Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d0253c6b-0ad3-46f5-bb41-d219105c7dc3.roa
File: d0253c6b-0ad3-46f5-bb41-d219105c7dc3.roa (raw, json)
Hash identifier: O+YaVrI78t1L9qwRviy9nevHxa/DK2/22om8e5bAvF0=
Subject key identifier: A5:7F:8A:E6:F7:1E:10:48:FC:30:F9:D7:1E:C5:C7:33:72:E1:7D:42
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 1772C41BFDB5CA04EA6DF25D68D40B6E107DEC1D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d0253c6b-0ad3-46f5-bb41-d219105c7dc3.roa
Signing time: Wed 08 Oct 2025 00:51:23 +0000
ROA not before: Wed 08 Oct 2025 00:51:23 +0000
ROA not after: Wed 12 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 99.151.88.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:72:c4:1b:fd:b5:ca:04:ea:6d:f2:5d:68:d4:0b:6e:10:7d:ec:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 8 00:51:23 2025 GMT
Not After : Nov 12 23:59:59 2025 GMT
Subject: serialNumber=0522785036d34c387cf2b717815abc69b5abf85e35d819b7363a5db29a860b97, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:80:57:7d:c1:9c:fd:65:3d:dc:7e:17:53:a4:
21:cf:07:39:af:84:ce:6d:54:d8:8a:66:44:15:d5:
62:30:5b:63:3e:8a:a9:98:c7:81:de:1d:c2:8d:b2:
7e:b4:54:bc:95:d5:51:b6:34:92:d6:18:05:f8:76:
74:4a:ca:8b:4a:ea:4c:ee:a8:61:a5:a2:a8:a7:d6:
d0:c2:ce:99:35:98:31:34:43:5f:5b:a7:93:f2:f5:
35:53:a6:e6:c2:e4:cc:ce:4d:19:02:5f:af:0c:8e:
f5:e8:f4:ed:9f:36:36:9a:02:36:c6:88:44:78:19:
2b:a2:32:ec:8c:87:7a:0c:5e:37:00:2b:3c:e7:e2:
45:72:f9:48:91:4e:5a:90:9c:52:de:54:86:3a:26:
eb:e4:04:ca:c2:f9:67:7f:51:0a:67:5b:cd:89:f1:
c4:f2:ec:25:56:f8:01:87:0f:90:49:12:21:24:07:
76:a7:74:d0:87:34:80:e5:b5:02:c5:16:5d:bb:e3:
d7:c8:9c:16:02:45:4c:39:ef:52:ba:2b:e0:d7:c7:
bf:a3:5c:39:2d:df:0f:61:1a:62:a9:e3:f0:7f:b5:
9c:0b:71:bc:c1:c8:00:3a:7b:29:f5:f4:3a:b9:b5:
fb:ed:08:ef:ba:31:ac:2e:66:ad:f2:ae:84:ec:ae:
aa:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:7F:8A:E6:F7:1E:10:48:FC:30:F9:D7:1E:C5:C7:33:72:E1:7D:42
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d0253c6b-0ad3-46f5-bb41-d219105c7dc3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
99.151.88.0/21
Signature Algorithm: sha256WithRSAEncryption
65:f6:1f:78:c9:f2:e5:56:a7:42:e1:2d:dc:8a:b9:90:88:74:
f0:32:6b:2b:a1:a9:d8:a0:82:77:ba:62:ef:4f:28:dd:44:be:
68:02:b5:91:b6:58:8a:14:be:da:96:85:8f:a6:65:cc:ee:7c:
8a:46:87:98:ba:4a:74:04:8c:92:ad:33:f9:24:2c:48:e0:ec:
c6:28:39:81:3e:aa:1e:4f:c2:34:92:5a:d5:ae:4d:e6:f1:ae:
77:6f:5e:bb:ba:d3:3a:32:08:a1:c4:d9:62:d2:b1:7c:d6:81:
b4:8d:0f:59:c4:6f:9e:1a:c5:bb:3a:3a:a5:8d:33:38:a0:d8:
cf:1c:4f:0a:94:6e:2a:d7:5a:fa:65:38:41:8b:7d:ce:fb:af:
64:e0:37:d8:df:a3:7f:c3:e1:86:14:e5:1c:8a:59:55:59:d4:
38:0b:87:15:8b:05:c8:8b:47:6a:7f:92:05:52:b2:0c:e6:3f:
84:c5:2b:67:1a:5d:47:a5:03:03:43:f1:51:79:09:62:21:39:
c0:57:79:41:9c:94:12:74:a5:23:5d:6a:65:43:a1:cd:c1:9c:
30:4e:f4:3e:8f:20:df:22:dc:47:6c:a6:ce:37:1f:50:7f:f8:
d2:b1:40:ae:86:d6:34:21:a0:e1:f5:9b:cf:95:92:97:bb:b4:
3c:b0:10:1b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUF3LEG/21ygTqbfJdaNQLbhB97B0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA4MDA1MTIzWhcNMjUxMTEyMjM1OTU5
WjB6MUkwRwYDVQQFE0AwNTIyNzg1MDM2ZDM0YzM4N2NmMmI3MTc4MTVhYmM2OWI1
YWJmODVlMzVkODE5YjczNjNhNWRiMjlhODYwYjk3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDMgFd9wZz9ZT3cfhdTpCHPBzmvhM5tVNiKZkQV1WIwW2M+
iqmYx4HeHcKNsn60VLyV1VG2NJLWGAX4dnRKyotK6kzuqGGloqin1tDCzpk1mDE0
Q19bp5Py9TVTpubC5MzOTRkCX68MjvXo9O2fNjaaAjbGiER4GSuiMuyMh3oMXjcA
Kzzn4kVy+UiRTlqQnFLeVIY6JuvkBMrC+Wd/UQpnW82J8cTy7CVW+AGHD5BJEiEk
B3andNCHNIDltQLFFl2749fInBYCRUw571K6K+DXx7+jXDkt3w9hGmKp4/B/tZwL
cbzByAA6eyn19Dq5tfvtCO+6MawuZq3yroTsrqq3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUpX+K5vceEEj8MPnXHsXHM3LhfUIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2QwMjUzYzZiLTBhZDMtNDZmNS1iYjQxLWQyMTkxMDVjN2RjMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANjl1gwDQYJKoZIhvcNAQELBQADggEBAGX2H3jJ8uVWp0LhLdyKuZCIdPAy
ayuhqdiggne6Yu9PKN1EvmgCtZG2WIoUvtqWhY+mZczufIpGh5i6SnQEjJKtM/kk
LEjg7MYoOYE+qh5PwjSSWtWuTebxrndvXru60zoyCKHE2WLSsXzWgbSND1nEb54a
xbs6OqWNMzig2M8cTwqUbirXWvplOEGLfc77r2TgN9jfo3/D4YYU5RyKWVVZ1DgL
hxWLBciLR2p/kgVSsgzmP4TFK2caXUelAwND8VF5CWIhOcBXeUGclBJ0pSNdamVD
oc3BnDBO9D6PIN8i3Edsps43H1B/+NKxQK6G1jQhoOH1m8+Vkpe7tDywEBs=
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:07:39 2025 by rpki-client