Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d8fadca1-ece1-4fd9-8c0c-44964044b286.roa
File: d8fadca1-ece1-4fd9-8c0c-44964044b286.roa (raw, json)
Hash identifier: /E1R77wUdLXnlVcv/lbwO3cJ5RvDP0NRdQ1ER1hvT+o=
Subject key identifier: 68:D7:2F:08:1F:26:BE:D4:92:D9:60:BE:D0:DC:A2:10:C0:3F:A4:23
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 7FE5FEF6BF0DB2C2E5E18C8E85496A4D5BCDFFDB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d8fadca1-ece1-4fd9-8c0c-44964044b286.roa
Signing time: Fri 26 Sep 2025 00:12:15 +0000
ROA not before: Fri 26 Sep 2025 00:12:15 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 142.54.128.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:e5:fe:f6:bf:0d:b2:c2:e5:e1:8c:8e:85:49:6a:4d:5b:cd:ff:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Sep 26 00:12:15 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=521d1894e914097893909f6b461ad23bd5e69dc7e5e7d1e141e3e99ec80fc21e, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:e2:00:1d:0b:73:85:c6:3f:aa:32:63:55:1d:
17:97:fe:11:39:fe:e4:90:0c:32:34:a9:8a:20:d2:
c1:fc:9b:70:18:7a:bc:85:b5:01:74:12:c4:9f:68:
de:57:a7:38:f7:31:d4:a3:0b:8b:bd:bc:b4:05:9f:
da:f5:02:17:5c:ad:86:19:53:70:69:1d:1b:6c:7a:
a7:02:76:1f:f8:f9:a7:9f:a3:2c:7e:74:c1:9f:e2:
95:22:5a:50:d9:08:63:e5:a2:c9:f2:9c:98:30:bc:
4e:44:90:da:07:fb:d6:8f:d3:e3:71:73:dd:b2:99:
03:2b:d2:54:3a:c6:d6:cf:19:c2:53:98:34:4a:b9:
fa:b5:cd:7b:2f:be:4b:d7:db:fa:9b:d2:5c:e1:3d:
f8:fc:39:2a:f4:2b:c6:5b:26:4b:9a:d6:9f:37:83:
80:b9:47:dc:cd:d5:95:32:03:d9:84:e6:63:05:b1:
20:d1:83:2d:13:01:be:67:22:55:85:f0:50:58:28:
ad:d3:bb:ef:40:cf:e0:4f:16:4a:b3:2a:eb:85:28:
27:0c:2f:31:8a:fb:6e:1f:88:ca:94:9e:90:61:9d:
ad:1b:8a:0c:99:a3:c4:e4:98:d6:35:21:1f:1e:15:
5b:13:99:21:e9:e0:2d:57:8a:b1:c2:a6:06:69:df:
92:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:D7:2F:08:1F:26:BE:D4:92:D9:60:BE:D0:DC:A2:10:C0:3F:A4:23
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d8fadca1-ece1-4fd9-8c0c-44964044b286.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
142.54.128.0/19
Signature Algorithm: sha256WithRSAEncryption
87:39:1e:46:0f:32:7a:af:5f:c1:59:bc:af:ba:81:52:e5:af:
e8:06:a7:14:8d:ab:23:60:64:4c:7e:c7:b6:39:95:46:25:8a:
d4:b8:2e:44:32:75:9e:37:88:b1:fd:ac:b9:68:3d:80:09:3d:
66:2d:b8:68:3b:51:c1:45:c9:06:40:f7:9e:d7:14:a8:76:5c:
72:e1:5a:71:91:c6:58:17:b2:8c:7b:dc:c1:39:e8:e1:ff:12:
7c:7d:90:22:9e:3c:41:ac:27:2a:0a:66:0e:de:df:74:7c:b5:
7f:5b:c6:27:20:18:7f:af:d6:07:72:46:ab:09:c3:f5:45:95:
b9:8e:be:8e:04:de:f0:3c:61:4d:b7:cb:6b:84:8c:c2:e9:83:
fe:b4:97:cb:73:6f:8f:a6:ad:04:b1:cc:73:4e:77:a6:e3:91:
84:cd:9d:dc:0e:9d:d7:e9:6e:ed:4d:41:4d:db:e5:44:05:8e:
31:ae:cf:2d:f0:38:c6:59:60:b9:b2:50:0f:02:62:a6:e9:6a:
e4:42:2e:8e:d8:c6:f1:ed:ab:50:1c:1b:25:57:8d:5b:0d:35:
10:ba:55:06:26:f9:59:21:0f:83:b8:16:f0:5e:aa:34:ab:13:
60:91:11:15:7a:2b:90:7d:ad:c6:7d:61:6b:75:ff:32:2c:77:
c6:fe:c3:74
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUf+X+9r8NssLl4YyOhUlqTVvN/9swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI2MDAxMjE1WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A1MjFkMTg5NGU5MTQwOTc4OTM5MDlmNmI0NjFhZDIzYmQ1
ZTY5ZGM3ZTVlN2QxZTE0MWUzZTk5ZWM4MGZjMjFlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCS4gAdC3OFxj+qMmNVHReX/hE5/uSQDDI0qYog0sH8m3AY
eryFtQF0EsSfaN5Xpzj3MdSjC4u9vLQFn9r1AhdcrYYZU3BpHRtseqcCdh/4+aef
oyx+dMGf4pUiWlDZCGPlosnynJgwvE5EkNoH+9aP0+Nxc92ymQMr0lQ6xtbPGcJT
mDRKufq1zXsvvkvX2/qb0lzhPfj8OSr0K8ZbJkua1p83g4C5R9zN1ZUyA9mE5mMF
sSDRgy0TAb5nIlWF8FBYKK3Tu+9Az+BPFkqzKuuFKCcMLzGK+24fiMqUnpBhna0b
igyZo8TkmNY1IR8eFVsTmSHp4C1XirHCpgZp35KlAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUaNcvCB8mvtSS2WC+0NyiEMA/pCMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q4ZmFkY2ExLWVjZTEtNGZkOS04YzBjLTQ0OTY0MDQ0YjI4Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAWONoAwDQYJKoZIhvcNAQELBQADggEBAIc5HkYPMnqvX8FZvK+6gVLlr+gG
pxSNqyNgZEx+x7Y5lUYlitS4LkQydZ43iLH9rLloPYAJPWYtuGg7UcFFyQZA957X
FKh2XHLhWnGRxlgXsox73ME56OH/Enx9kCKePEGsJyoKZg7e33R8tX9bxicgGH+v
1gdyRqsJw/VFlbmOvo4E3vA8YU23y2uEjMLpg/60l8tzb4+mrQSxzHNOd6bjkYTN
ndwOndfpbu1NQU3b5UQFjjGuzy3wOMZZYLmyUA8CYqbpauRCLo7YxvHtq1AcGyVX
jVsNNRC6VQYm+VkhD4O4FvBeqjSrE2CRERV6K5B9rcZ9YWt1/zIsd8b+w3Q=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:56:14 2025 by rpki-client