Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a852de3c-5896-48b9-ac0d-6ffc55534b67.roa
File: a852de3c-5896-48b9-ac0d-6ffc55534b67.roa (raw, json)
Hash identifier: j6Zt+fiLPxxGkYIB/+1to+/VLzDUZzU4uy6Vq++JuvI=
Subject key identifier: A6:81:F0:67:25:B7:FA:57:33:A7:BB:3F:A2:F7:3F:2F:DF:96:C2:96
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 1DEC74DD5F51F68E1014EE22DE6F4D595CACD0C8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a852de3c-5896-48b9-ac0d-6ffc55534b67.roa
Signing time: Tue 30 Sep 2025 00:37:57 +0000
ROA not before: Tue 30 Sep 2025 00:37:57 +0000
ROA not after: Tue 04 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 35.54.32.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:ec:74:dd:5f:51:f6:8e:10:14:ee:22:de:6f:4d:59:5c:ac:d0:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Sep 30 00:37:57 2025 GMT
Not After : Nov 4 23:59:59 2025 GMT
Subject: serialNumber=1325d623f1fb14d849aa15ba5b33113751b44107d9a4ebfd61ed9ca306326ed4, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b1:9d:80:f5:7e:b8:0e:fd:c6:5f:c4:c3:a7:
76:45:07:47:0d:02:4a:f8:ce:38:c1:50:4a:06:40:
bc:0c:f0:ed:8e:7e:e4:5b:5a:c7:ce:85:6a:a4:ae:
35:7b:6e:bd:8e:f7:4c:1a:c9:54:42:24:b9:a8:98:
40:0b:95:03:24:ed:c2:57:38:f3:74:93:30:64:57:
6f:08:ed:00:1c:85:8d:8b:67:23:45:15:75:48:f5:
ad:36:5c:30:62:c8:f2:d6:47:64:e9:dd:14:79:52:
62:6b:36:f4:04:40:1c:5d:8c:9d:48:1d:d8:dd:00:
b4:07:a7:d7:a1:0d:26:f8:30:70:d7:26:6d:48:ca:
b1:64:ba:5f:52:5d:97:52:12:51:6b:9b:74:11:83:
f3:0b:a0:4f:5b:7d:0e:0c:62:9c:66:5a:a8:99:98:
40:f3:06:95:e3:ca:d0:fd:47:af:c4:65:3e:d4:40:
fc:bc:44:67:42:04:08:dc:39:04:91:5d:c7:b9:29:
ef:56:a5:0b:57:db:df:14:b2:99:d0:02:4d:95:fc:
fb:29:f6:7a:ba:c7:1b:62:0f:2a:18:ca:b4:88:06:
11:b1:24:4a:4e:18:cc:29:f3:89:b2:9b:c7:65:a7:
8d:69:11:67:5c:b4:47:20:d4:5e:05:c4:dd:15:b3:
e6:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:81:F0:67:25:B7:FA:57:33:A7:BB:3F:A2:F7:3F:2F:DF:96:C2:96
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a852de3c-5896-48b9-ac0d-6ffc55534b67.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
35.54.32.0/21
Signature Algorithm: sha256WithRSAEncryption
c3:c1:82:2f:93:93:e9:00:35:e1:f0:f2:08:c5:28:42:2e:39:
7a:00:39:18:c2:62:b8:f7:78:02:f2:42:77:29:33:a1:67:56:
a1:81:01:86:19:33:78:06:fd:74:f4:83:0d:ca:ae:27:b3:0c:
9d:73:7a:45:b9:e0:3a:86:a6:f6:09:64:ac:6e:7a:93:47:e1:
b5:71:50:ec:73:0e:d4:88:f4:9b:df:fc:a2:8f:bf:35:38:77:
95:bf:d4:ab:ef:ca:78:c2:8e:1f:39:11:2a:02:dc:2a:8e:ea:
74:e2:c4:dd:7c:83:79:04:b3:95:c5:3d:94:5b:27:9b:df:79:
dd:69:1b:34:37:fe:57:8e:7e:b3:00:4b:cc:e3:18:d3:46:b7:
64:a7:4e:2c:c9:89:11:33:1c:bd:b4:ad:06:47:02:ad:13:08:
fa:fb:86:f2:cc:ff:15:c8:be:cc:d5:5e:00:56:98:da:d0:02:
2a:33:24:fd:74:89:1c:2f:49:0b:cc:c3:46:78:f8:0d:24:82:
51:cc:68:ec:fe:ca:d5:27:85:7e:2a:1f:a3:a1:a9:35:2c:5f:
74:0b:59:4d:8f:f7:74:95:74:50:8a:3d:9d:21:2c:ce:5c:5f:
6f:dd:8d:80:78:21:f9:1d:04:ce:81:c5:40:e4:30:3a:f7:bb:
5d:eb:be:37
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUHex03V9R9o4QFO4i3m9NWVys0MgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTMwMDAzNzU3WhcNMjUxMTA0MjM1OTU5
WjB6MUkwRwYDVQQFE0AxMzI1ZDYyM2YxZmIxNGQ4NDlhYTE1YmE1YjMzMTEzNzUx
YjQ0MTA3ZDlhNGViZmQ2MWVkOWNhMzA2MzI2ZWQ0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDHsZ2A9X64Dv3GX8TDp3ZFB0cNAkr4zjjBUEoGQLwM8O2O
fuRbWsfOhWqkrjV7br2O90wayVRCJLmomEALlQMk7cJXOPN0kzBkV28I7QAchY2L
ZyNFFXVI9a02XDBiyPLWR2Tp3RR5UmJrNvQEQBxdjJ1IHdjdALQHp9ehDSb4MHDX
Jm1IyrFkul9SXZdSElFrm3QRg/MLoE9bfQ4MYpxmWqiZmEDzBpXjytD9R6/EZT7U
QPy8RGdCBAjcOQSRXce5Ke9WpQtX298UspnQAk2V/Psp9nq6xxtiDyoYyrSIBhGx
JEpOGMwp84mym8dlp41pEWdctEcg1F4FxN0Vs+aJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUpoHwZyW3+lczp7s/ovc/L9+WwpYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E4NTJkZTNjLTU4OTYtNDhiOS1hYzBkLTZmZmM1NTUzNGI2Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMjNiAwDQYJKoZIhvcNAQELBQADggEBAMPBgi+Tk+kANeHw8gjFKEIuOXoA
ORjCYrj3eALyQncpM6FnVqGBAYYZM3gG/XT0gw3KriezDJ1zekW54DqGpvYJZKxu
epNH4bVxUOxzDtSI9Jvf/KKPvzU4d5W/1KvvynjCjh85ESoC3CqO6nTixN18g3kE
s5XFPZRbJ5vfed1pGzQ3/leOfrMAS8zjGNNGt2SnTizJiREzHL20rQZHAq0TCPr7
hvLM/xXIvszVXgBWmNrQAiozJP10iRwvSQvMw0Z4+A0kglHMaOz+ytUnhX4qH6Oh
qTUsX3QLWU2P93SVdFCKPZ0hLM5cX2/djYB4IfkdBM6BxUDkMDr3u13rvjc=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:47:07 2025 by rpki-client