Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/db7a66bc-8f79-4047-8130-2672617f220a.roa
File: db7a66bc-8f79-4047-8130-2672617f220a.roa (raw, json)
Hash identifier: DMXnDxfXxZkV9Ex0qdNedBOys5a5kB4AT7z2dUMTUQA=
Subject key identifier: 83:CD:74:6C:40:62:B3:20:DF:FF:F9:1A:3D:48:AE:0F:FF:0E:3B:2C
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2AEC3381C93914EBBFCDA093FF0D43A56980D6A7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/db7a66bc-8f79-4047-8130-2672617f220a.roa
Signing time: Sat 27 Sep 2025 00:02:30 +0000
ROA not before: Sat 27 Sep 2025 00:02:30 +0000
ROA not after: Sat 01 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 16.3.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:ec:33:81:c9:39:14:eb:bf:cd:a0:93:ff:0d:43:a5:69:80:d6:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Sep 27 00:02:30 2025 GMT
Not After : Nov 1 23:59:59 2025 GMT
Subject: serialNumber=ded95000924bc1a0b6e0d8101f8e6d5b61a6e69b8d2f6cad3c8ff8ba31398872, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:cc:a7:b0:b8:ec:5e:5e:e3:fa:00:86:bf:ae:
aa:21:e1:6b:39:cb:53:f7:3a:3c:50:e3:99:81:e1:
41:d4:e5:f9:13:ed:08:8a:f3:30:8f:d3:0e:29:19:
1e:0a:a7:ee:0a:59:63:ba:56:d8:23:6f:24:53:57:
50:b7:18:5a:3f:f6:6d:70:7d:3f:a8:2c:7a:91:d1:
d2:9a:30:e1:50:ae:79:12:9a:28:08:41:ed:42:42:
42:d9:1e:cb:0b:1f:71:8c:fc:69:19:df:25:a7:9c:
b0:8d:f8:e1:6d:32:44:d3:5d:64:29:a0:9c:e6:b4:
08:5d:f0:f6:0f:f1:fd:41:59:3a:8d:ac:7b:6d:83:
bb:d6:76:82:f8:40:ec:9e:b9:8c:e5:83:da:88:b9:
fe:51:62:54:8a:d1:5a:19:67:52:2a:ec:0c:1f:8c:
51:49:4b:0a:fa:75:6c:21:33:f1:cc:07:61:29:35:
da:2e:76:14:c3:5c:05:69:37:ca:7f:79:11:cb:74:
4a:55:90:5f:66:7a:55:c8:31:f1:08:bb:36:7f:3d:
61:62:e9:34:d8:ed:56:da:6f:3a:79:91:e6:77:31:
b4:21:05:1b:8c:4a:06:0a:22:ca:81:c8:77:6d:b4:
a6:5c:fa:8f:ba:a0:c2:ec:8b:d1:57:1f:1d:fc:ee:
b7:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:CD:74:6C:40:62:B3:20:DF:FF:F9:1A:3D:48:AE:0F:FF:0E:3B:2C
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/db7a66bc-8f79-4047-8130-2672617f220a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.3.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c1:0b:89:7d:de:f1:f3:61:53:8e:b7:78:e1:e1:eb:04:82:91:
aa:20:ac:2e:40:72:01:ce:76:9a:4b:0d:45:1e:d2:a7:08:28:
b7:8f:62:f3:89:bb:af:ff:38:47:30:65:e8:21:b2:ee:0e:38:
93:a1:4a:f4:f7:e1:d0:6a:49:7c:63:09:65:34:0a:c8:40:7c:
e9:88:68:bb:99:df:ba:5f:a2:19:ef:f8:53:05:e6:09:eb:c6:
ee:f3:7f:a5:61:39:35:a2:ab:9e:da:20:2f:1d:eb:17:44:e5:
e4:10:d7:7b:f7:87:0f:f0:26:63:8d:73:91:99:df:d9:4c:4c:
06:1c:03:1c:f2:68:ed:6f:81:83:0a:bd:13:cb:5e:95:32:76:
fe:46:f7:19:69:bf:13:36:d6:0d:de:03:df:ea:30:bf:bb:b3:
9a:32:2c:55:38:4a:7e:21:85:f2:3c:a9:55:7d:41:73:f7:63:
43:3d:ca:55:d6:67:d2:6b:a3:ae:88:ac:b9:50:63:bd:d6:49:
ce:a3:e9:22:f5:44:0d:72:ed:26:ac:83:05:f2:c0:6c:91:e8:
ef:3b:bf:10:09:e3:2e:2c:6a:9d:59:ad:67:d2:39:d5:3c:b3:
4f:40:28:74:41:b8:a6:37:91:9b:e5:d8:c8:8b:41:b0:d5:bd:
4f:b0:7e:79
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUKuwzgck5FOu/zaCT/w1DpWmA1qcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI3MDAwMjMwWhcNMjUxMTAxMjM1OTU5
WjB6MUkwRwYDVQQFE0BkZWQ5NTAwMDkyNGJjMWEwYjZlMGQ4MTAxZjhlNmQ1YjYx
YTZlNjliOGQyZjZjYWQzYzhmZjhiYTMxMzk4ODcyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCmzKewuOxeXuP6AIa/rqoh4Ws5y1P3OjxQ45mB4UHU5fkT
7QiK8zCP0w4pGR4Kp+4KWWO6VtgjbyRTV1C3GFo/9m1wfT+oLHqR0dKaMOFQrnkS
migIQe1CQkLZHssLH3GM/GkZ3yWnnLCN+OFtMkTTXWQpoJzmtAhd8PYP8f1BWTqN
rHttg7vWdoL4QOyeuYzlg9qIuf5RYlSK0VoZZ1Iq7AwfjFFJSwr6dWwhM/HMB2Ep
NdoudhTDXAVpN8p/eRHLdEpVkF9melXIMfEIuzZ/PWFi6TTY7Vbabzp5keZ3MbQh
BRuMSgYKIsqByHdttKZc+o+6oMLsi9FXHx387rc7AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUg810bEBisyDf//kaPUiuD/8OOywwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2RiN2E2NmJjLThmNzktNDA0Ny04MTMwLTI2NzI2MTdmMjIwYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQAzANBgkqhkiG9w0BAQsFAAOCAQEAwQuJfd7x82FTjrd44eHrBIKRqiCs
LkByAc52mksNRR7Spwgot49i84m7r/84RzBl6CGy7g44k6FK9Pfh0GpJfGMJZTQK
yEB86Yhou5nful+iGe/4UwXmCevG7vN/pWE5NaKrntogLx3rF0Tl5BDXe/eHD/Am
Y41zkZnf2UxMBhwDHPJo7W+Bgwq9E8telTJ2/kb3GWm/EzbWDd4D3+owv7uzmjIs
VThKfiGF8jypVX1Bc/djQz3KVdZn0mujroisuVBjvdZJzqPpIvVEDXLtJqyDBfLA
bJHo7zu/EAnjLixqnVmtZ9I51TyzT0AodEG4pjeRm+XYyItBsNW9T7B+eQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:07:12 2025 by rpki-client