Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c73a9122-65c6-4e22-98c6-c7601bf732ac.roa
File: c73a9122-65c6-4e22-98c6-c7601bf732ac.roa (raw, json)
Hash identifier: dXnvfmgUbTZUuUW1Tck09QZp08QWUbvua+/w49xBDt0=
Subject key identifier: F1:3B:7B:45:B1:4F:A9:70:A1:42:6A:CC:A8:E4:0B:CD:B4:1A:69:C7
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3CCF4893E082F3C8FE72F293E6DB557DC170EEE5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c73a9122-65c6-4e22-98c6-c7601bf732ac.roa
Signing time: Fri 10 Oct 2025 13:38:14 +0000
ROA not before: Fri 10 Oct 2025 13:38:14 +0000
ROA not after: Fri 14 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 136.18.137.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:cf:48:93:e0:82:f3:c8:fe:72:f2:93:e6:db:55:7d:c1:70:ee:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 10 13:38:14 2025 GMT
Not After : Nov 14 23:59:59 2025 GMT
Subject: serialNumber=3161590cd042ac2a0269a31e874226909d928d065fbf4fb8a759c0a7673fa6bb, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d8:7c:57:76:6d:2f:ee:72:b9:40:24:89:34:
90:7e:18:dc:51:82:bf:cb:ad:47:e4:72:3e:e9:45:
8a:b4:2b:3d:22:7a:1a:17:0c:d8:f3:d7:9d:f7:8a:
a1:60:32:ed:2f:26:f3:3b:b0:c6:92:22:96:1d:02:
12:67:6b:81:f6:21:ba:61:d9:03:65:02:78:a9:b9:
1a:e8:df:48:96:03:35:f3:30:62:87:64:b5:a5:7f:
b8:69:ed:f3:af:e2:49:d2:19:34:2e:33:e4:7d:04:
44:fc:33:ec:b8:e1:dc:d8:be:ed:73:df:62:94:89:
10:c0:36:0b:b2:f8:79:13:01:d6:0b:14:14:5b:9d:
80:65:58:fe:88:d1:77:ff:32:09:63:5a:f7:bf:0a:
3d:dc:cf:94:d6:73:20:e9:c9:f2:15:32:d8:19:a2:
f5:54:8e:48:07:a7:42:5b:69:5e:fe:87:76:cc:3d:
5e:60:c9:9f:be:84:c6:7a:2a:5c:48:c1:61:dd:ef:
c9:c4:ca:0c:ff:de:b4:90:6a:d7:6c:20:9b:98:17:
b9:e0:87:8f:9f:17:7a:0d:4a:58:bb:a1:ac:a2:b7:
d7:09:56:d8:8b:39:24:80:e6:08:c1:e8:6b:69:c5:
f3:c0:5c:34:f6:1c:ea:c3:e7:41:5e:5c:4c:11:bd:
10:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:3B:7B:45:B1:4F:A9:70:A1:42:6A:CC:A8:E4:0B:CD:B4:1A:69:C7
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c73a9122-65c6-4e22-98c6-c7601bf732ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
136.18.137.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:5b:25:9f:14:cc:28:be:a1:78:56:c1:9f:e0:9b:26:c5:38:
60:0a:6a:87:d8:1a:cc:10:5a:00:78:19:1f:dd:ef:eb:26:29:
be:58:0a:7b:fd:bf:87:e8:fd:d9:3a:4d:58:f3:ea:94:da:ac:
80:8c:6c:f0:ab:78:f5:09:97:3d:71:0a:39:06:cd:eb:e8:19:
d7:6e:33:62:6a:f2:a4:15:a7:30:6b:7b:b0:c9:fe:d9:e4:d3:
60:eb:f1:21:b1:bf:80:c7:4b:85:01:6f:50:b1:06:10:a9:9c:
17:ae:1c:db:65:7e:25:f2:2b:26:5d:77:dd:91:5b:13:1e:15:
b6:f4:8d:67:b1:e2:10:92:a7:21:9c:99:1d:48:0b:c4:ca:7f:
98:30:46:67:ee:a3:97:53:f9:bf:19:07:4c:20:58:f3:f5:26:
c1:e9:c4:73:52:55:4d:09:a6:18:f8:0e:41:1e:d8:44:c1:c1:
81:18:8e:cf:58:ec:5b:22:0b:c5:61:de:44:7a:0b:c1:4b:ac:
e7:2e:6a:52:81:fc:a5:d8:4b:07:af:51:e4:8a:74:02:97:9e:
05:dc:f7:c7:a9:e1:6a:2b:4d:7a:48:a2:fb:e8:7e:59:36:65:
b3:2f:7e:9c:19:be:1c:12:a8:16:9a:09:96:93:64:6a:1c:a0:
5f:2b:e8:a6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPM9Ik+CC88j+cvKT5ttVfcFw7uUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDEwMTMzODE0WhcNMjUxMTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AzMTYxNTkwY2QwNDJhYzJhMDI2OWEzMWU4NzQyMjY5MDlk
OTI4ZDA2NWZiZjRmYjhhNzU5YzBhNzY3M2ZhNmJiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCv2HxXdm0v7nK5QCSJNJB+GNxRgr/LrUfkcj7pRYq0Kz0i
ehoXDNjz1533iqFgMu0vJvM7sMaSIpYdAhJna4H2Ibph2QNlAnipuRro30iWAzXz
MGKHZLWlf7hp7fOv4knSGTQuM+R9BET8M+y44dzYvu1z32KUiRDANguy+HkTAdYL
FBRbnYBlWP6I0Xf/MgljWve/Cj3cz5TWcyDpyfIVMtgZovVUjkgHp0JbaV7+h3bM
PV5gyZ++hMZ6KlxIwWHd78nEygz/3rSQatdsIJuYF7ngh4+fF3oNSli7oayit9cJ
VtiLOSSA5gjB6GtpxfPAXDT2HOrD50FeXEwRvRB5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU8Tt7RbFPqXChQmrMqOQLzbQaaccwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M3M2E5MTIyLTY1YzYtNGUyMi05OGM2LWM3NjAxYmY3MzJhYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACIEokwDQYJKoZIhvcNAQELBQADggEBAHtbJZ8UzCi+oXhWwZ/gmybFOGAK
aofYGswQWgB4GR/d7+smKb5YCnv9v4fo/dk6TVjz6pTarICMbPCrePUJlz1xCjkG
zevoGdduM2Jq8qQVpzBre7DJ/tnk02Dr8SGxv4DHS4UBb1CxBhCpnBeuHNtlfiXy
KyZdd92RWxMeFbb0jWex4hCSpyGcmR1IC8TKf5gwRmfuo5dT+b8ZB0wgWPP1JsHp
xHNSVU0Jphj4DkEe2ETBwYEYjs9Y7FsiC8Vh3kR6C8FLrOcualKB/KXYSwevUeSK
dAKXngXc98ep4WorTXpIovvoflk2ZbMvfpwZvhwSqBaaCZaTZGocoF8r6KY=
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:18:28 2025 by rpki-client