Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cf8c2352-31e2-451c-8d45-f20afbc2351c.roa
File: cf8c2352-31e2-451c-8d45-f20afbc2351c.roa (raw, json)
Hash identifier: hWtRIX7hIgr7osLnCE7IBu5i2EHWrQKSLL2qOawDMZw=
Subject key identifier: EF:75:DA:72:23:DF:1F:48:54:2A:EC:FD:2C:56:0B:89:DC:F4:A4:66
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 71BEB653C3E20C31095F43DCA083B576A415998D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cf8c2352-31e2-451c-8d45-f20afbc2351c.roa
Signing time: Sat 18 Oct 2025 03:00:59 +0000
ROA not before: Sat 18 Oct 2025 03:00:59 +0000
ROA not after: Sat 22 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 208.86.88.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:be:b6:53:c3:e2:0c:31:09:5f:43:dc:a0:83:b5:76:a4:15:99:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 18 03:00:59 2025 GMT
Not After : Nov 22 23:59:59 2025 GMT
Subject: serialNumber=e581c2ae6fc2d8e0b0e1c690fcbd0070df1513cc8f42a2348461a1dab666d2af, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:67:e2:ab:51:8a:ae:1d:4b:d1:f0:88:bb:d4:
fe:73:09:d3:32:5d:2c:13:b5:85:90:aa:25:d0:7c:
aa:2a:68:ec:b9:6c:88:c2:83:8e:ae:a4:d2:17:b8:
3f:19:13:05:01:62:b7:73:50:23:f8:f3:3e:fd:e4:
18:70:43:a8:83:81:6b:58:88:f4:04:52:3f:8e:ca:
b6:b0:fe:38:48:be:85:f5:86:e1:5d:0c:17:40:68:
2b:b5:61:78:4a:30:74:15:9b:81:5d:b7:f7:36:8f:
5e:ae:66:90:18:97:3c:a5:9d:56:7c:92:d7:1f:32:
f5:54:ab:da:4d:5a:1c:de:07:78:62:37:94:19:5f:
20:9f:b7:68:c4:f4:cd:c3:6d:de:b5:e2:ba:00:91:
32:cc:ed:9c:ff:19:a4:fa:61:76:2e:0b:4c:8b:b6:
69:f2:bf:89:13:27:c7:b0:54:76:14:a8:c9:ac:e3:
f6:0c:05:63:4f:a3:08:6e:80:2e:79:6a:0a:d3:80:
f2:f7:00:b7:84:57:99:d0:79:ab:e9:1c:69:90:be:
de:09:ba:cb:94:ab:d0:c0:0a:dd:ac:56:86:5f:77:
f0:04:57:20:c4:18:f5:96:f2:1a:76:a5:59:ea:95:
86:34:6e:02:47:cf:de:7e:a3:dd:b2:09:e9:0d:0d:
34:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:75:DA:72:23:DF:1F:48:54:2A:EC:FD:2C:56:0B:89:DC:F4:A4:66
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cf8c2352-31e2-451c-8d45-f20afbc2351c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
208.86.88.0/22
Signature Algorithm: sha256WithRSAEncryption
57:0a:6f:a0:5c:7a:9d:be:2e:2a:e4:1d:1d:29:16:22:d5:a9:
9d:aa:a1:b0:95:55:c5:7b:79:e8:75:92:2b:40:4d:9f:97:99:
40:12:8f:cc:91:c6:86:29:18:98:9f:43:4c:50:cb:29:b2:d3:
52:f7:35:3c:a9:71:ad:be:f8:3e:27:1f:cb:12:d1:60:0f:d4:
df:e0:4e:1c:a8:e4:c0:39:d4:fe:a6:a1:64:22:bc:c0:62:20:
49:e1:7f:93:87:d1:22:4a:6e:74:92:35:90:77:22:f6:79:58:
ca:d3:22:a4:5d:ce:6e:c3:c7:e2:29:6a:c2:db:0c:b1:61:d9:
8c:a7:c8:dc:9f:18:5f:d0:67:98:62:bf:a5:ca:67:60:96:77:
f2:42:df:57:ff:5d:be:05:e0:33:c8:b8:6b:52:4c:96:09:d0:
f4:f9:85:93:5e:1c:e2:23:43:d4:a2:9c:92:e7:ef:bd:b4:76:
1c:a5:7c:e7:1b:33:98:94:29:4e:f3:f4:ef:79:70:ca:96:c4:
ac:6c:55:45:77:0a:40:7d:9d:7b:52:93:80:39:ee:30:5e:f7:
f9:53:63:8e:ed:2b:d4:08:88:04:9d:01:7d:a8:c9:76:3b:4b:
a1:d9:9c:c2:6c:f3:f7:3d:45:05:23:a6:90:72:ae:58:7e:45:
73:89:30:1e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcb62U8PiDDEJX0PcoIO1dqQVmY0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE4MDMwMDU5WhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BlNTgxYzJhZTZmYzJkOGUwYjBlMWM2OTBmY2JkMDA3MGRm
MTUxM2NjOGY0MmEyMzQ4NDYxYTFkYWI2NjZkMmFmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCbZ+KrUYquHUvR8Ii71P5zCdMyXSwTtYWQqiXQfKoqaOy5
bIjCg46upNIXuD8ZEwUBYrdzUCP48z795BhwQ6iDgWtYiPQEUj+Oyraw/jhIvoX1
huFdDBdAaCu1YXhKMHQVm4Fdt/c2j16uZpAYlzylnVZ8ktcfMvVUq9pNWhzeB3hi
N5QZXyCft2jE9M3Dbd614roAkTLM7Zz/GaT6YXYuC0yLtmnyv4kTJ8ewVHYUqMms
4/YMBWNPowhugC55agrTgPL3ALeEV5nQeavpHGmQvt4JusuUq9DACt2sVoZfd/AE
VyDEGPWW8hp2pVnqlYY0bgJHz95+o92yCekNDTQTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU73XaciPfH0hUKuz9LFYLidz0pGYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NmOGMyMzUyLTMxZTItNDUxYy04ZDQ1LWYyMGFmYmMyMzUxYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALQVlgwDQYJKoZIhvcNAQELBQADggEBAFcKb6Bcep2+LirkHR0pFiLVqZ2q
obCVVcV7eeh1kitATZ+XmUASj8yRxoYpGJifQ0xQyymy01L3NTypca2++D4nH8sS
0WAP1N/gThyo5MA51P6moWQivMBiIEnhf5OH0SJKbnSSNZB3IvZ5WMrTIqRdzm7D
x+IpasLbDLFh2YynyNyfGF/QZ5hiv6XKZ2CWd/JC31f/Xb4F4DPIuGtSTJYJ0PT5
hZNeHOIjQ9SinJLn7720dhylfOcbM5iUKU7z9O95cMqWxKxsVUV3CkB9nXtSk4A5
7jBe9/lTY47tK9QIiASdAX2oyXY7S6HZnMJs8/c9RQUjppByrlh+RXOJMB4=
-----END CERTIFICATE-----
Generated at Tue Oct 21 04:43:59 2025 by rpki-client