC:15:C3:F2:FC
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a3189a3e-1053-49b0-891d-b315bf3a899d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
54.109.0.0/16
Signature Algorithm: sha256WithRSAEncryption
93:4c:fc:76:30:98:4e:4b:ea:79:fe:00:5f:39:c1:b8:c7:b6:
13:c6:a4:2d:67:86:a4:05:47:fe:31:4c:20:a5:f8:d6:da:5d:
51:45:d8:97:d3:90:dc:60:77:cf:c8:56:3f:c5:01:f0:36:d3:
77:4d:2c:62:56:89:32:7f:9b:a7:80:d7:d7:09:73:dc:9b:24:
18:8f:76:5b:f4:3a:8a:98:cb:51:45:d1:57:16:df:92:39:58:
ec:a1:ad:2d:a8:21:1e:02:6a:31:96:83:b2:83:f1:9b:da:0b:
4a:ee:df:d1:42:26:14:cc:2c:12:6c:31:a5:8f:92:03:0f:0b:
9d:ec:a5:08:23:e3:22:53:74:b0:4b:ce:f2:02:3f:4d:3c:ce:
1a:bf:01:41:4e:48:4a:7a:49:5d:7f:01:8a:75:86:51:6f:a3:
a3:ad:b3:f2:4f:9f:3d:83:76:e9:a9:b3:cf:0f:23:73:b5:b9:
13:ab:16:b6:cf:e5:43:29:77:23:8e:fa:68:b0:9c:10:5a:2f:
e3:5f:ab:06:6e:c3:e4:65:44:4e:94:4b:60:4c:1d:54:a7:1d:
6c:7c:d6:7e:ad:5b:b5:a2:b2:75:30:11:9f:40:44:1f:e8:8d:
d7:7f:0d:5a:07:bb:04:b1:48:86:a8:c4:d4:b8:c3:c0:87:3f:
16:13:f3:47
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUGg6nN/Js2eY0TTuD/+tfAoW9tmcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDAzODQ3WhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0AyMDUyMzE3N2MzYzk4YjNkNzg4MzkwMWI0ZTNiYWU0MzZm
ZmU5NjBlOTE4N2ZmNDQ3NzUxZmEwZWYzZTI1MDI5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDYDRh6s9eci6B3PoHV/BFRBP7Fb9GIhgoXlmlRWrZn0H20
MEuhu5ZQkpqWrG6L+8AGLl6BBproD/Vvef8HE4mJEcbhdCMcvld3bYGIYmRoECSB
JRWriCyL7rV9NjlNGKI5+0/0FpFJaQW8yvRcLLAwFE6Z3odqC5lqtuNSk/lCNNrB
zMzAspTSX8UbMV6nnX2wYQrJefS2Y1VW5i59urxrWt71O0iOZ0Rh8OGLWzTlriGV
fcsj1RGMde83gj2CQviru7Lukx08oGdzap+dxFlm4C8M9xdTZXen2XoPPUgt1Mjx
FBHLD8JFCdjE19gcrVetvHuEDrsEwEANno+cGPXpAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUxEsE8eyvln2S2P2Rq5gS7BXD8vwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2EzMTg5YTNlLTEwNTMtNDliMC04OTFkLWIzMTViZjNhODk5ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA2bTANBgkqhkiG9w0BAQsFAAOCAQEAk0z8djCYTkvqef4AXznBuMe2E8ak
LWeGpAVH/jFMIKX41tpdUUXYl9OQ3GB3z8hWP8UB8DbTd00sYlaJMn+bp4DX1wlz
3JskGI92W/Q6ipjLUUXRVxbfkjlY7KGtLaghHgJqMZaDsoPxm9oLSu7f0UImFMws
EmwxpY+SAw8LneylCCPjIlN0sEvO8gI/TTzOGr8BQU5ISnpJXX8BinWGUW+jo62z
8k+fPYN26amzzw8jc7W5E6sWts/lQyl3I476aLCcEFov41+rBm7D5GVETpRLYEwd
VKcdbHzWfq1btaKydTARn0BEH+iN138NWge7BLFIhqjE1LjDwIc/FhPzRw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:24:28 2025 by rpki-client