Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a5a28861-ee8e-44d9-b363-30a1f04e1125.roa
File: a5a28861-ee8e-44d9-b363-30a1f04e1125.roa (raw, json)
Hash identifier: ZoRLIKzczMBY1oaJSyaOIlknBeMO07T0KN0HkPrGI5s=
Subject key identifier: F2:89:E9:63:3B:7D:E1:D2:A1:3D:F3:5A:7B:B0:06:9A:50:0C:4B:9C
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2752B0AB99B5384274834242513256D193749F17
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a5a28861-ee8e-44d9-b363-30a1f04e1125.roa
Signing time: Sun 19 Oct 2025 02:42:11 +0000
ROA not before: Sun 19 Oct 2025 02:42:11 +0000
ROA not after: Sun 23 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 56.163.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:52:b0:ab:99:b5:38:42:74:83:42:42:51:32:56:d1:93:74:9f:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 19 02:42:11 2025 GMT
Not After : Nov 23 23:59:59 2025 GMT
Subject: serialNumber=c8d3d6f5f91064daa4e0897aef85d49e8b6ba0bc17e6695fe2e26d0e42bd3316, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:f0:e0:be:88:5e:89:e8:46:15:61:87:63:6a:
c1:a6:92:c1:dd:fb:88:4e:c9:1f:41:dc:8b:63:a2:
6b:83:b8:86:5b:70:02:04:f9:31:b3:c1:b0:1f:ac:
4c:80:75:3d:32:be:d2:b5:16:03:36:2e:4a:a8:44:
07:d0:03:15:eb:2f:8d:fa:84:e0:44:bd:4e:dc:95:
60:6c:7a:57:5f:be:fa:0f:6f:8e:aa:9c:c5:97:48:
0c:e1:6e:08:e7:af:32:7d:68:84:60:8b:a4:ff:56:
5a:d5:94:fc:51:bd:af:16:7b:4b:f6:69:cf:72:62:
77:3a:9b:ed:f8:ed:4b:e7:26:06:2f:1f:d3:da:0d:
43:49:56:5e:65:c8:49:1f:28:c5:33:b6:1c:e9:de:
6a:26:d8:03:77:dd:95:d1:cd:b0:e4:c4:d3:40:1a:
de:91:8e:70:3b:ae:a8:9e:d1:df:90:f8:b9:65:da:
17:f7:ff:27:bb:4a:1b:da:e3:28:de:9c:49:d9:2a:
f1:bd:be:8c:fa:b3:b5:03:68:ae:df:2f:87:25:34:
75:46:28:7d:cf:d5:59:a8:3d:8f:62:94:f4:40:b1:
4d:ed:b2:ba:29:d0:fb:b3:16:24:20:44:4b:d2:fa:
d2:9f:2f:11:f1:ac:b4:82:87:37:9e:87:91:c7:0e:
88:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:89:E9:63:3B:7D:E1:D2:A1:3D:F3:5A:7B:B0:06:9A:50:0C:4B:9C
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a5a28861-ee8e-44d9-b363-30a1f04e1125.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
56.163.0.0/16
Signature Algorithm: sha256WithRSAEncryption
28:da:90:b9:c2:33:35:06:e6:32:eb:f2:1c:88:b4:14:96:5f:
d9:88:f3:66:aa:ee:42:2b:d4:3a:99:dd:43:44:83:04:98:ac:
99:fd:32:31:b9:da:82:31:58:40:45:80:61:97:2e:72:1d:db:
19:b7:94:9a:3d:fc:13:e7:18:9d:a4:e8:6f:95:ef:3a:5b:c1:
d7:ab:1d:44:05:85:24:2f:cf:96:31:a8:7d:99:8d:4c:a2:1d:
d6:ec:73:66:82:83:56:83:ef:9b:74:36:0f:7b:d6:23:9d:0d:
96:cd:26:00:66:c9:1b:2c:ca:b9:ff:2b:0c:aa:53:c4:e3:24:
f8:bc:2d:d5:71:f1:d3:bd:eb:b2:11:1f:54:b2:0a:f5:e4:cc:
a4:1d:bd:c0:46:f9:83:65:88:dd:65:f6:af:84:6f:d8:25:98:
2b:35:72:f0:d4:f3:0d:82:3c:de:f2:22:a7:fd:8a:f4:0f:82:
81:02:18:39:74:2d:fe:cd:a0:00:a7:ea:0b:0d:1c:f6:b9:65:
ac:bf:0a:d8:ac:62:4e:26:95:37:1c:a9:16:9e:2b:30:f2:fe:
72:00:16:4c:83:a9:fe:ba:93:6a:78:60:ef:da:1e:17:7c:fa:
c6:52:52:f7:03:e8:53:f4:1f:a6:d0:8c:7c:b8:75:82:15:10:
3d:50:59:5a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUJ1Kwq5m1OEJ0g0JCUTJW0ZN0nxcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE5MDI0MjExWhcNMjUxMTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BjOGQzZDZmNWY5MTA2NGRhYTRlMDg5N2FlZjg1ZDQ5ZThi
NmJhMGJjMTdlNjY5NWZlMmUyNmQwZTQyYmQzMzE2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDn8OC+iF6J6EYVYYdjasGmksHd+4hOyR9B3ItjomuDuIZb
cAIE+TGzwbAfrEyAdT0yvtK1FgM2LkqoRAfQAxXrL436hOBEvU7clWBseldfvvoP
b46qnMWXSAzhbgjnrzJ9aIRgi6T/VlrVlPxRva8We0v2ac9yYnc6m+347UvnJgYv
H9PaDUNJVl5lyEkfKMUzthzp3mom2AN33ZXRzbDkxNNAGt6RjnA7rqie0d+Q+Lll
2hf3/ye7Shva4yjenEnZKvG9voz6s7UDaK7fL4clNHVGKH3P1VmoPY9ilPRAsU3t
srop0PuzFiQgREvS+tKfLxHxrLSChzeeh5HHDoi3AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU8onpYzt94dKhPfNae7AGmlAMS5wwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E1YTI4ODYxLWVlOGUtNDRkOS1iMzYzLTMwYTFmMDRlMTEyNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4ozANBgkqhkiG9w0BAQsFAAOCAQEAKNqQucIzNQbmMuvyHIi0FJZf2Yjz
ZqruQivUOpndQ0SDBJismf0yMbnagjFYQEWAYZcuch3bGbeUmj38E+cYnaTob5Xv
OlvB16sdRAWFJC/PljGofZmNTKId1uxzZoKDVoPvm3Q2D3vWI50Nls0mAGbJGyzK
uf8rDKpTxOMk+Lwt1XHx073rshEfVLIK9eTMpB29wEb5g2WI3WX2r4Rv2CWYKzVy
8NTzDYI83vIip/2K9A+CgQIYOXQt/s2gAKfqCw0c9rllrL8K2KxiTiaVNxypFp4r
MPL+cgAWTIOp/rqTanhg79oeF3z6xlJS9wPoU/QfptCMfLh1ghUQPVBZWg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:46:49 2025 by rpki-client