Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cb7f1187-36a4-49c8-a940-b8a58490830b.roa
File: cb7f1187-36a4-49c8-a940-b8a58490830b.roa (raw, json)
Hash identifier: XTXUxVttwQpl9RKTkHCBFwnWjKxwk0gxRtr1OXKp3hE=
Subject key identifier: C1:BD:C6:2D:7C:14:BE:56:D3:90:66:52:E2:80:17:E8:0C:87:BE:39
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3B8B1C24826A6F484DDDCC995AA0F8C8B20F356B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cb7f1187-36a4-49c8-a940-b8a58490830b.roa
Signing time: Mon 06 Oct 2025 15:40:51 +0000
ROA not before: Mon 06 Oct 2025 15:40:51 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 13.162.0.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:8b:1c:24:82:6a:6f:48:4d:dd:cc:99:5a:a0:f8:c8:b2:0f:35:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 6 15:40:51 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=ca02a7e08350c9b3ab74957ab4cf16b0010283bbd45a0748c738c02d64a8a97a, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:48:45:fc:fb:30:0c:00:4a:0b:8a:ee:fa:2a:
0a:b5:d5:4c:33:36:cc:4d:f3:4b:82:71:af:fb:b9:
0e:67:95:78:0e:e3:68:d8:91:e7:65:43:7a:82:16:
f2:d4:45:9b:a2:d3:66:29:82:fd:0d:1a:7f:65:85:
dd:c9:7a:6d:c3:c5:c9:69:18:ba:bb:72:67:0d:f4:
9e:0f:98:f3:07:f5:39:fb:f3:1c:dc:f6:01:ba:6a:
74:24:26:62:b1:e6:72:16:c4:e6:a2:1a:0f:81:70:
39:98:6b:e7:23:ec:da:59:15:e0:30:a7:84:a6:15:
d7:2e:dd:46:fb:28:c8:b4:12:35:ad:b2:78:6f:79:
c7:9f:47:fc:4b:16:90:9f:17:55:b0:bc:f3:0f:c5:
de:53:34:aa:00:14:5b:3a:0f:38:8d:4e:66:93:cd:
d2:2f:a6:ff:8b:c8:25:cc:1b:80:9a:be:a7:69:28:
97:5a:2c:03:83:d0:3d:72:2e:fd:fd:0b:d7:c8:4a:
7a:b8:50:eb:93:13:a5:ef:60:42:95:98:12:1a:d6:
7b:5e:50:49:0a:eb:59:a7:01:a6:6d:64:6c:bb:7a:
0d:ee:6e:3c:97:c5:17:a7:43:f4:36:aa:40:5b:1f:
4b:d3:79:da:18:1a:e1:80:1a:ec:5b:ef:35:02:2a:
2d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:BD:C6:2D:7C:14:BE:56:D3:90:66:52:E2:80:17:E8:0C:87:BE:39
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cb7f1187-36a4-49c8-a940-b8a58490830b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
13.162.0.0/20
Signature Algorithm: sha256WithRSAEncryption
72:ed:43:7e:ac:da:91:c7:4c:65:02:0a:35:45:49:45:a6:b5:
2f:4b:e2:35:4c:b0:c1:39:53:7b:47:04:3c:e9:bf:20:f1:57:
b0:56:f4:5f:62:a3:85:ac:4c:38:95:d4:a8:e8:79:3d:0e:e3:
7f:de:98:44:78:92:9d:49:2f:54:6f:9b:36:23:6d:59:f2:15:
7e:13:ef:67:65:47:88:79:2d:b0:ab:ae:81:3e:d1:cc:a4:55:
10:b4:b9:b2:32:3c:2b:78:5c:33:55:ac:9c:02:05:b5:b7:e7:
ed:93:67:c3:60:4f:99:92:4f:24:99:20:7c:c4:9e:4d:26:37:
77:ca:29:c7:f7:be:c5:83:2b:67:16:8d:eb:33:3c:64:d8:6c:
14:44:56:a7:88:a0:56:81:b5:34:f5:88:17:92:62:e0:0a:c0:
86:25:6c:d8:15:04:5d:8e:ab:17:4a:a3:80:1b:bc:83:6b:93:
29:6a:09:21:6b:15:dd:f9:52:9f:d8:a7:01:55:5a:17:51:8c:
ee:9d:db:db:d5:ff:de:a3:72:c6:04:db:90:18:ea:89:d2:a9:
17:49:2c:2f:c6:63:23:0c:d3:c1:1d:32:3b:d1:c0:71:02:30:
21:cd:cc:49:7a:61:9f:b7:35:f9:9b:3b:c8:df:83:e5:e6:d7:
9d:98:fb:2b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUO4scJIJqb0hN3cyZWqD4yLIPNWswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA2MTU0MDUxWhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BjYTAyYTdlMDgzNTBjOWIzYWI3NDk1N2FiNGNmMTZiMDAx
MDI4M2JiZDQ1YTA3NDhjNzM4YzAyZDY0YThhOTdhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDLSEX8+zAMAEoLiu76Kgq11UwzNsxN80uCca/7uQ5nlXgO
42jYkedlQ3qCFvLURZui02Ypgv0NGn9lhd3Jem3DxclpGLq7cmcN9J4PmPMH9Tn7
8xzc9gG6anQkJmKx5nIWxOaiGg+BcDmYa+cj7NpZFeAwp4SmFdcu3Ub7KMi0EjWt
snhvecefR/xLFpCfF1WwvPMPxd5TNKoAFFs6DziNTmaTzdIvpv+LyCXMG4Cavqdp
KJdaLAOD0D1yLv39C9fISnq4UOuTE6XvYEKVmBIa1nteUEkK61mnAaZtZGy7eg3u
bjyXxRenQ/Q2qkBbH0vTedoYGuGAGuxb7zUCKi2lAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUwb3GLXwUvlbTkGZS4oAX6AyHvjkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NiN2YxMTg3LTM2YTQtNDljOC1hOTQwLWI4YTU4NDkwODMwYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQNogAwDQYJKoZIhvcNAQELBQADggEBAHLtQ36s2pHHTGUCCjVFSUWmtS9L
4jVMsME5U3tHBDzpvyDxV7BW9F9io4WsTDiV1KjoeT0O43/emER4kp1JL1RvmzYj
bVnyFX4T72dlR4h5LbCrroE+0cykVRC0ubIyPCt4XDNVrJwCBbW35+2TZ8NgT5mS
TySZIHzEnk0mN3fKKcf3vsWDK2cWjeszPGTYbBREVqeIoFaBtTT1iBeSYuAKwIYl
bNgVBF2OqxdKo4AbvINrkylqCSFrFd35Up/YpwFVWhdRjO6d29vV/96jcsYE25AY
6onSqRdJLC/GYyMM08EdMjvRwHECMCHNzEl6YZ+3NfmbO8jfg+Xm152Y+ys=
-----END CERTIFICATE-----
Generated at Mon Oct 20 20:43:09 2025 by rpki-client