Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c257f7ad-cc54-4a00-86fc-b61f747d712e.roa
File: c257f7ad-cc54-4a00-86fc-b61f747d712e.roa (raw, json)
Hash identifier: e/pibWV0NiaELiMOZ99zXD1iHfSXE5DZP4u/Vh1RI84=
Subject key identifier: B7:6A:B3:8C:37:D4:DE:5F:D9:4B:BF:44:0B:18:1C:E5:9A:50:06:7E
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 643FAFE6C6071642FB9CD206F0A3A4511C004039
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c257f7ad-cc54-4a00-86fc-b61f747d712e.roa
Signing time: Tue 07 Oct 2025 00:41:13 +0000
ROA not before: Tue 07 Oct 2025 00:41:13 +0000
ROA not after: Tue 11 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 209.92.4.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:3f:af:e6:c6:07:16:42:fb:9c:d2:06:f0:a3:a4:51:1c:00:40:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 7 00:41:13 2025 GMT
Not After : Nov 11 23:59:59 2025 GMT
Subject: serialNumber=5da2b8c87376fce45a9bfdab840b947327a1892cd33fc1db6a10f7f7a8c123b1, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:3e:aa:6e:fe:ab:5e:64:b0:9d:68:60:7a:76:
d8:b9:3b:78:ea:21:59:a6:8c:5e:e4:2e:25:59:57:
8c:a5:e6:ab:09:c0:52:7a:d5:e3:86:10:47:98:a0:
d8:7a:75:9a:6b:02:f9:ba:b8:91:cc:9c:d0:33:9d:
82:42:f4:6e:b8:98:22:08:0a:c8:88:87:17:fb:de:
c6:3f:fe:84:2a:48:ed:9a:01:2c:64:46:62:34:b0:
c2:52:c2:4d:14:e0:b5:27:04:26:00:a0:36:99:a9:
c3:ec:fb:1d:be:b8:d6:c4:ab:33:99:1c:53:7e:13:
f7:64:f3:d1:33:fd:47:4d:a3:02:28:77:94:2b:13:
74:4c:15:72:11:2c:16:dd:db:d6:57:d7:57:0d:8d:
5e:3d:c8:d1:38:f1:20:61:3c:fb:31:21:01:c1:d3:
b9:03:9d:62:fd:b8:02:db:96:5b:34:8d:d8:20:b0:
48:8a:21:9d:ae:de:df:b9:0f:24:91:91:da:91:30:
dd:d8:38:d1:03:b3:d6:ea:f6:28:29:07:8c:9e:7a:
2c:55:a2:92:ec:ae:e0:80:de:e9:39:8d:0c:b5:5c:
56:2b:17:34:5f:5e:63:fd:02:65:0f:3b:83:38:fc:
e7:7e:4d:61:2b:3b:70:97:96:42:b6:51:03:2e:f2:
5d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:6A:B3:8C:37:D4:DE:5F:D9:4B:BF:44:0B:18:1C:E5:9A:50:06:7E
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c257f7ad-cc54-4a00-86fc-b61f747d712e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
209.92.4.0/23
Signature Algorithm: sha256WithRSAEncryption
87:b2:9c:ce:65:ca:3c:33:fe:5a:d0:4b:96:fd:bf:02:fc:ba:
81:e5:f5:27:71:59:c2:15:76:a0:7f:ab:b2:9b:b4:c5:54:5e:
cd:a7:9e:0f:af:ef:84:f7:b6:47:5d:29:42:1e:6d:1e:7d:a3:
39:ee:bc:60:f0:76:96:fb:1a:dc:69:1c:01:02:6a:b2:a7:f8:
6d:35:fc:01:1c:7b:5c:df:0e:4d:ab:37:46:b3:37:1b:4c:9f:
7f:29:75:7b:d9:6d:6d:19:2c:88:48:c5:54:8b:10:5a:29:cd:
da:cd:22:4a:ec:f9:91:5d:39:e5:b7:89:fc:39:d6:6f:da:4a:
f8:dd:bd:b8:46:08:4b:29:e3:2c:06:50:40:40:8e:9e:86:87:
b7:5d:0a:96:8a:a0:2f:03:23:c7:4f:a9:34:19:46:88:3e:49:
de:52:7a:57:7b:c8:85:8d:2c:3c:2c:91:82:8b:23:fe:29:25:
bf:04:7d:aa:25:56:b2:10:96:25:9d:98:7a:51:56:a9:70:01:
2f:65:19:a2:e0:84:fc:e6:e1:6e:64:40:34:54:7b:75:db:35:
ec:d0:c2:eb:e2:e9:22:f5:c6:28:36:fd:f2:4b:23:06:3e:fd:
ad:63:69:1f:56:a9:e2:f2:42:04:e1:50:ac:4d:1d:a0:55:6d:
fe:95:cd:23
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZD+v5sYHFkL7nNIG8KOkURwAQDkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA3MDA0MTEzWhcNMjUxMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0A1ZGEyYjhjODczNzZmY2U0NWE5YmZkYWI4NDBiOTQ3MzI3
YTE4OTJjZDMzZmMxZGI2YTEwZjdmN2E4YzEyM2IxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCTPqpu/qteZLCdaGB6dti5O3jqIVmmjF7kLiVZV4yl5qsJ
wFJ61eOGEEeYoNh6dZprAvm6uJHMnNAznYJC9G64mCIICsiIhxf73sY//oQqSO2a
ASxkRmI0sMJSwk0U4LUnBCYAoDaZqcPs+x2+uNbEqzOZHFN+E/dk89Ez/UdNowIo
d5QrE3RMFXIRLBbd29ZX11cNjV49yNE48SBhPPsxIQHB07kDnWL9uALblls0jdgg
sEiKIZ2u3t+5DySRkdqRMN3YONEDs9bq9igpB4yeeixVopLsruCA3uk5jQy1XFYr
FzRfXmP9AmUPO4M4/Od+TWErO3CXlkK2UQMu8l3xAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUt2qzjDfU3l/ZS79ECxgc5ZpQBn4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2MyNTdmN2FkLWNjNTQtNGEwMC04NmZjLWI2MWY3NDdkNzEyZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAHRXAQwDQYJKoZIhvcNAQELBQADggEBAIeynM5lyjwz/lrQS5b9vwL8uoHl
9SdxWcIVdqB/q7KbtMVUXs2nng+v74T3tkddKUIebR59oznuvGDwdpb7GtxpHAEC
arKn+G01/AEce1zfDk2rN0azNxtMn38pdXvZbW0ZLIhIxVSLEFopzdrNIkrs+ZFd
OeW3ifw51m/aSvjdvbhGCEsp4ywGUEBAjp6Gh7ddCpaKoC8DI8dPqTQZRog+Sd5S
eld7yIWNLDwskYKLI/4pJb8EfaolVrIQliWdmHpRVqlwAS9lGaLghPzm4W5kQDRU
e3XbNezQwuvi6SL1xig2/fJLIwY+/a1jaR9WqeLyQgThUKxNHaBVbf6VzSM=
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:46:32 2025 by rpki-client