Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b3586142-b8b3-4a70-8236-1a6d9876cf01.roa
File: b3586142-b8b3-4a70-8236-1a6d9876cf01.roa (raw, json)
Hash identifier: IKA/sXBxEFUuiT6SnDUFPK/9qrvOBJSy60q+bcCLc9E=
Subject key identifier: 2D:65:09:32:98:08:D2:C0:94:18:8A:94:02:71:6E:D1:8C:EA:E4:CF
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 7D643419D194C78846AC4B71587D540669635CB3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b3586142-b8b3-4a70-8236-1a6d9876cf01.roa
Signing time: Fri 03 Oct 2025 00:11:56 +0000
ROA not before: Fri 03 Oct 2025 00:11:56 +0000
ROA not after: Fri 07 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1ffd:838e::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:64:34:19:d1:94:c7:88:46:ac:4b:71:58:7d:54:06:69:63:5c:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 3 00:11:56 2025 GMT
Not After : Nov 7 23:59:59 2025 GMT
Subject: serialNumber=48a528f6123eea25237867b8b8245aca6479b9476e8ad29139f0744cf2ab3019, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d8:5e:25:91:9c:1c:f7:00:67:16:33:c5:07:
35:b6:00:30:f6:51:e3:95:66:ad:cd:74:36:1b:44:
60:1c:dd:60:e4:dc:25:0e:74:a4:fd:16:0c:7c:1c:
7a:96:24:35:39:1b:6e:5a:76:88:76:15:af:55:ec:
bc:09:03:1c:04:be:35:3a:24:fc:0c:63:6c:ad:27:
87:1c:4e:f1:f9:a3:aa:1e:b7:90:c6:d6:a2:74:78:
57:40:8e:bb:1d:6c:c3:14:2b:bd:de:d8:7c:6a:3d:
f4:dd:b9:b5:de:b8:aa:5c:9c:02:86:e3:71:f2:dd:
5b:77:5d:86:0c:0a:ef:c7:af:a0:af:57:50:ae:35:
9b:68:f1:e4:0c:cc:d3:02:cc:97:68:2c:44:7d:30:
65:50:ca:e5:e7:eb:83:c4:a3:5d:84:2c:05:bb:4a:
ec:9a:6c:58:e9:dd:ec:0d:0e:b8:77:02:c9:f3:f6:
d6:eb:9e:7c:4e:4e:ea:7d:74:e7:90:2e:43:83:c1:
a6:d6:35:9c:fe:4a:bd:c6:23:36:22:03:74:d6:38:
f0:3f:df:f7:db:03:14:f3:3a:38:9f:b7:ec:dd:13:
c2:9d:fb:9f:b5:76:ff:d6:29:e2:5d:74:a2:a7:7b:
68:cb:5e:58:89:f7:07:cf:cf:8c:00:29:72:f9:36:
f3:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:65:09:32:98:08:D2:C0:94:18:8A:94:02:71:6E:D1:8C:EA:E4:CF
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b3586142-b8b3-4a70-8236-1a6d9876cf01.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1ffd:838e::/48
Signature Algorithm: sha256WithRSAEncryption
72:64:d4:2e:51:3a:b0:42:95:5f:86:ea:39:51:02:b7:cf:38:
c9:c4:2c:94:01:5e:e4:7b:65:7a:fb:06:92:f5:d1:d9:11:93:
3e:79:ad:71:8a:94:a3:91:65:bc:ef:7f:90:98:63:2b:57:52:
46:de:55:ea:72:fd:22:0f:dc:ea:6f:9c:1d:67:6c:a6:f1:c0:
d9:6d:a1:8d:29:30:4c:51:c7:a6:37:ee:6e:dd:25:b5:7e:87:
88:ad:c0:0f:d3:c1:c3:41:c1:b7:f6:26:27:75:27:4a:9f:c4:
75:0c:5f:01:4f:1f:e2:77:75:fb:38:33:21:e1:b1:79:af:19:
70:32:50:9d:0f:6f:7b:ae:d2:30:be:50:ee:68:56:fd:c2:07:
cc:0c:c4:e0:b4:e3:1b:cb:50:e1:75:d7:49:9e:0b:5c:21:62:
30:1e:7b:46:3c:31:b8:d5:44:e0:ca:36:3c:b8:c4:07:73:03:
3e:1e:4f:52:5f:87:f3:d6:0c:c2:a1:86:73:7b:28:7f:eb:8e:
c2:ea:33:42:35:cd:28:78:39:21:4a:4e:dd:d8:e4:4c:1b:16:
80:38:e3:d8:e1:d7:6e:07:9c:87:6f:d0:d6:c2:87:85:2e:5c:
1b:21:cd:7d:cc:22:a7:e7:fc:77:45:6f:e5:11:e1:c5:65:2f:
f3:9d:49:02
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUfWQ0GdGUx4hGrEtxWH1UBmljXLMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAzMDAxMTU2WhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A0OGE1MjhmNjEyM2VlYTI1MjM3ODY3YjhiODI0NWFjYTY0
NzliOTQ3NmU4YWQyOTEzOWYwNzQ0Y2YyYWIzMDE5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCP2F4lkZwc9wBnFjPFBzW2ADD2UeOVZq3NdDYbRGAc3WDk
3CUOdKT9Fgx8HHqWJDU5G25adoh2Fa9V7LwJAxwEvjU6JPwMY2ytJ4ccTvH5o6oe
t5DG1qJ0eFdAjrsdbMMUK73e2HxqPfTdubXeuKpcnAKG43Hy3Vt3XYYMCu/Hr6Cv
V1CuNZto8eQMzNMCzJdoLER9MGVQyuXn64PEo12ELAW7SuyabFjp3ewNDrh3Asnz
9tbrnnxOTup9dOeQLkODwabWNZz+Sr3GIzYiA3TWOPA/3/fbAxTzOjift+zdE8Kd
+5+1dv/WKeJddKKne2jLXliJ9wfPz4wAKXL5NvNdAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQULWUJMpgI0sCUGIqUAnFu0Yzq5M8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2IzNTg2MTQyLWI4YjMtNGE3MC04MjM2LTFhNmQ5ODc2Y2YwMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB/9g44wDQYJKoZIhvcNAQELBQADggEBAHJk1C5ROrBClV+G6jlRArfP
OMnELJQBXuR7ZXr7BpL10dkRkz55rXGKlKORZbzvf5CYYytXUkbeVepy/SIP3Opv
nB1nbKbxwNltoY0pMExRx6Y37m7dJbV+h4itwA/TwcNBwbf2Jid1J0qfxHUMXwFP
H+J3dfs4MyHhsXmvGXAyUJ0Pb3uu0jC+UO5oVv3CB8wMxOC04xvLUOF110meC1wh
YjAee0Y8MbjVRODKNjy4xAdzAz4eT1Jfh/PWDMKhhnN7KH/rjsLqM0I1zSh4OSFK
Tt3Y5EwbFoA449jh124HnIdv0NbCh4UuXBshzX3MIqfn/HdFb+UR4cVlL/OdSQI=
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:45:34 2025 by rpki-client