Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b9aa3453-9174-4296-bb91-a7a12b37376d.roa
File: b9aa3453-9174-4296-bb91-a7a12b37376d.roa (raw, json)
Hash identifier: IqRrzusKDgoeaqSRD7h4ZRTbTFhkSOvX8butz5vHmZw=
Subject key identifier: 41:90:00:BC:AB:2E:1D:CC:7D:04:89:1F:5A:5D:9B:12:55:B3:99:1E
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 513C04EB50012A5C1ED95DE51969A70E846C82BE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b9aa3453-9174-4296-bb91-a7a12b37376d.roa
Signing time: Sat 11 Oct 2025 00:42:40 +0000
ROA not before: Sat 11 Oct 2025 00:42:40 +0000
ROA not after: Sat 15 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 216.87.4.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:3c:04:eb:50:01:2a:5c:1e:d9:5d:e5:19:69:a7:0e:84:6c:82:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 11 00:42:40 2025 GMT
Not After : Nov 15 23:59:59 2025 GMT
Subject: serialNumber=fa43dc0cd57cab783e297ad324aff3b9a1eb96be195a5bd738513111dab3272e, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d2:4c:f4:c4:85:0f:6e:be:53:4c:16:b0:bd:
08:fa:64:80:f6:96:ed:82:99:0a:fe:0e:44:bc:68:
c8:8c:c7:95:90:2c:dd:ee:d3:02:d7:6c:4a:28:0a:
69:99:5e:db:ee:b5:d2:32:a4:6c:72:9c:c3:c0:93:
1e:4a:13:5f:81:c8:8e:fe:0b:30:ee:d7:dd:67:ba:
73:45:6f:6d:ee:6f:55:b7:04:df:1a:e4:e9:16:e6:
df:85:6e:e2:ec:b4:65:00:ab:8f:06:64:b7:7a:d8:
26:78:cc:e0:e2:ce:5d:23:1f:80:2b:1d:1f:ec:ba:
5e:50:82:ad:41:4a:21:8d:8d:16:26:87:d3:7b:99:
b5:77:15:85:3f:bf:ba:b3:4e:fb:fb:1a:ad:d0:98:
a8:07:3e:20:cc:13:98:0b:a6:b0:25:4c:72:f0:cb:
71:28:9d:26:e3:0f:a6:9a:f1:d2:37:32:c2:3e:9f:
77:eb:1c:81:54:dc:de:e0:77:75:d9:8a:ad:f5:82:
df:2f:c0:88:c2:44:65:3d:8c:e4:91:32:f1:c4:76:
9d:5f:ea:87:62:ed:22:03:f0:61:62:e2:d5:4f:88:
6b:d8:51:d4:12:1c:48:91:5f:af:3a:37:11:33:8b:
27:2a:a4:df:e2:cc:80:b6:1a:64:d9:af:d8:40:20:
99:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:90:00:BC:AB:2E:1D:CC:7D:04:89:1F:5A:5D:9B:12:55:B3:99:1E
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b9aa3453-9174-4296-bb91-a7a12b37376d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
216.87.4.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:6c:66:25:9a:a0:61:41:66:2d:84:9c:eb:fd:d3:98:92:48:
69:c4:d3:d0:a5:8c:1f:5e:40:17:6a:93:7a:19:89:a5:47:4a:
ee:2d:88:4d:5c:18:bc:ae:ad:3c:7f:b4:3a:6c:cc:e6:a6:26:
e8:75:28:42:20:d3:23:28:9d:ac:f1:e0:50:b0:ca:1d:a5:aa:
7a:ea:bb:1f:90:cc:e8:83:62:34:b0:fe:62:80:d3:91:d9:8d:
43:ff:39:3d:43:7f:a8:1c:cd:f7:35:50:d7:27:cd:77:de:dc:
f7:82:b8:55:95:79:02:a8:ef:c8:02:8d:36:bd:1a:aa:e5:f2:
b0:19:b0:a6:39:c2:ee:3c:e0:73:fd:b1:e7:95:c2:95:d9:f8:
46:b8:40:9d:1e:83:bb:4c:a6:e1:cf:c5:3b:1e:47:e9:c5:de:
f9:1a:61:cb:cf:9a:f2:5d:70:f8:1f:3a:29:7b:51:3a:eb:77:
ab:4c:97:7c:58:a4:9c:71:dc:6b:ff:b5:b5:31:65:74:5f:0f:
cf:54:5d:f7:8f:f5:a6:ad:a4:1a:fd:a5:18:35:f3:a9:a4:6c:
ae:98:80:7c:cd:89:3b:d1:77:09:5f:ca:0e:89:ea:be:c7:f6:
58:30:d5:3f:e2:6d:2f:bc:8f:62:d7:97:20:b2:d0:29:32:12:
52:0f:19:90
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUTwE61ABKlwe2V3lGWmnDoRsgr4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDExMDA0MjQwWhcNMjUxMTE1MjM1OTU5
WjB6MUkwRwYDVQQFE0BmYTQzZGMwY2Q1N2NhYjc4M2UyOTdhZDMyNGFmZjNiOWEx
ZWI5NmJlMTk1YTViZDczODUxMzExMWRhYjMyNzJlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDB0kz0xIUPbr5TTBawvQj6ZID2lu2CmQr+DkS8aMiMx5WQ
LN3u0wLXbEooCmmZXtvutdIypGxynMPAkx5KE1+ByI7+CzDu191nunNFb23ub1W3
BN8a5OkW5t+FbuLstGUAq48GZLd62CZ4zODizl0jH4ArHR/sul5Qgq1BSiGNjRYm
h9N7mbV3FYU/v7qzTvv7Gq3QmKgHPiDME5gLprAlTHLwy3EonSbjD6aa8dI3MsI+
n3frHIFU3N7gd3XZiq31gt8vwIjCRGU9jOSRMvHEdp1f6odi7SID8GFi4tVPiGvY
UdQSHEiRX686NxEziycqpN/izIC2GmTZr9hAIJn7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUQZAAvKsuHcx9BIkfWl2bElWzmR4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I5YWEzNDUzLTkxNzQtNDI5Ni1iYjkxLWE3YTEyYjM3Mzc2ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALYVwQwDQYJKoZIhvcNAQELBQADggEBAAtsZiWaoGFBZi2EnOv905iSSGnE
09CljB9eQBdqk3oZiaVHSu4tiE1cGLyurTx/tDpszOamJuh1KEIg0yMonazx4FCw
yh2lqnrqux+QzOiDYjSw/mKA05HZjUP/OT1Df6gczfc1UNcnzXfe3PeCuFWVeQKo
78gCjTa9Gqrl8rAZsKY5wu484HP9seeVwpXZ+Ea4QJ0eg7tMpuHPxTseR+nF3vka
YcvPmvJdcPgfOil7UTrrd6tMl3xYpJxx3Gv/tbUxZXRfD89UXfeP9aatpBr9pRg1
86mkbK6YgHzNiTvRdwlfyg6J6r7H9lgw1T/ibS+8j2LXlyCy0CkyElIPGZA=
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:37:31 2025 by rpki-client