Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c57bcef1-b811-4c33-8250-10863c654d10.roa
File: c57bcef1-b811-4c33-8250-10863c654d10.roa (raw, json)
Hash identifier: F9Lw8MUQFVblCKrS+vdai0s0eVilSRJwsXq0Bz8CCqk=
Subject key identifier: EB:37:4A:73:7C:B4:23:03:12:8B:16:10:3E:72:C1:5A:48:24:29:83
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 5B0D567D81CD416495406FABACEB4C99DD829766
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c57bcef1-b811-4c33-8250-10863c654d10.roa
Signing time: Sat 11 Oct 2025 00:39:25 +0000
ROA not before: Sat 11 Oct 2025 00:39:25 +0000
ROA not after: Sat 15 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 204.33.160.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:0d:56:7d:81:cd:41:64:95:40:6f:ab:ac:eb:4c:99:dd:82:97:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 11 00:39:25 2025 GMT
Not After : Nov 15 23:59:59 2025 GMT
Subject: serialNumber=181364ad9b35d8b2bec4a4e696b6a071326341c0959ab9a5e64839a98d8dd0b1, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ee:4b:07:82:bf:43:0f:57:e2:f0:48:ef:01:
76:29:90:99:d5:d6:b9:a0:87:28:a5:57:9f:2f:21:
b1:ef:60:af:c9:39:3e:b8:13:c8:a1:17:e8:78:40:
0a:0e:63:ce:b8:06:49:46:f9:d7:68:72:66:e8:95:
ab:12:bf:82:b8:34:bc:2a:a2:03:6a:da:32:d0:1e:
24:28:ad:32:9d:cb:45:e4:33:ff:bc:83:1c:bd:9e:
83:99:57:44:4d:09:23:f3:7c:6a:df:f9:43:81:00:
a2:2b:6b:06:25:92:28:69:40:14:44:aa:57:04:62:
56:58:58:37:7c:ba:49:53:b2:6c:66:69:5d:34:3a:
cf:ae:4f:db:19:aa:35:ff:b8:98:9a:dd:9c:28:09:
4b:32:e8:2d:b6:d3:fa:dd:f5:4b:b9:7f:8b:81:31:
5e:cd:60:ae:13:39:b2:92:ad:8d:ed:2f:b8:06:7e:
37:9b:8e:28:65:bb:2e:b1:b0:30:76:df:88:ab:71:
12:f6:df:2b:aa:39:00:de:3a:ed:02:06:48:7e:21:
84:2b:42:4e:84:be:3d:f7:22:c2:7d:fe:ea:e8:84:
01:8d:ac:df:24:78:b0:33:69:ab:04:fe:36:be:43:
be:06:07:63:5b:32:2e:4e:8f:2c:a6:42:e8:28:9e:
6b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:37:4A:73:7C:B4:23:03:12:8B:16:10:3E:72:C1:5A:48:24:29:83
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c57bcef1-b811-4c33-8250-10863c654d10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
204.33.160.0/20
Signature Algorithm: sha256WithRSAEncryption
47:15:a4:14:2a:18:fa:00:f6:53:59:2c:f4:79:b8:00:7e:d2:
37:a2:24:0b:e9:70:01:6b:db:3d:54:09:79:02:99:0b:8e:1e:
cd:56:ba:9f:46:e6:43:81:a4:46:cf:7e:54:ab:57:90:6a:49:
09:bc:f9:d7:0a:f4:b0:8e:24:3a:0b:c7:a8:74:ae:d7:9a:46:
e7:61:24:23:94:63:27:6d:0f:3c:75:32:a3:38:0c:0f:c2:b9:
84:69:ae:a0:78:78:6d:f4:ee:b3:4e:da:70:9e:25:86:f7:1a:
fc:5b:c2:da:90:f8:dd:b0:02:b2:0a:7b:96:c9:7e:6d:8e:f6:
40:1e:2b:1c:6d:d1:63:0b:ed:b4:dd:f0:91:ef:45:3b:77:91:
08:25:a9:50:0b:74:ac:ae:3d:99:3f:40:42:9d:db:c7:b4:4b:
14:26:21:42:6f:f5:21:d1:c1:05:47:26:92:11:35:dc:05:c3:
51:c2:df:d9:eb:3d:b6:5b:31:c5:d3:e9:20:c8:cb:74:d9:68:
30:6a:47:26:34:fd:7c:4e:56:3e:5a:a0:fb:ee:8c:1f:0d:a5:
67:0b:af:af:04:3b:59:30:cb:f2:06:2a:67:b5:40:6b:a9:41:
2e:97:79:8d:df:cb:8b:de:25:99:8d:9b:77:b6:93:38:ba:6c:
15:d6:e0:fc
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWw1WfYHNQWSVQG+rrOtMmd2Cl2YwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDExMDAzOTI1WhcNMjUxMTE1MjM1OTU5
WjB6MUkwRwYDVQQFE0AxODEzNjRhZDliMzVkOGIyYmVjNGE0ZTY5NmI2YTA3MTMy
NjM0MWMwOTU5YWI5YTVlNjQ4MzlhOThkOGRkMGIxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDk7ksHgr9DD1fi8EjvAXYpkJnV1rmghyilV58vIbHvYK/J
OT64E8ihF+h4QAoOY864BklG+ddocmbolasSv4K4NLwqogNq2jLQHiQorTKdy0Xk
M/+8gxy9noOZV0RNCSPzfGrf+UOBAKIrawYlkihpQBREqlcEYlZYWDd8uklTsmxm
aV00Os+uT9sZqjX/uJia3ZwoCUsy6C220/rd9Uu5f4uBMV7NYK4TObKSrY3tL7gG
fjebjihluy6xsDB234ircRL23yuqOQDeOu0CBkh+IYQrQk6Evj33IsJ9/urohAGN
rN8keLAzaasE/ja+Q74GB2NbMi5OjyymQugonmurAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU6zdKc3y0IwMSixYQPnLBWkgkKYMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M1N2JjZWYxLWI4MTEtNGMzMy04MjUwLTEwODYzYzY1NGQxMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBATMIaAwDQYJKoZIhvcNAQELBQADggEBAEcVpBQqGPoA9lNZLPR5uAB+0jei
JAvpcAFr2z1UCXkCmQuOHs1Wup9G5kOBpEbPflSrV5BqSQm8+dcK9LCOJDoLx6h0
rteaRudhJCOUYydtDzx1MqM4DA/CuYRprqB4eG307rNO2nCeJYb3GvxbwtqQ+N2w
ArIKe5bJfm2O9kAeKxxt0WML7bTd8JHvRTt3kQglqVALdKyuPZk/QEKd28e0SxQm
IUJv9SHRwQVHJpIRNdwFw1HC39nrPbZbMcXT6SDIy3TZaDBqRyY0/XxOVj5aoPvu
jB8NpWcLr68EO1kwy/IGKme1QGupQS6XeY3fy4veJZmNm3e2kzi6bBXW4Pw=
-----END CERTIFICATE-----
Generated at Tue Oct 21 02:09:16 2025 by rpki-client