Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d2f6fc24-3c4a-4b3b-bdd4-89a187e6fe21.roa
File: d2f6fc24-3c4a-4b3b-bdd4-89a187e6fe21.roa (raw, json)
Hash identifier: PQRUGJWqNMoLkB6bW2mget9d1YOSckZtlY06NMw9ASM=
Subject key identifier: 9D:D0:F2:8E:BF:87:E1:D9:99:8E:CD:46:C2:85:1E:5A:EB:1C:1F:1A
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2151AA38483BB45CD1F04D2B37022F5432C4E083
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d2f6fc24-3c4a-4b3b-bdd4-89a187e6fe21.roa
Signing time: Tue 14 Oct 2025 18:02:43 +0000
ROA not before: Tue 14 Oct 2025 18:02:43 +0000
ROA not after: Tue 18 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 71.152.91.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:51:aa:38:48:3b:b4:5c:d1:f0:4d:2b:37:02:2f:54:32:c4:e0:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 14 18:02:43 2025 GMT
Not After : Nov 18 23:59:59 2025 GMT
Subject: serialNumber=2caf447c40528ed76222ddba34d201833e04eeeb16796bd4760f66c9b209c839, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:fc:cd:2f:2f:7f:af:78:a4:32:5e:2f:8a:cc:
f2:c0:50:b0:fd:38:93:80:78:a9:bc:1b:75:5c:dc:
06:4b:9c:dc:41:ce:99:8d:64:01:b4:09:a7:08:0f:
d4:25:5f:d3:31:e5:a0:7c:14:56:98:9c:70:f7:7a:
f3:1a:ff:78:cb:93:9b:8b:04:82:ec:0d:d9:04:92:
2f:47:e7:f6:46:5c:a0:cf:2e:02:8f:e7:b3:50:0a:
5d:49:1c:f7:35:d7:28:38:bc:ec:ad:2b:fb:fa:31:
76:7a:04:70:3a:b6:24:a9:60:0d:c2:e2:7c:f3:55:
c7:ae:6a:e4:dc:db:04:77:20:f1:15:b1:fe:4a:c7:
c6:14:0a:54:65:99:c6:cc:63:59:f5:43:dc:b9:30:
5c:8e:fc:5e:5d:a6:59:b8:23:20:59:9f:fc:aa:47:
c5:3e:5c:a1:f5:28:52:5c:72:33:d5:6c:a2:0f:76:
d3:e7:45:3d:df:a4:65:25:eb:1a:c5:49:c2:ab:9a:
0a:a2:55:33:0c:7a:47:e8:2b:84:fe:eb:13:4b:36:
4c:dd:d9:68:72:69:f9:09:19:da:e3:d3:fc:9a:f1:
22:a5:f3:6f:f9:8b:45:ab:fc:b5:fa:71:7b:17:e2:
f6:43:8d:f3:fa:76:a5:31:49:ff:f8:75:74:b2:33:
79:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:D0:F2:8E:BF:87:E1:D9:99:8E:CD:46:C2:85:1E:5A:EB:1C:1F:1A
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d2f6fc24-3c4a-4b3b-bdd4-89a187e6fe21.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
71.152.91.0/24
Signature Algorithm: sha256WithRSAEncryption
21:53:5c:a5:53:fd:ce:60:bd:9f:ca:a7:a3:88:40:32:fa:6b:
0e:84:0f:7f:98:75:9d:de:95:42:b4:9a:ea:61:c6:17:5b:7f:
43:dd:60:50:89:c9:d4:98:3b:b4:20:36:d7:d1:d2:c4:90:9f:
f4:ea:31:e4:ad:fa:27:a9:d5:e6:91:c8:75:cc:c1:6d:5c:b0:
46:de:41:be:f5:33:ca:f9:7e:aa:52:3e:59:35:9f:37:74:de:
4d:ba:03:27:ab:8f:e1:23:ca:46:81:d2:68:96:5d:41:b7:f1:
8d:ba:86:93:9c:d2:9d:0c:bb:30:5c:ad:d8:46:a6:15:a2:69:
c0:d0:ac:69:5f:d6:ae:5b:f4:a0:78:01:14:ff:69:41:93:be:
38:26:e3:3d:96:aa:aa:01:79:26:60:b1:8f:47:81:28:0c:c3:
70:38:b0:2e:c2:b9:a5:ad:05:9b:3b:5f:d1:47:f2:75:98:37:
13:a5:f4:48:bb:30:1d:58:7e:4b:f5:f7:4a:2f:5d:77:42:5c:
7a:56:51:31:b7:6d:44:c0:42:36:60:9c:2c:ac:54:a6:3a:a9:
46:e1:80:7f:cb:86:a7:3d:c0:f7:7f:c4:41:fa:1d:a8:9e:b1:
ed:c1:97:5b:5e:ae:29:98:1c:7f:92:c7:b5:32:e8:68:fa:d0:
9c:26:18:ac
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIVGqOEg7tFzR8E0rNwIvVDLE4IMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE0MTgwMjQzWhcNMjUxMTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AyY2FmNDQ3YzQwNTI4ZWQ3NjIyMmRkYmEzNGQyMDE4MzNl
MDRlZWViMTY3OTZiZDQ3NjBmNjZjOWIyMDljODM5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDG/M0vL3+veKQyXi+KzPLAULD9OJOAeKm8G3Vc3AZLnNxB
zpmNZAG0CacID9QlX9Mx5aB8FFaYnHD3evMa/3jLk5uLBILsDdkEki9H5/ZGXKDP
LgKP57NQCl1JHPc11yg4vOytK/v6MXZ6BHA6tiSpYA3C4nzzVceuauTc2wR3IPEV
sf5Kx8YUClRlmcbMY1n1Q9y5MFyO/F5dplm4IyBZn/yqR8U+XKH1KFJccjPVbKIP
dtPnRT3fpGUl6xrFScKrmgqiVTMMekfoK4T+6xNLNkzd2WhyafkJGdrj0/ya8SKl
82/5i0Wr/LX6cXsX4vZDjfP6dqUxSf/4dXSyM3mXAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUndDyjr+H4dmZjs1GwoUeWuscHxowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2QyZjZmYzI0LTNjNGEtNGIzYi1iZGQ0LTg5YTE4N2U2ZmUyMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABHmFswDQYJKoZIhvcNAQELBQADggEBACFTXKVT/c5gvZ/Kp6OIQDL6aw6E
D3+YdZ3elUK0muphxhdbf0PdYFCJydSYO7QgNtfR0sSQn/TqMeSt+iep1eaRyHXM
wW1csEbeQb71M8r5fqpSPlk1nzd03k26Ayerj+EjykaB0miWXUG38Y26hpOc0p0M
uzBcrdhGphWiacDQrGlf1q5b9KB4ART/aUGTvjgm4z2WqqoBeSZgsY9HgSgMw3A4
sC7CuaWtBZs7X9FH8nWYNxOl9Ei7MB1Yfkv190ovXXdCXHpWUTG3bUTAQjZgnCys
VKY6qUbhgH/Lhqc9wPd/xEH6Haiese3Bl1terimYHH+Sx7Uy6Gj60JwmGKw=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:49:12 2025 by rpki-client