Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d5a322ae-cabc-474f-b159-bb0fb3333616.roa
File: d5a322ae-cabc-474f-b159-bb0fb3333616.roa (raw, json)
Hash identifier: U4E3amILeqetg4v1XChFHvZObm/vpwZfcZr7n15EV9k=
Subject key identifier: C5:1F:7B:62:35:63:48:3D:44:CE:4C:AD:76:FE:E5:E4:6E:D8:76:C7
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 0FC4999F2CA1C9B41E5408E0F670DB7CD4DEA4AA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d5a322ae-cabc-474f-b159-bb0fb3333616.roa
Signing time: Tue 14 Oct 2025 22:02:11 +0000
ROA not before: Tue 14 Oct 2025 22:02:11 +0000
ROA not after: Tue 18 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 99.84.158.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:c4:99:9f:2c:a1:c9:b4:1e:54:08:e0:f6:70:db:7c:d4:de:a4:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 14 22:02:11 2025 GMT
Not After : Nov 18 23:59:59 2025 GMT
Subject: serialNumber=5b1db714860fe128cc3d13fa56eec1d6522943a93e934e2a864717a5c94371ee, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:27:9d:6e:ed:90:35:02:91:c7:b7:43:9a:29:
94:29:b3:51:39:c2:b5:34:93:a3:32:ec:16:b5:46:
aa:4e:4c:63:b0:1f:69:e6:67:9b:a7:e9:f9:67:53:
d6:98:6f:d6:09:78:23:65:2d:8f:bd:fa:ad:4d:64:
13:5b:10:4f:cf:47:58:b6:c8:d7:35:56:75:ed:b7:
8e:18:f8:8a:5a:d3:34:60:da:c4:43:bd:44:97:e5:
0f:25:ea:ed:52:a5:31:9b:8a:2a:d4:12:bf:f4:44:
ae:d8:d0:88:5d:c7:fb:87:6f:18:8e:78:34:f5:a5:
9e:a9:52:35:fa:4f:bb:82:7f:8a:18:95:9f:f8:0f:
b9:ff:1e:10:e1:e5:6a:e3:76:44:a5:2a:f4:59:6c:
f7:74:c7:f0:eb:f8:35:2d:9b:63:18:41:19:cf:59:
22:38:7a:49:ff:98:9b:42:23:8f:f2:b8:dd:63:fe:
96:4d:71:f6:d5:47:f3:b4:ca:a7:a5:fc:7a:c2:46:
38:79:f7:6f:b6:94:ba:08:51:c9:0d:57:7e:da:1e:
52:c0:2c:f9:19:c1:66:5b:b7:c5:65:4b:62:5f:a1:
3a:d0:54:1a:72:57:c4:85:06:f2:7a:c5:23:db:07:
a1:94:2e:98:3f:2a:0c:37:2d:18:0c:bc:a5:c4:73:
bd:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:1F:7B:62:35:63:48:3D:44:CE:4C:AD:76:FE:E5:E4:6E:D8:76:C7
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d5a322ae-cabc-474f-b159-bb0fb3333616.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
99.84.158.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:d6:47:08:d3:1e:3f:19:94:5e:d6:3d:c4:e0:dd:96:83:42:
60:b6:c5:c0:1f:62:20:48:36:d4:5d:66:c9:0d:d9:ac:06:4a:
cc:e7:ee:f0:38:e1:7d:f9:8a:0b:06:c3:82:cc:84:c7:fa:84:
4c:2f:b1:97:80:f7:d0:65:5c:10:71:f7:ea:ec:57:e0:58:d3:
f9:1f:c7:db:52:bb:89:6f:23:fe:67:14:b2:bc:5f:a7:d1:42:
bc:0a:cc:17:d7:b5:88:2f:0f:8e:52:e3:e3:5f:b2:7c:c3:20:
c6:71:32:5a:29:72:a0:dc:51:cf:d1:cf:7f:76:2a:5c:61:c1:
21:03:c2:c5:af:9f:ca:b8:9b:d2:4f:84:44:40:8f:31:62:2b:
c2:b1:54:f5:d7:9f:52:13:ad:e6:35:9f:6a:c5:ee:44:af:fc:
cb:ca:2a:e0:d4:a0:9b:23:37:e3:cd:2a:c7:5b:96:d4:6e:87:
24:63:82:eb:9e:79:05:bc:6e:c0:12:76:fd:bb:28:f1:fa:9b:
68:19:57:69:9a:6d:b7:7c:6f:3c:e9:de:42:0f:4b:1a:5f:5f:
51:3e:77:be:05:9c:a7:f9:50:f5:cc:3b:3b:ae:62:34:87:fc:
d3:fe:6a:0f:d6:82:0c:89:d3:bc:5f:1c:d2:d7:25:80:c9:a2:
13:9e:f3:34
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUD8SZnyyhybQeVAjg9nDbfNTepKowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE0MjIwMjExWhcNMjUxMTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A1YjFkYjcxNDg2MGZlMTI4Y2MzZDEzZmE1NmVlYzFkNjUy
Mjk0M2E5M2U5MzRlMmE4NjQ3MTdhNWM5NDM3MWVlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCVJ51u7ZA1ApHHt0OaKZQps1E5wrU0k6My7Ba1RqpOTGOw
H2nmZ5un6flnU9aYb9YJeCNlLY+9+q1NZBNbEE/PR1i2yNc1VnXtt44Y+Ipa0zRg
2sRDvUSX5Q8l6u1SpTGbiirUEr/0RK7Y0Ihdx/uHbxiOeDT1pZ6pUjX6T7uCf4oY
lZ/4D7n/HhDh5WrjdkSlKvRZbPd0x/Dr+DUtm2MYQRnPWSI4ekn/mJtCI4/yuN1j
/pZNcfbVR/O0yqel/HrCRjh592+2lLoIUckNV37aHlLALPkZwWZbt8VlS2JfoTrQ
VBpyV8SFBvJ6xSPbB6GULpg/Kgw3LRgMvKXEc72pAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUxR97YjVjSD1Ezkytdv7l5G7YdscwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q1YTMyMmFlLWNhYmMtNDc0Zi1iMTU5LWJiMGZiMzMzMzYxNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjVJ4wDQYJKoZIhvcNAQELBQADggEBAF3WRwjTHj8ZlF7WPcTg3ZaDQmC2
xcAfYiBINtRdZskN2awGSszn7vA44X35igsGw4LMhMf6hEwvsZeA99BlXBBx9+rs
V+BY0/kfx9tSu4lvI/5nFLK8X6fRQrwKzBfXtYgvD45S4+NfsnzDIMZxMlopcqDc
Uc/Rz392KlxhwSEDwsWvn8q4m9JPhERAjzFiK8KxVPXXn1ITreY1n2rF7kSv/MvK
KuDUoJsjN+PNKsdbltRuhyRjguueeQW8bsASdv27KPH6m2gZV2mabbd8bzzp3kIP
SxpfX1E+d74FnKf5UPXMOzuuYjSH/NP+ag/WggyJ07xfHNLXJYDJohOe8zQ=
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:17:56 2025 by rpki-client