Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f291d4a5-d59c-4386-a5c9-5fee4e2a78ef.roa
File: f291d4a5-d59c-4386-a5c9-5fee4e2a78ef.roa (raw, json)
Hash identifier: Kgp1NrTDX5LvPDe2R+FKwsFOHB0dJlvVbw7Lr9SNplc=
Subject key identifier: 24:47:A7:D3:4D:AD:BF:A0:9D:82:27:7E:87:BF:5E:79:8C:B4:9C:1E
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4042E30CDC20812D1D2E5BB0BCA78962708A406B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f291d4a5-d59c-4386-a5c9-5fee4e2a78ef.roa
Signing time: Mon 06 Oct 2025 15:21:18 +0000
ROA not before: Mon 06 Oct 2025 15:21:18 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 13.128.64.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:42:e3:0c:dc:20:81:2d:1d:2e:5b:b0:bc:a7:89:62:70:8a:40:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 6 15:21:18 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=9e49243a627d5efcc389a08c844c8c13c175c98e0d60420e29b7a036c000b747, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c3:e4:33:e8:70:b3:63:81:fb:4f:28:63:ea:
92:2e:5f:5f:a9:4f:26:6c:1d:4e:f2:07:4b:e9:86:
3c:6b:34:bc:2c:d3:8c:69:b3:38:26:ce:86:3e:b0:
e5:79:76:37:e3:75:ca:ea:62:5c:d7:bd:8c:14:05:
6e:b9:48:56:46:8d:eb:94:09:65:fa:b8:2d:4b:d1:
bd:68:fd:31:16:33:78:14:3f:a4:f9:f3:4e:a8:a0:
8a:ad:23:b3:ef:c5:0d:45:51:fc:da:14:3d:fa:49:
d5:c7:a0:28:d0:69:aa:f2:62:76:91:7f:84:a0:dd:
ff:b5:10:9e:09:66:64:f0:8e:d3:28:f6:db:d9:9d:
ac:40:18:b5:fa:0d:16:06:09:70:8e:c8:50:e3:9b:
28:04:aa:cd:12:7e:01:3a:3f:0d:a3:6c:73:c8:1a:
2c:60:17:6a:37:1a:5e:c7:b6:79:e0:8a:33:c4:e1:
f9:0a:aa:0f:d9:c2:4c:75:28:61:d9:3d:3a:96:b6:
d9:96:3d:b1:d6:67:77:51:7b:5c:f3:fc:23:c1:39:
4d:12:35:0d:16:94:41:8e:d9:37:0c:3d:1e:8a:de:
3d:ea:d4:9d:ce:ae:1a:b7:c4:10:41:49:08:cd:a6:
46:b9:e2:c2:73:4e:d1:7f:72:bb:28:03:59:2d:24:
85:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:47:A7:D3:4D:AD:BF:A0:9D:82:27:7E:87:BF:5E:79:8C:B4:9C:1E
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f291d4a5-d59c-4386-a5c9-5fee4e2a78ef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
13.128.64.0/20
Signature Algorithm: sha256WithRSAEncryption
1b:9e:72:77:3d:52:c3:d2:4a:89:40:e8:5f:60:dd:91:0b:61:
4a:f5:8d:ee:67:74:49:0c:8d:a0:da:8e:54:4a:76:dc:74:b6:
7e:e0:3d:5f:0b:95:c4:7b:2f:b5:6e:5c:82:56:17:66:3d:66:
44:9d:77:0b:f0:a3:9e:76:6e:4e:e9:2e:b4:90:c9:e1:0b:35:
a9:40:8f:8a:e2:8d:d4:60:fc:48:ca:7f:00:ac:40:9a:84:99:
ef:f4:2b:60:c9:f1:a8:cf:18:77:ae:7e:54:e9:dd:3f:f1:d2:
ee:a0:8e:9f:8f:75:03:c0:da:47:7a:5c:27:53:9d:66:2f:11:
d0:82:a5:6d:72:31:9f:5e:8b:bf:42:e1:0b:ac:4f:01:da:2d:
83:c9:ed:4c:f6:71:48:d0:7f:09:15:65:ed:24:ef:7f:5d:c4:
5b:0d:66:42:20:ae:c4:cb:78:d2:5d:bc:b3:4b:87:28:e6:ac:
24:89:7a:3a:8a:b0:6c:6e:83:db:98:9c:1e:6d:07:9b:6a:ab:
cd:d5:d4:c4:30:ff:4d:cf:ec:bd:c4:8d:0f:7c:77:e5:f5:b7:
8a:b3:25:82:ba:9e:d5:6b:0e:bc:85:ca:d7:d2:6f:17:38:39:
a1:ed:60:c3:f2:e3:23:4a:bb:fa:6a:74:21:32:26:ae:6d:44:
fc:28:eb:f3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQELjDNwggS0dLluwvKeJYnCKQGswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA2MTUyMTE4WhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZTQ5MjQzYTYyN2Q1ZWZjYzM4OWEwOGM4NDRjOGMxM2Mx
NzVjOThlMGQ2MDQyMGUyOWI3YTAzNmMwMDBiNzQ3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCMw+Qz6HCzY4H7Tyhj6pIuX1+pTyZsHU7yB0vphjxrNLws
04xpszgmzoY+sOV5djfjdcrqYlzXvYwUBW65SFZGjeuUCWX6uC1L0b1o/TEWM3gU
P6T5806ooIqtI7PvxQ1FUfzaFD36SdXHoCjQaaryYnaRf4Sg3f+1EJ4JZmTwjtMo
9tvZnaxAGLX6DRYGCXCOyFDjmygEqs0SfgE6Pw2jbHPIGixgF2o3Gl7HtnngijPE
4fkKqg/Zwkx1KGHZPTqWttmWPbHWZ3dRe1zz/CPBOU0SNQ0WlEGO2TcMPR6K3j3q
1J3Orhq3xBBBSQjNpka54sJzTtF/crsoA1ktJIWVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUJEen002tv6Cdgid+h79eeYy0nB4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2YyOTFkNGE1LWQ1OWMtNDM4Ni1hNWM5LTVmZWU0ZTJhNzhlZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQNgEAwDQYJKoZIhvcNAQELBQADggEBABuecnc9UsPSSolA6F9g3ZELYUr1
je5ndEkMjaDajlRKdtx0tn7gPV8LlcR7L7VuXIJWF2Y9ZkSddwvwo552bk7pLrSQ
yeELNalAj4rijdRg/EjKfwCsQJqEme/0K2DJ8ajPGHeuflTp3T/x0u6gjp+PdQPA
2kd6XCdTnWYvEdCCpW1yMZ9ei79C4QusTwHaLYPJ7Uz2cUjQfwkVZe0k739dxFsN
ZkIgrsTLeNJdvLNLhyjmrCSJejqKsGxug9uYnB5tB5tqq83V1MQw/03P7L3EjQ98
d+X1t4qzJYK6ntVrDryFytfSbxc4OaHtYMPy4yNKu/pqdCEyJq5tRPwo6/M=
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:19:49 2025 by rpki-client