Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/caa025ef-d306-4532-950e-6a6e17082e8e.roa
File: caa025ef-d306-4532-950e-6a6e17082e8e.roa (raw, json)
Hash identifier: 7TKgR8jgjVp+Ellm/CeGrqMl+RiDc2pP26f53U5qM/o=
Subject key identifier: BB:49:9D:BF:E0:31:24:73:25:15:F4:11:81:FF:2D:72:04:1D:D1:5D
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2A067E15AE0B843F563B738C4C57C398FA2E2F50
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/caa025ef-d306-4532-950e-6a6e17082e8e.roa
Signing time: Tue 14 Oct 2025 21:01:15 +0000
ROA not before: Tue 14 Oct 2025 21:01:15 +0000
ROA not after: Tue 18 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 99.84.216.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:06:7e:15:ae:0b:84:3f:56:3b:73:8c:4c:57:c3:98:fa:2e:2f:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 14 21:01:15 2025 GMT
Not After : Nov 18 23:59:59 2025 GMT
Subject: serialNumber=d00982beb641f3bc08368de6626d1a8c2e099a3b24fc96fb61413198bf70f302, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:3e:61:e3:16:d7:20:55:40:bd:dc:4d:f5:fe:
45:00:b3:52:47:72:77:5b:f0:d5:00:56:bb:85:92:
9a:1c:4d:c1:19:79:78:9a:67:9e:99:f4:91:6a:9c:
70:4f:2f:20:30:33:4f:1b:3b:df:79:e7:f7:46:13:
f9:86:27:bf:01:b5:a1:d2:84:e0:53:94:67:61:48:
70:c0:2f:46:eb:af:8f:1e:a8:20:ae:9b:a8:34:3a:
bd:80:23:fc:bb:b9:6a:0e:2c:02:13:24:de:1f:df:
c4:cb:d0:5d:75:63:e9:a2:dc:2a:12:a4:00:5f:91:
16:a5:4a:c8:fb:1f:e5:16:7a:6f:0c:3d:1f:ac:f7:
8a:81:9e:3a:58:d6:9c:7b:6d:ae:83:b7:3b:58:91:
63:97:1a:5c:4f:37:29:54:79:89:59:48:b2:5f:aa:
04:e2:57:e7:c3:0d:a3:6d:18:34:c9:b1:b5:91:c7:
f1:ab:ae:a2:cf:79:ab:0f:f6:d3:ee:36:2f:ee:91:
3e:1c:e6:4d:3c:e5:23:a2:76:8a:e8:7c:8f:e1:d9:
7b:c7:73:84:3b:dc:ba:28:ed:a2:95:9f:b2:6c:48:
e6:7a:ad:ef:c1:71:85:93:44:1f:87:8c:2a:59:33:
35:87:32:b6:62:ec:67:95:40:a9:ba:ea:0b:ba:b7:
b6:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:49:9D:BF:E0:31:24:73:25:15:F4:11:81:FF:2D:72:04:1D:D1:5D
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/caa025ef-d306-4532-950e-6a6e17082e8e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
99.84.216.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:e8:05:79:ac:c6:00:e0:21:a4:b6:82:42:ef:83:ce:44:c8:
73:56:ce:85:c2:97:85:a1:e1:8c:c8:eb:04:36:c1:e5:af:34:
35:aa:70:e2:05:e1:06:8c:a7:0b:83:f3:ad:8c:ca:82:5a:a3:
46:a4:90:48:d8:27:40:bc:45:d8:67:72:d4:cd:96:48:63:1f:
84:52:1b:fa:c3:ba:f7:2d:7a:1f:1f:b5:43:14:bc:ec:ba:e9:
82:dc:f5:be:55:67:5c:35:27:ca:10:a3:50:db:36:cc:e6:79:
2a:39:75:39:d8:6d:36:1f:f6:f4:8f:44:63:ea:42:8a:4e:78:
76:41:c1:bd:2c:09:b2:45:2d:88:e0:fc:1a:e5:8f:1f:e8:ee:
92:ec:2c:44:90:ee:3c:bb:ed:34:ee:f1:a0:ba:83:38:96:b0:
d8:a4:60:ed:e0:a1:a5:fa:70:40:ed:24:51:09:89:bf:66:67:
e9:81:e1:3c:e2:87:89:ec:a0:54:7b:59:45:8b:5c:78:29:9c:
e1:d2:30:57:d5:7a:da:be:20:ce:93:30:b0:03:d5:e1:46:64:
e9:ca:29:bb:16:9b:21:c3:9b:2d:c5:93:8c:85:e0:78:4f:4c:
68:50:df:ed:af:18:c7:16:5f:07:8c:be:6a:a0:ee:52:8b:95:
c3:52:15:4c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKgZ+Fa4LhD9WO3OMTFfDmPouL1AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE0MjEwMTE1WhcNMjUxMTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BkMDA5ODJiZWI2NDFmM2JjMDgzNjhkZTY2MjZkMWE4YzJl
MDk5YTNiMjRmYzk2ZmI2MTQxMzE5OGJmNzBmMzAyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDSPmHjFtcgVUC93E31/kUAs1JHcndb8NUAVruFkpocTcEZ
eXiaZ56Z9JFqnHBPLyAwM08bO9955/dGE/mGJ78BtaHShOBTlGdhSHDAL0brr48e
qCCum6g0Or2AI/y7uWoOLAITJN4f38TL0F11Y+mi3CoSpABfkRalSsj7H+UWem8M
PR+s94qBnjpY1px7ba6DtztYkWOXGlxPNylUeYlZSLJfqgTiV+fDDaNtGDTJsbWR
x/GrrqLPeasP9tPuNi/ukT4c5k085SOidorofI/h2XvHc4Q73Loo7aKVn7JsSOZ6
re/BcYWTRB+HjCpZMzWHMrZi7GeVQKm66gu6t7YrAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUu0mdv+AxJHMlFfQRgf8tcgQd0V0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NhYTAyNWVmLWQzMDYtNDUzMi05NTBlLTZhNmUxNzA4MmU4ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjVNgwDQYJKoZIhvcNAQELBQADggEBALboBXmsxgDgIaS2gkLvg85EyHNW
zoXCl4Wh4YzI6wQ2weWvNDWqcOIF4QaMpwuD862MyoJao0akkEjYJ0C8RdhnctTN
lkhjH4RSG/rDuvcteh8ftUMUvOy66YLc9b5VZ1w1J8oQo1DbNszmeSo5dTnYbTYf
9vSPRGPqQopOeHZBwb0sCbJFLYjg/Brljx/o7pLsLESQ7jy77TTu8aC6gziWsNik
YO3goaX6cEDtJFEJib9mZ+mB4Tzih4nsoFR7WUWLXHgpnOHSMFfVetq+IM6TMLAD
1eFGZOnKKbsWmyHDmy3Fk4yF4HhPTGhQ3+2vGMcWXweMvmqg7lKLlcNSFUw=
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:30:20 2025 by rpki-client