Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b4c6cd78-6139-435b-a258-a601228d052a.roa
File: b4c6cd78-6139-435b-a258-a601228d052a.roa (raw, json)
Hash identifier: CfbPIBlAeb/oZCgCM21DhWVt3qucd9dFNjvRUePDzMU=
Subject key identifier: 2B:B0:8B:B8:30:09:87:B3:EF:98:7C:9D:9F:A4:A7:AE:F6:90:88:3C
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 1F30750B5C4511F453B2916216B13DD0768E1261
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b4c6cd78-6139-435b-a258-a601228d052a.roa
Signing time: Sat 18 Oct 2025 02:00:03 +0000
ROA not before: Sat 18 Oct 2025 02:00:03 +0000
ROA not after: Sat 22 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1f36:6000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:30:75:0b:5c:45:11:f4:53:b2:91:62:16:b1:3d:d0:76:8e:12:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 18 02:00:03 2025 GMT
Not After : Nov 22 23:59:59 2025 GMT
Subject: serialNumber=f728d31e5d6ab1e4aaf1403e687719d09c8afd5cc110c86906d3b67fa5760a2a, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:aa:e7:30:7f:1e:45:c4:dc:a6:be:f2:da:29:
bf:78:89:28:74:e1:36:35:c3:09:df:21:12:de:11:
31:7e:f7:33:55:e2:c9:d9:29:17:a7:7f:87:4f:be:
00:a6:ba:13:45:e6:57:2e:37:28:ed:18:ee:9e:a3:
7e:ac:0b:15:bb:fd:f4:ff:43:f6:35:4a:76:44:dc:
b6:b1:47:1a:97:88:f6:da:6a:58:48:71:4b:ef:08:
f1:0a:21:d6:98:ee:74:a8:b8:0b:a2:94:31:79:9b:
8c:a6:cc:65:31:ac:10:04:b4:09:93:a3:40:84:35:
5c:9e:55:78:ee:9e:e3:41:62:2e:2b:c5:89:63:a4:
f2:f7:b1:98:05:5a:a6:4b:bb:92:ad:53:29:b0:a5:
d0:31:ea:e9:6e:8d:af:f8:b3:13:ff:97:c8:5c:03:
d7:5a:76:39:89:29:bf:21:e5:28:01:eb:50:39:6a:
dc:b9:e8:05:a3:aa:4c:13:ce:93:65:70:e9:ae:61:
e8:2b:76:cd:db:9d:4b:6b:1b:20:7a:32:02:35:13:
0a:03:d0:cd:89:bd:e8:95:5b:df:a3:98:89:ec:0d:
65:9a:00:8f:9b:01:cd:de:c9:fd:60:0b:cd:ab:c7:
75:88:83:01:c4:62:8d:4d:af:4c:a8:ad:44:61:55:
5b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:B0:8B:B8:30:09:87:B3:EF:98:7C:9D:9F:A4:A7:AE:F6:90:88:3C
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b4c6cd78-6139-435b-a258-a601228d052a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1f36:6000::/40
Signature Algorithm: sha256WithRSAEncryption
7b:a1:8b:c9:02:2a:54:4f:3a:86:b1:97:66:20:92:1e:af:30:
de:53:d4:fa:35:16:d3:a6:b9:2c:1c:64:82:87:b1:c3:5c:d3:
4b:c7:e5:c1:d1:21:d5:63:85:9e:fc:c9:2a:be:ea:79:15:e5:
11:6a:e5:b5:fa:ea:e7:09:25:90:d5:66:6c:ad:b6:86:a4:15:
7b:56:00:55:0b:b6:fd:86:cb:89:cd:d4:9d:e9:9f:6d:59:33:
49:6e:0d:30:8f:cf:f6:f0:14:ae:25:61:ff:37:e7:72:e9:d4:
4b:05:dd:dd:84:14:1f:18:51:3a:5a:80:a0:0c:78:8c:32:96:
39:45:ec:82:91:de:19:6b:d8:70:a9:35:eb:24:d2:26:0c:01:
12:8a:f0:72:ae:bf:7d:9e:96:f8:c9:e1:e7:82:57:59:95:b3:
dd:f6:00:2c:d9:01:36:2a:0e:85:46:15:07:b6:31:eb:ea:9b:
1f:93:e8:7c:27:96:81:41:86:fa:e7:fb:b6:40:00:6a:13:b7:
48:c0:36:5f:f4:72:da:a7:33:3b:5c:05:1b:6f:65:4a:56:d1:
a6:c7:f4:2e:52:79:5c:d0:1e:b5:eb:e4:1b:52:42:26:01:38:
d3:a2:e9:e3:3d:d3:68:5e:45:93:90:c8:3c:71:d2:fb:24:aa:
8d:de:96:39
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUHzB1C1xFEfRTspFiFrE90HaOEmEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE4MDIwMDAzWhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BmNzI4ZDMxZTVkNmFiMWU0YWFmMTQwM2U2ODc3MTlkMDlj
OGFmZDVjYzExMGM4NjkwNmQzYjY3ZmE1NzYwYTJhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvqucwfx5FxNymvvLaKb94iSh04TY1wwnfIRLeETF+9zNV
4snZKRenf4dPvgCmuhNF5lcuNyjtGO6eo36sCxW7/fT/Q/Y1SnZE3LaxRxqXiPba
alhIcUvvCPEKIdaY7nSouAuilDF5m4ymzGUxrBAEtAmTo0CENVyeVXjunuNBYi4r
xYljpPL3sZgFWqZLu5KtUymwpdAx6uluja/4sxP/l8hcA9dadjmJKb8h5SgB61A5
aty56AWjqkwTzpNlcOmuYegrds3bnUtrGyB6MgI1EwoD0M2JveiVW9+jmInsDWWa
AI+bAc3eyf1gC82rx3WIgwHEYo1Nr0yorURhVVstAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUK7CLuDAJh7PvmHydn6SnrvaQiDwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I0YzZjZDc4LTYxMzktNDM1Yi1hMjU4LWE2MDEyMjhkMDUyYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB82YDANBgkqhkiG9w0BAQsFAAOCAQEAe6GLyQIqVE86hrGXZiCSHq8w
3lPU+jUW06a5LBxkgoexw1zTS8flwdEh1WOFnvzJKr7qeRXlEWrltfrq5wklkNVm
bK22hqQVe1YAVQu2/YbLic3UnemfbVkzSW4NMI/P9vAUriVh/zfncunUSwXd3YQU
HxhROlqAoAx4jDKWOUXsgpHeGWvYcKk16yTSJgwBEorwcq6/fZ6W+Mnh54JXWZWz
3fYALNkBNioOhUYVB7Yx6+qbH5PofCeWgUGG+uf7tkAAahO3SMA2X/Ry2qczO1wF
G29lSlbRpsf0LlJ5XNAetevkG1JCJgE406Lp4z3TaF5Fk5DIPHHS+ySqjd6WOQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:04:30 2025 by rpki-client