Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ab98bfdb-9af4-412f-87c6-d3448c52456d.roa
File: ab98bfdb-9af4-412f-87c6-d3448c52456d.roa (raw, json)
Hash identifier: 3ULhyBbyV/EQxAdDLe+canUpFjMQYZOMx8h/jFAFiIc=
Subject key identifier: 87:E9:7E:79:BF:BA:7E:0C:34:81:5E:66:84:EF:A4:A3:C5:A5:F8:4C
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 570CA9FEA477EA0B7C68DB1D3770CA7403C43D95
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ab98bfdb-9af4-412f-87c6-d3448c52456d.roa
Signing time: Wed 01 Oct 2025 00:12:06 +0000
ROA not before: Wed 01 Oct 2025 00:12:06 +0000
ROA not after: Wed 05 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1ffd:8143::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:0c:a9:fe:a4:77:ea:0b:7c:68:db:1d:37:70:ca:74:03:c4:3d:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 1 00:12:06 2025 GMT
Not After : Nov 5 23:59:59 2025 GMT
Subject: serialNumber=f0cc2e8b59165ac085565459bcdf19b9727b5a8ebc65e909113d7c36b8f6a46e, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:9b:a4:14:4d:dd:34:2e:ab:28:58:b0:eb:62:
32:2d:3d:fd:7d:63:56:5d:74:7f:b7:71:af:2a:bd:
87:f0:d4:a5:7e:4e:24:37:72:db:3b:db:2c:15:3f:
a1:b4:5e:80:f8:4f:75:18:3e:3e:e3:08:a3:27:f8:
62:d3:23:c5:f3:1c:37:1f:30:95:22:e5:d3:36:1c:
09:c8:c9:3b:17:95:90:2c:70:d4:98:a7:ea:31:40:
cc:1c:a6:cb:6e:bc:79:f4:79:4e:d1:fc:e6:de:54:
2e:56:33:b1:e9:f8:e2:02:be:d5:0a:32:6d:fd:22:
55:d9:45:9d:dd:3d:bb:dd:d6:fa:29:86:5e:27:8f:
44:15:7b:58:be:7d:21:2c:fe:db:f1:d5:6e:93:a3:
80:99:80:3f:3a:27:ba:5e:d7:f0:16:c8:8e:42:6d:
be:bd:21:91:36:e7:ab:8a:5a:94:7b:e1:49:08:38:
78:4e:12:46:fe:d3:6f:8a:34:4b:35:ae:14:1d:36:
6f:d2:15:a0:8a:22:e9:c5:24:e4:27:09:b5:1a:e9:
63:74:bc:f9:19:b5:c3:d4:97:78:15:8f:a8:cb:7f:
2d:f4:60:e9:58:ac:43:97:49:1a:26:6a:4e:6a:e2:
88:05:a3:b9:7f:20:b2:ec:cb:fb:43:4e:b9:10:6f:
5f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:E9:7E:79:BF:BA:7E:0C:34:81:5E:66:84:EF:A4:A3:C5:A5:F8:4C
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ab98bfdb-9af4-412f-87c6-d3448c52456d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1ffd:8143::/48
Signature Algorithm: sha256WithRSAEncryption
a2:bc:79:c5:60:ca:d5:6f:11:87:5d:4d:b5:b5:3c:41:81:e6:
0f:b6:51:63:6e:93:4b:c4:37:4b:31:2e:cf:88:d8:d9:5d:dc:
c4:f2:8c:45:b1:b5:f0:11:b4:e8:91:cd:ca:1e:43:f9:2a:51:
0e:40:9f:ef:6d:70:92:22:87:94:e8:d5:e1:50:b9:a1:de:3a:
43:62:1a:04:8a:25:44:15:c9:a1:b7:38:a1:eb:9f:e7:c4:10:
28:02:72:78:d7:e8:89:6d:39:b1:ae:4a:c2:25:56:ac:bb:56:
29:87:ab:13:79:9d:52:2c:9b:92:89:eb:2f:60:84:37:3c:5e:
73:ad:f3:e2:1a:5f:b1:7a:b1:7d:c8:e7:5d:2c:c0:5e:a7:92:
45:63:e4:e3:15:4f:57:0b:07:3d:00:b5:de:57:e7:63:f9:db:
c0:9c:2e:34:08:0b:ac:5f:ac:07:92:ea:34:9f:fa:ac:63:a6:
f9:ae:33:26:66:c9:c1:20:98:a3:41:a3:c2:bc:f3:e0:a0:0b:
11:af:21:7a:06:0e:de:83:72:0c:c8:ee:92:8e:e2:29:7f:fd:
ac:90:23:df:38:d0:0c:0b:7b:3e:e9:6a:b9:cd:b1:10:0d:ce:
2e:fd:0e:09:c2:b4:7a:41:af:14:8d:fd:58:9e:01:35:06:47:
dd:e0:e7:6b
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUVwyp/qR36gt8aNsdN3DKdAPEPZUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDAxMjA2WhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BmMGNjMmU4YjU5MTY1YWMwODU1NjU0NTliY2RmMTliOTcy
N2I1YThlYmM2NWU5MDkxMTNkN2MzNmI4ZjZhNDZlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCRm6QUTd00LqsoWLDrYjItPf19Y1ZddH+3ca8qvYfw1KV+
TiQ3cts72ywVP6G0XoD4T3UYPj7jCKMn+GLTI8XzHDcfMJUi5dM2HAnIyTsXlZAs
cNSYp+oxQMwcpstuvHn0eU7R/ObeVC5WM7Hp+OICvtUKMm39IlXZRZ3dPbvd1vop
hl4nj0QVe1i+fSEs/tvx1W6To4CZgD86J7pe1/AWyI5Cbb69IZE256uKWpR74UkI
OHhOEkb+02+KNEs1rhQdNm/SFaCKIunFJOQnCbUa6WN0vPkZtcPUl3gVj6jLfy30
YOlYrEOXSRomak5q4ogFo7l/ILLsy/tDTrkQb1+dAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUh+l+eb+6fgw0gV5mhO+ko8Wl+EwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FiOThiZmRiLTlhZjQtNDEyZi04N2M2LWQzNDQ4YzUyNDU2ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB/9gUMwDQYJKoZIhvcNAQELBQADggEBAKK8ecVgytVvEYddTbW1PEGB
5g+2UWNuk0vEN0sxLs+I2Nld3MTyjEWxtfARtOiRzcoeQ/kqUQ5An+9tcJIih5To
1eFQuaHeOkNiGgSKJUQVyaG3OKHrn+fEECgCcnjX6IltObGuSsIlVqy7VimHqxN5
nVIsm5KJ6y9ghDc8XnOt8+IaX7F6sX3I510swF6nkkVj5OMVT1cLBz0Atd5X52P5
28CcLjQIC6xfrAeS6jSf+qxjpvmuMyZmycEgmKNBo8K88+CgCxGvIXoGDt6DcgzI
7pKO4il//ayQI9840AwLez7parnNsRANzi79DgnCtHpBrxSN/VieATUGR93g52s=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:57:02 2025 by rpki-client