Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b8dd8af6-08d5-49b1-8425-477edba3254f.roa
File: b8dd8af6-08d5-49b1-8425-477edba3254f.roa (raw, json)
Hash identifier: PiuT93euv4W0mzORTLQR52T/AJTHbTm8TRX+t6Skiu0=
Subject key identifier: B2:ED:4D:31:AD:0F:DA:C4:01:85:F6:7E:23:A1:A6:E7:DC:51:78:98
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2604B2F2E787F8DA5D78C6CCE9A3F3D3103349D7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b8dd8af6-08d5-49b1-8425-477edba3254f.roa
Signing time: Wed 01 Oct 2025 00:22:04 +0000
ROA not before: Wed 01 Oct 2025 00:22:04 +0000
ROA not after: Wed 05 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2620:107:4005::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:04:b2:f2:e7:87:f8:da:5d:78:c6:cc:e9:a3:f3:d3:10:33:49:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 1 00:22:04 2025 GMT
Not After : Nov 5 23:59:59 2025 GMT
Subject: serialNumber=56dc8c823452f512993e5969b0b2a227925a8b8f9093202dbeb303273eb9e377, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:73:84:e4:57:f9:d9:bd:2f:af:a9:a9:2f:72:
c8:57:1d:96:82:31:bc:f3:40:e5:59:f2:bb:6b:40:
ff:56:3c:32:9b:ee:11:10:0d:4f:30:ef:9e:49:4f:
45:22:c9:f1:a4:35:6b:b1:0b:56:df:50:02:81:11:
5f:cc:72:22:af:56:2a:27:1e:26:bb:90:65:b6:7a:
8a:de:00:97:1f:8b:1d:5e:3f:3d:09:a5:1e:55:7b:
cf:b7:ea:73:b8:fe:1e:27:07:a1:a4:28:8d:ac:54:
17:36:48:0b:a5:2f:e5:ef:6f:81:6b:34:e2:e8:50:
3a:3d:25:ea:53:e3:8c:4c:fd:65:6d:a1:86:44:dc:
25:e0:4a:12:34:10:fa:28:c3:14:11:65:7d:44:f6:
04:9d:4c:fb:5a:8c:8e:3b:f5:c3:2a:db:81:e6:bc:
c0:1b:16:45:24:4d:42:c1:67:ea:bb:3f:f5:5f:8b:
0f:19:e4:6a:9e:70:14:76:c4:38:b5:ba:a7:9d:9d:
08:70:d0:42:81:6a:93:34:fe:b5:47:fe:53:d6:9c:
03:c1:c9:a9:7c:8c:2e:fd:b7:c7:f9:c0:d5:14:07:
31:bb:05:48:cd:8a:97:ee:b2:44:bf:8e:40:3e:89:
ac:12:07:7b:f7:8f:a5:85:58:b3:9e:3b:a5:1c:e8:
16:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:ED:4D:31:AD:0F:DA:C4:01:85:F6:7E:23:A1:A6:E7:DC:51:78:98
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b8dd8af6-08d5-49b1-8425-477edba3254f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2620:107:4005::/48
Signature Algorithm: sha256WithRSAEncryption
58:47:14:3c:87:9e:73:28:22:5e:87:1f:12:c6:3c:98:15:c0:
fc:c5:41:21:62:e4:cc:fc:1f:d2:98:8b:ef:ce:93:bb:fd:44:
d9:89:a9:64:2a:56:72:ab:52:1c:a0:16:d2:08:26:e1:9a:d4:
26:2d:87:66:32:13:e2:49:ef:42:44:25:70:f0:97:2f:33:55:
21:63:9f:50:4c:2b:f4:e8:01:07:fc:26:a7:ca:1c:38:8f:55:
f9:03:01:23:04:31:8f:f1:87:61:9e:23:b8:48:d1:c4:d6:9e:
13:d2:29:05:f2:3f:67:b6:3a:ac:ca:40:da:91:d8:11:70:a9:
10:52:f3:44:0b:ee:c8:7d:41:fa:bd:14:11:62:b6:90:4a:be:
8e:26:6d:25:bf:c2:7e:ad:54:4c:cc:79:ad:d1:73:da:95:82:
a8:5a:8f:17:44:98:07:2b:35:d2:66:a6:16:77:13:c6:17:f6:
d4:8f:10:cd:a3:64:89:21:7c:b4:88:b1:a7:d5:2b:74:8e:03:
d3:da:4a:20:ba:a3:8f:1e:65:99:68:ae:23:51:04:12:b0:e4:
58:69:78:45:38:7a:8f:36:8a:0a:68:0a:93:47:17:e8:27:1a:
e9:d8:cd:e7:7f:f0:82:9c:31:3b:5d:b1:3f:e0:3b:ef:fe:56:
7a:44:38:fc
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUJgSy8ueH+NpdeMbM6aPz0xAzSdcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDAyMjA0WhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A1NmRjOGM4MjM0NTJmNTEyOTkzZTU5NjliMGIyYTIyNzky
NWE4YjhmOTA5MzIwMmRiZWIzMDMyNzNlYjllMzc3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2c4TkV/nZvS+vqakvcshXHZaCMbzzQOVZ8rtrQP9WPDKb
7hEQDU8w755JT0UiyfGkNWuxC1bfUAKBEV/MciKvVionHia7kGW2eoreAJcfix1e
Pz0JpR5Ve8+36nO4/h4nB6GkKI2sVBc2SAulL+Xvb4FrNOLoUDo9JepT44xM/WVt
oYZE3CXgShI0EPoowxQRZX1E9gSdTPtajI479cMq24HmvMAbFkUkTULBZ+q7P/Vf
iw8Z5GqecBR2xDi1uqednQhw0EKBapM0/rVH/lPWnAPByal8jC79t8f5wNUUBzG7
BUjNipfuskS/jkA+iawSB3v3j6WFWLOeO6Uc6BalAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUsu1NMa0P2sQBhfZ+I6Gm59xReJgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I4ZGQ4YWY2LTA4ZDUtNDliMS04NDI1LTQ3N2VkYmEzMjU0Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmIAEHQAUwDQYJKoZIhvcNAQELBQADggEBAFhHFDyHnnMoIl6HHxLGPJgV
wPzFQSFi5Mz8H9KYi+/Ok7v9RNmJqWQqVnKrUhygFtIIJuGa1CYth2YyE+JJ70JE
JXDwly8zVSFjn1BMK/ToAQf8JqfKHDiPVfkDASMEMY/xh2GeI7hI0cTWnhPSKQXy
P2e2OqzKQNqR2BFwqRBS80QL7sh9Qfq9FBFitpBKvo4mbSW/wn6tVEzMea3Rc9qV
gqhajxdEmAcrNdJmphZ3E8YX9tSPEM2jZIkhfLSIsafVK3SOA9PaSiC6o48eZZlo
riNRBBKw5FhpeEU4eo82igpoCpNHF+gnGunYzed/8IKcMTtdsT/gO+/+VnpEOPw=
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:37:46 2025 by rpki-client