Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/da27c9bf-316a-4fc6-8246-9d760f3eb66e.roa
File: da27c9bf-316a-4fc6-8246-9d760f3eb66e.roa (raw, json)
Hash identifier: cjHLSSeDuuif8aR2cABvie7tDBbs/5bKNcZ7jQjbK/0=
Subject key identifier: B5:B5:23:B9:7A:74:F5:14:CC:B6:C9:43:6F:D2:42:7B:1F:A5:04:7D
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 6AD89F9B4C6A49C07FD4C0765EA3577DFF4D438D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/da27c9bf-316a-4fc6-8246-9d760f3eb66e.roa
Signing time: Tue 07 Oct 2025 00:11:12 +0000
ROA not before: Tue 07 Oct 2025 00:11:12 +0000
ROA not after: Tue 11 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 136.18.128.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:d8:9f:9b:4c:6a:49:c0:7f:d4:c0:76:5e:a3:57:7d:ff:4d:43:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 7 00:11:12 2025 GMT
Not After : Nov 11 23:59:59 2025 GMT
Subject: serialNumber=6caa2c6562a4ccd450a206adbc279be42c187d221eb7219f8ffa300e39f59e93, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:27:b3:e8:c1:5b:ad:03:7a:6c:59:1e:54:a2:
60:20:3c:99:8b:06:3f:00:16:7f:4b:ac:ac:1b:9b:
a1:c2:00:21:99:e3:4f:e1:d9:41:b5:b6:c9:9a:df:
4f:f6:a8:39:cc:e4:33:54:5a:32:0e:7c:41:0d:41:
7c:25:dd:b3:5c:f5:4d:05:92:ce:5d:55:6c:aa:a7:
0d:48:1b:c2:6d:fa:8c:5d:3a:39:c0:f9:84:9e:83:
9c:d9:4b:b8:f9:79:6c:3f:d2:90:38:a1:59:12:89:
78:b2:37:93:e8:43:1f:1f:7f:c5:a5:b5:2a:23:c4:
71:29:aa:65:4b:01:44:9c:94:51:4c:ab:fb:05:9f:
a9:3c:72:2d:3b:82:56:ed:d3:03:b2:bb:88:d1:73:
f2:fc:1e:aa:3d:3f:af:37:32:fc:1c:d4:e3:c5:c6:
fe:6a:28:e1:be:fc:4e:4c:8f:03:3f:0e:a4:ca:53:
ed:dd:bc:c4:e3:c2:03:d1:29:93:6f:58:b9:ca:9f:
e6:9d:b7:78:7c:52:e0:19:8e:92:b7:3b:12:28:32:
6f:5d:db:13:0a:6b:5e:8b:09:c6:20:a7:23:0e:9c:
e4:4a:41:a1:90:68:b9:54:4e:82:75:60:75:af:0d:
07:51:2c:76:45:0e:fe:ee:d7:65:4d:6b:66:10:fa:
56:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:B5:23:B9:7A:74:F5:14:CC:B6:C9:43:6F:D2:42:7B:1F:A5:04:7D
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/da27c9bf-316a-4fc6-8246-9d760f3eb66e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
136.18.128.0/24
Signature Algorithm: sha256WithRSAEncryption
40:fd:79:0e:61:43:ba:09:a9:21:de:6a:76:27:f5:6d:b6:f9:
77:e6:a8:c5:76:a2:ee:fb:45:f7:80:6b:cb:db:d4:61:fe:83:
6b:4c:d7:32:4a:c2:0a:8c:ae:5a:7d:a2:3c:15:5f:3c:60:aa:
25:20:a7:74:38:8c:e0:73:b3:03:51:0f:15:3c:64:af:94:36:
cf:48:11:69:fe:48:b3:ea:f1:99:0f:40:8a:bf:bf:0f:e0:dc:
f2:37:4b:54:13:84:56:c8:be:6a:82:62:08:54:f9:69:d8:47:
5e:46:14:81:9b:4a:b7:56:c6:b3:ee:70:34:0a:a1:e8:04:b1:
04:d1:12:68:bb:09:a7:72:2c:0d:a2:81:ec:3a:2f:db:bf:69:
49:23:a7:f0:34:06:46:8a:ea:c6:19:16:ec:12:8f:5f:d8:a6:
7f:48:70:60:f0:ff:bf:72:29:53:d9:1d:ff:5c:07:86:27:65:
7a:6a:10:41:c2:95:fc:da:66:21:ab:c3:d8:7b:7f:f9:ab:53:
c6:55:e8:21:e6:08:53:47:50:fc:60:a6:3d:ba:25:84:38:1f:
7b:78:59:69:93:f9:8f:52:98:ca:37:69:61:61:cf:6e:f4:b5:
e7:3b:d9:58:83:40:a7:02:62:4c:22:e1:df:89:c6:21:9c:2f:
ad:bd:47:e7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUatifm0xqScB/1MB2XqNXff9NQ40wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA3MDAxMTEyWhcNMjUxMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0A2Y2FhMmM2NTYyYTRjY2Q0NTBhMjA2YWRiYzI3OWJlNDJj
MTg3ZDIyMWViNzIxOWY4ZmZhMzAwZTM5ZjU5ZTkzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCOJ7PowVutA3psWR5UomAgPJmLBj8AFn9LrKwbm6HCACGZ
40/h2UG1tsma30/2qDnM5DNUWjIOfEENQXwl3bNc9U0Fks5dVWyqpw1IG8Jt+oxd
OjnA+YSeg5zZS7j5eWw/0pA4oVkSiXiyN5PoQx8ff8WltSojxHEpqmVLAUSclFFM
q/sFn6k8ci07glbt0wOyu4jRc/L8Hqo9P683Mvwc1OPFxv5qKOG+/E5MjwM/DqTK
U+3dvMTjwgPRKZNvWLnKn+adt3h8UuAZjpK3OxIoMm9d2xMKa16LCcYgpyMOnORK
QaGQaLlUToJ1YHWvDQdRLHZFDv7u12VNa2YQ+lYzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUtbUjuXp09RTMtslDb9JCex+lBH0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2RhMjdjOWJmLTMxNmEtNGZjNi04MjQ2LTlkNzYwZjNlYjY2ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACIEoAwDQYJKoZIhvcNAQELBQADggEBAED9eQ5hQ7oJqSHeanYn9W22+Xfm
qMV2ou77RfeAa8vb1GH+g2tM1zJKwgqMrlp9ojwVXzxgqiUgp3Q4jOBzswNRDxU8
ZK+UNs9IEWn+SLPq8ZkPQIq/vw/g3PI3S1QThFbIvmqCYghU+WnYR15GFIGbSrdW
xrPucDQKoegEsQTREmi7CadyLA2igew6L9u/aUkjp/A0BkaK6sYZFuwSj1/Ypn9I
cGDw/79yKVPZHf9cB4YnZXpqEEHClfzaZiGrw9h7f/mrU8ZV6CHmCFNHUPxgpj26
JYQ4H3t4WWmT+Y9SmMo3aWFhz270tec72ViDQKcCYkwi4d+JxiGcL629R+c=
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:15:58 2025 by rpki-client