Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c2cf0f28-ba6b-45fd-a861-271ae6d7e982.roa
File: c2cf0f28-ba6b-45fd-a861-271ae6d7e982.roa (raw, json)
Hash identifier: Ehbs2iHRSKaWfBwEDsFUFekJUEty7eregPK5q9ItfjE=
Subject key identifier: 48:17:96:A2:39:36:56:2A:32:B6:C1:E6:21:70:E2:B1:DF:94:F0:FE
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4C446E09B2FA3731BF3697D1BA76ED269C22F4C2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c2cf0f28-ba6b-45fd-a861-271ae6d7e982.roa
Signing time: Wed 01 Oct 2025 00:42:41 +0000
ROA not before: Wed 01 Oct 2025 00:42:41 +0000
ROA not after: Wed 05 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 70.236.0.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:44:6e:09:b2:fa:37:31:bf:36:97:d1:ba:76:ed:26:9c:22:f4:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 1 00:42:41 2025 GMT
Not After : Nov 5 23:59:59 2025 GMT
Subject: serialNumber=07f7a7fbb77aa966ee11762e35111ee0065462c088a90947d2f69b97c82acbe7, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ef:aa:69:49:c6:97:52:60:9c:be:b4:4a:8a:
68:82:14:9c:e9:d0:13:cc:df:d1:0e:6e:c5:c2:15:
96:5d:53:66:ab:10:2a:40:ee:dc:5e:85:75:0d:bd:
ed:19:41:7d:fe:28:c3:92:0f:a0:e9:17:0d:a3:a3:
3e:a0:3a:b4:c2:4c:99:7c:f9:3e:88:cc:88:c1:42:
de:19:43:6b:72:0f:71:1c:c1:dc:ee:ae:98:25:cc:
8f:06:78:e2:2c:9a:55:9e:1c:2d:da:02:cd:ef:f0:
24:7c:5d:38:05:b6:e5:59:c2:5b:f0:79:fa:56:a9:
f5:14:7a:76:bb:f3:88:e5:95:8a:8f:30:5b:93:39:
9c:ec:10:46:44:f2:d9:9c:d7:2d:e4:03:37:74:f2:
40:7e:b1:47:f1:59:aa:a9:5f:4c:e4:9d:f6:f3:16:
d3:6d:2f:c3:f8:53:97:4b:cc:e7:7a:19:ce:d2:69:
3b:69:a4:f2:d3:e0:50:e0:cf:38:af:c8:fe:42:52:
fb:c1:97:21:8a:4a:15:be:28:62:0d:b7:59:a3:dc:
4f:f7:32:60:04:d4:2c:5f:22:07:0d:64:5d:bf:fa:
ee:85:b8:a7:5e:a7:ce:61:67:6d:6d:75:01:1d:44:
92:2c:30:44:87:c3:be:68:ac:e1:dd:6f:ac:5f:4b:
ff:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:17:96:A2:39:36:56:2A:32:B6:C1:E6:21:70:E2:B1:DF:94:F0:FE
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c2cf0f28-ba6b-45fd-a861-271ae6d7e982.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
70.236.0.0/18
Signature Algorithm: sha256WithRSAEncryption
53:ab:8f:0a:41:a5:0c:3d:fa:31:72:e3:61:22:4a:b7:ac:ed:
2a:04:d6:02:89:79:e7:31:bb:d5:2e:1b:aa:d6:58:c8:55:ff:
03:4e:4b:01:74:36:17:d1:08:ce:5c:e9:5a:f5:3f:26:42:22:
f9:7e:f8:b0:3a:b1:3f:3e:5f:f8:68:91:aa:a8:4c:7f:87:82:
a0:0f:e5:bf:73:11:b5:e8:7f:71:74:4e:22:06:d0:41:b0:10:
99:e3:c3:77:33:7f:09:c2:21:f5:64:c4:58:d0:6f:87:d1:22:
d7:4e:4c:95:32:b9:85:0a:07:5b:10:56:39:bd:28:03:11:37:
52:a1:b5:b0:ca:bb:fd:9b:0d:e5:7b:e2:ea:96:b8:a7:ae:d8:
6e:46:0d:69:9d:fe:47:d8:ac:0c:fe:b6:53:f6:86:0d:11:b1:
ee:53:d6:10:d4:45:4f:52:df:1b:ec:02:17:80:b9:88:9f:a2:
09:ba:2b:53:5a:d2:91:67:70:15:26:3e:f2:5a:52:c0:0c:dc:
75:36:d8:42:f5:a4:26:27:b8:84:8b:76:e1:ad:fb:a2:2f:d7:
81:b9:8c:a3:45:06:3c:81:26:bf:44:dc:07:7a:0a:8d:9d:d2:
b0:10:58:b5:e0:c2:2f:eb:e8:49:f2:71:18:59:54:3f:3c:b7:
49:d6:39:60
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTERuCbL6NzG/NpfRunbtJpwi9MIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDA0MjQxWhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0AwN2Y3YTdmYmI3N2FhOTY2ZWUxMTc2MmUzNTExMWVlMDA2
NTQ2MmMwODhhOTA5NDdkMmY2OWI5N2M4MmFjYmU3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCL76ppScaXUmCcvrRKimiCFJzp0BPM39EObsXCFZZdU2ar
ECpA7txehXUNve0ZQX3+KMOSD6DpFw2joz6gOrTCTJl8+T6IzIjBQt4ZQ2tyD3Ec
wdzurpglzI8GeOIsmlWeHC3aAs3v8CR8XTgFtuVZwlvwefpWqfUUena784jllYqP
MFuTOZzsEEZE8tmc1y3kAzd08kB+sUfxWaqpX0zknfbzFtNtL8P4U5dLzOd6Gc7S
aTtppPLT4FDgzzivyP5CUvvBlyGKShW+KGINt1mj3E/3MmAE1CxfIgcNZF2/+u6F
uKdep85hZ21tdQEdRJIsMESHw75orOHdb6xfS//nAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUSBeWojk2VioytsHmIXDisd+U8P4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2MyY2YwZjI4LWJhNmItNDVmZC1hODYxLTI3MWFlNmQ3ZTk4Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZG7AAwDQYJKoZIhvcNAQELBQADggEBAFOrjwpBpQw9+jFy42EiSres7SoE
1gKJeecxu9UuG6rWWMhV/wNOSwF0NhfRCM5c6Vr1PyZCIvl++LA6sT8+X/hokaqo
TH+HgqAP5b9zEbXof3F0TiIG0EGwEJnjw3czfwnCIfVkxFjQb4fRItdOTJUyuYUK
B1sQVjm9KAMRN1KhtbDKu/2bDeV74uqWuKeu2G5GDWmd/kfYrAz+tlP2hg0Rse5T
1hDURU9S3xvsAheAuYifogm6K1Na0pFncBUmPvJaUsAM3HU22EL1pCYnuISLduGt
+6Iv14G5jKNFBjyBJr9E3Ad6Co2d0rAQWLXgwi/r6EnycRhZVD88t0nWOWA=
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:10:46 2025 by rpki-client