Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/aa33094c-fc6e-426d-8a0c-c3010af5cd56.roa
File: aa33094c-fc6e-426d-8a0c-c3010af5cd56.roa (raw, json)
Hash identifier: tyIPGeEHIZHZSgXQymyG4PdH5fS/e/K/BtYNBRe+YQ0=
Subject key identifier: C8:3B:C9:F6:90:B6:DB:39:BF:DD:9E:39:54:5F:B5:C4:C5:1D:AF:29
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 0F4A46D664AEA464ABBAE961D8515B5BE0F94E42
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/aa33094c-fc6e-426d-8a0c-c3010af5cd56.roa
Signing time: Tue 30 Sep 2025 00:01:18 +0000
ROA not before: Tue 30 Sep 2025 00:01:18 +0000
ROA not after: Tue 04 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 15.148.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:4a:46:d6:64:ae:a4:64:ab:ba:e9:61:d8:51:5b:5b:e0:f9:4e:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Sep 30 00:01:18 2025 GMT
Not After : Nov 4 23:59:59 2025 GMT
Subject: serialNumber=eb52fbf1016108244bf5cacd055e2ba6eaaf98a79e446ee638144b5260118d8b, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ff:78:4d:33:e3:4c:41:9c:bf:0e:b9:3a:2c:
34:6c:42:30:88:97:68:3d:d3:46:35:19:c4:35:bb:
40:76:0f:62:b2:40:da:fc:e8:2e:75:59:73:3c:55:
8f:2b:1a:04:93:9a:85:9f:34:55:17:b9:7c:17:dc:
93:e7:95:6c:9a:65:4d:ce:80:2f:27:98:34:14:c6:
17:57:aa:d3:56:1e:9e:33:3a:3f:c9:05:af:ae:91:
32:8e:67:14:f7:d7:73:2f:dc:f8:96:03:04:6b:46:
84:98:c7:f0:b1:2e:27:d4:af:7e:e7:0e:a7:a5:71:
12:39:99:fd:49:be:88:a9:25:65:a2:56:28:1a:58:
00:ab:1a:1c:a6:d7:a1:32:57:bb:f1:04:ff:77:a9:
ec:a0:3f:36:74:4a:88:40:20:fa:cb:8d:85:ed:46:
7b:1d:30:7f:a9:8d:94:2c:d9:8f:dd:b0:1a:44:3c:
4c:7d:c3:17:6c:0d:f4:2f:61:e9:0a:ef:f2:b0:91:
73:20:1e:a1:c0:b6:18:21:d6:6c:59:a5:b1:d5:a3:
f2:82:63:8b:b5:e7:87:04:67:30:c6:47:32:6f:2d:
fb:61:55:90:27:d5:ca:ae:55:9e:e6:0d:16:c0:b0:
c8:3e:84:61:e4:a7:a8:a3:f0:e8:d1:ec:8f:77:6b:
fe:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:3B:C9:F6:90:B6:DB:39:BF:DD:9E:39:54:5F:B5:C4:C5:1D:AF:29
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/aa33094c-fc6e-426d-8a0c-c3010af5cd56.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
15.148.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d5:60:08:f7:ce:ff:8d:37:59:20:bc:06:04:13:59:d8:13:85:
1f:1c:a4:48:0b:76:26:d0:12:32:1a:a4:ea:91:7e:ce:a0:ac:
7b:c8:99:7f:77:d4:7a:2d:83:23:91:17:56:fd:56:50:9d:d9:
87:91:9f:f5:00:ac:dc:b4:0f:8e:44:88:b8:68:a0:61:76:6f:
2f:62:5a:cb:d0:c2:62:2d:c5:4b:7e:46:0d:d6:69:a4:18:30:
c8:9e:1e:9d:ad:04:3d:54:20:3d:a7:99:8e:fe:7c:3e:cb:e7:
ae:27:3a:1d:15:08:92:6b:2c:b5:6b:de:eb:a0:98:f7:aa:e7:
4f:5a:c8:9c:2e:dc:8a:56:18:08:aa:a6:31:57:68:7f:56:56:
f5:e2:34:bb:a1:7a:84:ea:3a:e2:5c:eb:6d:3b:d2:27:42:78:
e0:74:a9:80:0f:80:eb:a0:91:cf:99:ef:49:eb:74:4c:32:27:
6e:3b:2b:4b:35:34:42:10:a7:d5:cd:6f:59:f6:a7:f6:e4:5a:
d8:4d:eb:e8:af:53:f7:74:d9:b3:b7:91:d3:61:64:73:79:b6:
7d:f7:13:5e:07:9d:49:c3:ae:b3:5b:e5:33:a1:ee:9d:96:2a:
4a:bb:8a:72:40:af:09:f0:d3:fc:1f:01:4c:e8:3e:14:51:00:
81:4a:c1:2d
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUD0pG1mSupGSruulh2FFbW+D5TkIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTMwMDAwMTE4WhcNMjUxMTA0MjM1OTU5
WjB6MUkwRwYDVQQFE0BlYjUyZmJmMTAxNjEwODI0NGJmNWNhY2QwNTVlMmJhNmVh
YWY5OGE3OWU0NDZlZTYzODE0NGI1MjYwMTE4ZDhiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCg/3hNM+NMQZy/Drk6LDRsQjCIl2g900Y1GcQ1u0B2D2Ky
QNr86C51WXM8VY8rGgSTmoWfNFUXuXwX3JPnlWyaZU3OgC8nmDQUxhdXqtNWHp4z
Oj/JBa+ukTKOZxT313Mv3PiWAwRrRoSYx/CxLifUr37nDqelcRI5mf1JvoipJWWi
VigaWACrGhym16EyV7vxBP93qeygPzZ0SohAIPrLjYXtRnsdMH+pjZQs2Y/dsBpE
PEx9wxdsDfQvYekK7/KwkXMgHqHAthgh1mxZpbHVo/KCY4u154cEZzDGRzJvLfth
VZAn1cquVZ7mDRbAsMg+hGHkp6ij8OjR7I93a/6PAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUyDvJ9pC22zm/3Z45VF+1xMUdrykwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FhMzMwOTRjLWZjNmUtNDI2ZC04YTBjLWMzMDEwYWY1Y2Q1Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAPlDANBgkqhkiG9w0BAQsFAAOCAQEA1WAI987/jTdZILwGBBNZ2BOFHxyk
SAt2JtASMhqk6pF+zqCse8iZf3fUei2DI5EXVv1WUJ3Zh5Gf9QCs3LQPjkSIuGig
YXZvL2Jay9DCYi3FS35GDdZppBgwyJ4ena0EPVQgPaeZjv58Psvnric6HRUIkmss
tWve66CY96rnT1rInC7cilYYCKqmMVdof1ZW9eI0u6F6hOo64lzrbTvSJ0J44HSp
gA+A66CRz5nvSet0TDInbjsrSzU0QhCn1c1vWfan9uRa2E3r6K9T93TZs7eR02Fk
c3m2ffcTXgedScOus1vlM6HunZYqSruKckCvCfDT/B8BTOg+FFEAgUrBLQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 20:43:48 2025 by rpki-client