Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c0f72a14-71a9-47a1-ad9c-1f9129079bfb.roa
File: c0f72a14-71a9-47a1-ad9c-1f9129079bfb.roa (raw, json)
Hash identifier: O5tNZNleyLgslEDVTokuWihoAsnei1ZgC4sXqDP4spc=
Subject key identifier: B6:23:27:C5:7E:1F:AD:E0:1C:99:B7:59:E3:DC:C5:D6:C7:D2:CE:28
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 27D3CC844D1B76C6F9412664F6F621EC29E8BD78
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c0f72a14-71a9-47a1-ad9c-1f9129079bfb.roa
Signing time: Tue 07 Oct 2025 15:01:16 +0000
ROA not before: Tue 07 Oct 2025 15:01:16 +0000
ROA not after: Tue 11 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 56.89.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:d3:cc:84:4d:1b:76:c6:f9:41:26:64:f6:f6:21:ec:29:e8:bd:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 7 15:01:16 2025 GMT
Not After : Nov 11 23:59:59 2025 GMT
Subject: serialNumber=fb52a26cdfe660f279b35d0b372b347f823e84cedfb6443e12d1076050a00fd3, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1d:c6:70:01:72:f8:7c:59:10:5c:8e:c5:bd:
4c:e7:4c:be:8b:af:8a:bc:91:04:29:45:04:4e:25:
da:d7:80:89:42:9c:16:23:78:37:95:21:09:c6:7c:
00:9f:cd:4e:3f:cc:86:61:48:cf:b7:fd:b9:31:e1:
29:4f:f2:7b:14:32:1a:27:ff:de:16:99:19:ba:1b:
a6:7c:91:0c:e7:36:f9:3f:4b:b1:69:cf:3c:81:3e:
30:4d:11:8f:c0:c7:a7:0d:5d:33:e6:5d:2a:f8:f4:
d6:4c:8e:51:05:ef:c3:44:b6:f1:a2:fa:98:f4:b3:
43:c5:36:c5:b9:2c:24:6c:a3:76:9d:e7:66:0c:28:
bd:b7:42:c4:f8:dd:fc:14:48:a9:04:5f:c1:26:f5:
7e:7a:8b:ef:60:77:8b:ec:31:c5:09:9c:9c:de:b4:
32:c6:a9:cc:2b:50:35:1e:7c:c2:6a:fc:b2:d7:06:
f6:34:7b:c8:01:5b:ff:ad:12:73:3f:29:1f:7a:35:
bc:63:a1:c9:97:22:3a:95:07:cd:f1:a3:ca:7c:2e:
ca:36:d2:25:b4:fe:a0:00:f6:09:4e:91:6d:11:12:
8f:72:da:d5:ed:02:f9:9a:02:f2:59:0d:c1:05:61:
50:e2:84:3d:e9:60:08:13:1a:5f:12:b9:1b:ff:7c:
1f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:23:27:C5:7E:1F:AD:E0:1C:99:B7:59:E3:DC:C5:D6:C7:D2:CE:28
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c0f72a14-71a9-47a1-ad9c-1f9129079bfb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
56.89.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ae:19:56:ba:31:bc:9e:36:53:88:66:90:8f:3f:ea:d1:05:ab:
e5:ce:fc:74:0e:e6:aa:d9:77:c2:22:b2:c3:72:82:b2:b6:3b:
b0:7a:2a:d4:3f:1e:ad:27:cb:06:f7:81:c5:8c:6b:08:3e:33:
f6:56:34:00:66:88:3b:67:d9:7c:e3:b8:9d:f3:42:63:8f:5f:
d8:39:5e:fc:ca:38:af:25:92:c0:4c:d8:b3:b6:88:8e:81:08:
a4:b7:9b:96:9b:c5:7c:9f:35:74:5f:e8:5b:a9:b4:9e:3a:91:
05:ba:6b:7d:c7:3c:55:19:d7:18:de:70:7a:cc:37:6e:9d:ef:
fd:98:6d:c6:c2:ef:1d:db:28:5e:57:cf:d2:5d:33:23:1c:9b:
89:f6:03:a7:00:ab:03:40:64:2d:14:26:35:ca:86:cb:2f:16:
e5:19:22:c4:67:08:11:5f:82:a3:ce:db:d2:a7:58:c2:38:44:
b7:16:f9:03:5b:50:d7:7e:e9:bf:c3:ce:1d:23:87:63:0e:1b:
fb:c8:af:da:10:82:6c:a1:60:0b:9d:0a:fa:a6:0b:21:ac:02:
17:f7:93:ea:ca:e5:06:0f:7e:6d:23:88:5d:21:e1:7b:96:ac:
ae:8c:32:82:31:3d:a8:85:98:b3:80:a9:74:4e:96:bf:7e:83:
f2:a0:a0:3b
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUJ9PMhE0bdsb5QSZk9vYh7CnovXgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA3MTUwMTE2WhcNMjUxMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0BmYjUyYTI2Y2RmZTY2MGYyNzliMzVkMGIzNzJiMzQ3Zjgy
M2U4NGNlZGZiNjQ0M2UxMmQxMDc2MDUwYTAwZmQzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCkHcZwAXL4fFkQXI7FvUznTL6Lr4q8kQQpRQROJdrXgIlC
nBYjeDeVIQnGfACfzU4/zIZhSM+3/bkx4SlP8nsUMhon/94WmRm6G6Z8kQznNvk/
S7FpzzyBPjBNEY/Ax6cNXTPmXSr49NZMjlEF78NEtvGi+pj0s0PFNsW5LCRso3ad
52YMKL23QsT43fwUSKkEX8Em9X56i+9gd4vsMcUJnJzetDLGqcwrUDUefMJq/LLX
BvY0e8gBW/+tEnM/KR96NbxjocmXIjqVB83xo8p8Lso20iW0/qAA9glOkW0REo9y
2tXtAvmaAvJZDcEFYVDihD3pYAgTGl8SuRv/fB+VAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUtiMnxX4freAcmbdZ49zF1sfSzigwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2MwZjcyYTE0LTcxYTktNDdhMS1hZDljLTFmOTEyOTA3OWJmYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4WTANBgkqhkiG9w0BAQsFAAOCAQEArhlWujG8njZTiGaQjz/q0QWr5c78
dA7mqtl3wiKyw3KCsrY7sHoq1D8erSfLBveBxYxrCD4z9lY0AGaIO2fZfOO4nfNC
Y49f2Dle/Mo4ryWSwEzYs7aIjoEIpLeblpvFfJ81dF/oW6m0njqRBbprfcc8VRnX
GN5wesw3bp3v/ZhtxsLvHdsoXlfP0l0zIxybifYDpwCrA0BkLRQmNcqGyy8W5Rki
xGcIEV+Co87b0qdYwjhEtxb5A1tQ137pv8POHSOHYw4b+8iv2hCCbKFgC50K+qYL
IawCF/eT6srlBg9+bSOIXSHhe5asrowygjE9qIWYs4CpdE6Wv36D8qCgOw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:57:01 2025 by rpki-client