Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/af7a28ad-c2f9-435e-a8ee-e84639d006cf.roa
File: af7a28ad-c2f9-435e-a8ee-e84639d006cf.roa (raw, json)
Hash identifier: zA6EPZP75VZf9yjOcUy4hzfT38CQXwcPBrCDU7vnOeU=
Subject key identifier: 57:07:4B:59:56:39:55:48:25:4F:3A:BB:6C:3E:C3:82:C8:DF:90:52
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 462F3DDF0CB0E464D82F5CA6BC75047B7D635FA0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/af7a28ad-c2f9-435e-a8ee-e84639d006cf.roa
Signing time: Fri 03 Oct 2025 00:52:05 +0000
ROA not before: Fri 03 Oct 2025 00:52:05 +0000
ROA not after: Fri 07 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 99.77.138.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:2f:3d:df:0c:b0:e4:64:d8:2f:5c:a6:bc:75:04:7b:7d:63:5f:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 3 00:52:05 2025 GMT
Not After : Nov 7 23:59:59 2025 GMT
Subject: serialNumber=e2625903240818048e493c5c3966a40091fe6f1b568b02ecfbfb9bdbabbf089e, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e8:1e:39:5a:48:bb:c4:6c:8c:52:08:0a:08:
f6:8d:e0:de:8f:11:e8:e4:35:92:49:25:50:4b:34:
1e:43:11:43:bc:5a:79:10:fe:cd:79:31:e0:f9:fd:
95:3a:72:36:d1:1d:fc:90:47:46:c3:80:07:84:32:
e2:e5:c0:3d:49:95:9e:91:0b:af:a2:36:0a:15:a0:
43:72:21:2d:36:24:1e:e8:9a:60:89:57:d2:f6:f4:
09:95:26:9d:5c:15:bb:20:21:53:09:21:c3:aa:d7:
78:fd:74:96:e5:2b:d8:8f:05:c4:1b:46:81:a6:5f:
c5:86:18:9c:14:90:79:71:33:e6:ed:75:32:52:79:
89:c1:7c:b0:09:e5:97:59:20:ae:b9:86:23:53:cd:
b5:d3:5f:5a:a5:3d:58:ca:be:d0:1e:45:64:af:43:
cc:4f:93:e9:f8:94:ff:85:8f:6e:24:b3:44:57:31:
f0:fc:37:fa:c7:c5:0e:1a:f1:60:ed:0b:08:0a:3a:
1a:20:e0:3e:9d:2f:21:91:bf:a9:6f:fe:3b:a3:dd:
73:a4:de:5d:6c:25:5b:9c:ca:47:97:ec:77:73:95:
a6:e4:91:ce:39:8e:f1:ea:c7:ca:10:8e:65:aa:23:
c3:20:93:b3:18:8e:62:4d:4e:71:f4:43:9b:62:af:
d6:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:07:4B:59:56:39:55:48:25:4F:3A:BB:6C:3E:C3:82:C8:DF:90:52
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/af7a28ad-c2f9-435e-a8ee-e84639d006cf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
99.77.138.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:47:df:4d:8d:fe:0b:aa:cf:99:dd:ba:23:3c:b9:40:87:d1:
18:65:cf:78:23:9a:d8:47:2c:9d:e7:39:5a:51:31:3a:4e:25:
55:2c:16:20:a2:be:c6:27:48:65:86:5a:d1:58:12:08:9d:83:
8f:b6:18:f4:3a:fa:3b:7e:ff:63:e3:ad:3c:b3:3b:fc:34:3a:
3e:9c:39:2d:cd:e7:2a:14:cf:d7:b8:ad:d6:1a:99:fb:0e:20:
72:c8:e6:db:0e:ee:a8:21:a2:01:08:d1:48:0d:22:32:a3:0d:
f9:da:f8:43:e7:4d:fc:98:16:a2:cb:5a:c6:4d:08:e7:25:e2:
ed:81:33:80:4a:45:ff:d3:3f:5e:cc:b9:e3:66:97:3c:06:13:
3c:80:04:bf:8d:b0:ff:a0:ef:ce:3d:71:58:04:5c:6a:aa:81:
1e:45:bf:16:2f:9d:19:bf:05:f1:16:a8:05:dd:54:7f:7e:23:
56:71:12:57:30:2e:1d:7e:51:be:23:7d:aa:47:c2:04:7f:27:
4b:d3:ab:c3:29:38:48:ea:f8:65:0e:bf:2b:ec:b3:f4:aa:2f:
ef:8e:74:c9:6a:bb:67:78:0f:57:e6:dc:8c:33:0c:35:74:47:
b3:b9:cf:2c:1d:96:65:5e:fb:fe:df:3d:90:7a:1a:8c:6f:4f:
79:0b:52:d9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURi893wyw5GTYL1ymvHUEe31jX6AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAzMDA1MjA1WhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BlMjYyNTkwMzI0MDgxODA0OGU0OTNjNWMzOTY2YTQwMDkx
ZmU2ZjFiNTY4YjAyZWNmYmZiOWJkYmFiYmYwODllMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDP6B45Wki7xGyMUggKCPaN4N6PEejkNZJJJVBLNB5DEUO8
WnkQ/s15MeD5/ZU6cjbRHfyQR0bDgAeEMuLlwD1JlZ6RC6+iNgoVoENyIS02JB7o
mmCJV9L29AmVJp1cFbsgIVMJIcOq13j9dJblK9iPBcQbRoGmX8WGGJwUkHlxM+bt
dTJSeYnBfLAJ5ZdZIK65hiNTzbXTX1qlPVjKvtAeRWSvQ8xPk+n4lP+Fj24ks0RX
MfD8N/rHxQ4a8WDtCwgKOhog4D6dLyGRv6lv/juj3XOk3l1sJVucykeX7Hdzlabk
kc45jvHqx8oQjmWqI8Mgk7MYjmJNTnH0Q5tir9Z9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUVwdLWVY5VUglTzq7bD7DgsjfkFIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FmN2EyOGFkLWMyZjktNDM1ZS1hOGVlLWU4NDYzOWQwMDZjZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTYowDQYJKoZIhvcNAQELBQADggEBAK5H302N/guqz5nduiM8uUCH0Rhl
z3gjmthHLJ3nOVpRMTpOJVUsFiCivsYnSGWGWtFYEgidg4+2GPQ6+jt+/2PjrTyz
O/w0Oj6cOS3N5yoUz9e4rdYamfsOIHLI5tsO7qghogEI0UgNIjKjDfna+EPnTfyY
FqLLWsZNCOcl4u2BM4BKRf/TP17MueNmlzwGEzyABL+NsP+g7849cVgEXGqqgR5F
vxYvnRm/BfEWqAXdVH9+I1ZxElcwLh1+Ub4jfapHwgR/J0vTq8MpOEjq+GUOvyvs
s/SqL++OdMlqu2d4D1fm3IwzDDV0R7O5zywdlmVe+/7fPZB6GoxvT3kLUtk=
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:11:02 2025 by rpki-client