Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d69d305c-a658-4c39-8075-c28e2b201286.roa
File: d69d305c-a658-4c39-8075-c28e2b201286.roa (raw, json)
Hash identifier: KaA7JvyfZb02djOOXtyUOXH9r0+8InAYRKAS/rBYxTs=
Subject key identifier: EF:5D:86:AA:9A:2D:26:40:65:CB:0C:CE:84:DE:87:27:66:FB:71:56
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4C33AFFE6DCCB0E8BD4B619C7F473B7B33B54E42
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d69d305c-a658-4c39-8075-c28e2b201286.roa
Signing time: Wed 01 Oct 2025 00:11:13 +0000
ROA not before: Wed 01 Oct 2025 00:11:13 +0000
ROA not after: Wed 05 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 208.115.0.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:33:af:fe:6d:cc:b0:e8:bd:4b:61:9c:7f:47:3b:7b:33:b5:4e:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 1 00:11:13 2025 GMT
Not After : Nov 5 23:59:59 2025 GMT
Subject: serialNumber=78c07bbecc70381d233c63e0ff638fe2673caf71d999fafec148f6cc889fde7a, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ba:b0:41:9b:ff:7a:d3:f5:0e:d6:c7:5f:d8:
dd:fb:2c:fa:36:30:4c:4a:68:47:04:3e:42:d3:2d:
0d:e1:a0:47:a1:38:ca:3f:da:12:01:a9:a7:31:ea:
1d:24:6a:b1:ec:fe:88:bf:6e:bf:0c:c5:4c:fc:9b:
af:38:6c:db:67:0f:f6:ec:ad:17:2e:bf:a6:46:ff:
fe:20:e9:24:61:c7:a6:c2:36:99:cc:00:a2:01:e8:
f5:3a:17:93:f3:2e:85:9f:c1:1e:6d:0d:43:6c:6a:
e8:96:e7:3f:08:1c:5b:a5:93:ad:93:29:b2:86:20:
fc:d1:1e:a5:c9:4a:d4:e4:80:d0:b1:6e:87:bd:6d:
c6:be:45:3e:ae:0d:dd:10:21:b5:c5:59:3e:0d:30:
6d:f8:b4:62:31:92:31:d3:e1:2e:d1:44:bf:1e:26:
03:f9:e5:e6:5a:c7:bd:75:16:83:b7:c4:8c:4c:d2:
8b:7a:3e:79:36:43:3c:62:4d:cf:a3:f0:30:63:03:
0b:da:e6:e8:77:d3:a5:50:78:02:8c:2b:5f:65:d7:
b9:78:12:59:3d:a6:97:07:aa:6c:ed:1d:e0:54:77:
63:57:81:e0:05:fb:f1:94:a7:10:35:0d:2b:87:56:
5e:8d:73:b5:0e:13:9e:ce:7c:11:12:e9:c8:76:1b:
3e:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:5D:86:AA:9A:2D:26:40:65:CB:0C:CE:84:DE:87:27:66:FB:71:56
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d69d305c-a658-4c39-8075-c28e2b201286.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
208.115.0.0/19
Signature Algorithm: sha256WithRSAEncryption
d4:0b:31:a6:19:6f:58:52:1c:de:74:e3:26:2d:05:d3:0e:c8:
a9:39:91:12:5a:4a:3a:0f:a2:9c:f7:4a:6b:a9:75:b3:b5:79:
35:db:9f:c9:ef:f4:17:97:7d:d3:d5:7f:51:7c:41:0c:1c:76:
e5:12:0f:51:65:5a:49:9d:aa:db:66:bb:32:5e:cb:bf:78:19:
7c:c3:c7:e1:9c:c9:c6:ff:dc:99:bc:ef:2c:8d:a9:74:31:40:
0d:ba:9a:ad:68:1d:25:a6:92:16:06:cc:49:a4:36:9a:88:8b:
69:7d:5b:32:7e:d4:f7:18:e1:9b:9c:bb:98:bc:ec:d1:9e:9a:
97:de:55:e5:74:53:94:e7:c8:10:26:04:07:80:df:6a:b8:22:
a1:8d:9d:c2:5c:1e:4e:60:61:29:a8:eb:5b:4c:1a:b7:4f:d0:
14:1f:1f:74:41:41:eb:01:e5:0d:0e:cc:81:cc:0d:39:2f:5d:
5a:07:db:e7:68:1f:ee:70:7b:96:09:6e:fc:e3:6f:55:57:a6:
92:40:44:7f:dd:36:b0:bc:3e:29:d8:e2:41:db:d5:31:ca:65:
83:93:8e:65:5a:2c:ce:f0:62:51:e9:9a:72:13:41:a2:f3:88:
6e:51:c4:45:c1:44:71:ef:8c:cb:1d:0e:28:70:9b:d3:80:6c:
3b:86:b5:5b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTDOv/m3MsOi9S2Gcf0c7ezO1TkIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDAxMTEzWhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A3OGMwN2JiZWNjNzAzODFkMjMzYzYzZTBmZjYzOGZlMjY3
M2NhZjcxZDk5OWZhZmVjMTQ4ZjZjYzg4OWZkZTdhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDfurBBm/960/UO1sdf2N37LPo2MExKaEcEPkLTLQ3hoEeh
OMo/2hIBqacx6h0karHs/oi/br8MxUz8m684bNtnD/bsrRcuv6ZG//4g6SRhx6bC
NpnMAKIB6PU6F5PzLoWfwR5tDUNsauiW5z8IHFulk62TKbKGIPzRHqXJStTkgNCx
boe9bca+RT6uDd0QIbXFWT4NMG34tGIxkjHT4S7RRL8eJgP55eZax711FoO3xIxM
0ot6Pnk2QzxiTc+j8DBjAwva5uh306VQeAKMK19l17l4Elk9ppcHqmztHeBUd2NX
geAF+/GUpxA1DSuHVl6Nc7UOE57OfBES6ch2Gz6bAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU712GqpotJkBlywzOhN6HJ2b7cVYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q2OWQzMDVjLWE2NTgtNGMzOS04MDc1LWMyOGUyYjIwMTI4Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXQcwAwDQYJKoZIhvcNAQELBQADggEBANQLMaYZb1hSHN504yYtBdMOyKk5
kRJaSjoPopz3SmupdbO1eTXbn8nv9BeXfdPVf1F8QQwcduUSD1FlWkmdqttmuzJe
y794GXzDx+Gcycb/3Jm87yyNqXQxQA26mq1oHSWmkhYGzEmkNpqIi2l9WzJ+1PcY
4Zucu5i87NGempfeVeV0U5TnyBAmBAeA32q4IqGNncJcHk5gYSmo61tMGrdP0BQf
H3RBQesB5Q0OzIHMDTkvXVoH2+doH+5we5YJbvzjb1VXppJARH/dNrC8PinY4kHb
1THKZYOTjmVaLM7wYlHpmnITQaLziG5RxEXBRHHvjMsdDihwm9OAbDuGtVs=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:56:23 2025 by rpki-client