Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cb7a3e52-3c19-42c8-8a43-25eb73f61f82.roa
File: cb7a3e52-3c19-42c8-8a43-25eb73f61f82.roa (raw, json)
Hash identifier: 2FVDAsXSod9yP3zngEQimOaic82pviOqkEf3IDeO1MY=
Subject key identifier: 3A:96:39:97:11:C4:26:4A:79:24:07:68:2D:8A:28:19:16:85:AC:F3
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 359EE19146AC4466B606AFB361C502F5C84826B4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cb7a3e52-3c19-42c8-8a43-25eb73f61f82.roa
Signing time: Sat 18 Oct 2025 03:51:47 +0000
ROA not before: Sat 18 Oct 2025 03:51:47 +0000
ROA not after: Sat 22 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 65.9.176.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:9e:e1:91:46:ac:44:66:b6:06:af:b3:61:c5:02:f5:c8:48:26:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 18 03:51:47 2025 GMT
Not After : Nov 22 23:59:59 2025 GMT
Subject: serialNumber=2f6928db4b22640d1737e080a99d3ac128f8169940c9dbb5915c651ce32569b8, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:20:9c:e0:03:b9:80:28:c6:5f:02:3c:56:40:
a9:a6:b9:23:fa:75:60:be:1e:be:2c:3c:d3:26:cb:
1e:15:4a:f6:6a:ff:a3:ed:58:61:66:14:cd:8b:48:
86:4e:2e:7f:ae:64:fe:01:87:b3:3b:cf:f9:30:86:
75:b3:99:b4:b9:ed:df:f2:16:af:ef:fd:38:8b:46:
46:66:7b:2b:5f:f5:d6:4d:de:43:af:9a:18:8c:0c:
8d:e9:fb:3a:47:19:d2:27:1f:df:51:5a:37:b7:e0:
e6:7c:47:37:d8:5f:71:39:22:f5:0a:be:9a:b0:a3:
2a:3a:03:cb:3d:8e:91:cc:e3:19:a5:4a:7e:a1:c2:
ee:88:0e:6f:91:b0:ce:60:d9:bd:1a:db:06:b1:d2:
4e:88:bc:78:9f:64:f5:d9:a0:7e:86:92:a3:24:1a:
fb:80:d8:4c:00:18:4e:55:57:6a:94:45:11:18:af:
aa:a2:4e:e5:5c:b8:74:01:95:ff:7d:37:88:0c:3a:
8e:ad:8e:54:51:2c:6f:85:ea:d3:fc:1f:8f:50:0c:
85:6f:79:91:2e:cf:f2:5e:a8:26:6c:5f:67:db:4c:
8c:3d:0a:fb:5a:63:e3:b5:8b:f6:72:d8:64:f1:be:
60:29:74:00:be:11:74:95:3a:5e:40:fd:05:fe:33:
61:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:96:39:97:11:C4:26:4A:79:24:07:68:2D:8A:28:19:16:85:AC:F3
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cb7a3e52-3c19-42c8-8a43-25eb73f61f82.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
65.9.176.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:9c:65:4d:5a:33:3e:2b:86:39:bf:f4:59:38:81:70:16:d1:
be:cb:7b:84:7c:25:18:ca:b2:4c:81:5a:7c:5c:ad:d7:f3:72:
66:df:68:03:0f:41:6f:f0:19:f3:ab:42:ef:70:6d:1b:ac:6a:
25:1f:e7:b1:9f:6b:88:d7:da:39:ba:1a:52:82:43:b2:e2:a4:
16:96:8f:3c:e6:08:bd:b3:dd:e6:c9:35:d7:e4:6e:08:06:1f:
e8:88:82:d4:38:43:72:f6:df:dd:c8:68:d4:4f:43:2d:d9:b4:
ee:b2:8d:65:66:e9:f5:35:d0:49:b9:66:8a:73:06:e5:85:cd:
d5:71:44:8e:05:b0:2f:7e:db:ae:59:e9:d7:e3:50:ff:ee:83:
84:61:7a:fc:06:c8:41:b1:63:26:8b:15:45:c8:04:8a:1c:b6:
7d:b1:ad:4b:00:1e:d3:4f:6a:01:13:e7:91:1e:af:64:7d:25:
4f:07:5e:c9:4c:f2:71:f7:1c:25:a8:77:75:34:15:04:b6:fd:
dd:61:41:de:53:69:8a:17:4b:45:8f:8b:f5:85:ed:83:df:6b:
e3:98:5b:59:e6:a4:71:d1:69:7e:ac:10:96:81:53:23:1c:19:
66:bd:63:22:d6:80:d4:79:e1:d1:fd:97:f7:f4:98:e9:e0:32:
08:65:7a:21
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNZ7hkUasRGa2Bq+zYcUC9chIJrQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE4MDM1MTQ3WhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0AyZjY5MjhkYjRiMjI2NDBkMTczN2UwODBhOTlkM2FjMTI4
ZjgxNjk5NDBjOWRiYjU5MTVjNjUxY2UzMjU2OWI4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDYIJzgA7mAKMZfAjxWQKmmuSP6dWC+Hr4sPNMmyx4VSvZq
/6PtWGFmFM2LSIZOLn+uZP4Bh7M7z/kwhnWzmbS57d/yFq/v/TiLRkZmeytf9dZN
3kOvmhiMDI3p+zpHGdInH99RWje34OZ8RzfYX3E5IvUKvpqwoyo6A8s9jpHM4xml
Sn6hwu6IDm+RsM5g2b0a2wax0k6IvHifZPXZoH6GkqMkGvuA2EwAGE5VV2qURREY
r6qiTuVcuHQBlf99N4gMOo6tjlRRLG+F6tP8H49QDIVveZEuz/JeqCZsX2fbTIw9
CvtaY+O1i/Zy2GTxvmApdAC+EXSVOl5A/QX+M2FZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUOpY5lxHEJkp5JAdoLYooGRaFrPMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NiN2EzZTUyLTNjMTktNDJjOC04YTQzLTI1ZWI3M2Y2MWY4Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFBCbAwDQYJKoZIhvcNAQELBQADggEBAH2cZU1aMz4rhjm/9Fk4gXAW0b7L
e4R8JRjKskyBWnxcrdfzcmbfaAMPQW/wGfOrQu9wbRusaiUf57Gfa4jX2jm6GlKC
Q7LipBaWjzzmCL2z3ebJNdfkbggGH+iIgtQ4Q3L2393IaNRPQy3ZtO6yjWVm6fU1
0Em5ZopzBuWFzdVxRI4FsC9+265Z6dfjUP/ug4RhevwGyEGxYyaLFUXIBIoctn2x
rUsAHtNPagET55Eer2R9JU8HXslM8nH3HCWod3U0FQS2/d1hQd5TaYoXS0WPi/WF
7YPfa+OYW1nmpHHRaX6sEJaBUyMcGWa9YyLWgNR54dH9l/f0mOngMghleiE=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:48:35 2025 by rpki-client