Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b4fc45e7-8bde-4b2c-ad82-302a6c0ccbfd.roa
File: b4fc45e7-8bde-4b2c-ad82-302a6c0ccbfd.roa (raw, json)
Hash identifier: pz2/W83iCQv75WftmFLfX+r47tJC5vrpaykZwH+2uUE=
Subject key identifier: 8A:44:A2:8B:62:E6:3B:9E:8C:D5:76:B0:30:DE:E5:26:B9:38:1A:33
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 031CE5346606DAC294EEEA2E8317B5A93653DDF5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b4fc45e7-8bde-4b2c-ad82-302a6c0ccbfd.roa
Signing time: Sat 11 Oct 2025 00:21:59 +0000
ROA not before: Sat 11 Oct 2025 00:21:59 +0000
ROA not after: Sat 15 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 167.147.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:1c:e5:34:66:06:da:c2:94:ee:ea:2e:83:17:b5:a9:36:53:dd:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 11 00:21:59 2025 GMT
Not After : Nov 15 23:59:59 2025 GMT
Subject: serialNumber=47b83d624079613f42e8779904c53d432bb8d587a756b8ee55855a968f929d6e, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:59:bd:cf:0f:35:86:a4:3d:e0:75:3a:a2:be:
36:20:e1:9e:23:51:49:fc:76:13:3c:46:5c:80:7c:
00:1e:4d:ed:59:be:0b:25:ff:17:73:b7:6d:37:f1:
c1:73:1c:b7:c8:0c:8a:8a:4f:f6:94:98:1b:c2:6b:
82:a8:82:d2:f1:d9:59:9d:6c:b4:d0:26:48:d3:3a:
dc:43:02:c7:49:0f:a0:7a:70:19:8a:46:63:a4:6b:
52:81:1d:61:e6:45:5e:35:c8:dd:1d:ad:97:55:ff:
77:a7:06:20:13:7c:40:b0:ce:a0:ca:4a:f8:0c:01:
91:cf:3e:5c:58:95:c5:09:2b:5c:ea:c9:3f:c7:d9:
eb:9f:8c:4c:c6:f3:17:7e:3b:45:91:52:4c:45:cd:
d7:2d:9f:95:e2:db:52:0d:e7:5b:05:eb:b5:0c:81:
83:fa:dc:b1:84:a0:68:dc:bd:1a:66:02:8b:4b:bb:
39:c9:5c:63:93:2c:b2:80:ed:08:7b:08:f9:f6:b5:
4b:e0:e2:4b:96:62:f6:2e:c3:97:a1:ba:8b:c9:14:
6f:90:7e:89:bc:ea:4d:45:de:88:ae:7a:20:c6:22:
b9:e0:5c:41:ac:94:56:40:ee:44:52:a3:b5:c4:7f:
00:2a:5a:3c:09:7f:06:8f:44:a6:f8:25:34:61:61:
44:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:44:A2:8B:62:E6:3B:9E:8C:D5:76:B0:30:DE:E5:26:B9:38:1A:33
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b4fc45e7-8bde-4b2c-ad82-302a6c0ccbfd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.147.0.0/16
Signature Algorithm: sha256WithRSAEncryption
38:9d:5e:04:da:24:a2:01:88:32:ba:19:dd:4e:99:51:1f:0b:
c0:e1:e7:89:bd:48:26:5a:d6:65:2c:9a:ec:15:94:1c:1b:a0:
fd:45:5b:61:1b:7a:ab:0c:97:67:06:6f:0e:04:6c:93:7b:d4:
ee:9e:23:ff:3a:ed:1d:6e:04:34:be:87:eb:af:6a:18:d3:2d:
5a:c1:ee:f5:69:35:c6:8d:50:d6:f6:97:1b:db:78:26:1d:8b:
ca:54:5d:2d:b0:21:b3:da:d1:5a:e6:29:08:c5:25:2d:c2:bf:
06:3b:d1:e3:e8:fd:2a:f5:76:c6:ba:28:00:e8:4c:44:17:ba:
a0:ff:a5:f9:7d:36:eb:e0:02:b3:5d:7a:83:e3:01:ea:73:3f:
80:4b:35:33:2e:f4:0e:5e:35:4a:33:5e:70:f2:c6:6e:04:5e:
a6:1f:6c:3d:db:6a:44:f9:20:46:2c:2a:4a:02:78:ba:9d:a0:
3f:3c:13:cf:01:c3:3b:7c:fa:63:05:a4:72:1b:d6:4f:7e:5c:
b1:9b:dc:86:d5:4d:61:d9:4e:c6:49:88:65:f1:b7:29:40:45:
a2:23:10:e3:4c:9a:bc:b5:29:49:b6:3e:86:70:32:3c:6e:e9:
76:78:21:66:3d:24:47:49:94:1c:24:a8:60:34:73:81:81:b6:
86:0d:f0:1e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUAxzlNGYG2sKU7uougxe1qTZT3fUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDExMDAyMTU5WhcNMjUxMTE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A0N2I4M2Q2MjQwNzk2MTNmNDJlODc3OTkwNGM1M2Q0MzJi
YjhkNTg3YTc1NmI4ZWU1NTg1NWE5NjhmOTI5ZDZlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDKWb3PDzWGpD3gdTqivjYg4Z4jUUn8dhM8RlyAfAAeTe1Z
vgsl/xdzt2038cFzHLfIDIqKT/aUmBvCa4KogtLx2VmdbLTQJkjTOtxDAsdJD6B6
cBmKRmOka1KBHWHmRV41yN0drZdV/3enBiATfECwzqDKSvgMAZHPPlxYlcUJK1zq
yT/H2eufjEzG8xd+O0WRUkxFzdctn5Xi21IN51sF67UMgYP63LGEoGjcvRpmAotL
uznJXGOTLLKA7Qh7CPn2tUvg4kuWYvYuw5ehuovJFG+Qfom86k1F3oiueiDGIrng
XEGslFZA7kRSo7XEfwAqWjwJfwaPRKb4JTRhYUTHAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUikSii2LmO56M1XawMN7lJrk4GjMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I0ZmM0NWU3LThiZGUtNGIyYy1hZDgyLTMwMmE2YzBjY2JmZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCnkzANBgkqhkiG9w0BAQsFAAOCAQEAOJ1eBNokogGIMroZ3U6ZUR8LwOHn
ib1IJlrWZSya7BWUHBug/UVbYRt6qwyXZwZvDgRsk3vU7p4j/zrtHW4ENL6H669q
GNMtWsHu9Wk1xo1Q1vaXG9t4Jh2LylRdLbAhs9rRWuYpCMUlLcK/BjvR4+j9KvV2
xrooAOhMRBe6oP+l+X026+ACs116g+MB6nM/gEs1My70Dl41SjNecPLGbgReph9s
PdtqRPkgRiwqSgJ4up2gPzwTzwHDO3z6YwWkchvWT35csZvchtVNYdlOxkmIZfG3
KUBFoiMQ40yavLUpSbY+hnAyPG7pdnghZj0kR0mUHCSoYDRzgYG2hg3wHg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:56:18 2025 by rpki-client