Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c1007d85-fbf5-45da-82c5-653042baeda9.roa
File: c1007d85-fbf5-45da-82c5-653042baeda9.roa (raw, json)
Hash identifier: eAp3RXozhuETcg/gOL/dslc0KlS3jjeJzODKgA1eraA=
Subject key identifier: 30:2D:6E:0E:39:AD:81:D2:9D:9F:96:47:DA:18:18:05:00:32:F8:0C
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 767E3868C015290604AC1ED41C11633F870585FA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c1007d85-fbf5-45da-82c5-653042baeda9.roa
Signing time: Wed 01 Oct 2025 00:01:16 +0000
ROA not before: Wed 01 Oct 2025 00:01:16 +0000
ROA not after: Wed 05 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 16.20.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:7e:38:68:c0:15:29:06:04:ac:1e:d4:1c:11:63:3f:87:05:85:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 1 00:01:16 2025 GMT
Not After : Nov 5 23:59:59 2025 GMT
Subject: serialNumber=37c2b25645a81f305fe70bd47c36bbe0c25b1d520c169932787555d3625d84b2, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ac:f9:18:b9:17:8c:ab:da:a7:04:58:1b:2d:
3a:0e:96:bc:3d:48:a6:9d:10:3c:d8:8b:9d:92:9a:
fd:33:8f:c9:c9:27:18:66:ea:13:0b:56:1b:7b:45:
13:65:fa:26:84:f9:23:0e:14:d4:ae:19:84:30:47:
47:46:1a:d6:56:09:20:79:f8:6c:8f:46:af:ce:a4:
88:cf:0a:d7:f3:9c:94:47:a3:79:49:b4:a4:1c:58:
8f:fe:c9:ed:a4:e7:68:c5:7a:80:70:af:79:8e:b6:
80:19:8c:26:70:5c:05:74:b2:5c:c7:1d:da:18:80:
55:ad:ea:1a:f3:b2:9e:98:e9:18:82:d8:49:c7:17:
13:62:ff:1f:ed:e7:3c:d3:b4:da:2d:5e:72:83:a3:
01:c9:07:ae:4c:fe:68:f4:45:43:14:12:b4:46:7e:
c5:2d:b1:b2:32:d3:85:1c:36:68:0c:13:0f:e0:21:
a4:fe:bf:17:55:ac:b7:15:1c:2c:9d:e4:54:27:e1:
7e:bc:1f:00:ba:16:83:cc:15:f9:80:41:3b:68:0f:
f5:94:ae:3a:11:6e:c2:83:cc:e7:a7:20:8a:75:cf:
b4:75:a5:d2:a1:29:c9:74:6d:0c:1a:db:c3:69:b4:
95:b0:f0:59:a7:71:16:63:a5:59:80:ae:f4:93:bf:
05:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:2D:6E:0E:39:AD:81:D2:9D:9F:96:47:DA:18:18:05:00:32:F8:0C
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c1007d85-fbf5-45da-82c5-653042baeda9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.20.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c2:25:7d:37:18:a0:29:35:ac:db:4b:e3:50:c6:4b:6c:7e:58:
68:0e:e6:6c:7e:bf:e5:f5:97:45:e2:d7:af:0c:e0:14:82:bf:
88:d7:71:64:dc:a8:ee:67:fd:9e:00:3f:28:af:ee:5c:83:a8:
94:3d:46:f6:bf:63:a7:1b:fc:7e:92:18:a0:f3:81:a9:7d:da:
de:50:2b:bc:c2:0d:f5:7e:bf:72:69:6a:e2:a0:30:ff:15:f4:
81:a7:48:36:24:6d:5d:f4:c1:69:29:35:12:68:cd:5a:7f:b8:
9c:8f:23:2e:e7:fd:ab:99:b7:c3:1f:87:5e:ee:a5:50:c6:30:
c5:f1:0e:ad:74:18:cc:2b:5d:30:2e:f3:fb:b4:f0:9d:3c:a0:
72:85:ad:73:61:5a:60:49:1d:7e:5a:ac:f4:e9:66:da:fe:02:
e7:81:4a:53:60:c5:c3:a4:ea:ce:56:31:84:e5:f5:c5:45:d6:
04:7f:d3:f3:7f:64:43:6d:72:7d:19:29:57:fa:8d:f5:25:bc:
c6:55:b6:ad:b8:74:8f:e0:fa:3e:31:af:ad:47:46:97:c1:7a:
b6:b4:37:93:74:95:1a:cb:c6:e8:09:8f:8e:ee:14:a0:df:fd:
50:bd:95:7e:16:04:e4:09:e2:10:03:ce:9b:a2:1f:4c:65:60:
b7:22:41:5f
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUdn44aMAVKQYErB7UHBFjP4cFhfowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDAwMTE2WhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0AzN2MyYjI1NjQ1YTgxZjMwNWZlNzBiZDQ3YzM2YmJlMGMy
NWIxZDUyMGMxNjk5MzI3ODc1NTVkMzYyNWQ4NGIyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDDrPkYuReMq9qnBFgbLToOlrw9SKadEDzYi52Smv0zj8nJ
Jxhm6hMLVht7RRNl+iaE+SMOFNSuGYQwR0dGGtZWCSB5+GyPRq/OpIjPCtfznJRH
o3lJtKQcWI/+ye2k52jFeoBwr3mOtoAZjCZwXAV0slzHHdoYgFWt6hrzsp6Y6RiC
2EnHFxNi/x/t5zzTtNotXnKDowHJB65M/mj0RUMUErRGfsUtsbIy04UcNmgMEw/g
IaT+vxdVrLcVHCyd5FQn4X68HwC6FoPMFfmAQTtoD/WUrjoRbsKDzOenIIp1z7R1
pdKhKcl0bQwa28NptJWw8FmncRZjpVmArvSTvwXzAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUMC1uDjmtgdKdn5ZH2hgYBQAy+AwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2MxMDA3ZDg1LWZiZjUtNDVkYS04MmM1LTY1MzA0MmJhZWRhOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQFDANBgkqhkiG9w0BAQsFAAOCAQEAwiV9NxigKTWs20vjUMZLbH5YaA7m
bH6/5fWXReLXrwzgFIK/iNdxZNyo7mf9ngA/KK/uXIOolD1G9r9jpxv8fpIYoPOB
qX3a3lArvMIN9X6/cmlq4qAw/xX0gadINiRtXfTBaSk1EmjNWn+4nI8jLuf9q5m3
wx+HXu6lUMYwxfEOrXQYzCtdMC7z+7TwnTygcoWtc2FaYEkdflqs9Olm2v4C54FK
U2DFw6TqzlYxhOX1xUXWBH/T839kQ21yfRkpV/qN9SW8xlW2rbh0j+D6PjGvrUdG
l8F6trQ3k3SVGsvG6AmPju4UoN/9UL2VfhYE5AniEAPOm6IfTGVgtyJBXw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:01:30 2025 by rpki-client