Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c8354722-950a-41e5-bc40-b7d3a30ec98a.roa
File: c8354722-950a-41e5-bc40-b7d3a30ec98a.roa (raw, json)
Hash identifier: 3M5k//5r9ErEy6r2RKTee2os5whKszKCyEA1NyKMNFw=
Subject key identifier: EA:17:86:29:B2:21:33:2A:1A:3F:FB:81:2B:30:D6:C6:C3:FD:31:ED
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 081883B92FB34F5654BE1D5231509143FCD87682
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c8354722-950a-41e5-bc40-b7d3a30ec98a.roa
Signing time: Fri 03 Oct 2025 00:51:15 +0000
ROA not before: Fri 03 Oct 2025 00:51:15 +0000
ROA not after: Fri 07 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 99.78.0.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:18:83:b9:2f:b3:4f:56:54:be:1d:52:31:50:91:43:fc:d8:76:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 3 00:51:15 2025 GMT
Not After : Nov 7 23:59:59 2025 GMT
Subject: serialNumber=3057f0bc89e9350ddc1da3e86560cfb930368a697f5ea75fb637b1af5459a900, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e0:30:fe:f5:0d:1b:68:8f:aa:cd:05:2a:36:
7e:8c:bd:cc:07:15:e0:a9:5a:e8:1e:73:99:91:33:
5d:94:d7:a1:09:44:03:cb:13:7d:db:23:7b:14:ba:
8b:52:af:3a:55:58:3d:c9:46:78:bc:8d:9b:ab:af:
e2:a3:44:be:da:af:74:db:ab:a5:af:4c:fc:39:7e:
9b:e6:a2:38:4e:44:20:55:02:11:16:d5:ea:4b:bd:
5c:3f:e1:d1:89:5d:15:0c:08:84:97:45:54:07:56:
e6:68:71:78:c9:31:5c:e6:ec:6b:36:0a:25:22:8a:
e8:ae:70:49:4a:18:3f:57:ce:29:87:0a:0c:31:46:
05:ed:90:c4:87:72:bb:92:cc:5c:7e:9b:77:87:4d:
70:86:80:a7:cf:1e:29:44:45:02:bf:1b:d9:17:ef:
eb:c8:13:76:59:e8:28:72:50:5a:97:0f:aa:f3:8f:
c9:90:bf:4a:2d:17:5c:dc:3c:74:04:ef:fa:71:c8:
8c:9a:53:64:cc:ae:85:29:ba:f5:fa:a3:01:40:ea:
bf:76:1f:55:28:e5:a2:9c:34:0b:46:8c:f9:37:86:
68:19:ee:15:dc:ee:07:0b:0b:58:96:d2:5e:e2:6a:
8c:24:d5:61:cf:ae:23:6b:76:dc:f7:b2:f6:67:29:
bf:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:17:86:29:B2:21:33:2A:1A:3F:FB:81:2B:30:D6:C6:C3:FD:31:ED
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c8354722-950a-41e5-bc40-b7d3a30ec98a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
99.78.0.0/18
Signature Algorithm: sha256WithRSAEncryption
0b:59:69:52:41:e1:50:e1:10:d6:84:41:9e:83:e0:63:3d:8d:
d4:3f:a0:ad:73:b7:81:ed:01:d7:99:4e:81:c4:bd:da:8b:26:
c4:dc:7d:fe:60:b9:6b:15:99:c5:a4:07:1e:21:47:62:3c:bf:
91:fd:1b:60:6a:c6:2f:0e:04:49:b5:74:ff:3e:1c:fa:39:2f:
49:38:2a:f4:08:46:f9:a5:8e:8d:98:85:03:78:2d:aa:4a:43:
57:bc:0b:30:5d:31:9c:d8:8b:11:98:70:4e:78:ff:d4:90:2b:
4c:e1:a4:e5:5d:7d:b2:06:d2:81:47:42:7a:fb:7f:cf:17:06:
0a:07:8d:a4:4a:a5:7d:a4:61:5f:b1:c3:1f:96:95:f4:b4:3e:
14:48:94:4f:55:59:fe:23:b5:17:78:47:e6:29:fa:eb:44:38:
cc:f3:39:5b:43:de:59:25:8b:0c:db:29:6d:af:e0:81:1e:ed:
14:87:28:66:be:24:f1:23:ca:34:de:c8:ee:39:e1:d4:7e:13:
dc:0b:b0:18:b0:5a:04:6b:52:50:5e:1c:99:6e:3f:01:41:d3:
21:13:37:c1:4a:1d:04:19:ec:cc:eb:63:bb:a8:31:03:e1:02:
a2:a8:26:c3:cd:d9:75:d7:1c:9d:55:1b:94:61:2a:1d:31:f6:
14:8c:3d:47
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCBiDuS+zT1ZUvh1SMVCRQ/zYdoIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAzMDA1MTE1WhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0AzMDU3ZjBiYzg5ZTkzNTBkZGMxZGEzZTg2NTYwY2ZiOTMw
MzY4YTY5N2Y1ZWE3NWZiNjM3YjFhZjU0NTlhOTAwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC64DD+9Q0baI+qzQUqNn6MvcwHFeCpWugec5mRM12U16EJ
RAPLE33bI3sUuotSrzpVWD3JRni8jZurr+KjRL7ar3Tbq6WvTPw5fpvmojhORCBV
AhEW1epLvVw/4dGJXRUMCISXRVQHVuZocXjJMVzm7Gs2CiUiiuiucElKGD9XzimH
CgwxRgXtkMSHcruSzFx+m3eHTXCGgKfPHilERQK/G9kX7+vIE3ZZ6ChyUFqXD6rz
j8mQv0otF1zcPHQE7/pxyIyaU2TMroUpuvX6owFA6r92H1Uo5aKcNAtGjPk3hmgZ
7hXc7gcLC1iW0l7iaowk1WHPriNrdtz3svZnKb9PAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU6heGKbIhMyoaP/uBKzDWxsP9Me0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M4MzU0NzIyLTk1MGEtNDFlNS1iYzQwLWI3ZDNhMzBlYzk4YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZjTgAwDQYJKoZIhvcNAQELBQADggEBAAtZaVJB4VDhENaEQZ6D4GM9jdQ/
oK1zt4HtAdeZToHEvdqLJsTcff5guWsVmcWkBx4hR2I8v5H9G2Bqxi8OBEm1dP8+
HPo5L0k4KvQIRvmljo2YhQN4LapKQ1e8CzBdMZzYixGYcE54/9SQK0zhpOVdfbIG
0oFHQnr7f88XBgoHjaRKpX2kYV+xwx+WlfS0PhRIlE9VWf4jtRd4R+Yp+utEOMzz
OVtD3lkliwzbKW2v4IEe7RSHKGa+JPEjyjTeyO454dR+E9wLsBiwWgRrUlBeHJlu
PwFB0yETN8FKHQQZ7MzrY7uoMQPhAqKoJsPN2XXXHJ1VG5RhKh0x9hSMPUc=
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:55:52 2025 by rpki-client