Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cde0b60f-013f-4194-82b6-b09974b3149a.roa
File: cde0b60f-013f-4194-82b6-b09974b3149a.roa (raw, json)
Hash identifier: ChYdzoaLq47M7fmr1w3nVS3/3BNTASULij3lbYuPYfw=
Subject key identifier: 1B:9A:9F:8D:92:8D:CB:AD:50:36:56:4E:EC:5C:49:62:59:40:D7:1B
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3D47056026A46CB2E71E1AA5CAFDA1074DC9BCF2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cde0b60f-013f-4194-82b6-b09974b3149a.roa
Signing time: Wed 01 Oct 2025 00:42:35 +0000
ROA not before: Wed 01 Oct 2025 00:42:35 +0000
ROA not after: Wed 05 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 65.37.128.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:47:05:60:26:a4:6c:b2:e7:1e:1a:a5:ca:fd:a1:07:4d:c9:bc:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 1 00:42:35 2025 GMT
Not After : Nov 5 23:59:59 2025 GMT
Subject: serialNumber=ebae6a568ccc95b0f854eb4d0e98d5e6ccc845227e14bb294c8ba020389dc2b4, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c9:42:8b:40:65:4d:8c:19:a1:12:14:df:16:
ca:1a:32:53:68:e3:dd:08:cb:37:b9:ad:8c:b8:79:
5e:2a:2d:35:f6:53:89:8a:bf:a0:03:d2:bf:6c:d7:
97:06:df:ff:9c:b6:a1:03:a2:70:ac:11:30:57:aa:
2c:27:5a:b6:87:18:37:9a:c0:91:f0:b6:29:70:27:
46:28:3d:5e:8d:59:5c:4a:17:3a:8b:c9:5b:7b:dc:
65:b4:de:35:90:49:fb:55:d1:1d:be:9e:60:16:fe:
80:28:11:20:ea:57:6c:28:fe:fa:78:dc:01:a4:ae:
8d:6c:c3:7e:41:52:87:fa:bc:ba:85:f5:12:11:1b:
81:0b:d6:d8:72:70:15:41:6f:cd:d2:f6:de:74:81:
42:db:bb:8c:47:c8:39:17:25:62:96:d8:2d:f9:71:
f9:45:19:c5:89:31:7a:be:28:04:d4:20:68:cb:e9:
0c:e7:43:0d:e6:19:44:50:f9:62:4f:a9:53:66:6b:
07:d8:e5:a6:3f:e1:89:a1:5b:75:4b:d5:17:72:be:
4c:a2:e1:f2:0a:a7:08:3c:13:60:02:3e:32:a9:01:
6b:4a:6d:80:a2:e9:c0:2b:16:77:b9:f0:dd:70:30:
79:05:97:ca:85:1b:63:1a:15:c0:45:be:7f:4d:9b:
88:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:9A:9F:8D:92:8D:CB:AD:50:36:56:4E:EC:5C:49:62:59:40:D7:1B
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cde0b60f-013f-4194-82b6-b09974b3149a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
65.37.128.0/18
Signature Algorithm: sha256WithRSAEncryption
7b:f0:d5:80:8e:4a:a1:53:40:92:c6:b2:2a:84:c0:39:ec:7b:
d6:89:25:51:df:d2:30:47:a0:75:5e:91:5b:e4:80:69:67:6b:
c8:17:d7:73:c8:df:1a:29:fb:e1:ea:51:1e:d7:38:75:c0:a2:
3b:65:f1:5c:c1:e1:0d:b0:a7:92:91:59:c0:b5:d0:60:f7:98:
9d:68:64:0d:0e:45:5b:d9:4b:82:0a:cc:d7:21:3e:5a:12:a9:
7f:6c:41:ab:cf:09:b9:ea:f7:89:57:25:5d:65:94:78:b3:dd:
12:b2:7b:65:9a:96:d6:8f:4f:bd:ee:5a:23:78:08:a3:c8:cb:
fd:2e:eb:f9:1b:ae:0d:ca:47:b9:d2:ef:50:af:dc:e4:d6:1a:
f3:33:37:b4:8c:0d:fd:83:20:83:a1:66:27:ec:8c:1b:e4:a9:
3e:ec:84:99:79:99:46:1b:79:54:46:78:26:d7:c0:dc:17:82:
70:79:02:b3:b8:4f:db:37:72:0c:e7:ca:e3:db:b1:a3:d8:73:
fe:45:f9:84:5c:92:88:40:bc:a2:bf:94:eb:5a:a7:0b:0e:09:
a5:f3:a3:a8:84:b8:f1:49:24:bc:b5:a8:ab:58:da:84:74:63:
64:2f:8d:f9:28:76:b8:f6:da:64:ec:1d:70:65:83:a8:56:78:
a0:f8:90:a8
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPUcFYCakbLLnHhqlyv2hB03JvPIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDA0MjM1WhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BlYmFlNmE1NjhjY2M5NWIwZjg1NGViNGQwZTk4ZDVlNmNj
Yzg0NTIyN2UxNGJiMjk0YzhiYTAyMDM4OWRjMmI0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDLyUKLQGVNjBmhEhTfFsoaMlNo490Iyze5rYy4eV4qLTX2
U4mKv6AD0r9s15cG3/+ctqEDonCsETBXqiwnWraHGDeawJHwtilwJ0YoPV6NWVxK
FzqLyVt73GW03jWQSftV0R2+nmAW/oAoESDqV2wo/vp43AGkro1sw35BUof6vLqF
9RIRG4EL1thycBVBb83S9t50gULbu4xHyDkXJWKW2C35cflFGcWJMXq+KATUIGjL
6QznQw3mGURQ+WJPqVNmawfY5aY/4YmhW3VL1Rdyvkyi4fIKpwg8E2ACPjKpAWtK
bYCi6cArFne58N1wMHkFl8qFG2MaFcBFvn9Nm4gXAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUG5qfjZKNy61QNlZO7FxJYllA1xswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NkZTBiNjBmLTAxM2YtNDE5NC04MmI2LWIwOTk3NGIzMTQ5YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZBJYAwDQYJKoZIhvcNAQELBQADggEBAHvw1YCOSqFTQJLGsiqEwDnse9aJ
JVHf0jBHoHVekVvkgGlna8gX13PI3xop++HqUR7XOHXAojtl8VzB4Q2wp5KRWcC1
0GD3mJ1oZA0ORVvZS4IKzNchPloSqX9sQavPCbnq94lXJV1llHiz3RKye2WaltaP
T73uWiN4CKPIy/0u6/kbrg3KR7nS71Cv3OTWGvMzN7SMDf2DIIOhZifsjBvkqT7s
hJl5mUYbeVRGeCbXwNwXgnB5ArO4T9s3cgznyuPbsaPYc/5F+YRckohAvKK/lOta
pwsOCaXzo6iEuPFJJLy1qKtY2oR0Y2Qvjfkodrj22mTsHXBlg6hWeKD4kKg=
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:19:26 2025 by rpki-client