Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f5aec560-9ee2-4706-a412-e145d8614aad.roa
File: f5aec560-9ee2-4706-a412-e145d8614aad.roa (raw, json)
Hash identifier: 3+95aozU0diBCvoav1Mc/wW7ulpe7cFjTmR8sTAjJ1g=
Subject key identifier: 15:B5:2D:AD:D1:10:5B:3A:48:30:B7:21:26:2B:5A:3C:A9:0C:3B:1D
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 03087A445ED937D1C91DD80BE075726E4FD8A8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f5aec560-9ee2-4706-a412-e145d8614aad.roa
Signing time: Tue 07 Oct 2025 00:41:10 +0000
ROA not before: Tue 07 Oct 2025 00:41:10 +0000
ROA not after: Tue 11 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 209.168.128.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:08:7a:44:5e:d9:37:d1:c9:1d:d8:0b:e0:75:72:6e:4f:d8:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 7 00:41:10 2025 GMT
Not After : Nov 11 23:59:59 2025 GMT
Subject: serialNumber=209480efb566b098a764204fddc289ca4ea3ec936ae8a57df0acc4a7bdce06c0, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ae:4d:26:82:86:c0:3d:be:11:06:ca:40:d4:
0e:85:3b:33:e0:a0:26:8a:7c:a0:d0:b2:69:46:78:
56:f1:79:7d:b3:1d:20:1d:b4:26:0d:3b:cf:11:d4:
3f:b7:19:6f:12:80:2b:c8:4c:09:85:c3:8d:06:0b:
e2:55:3b:d3:5e:f2:f7:ad:a3:25:c8:c2:7b:e7:34:
82:f9:47:c7:e3:09:7f:7f:37:20:7c:77:43:84:f4:
fb:ee:26:5d:18:63:20:6d:13:52:b1:06:35:7c:32:
92:1c:8c:09:0a:0b:12:4f:81:5c:ef:a3:57:3c:74:
97:78:2c:98:28:ad:21:80:a2:6f:82:82:e5:ce:01:
f0:17:6b:ab:73:46:31:7c:f8:62:22:40:93:18:25:
81:db:cc:22:22:ee:65:4d:43:0a:ac:25:6e:46:30:
84:4e:1f:27:73:a0:3c:5a:45:73:84:fc:6c:08:d8:
62:b6:8d:75:02:c6:72:8e:7b:ac:3f:98:da:4a:cb:
33:79:a7:6c:f5:c2:96:58:f0:22:47:d8:c5:35:7f:
29:89:2d:3e:9e:76:6d:66:e9:d0:60:6f:b5:09:12:
4b:ef:c0:da:6e:52:d6:93:4d:42:e5:c8:aa:1f:08:
96:b2:44:ac:b1:a2:70:9f:10:87:69:ac:5e:da:c6:
e7:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:B5:2D:AD:D1:10:5B:3A:48:30:B7:21:26:2B:5A:3C:A9:0C:3B:1D
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f5aec560-9ee2-4706-a412-e145d8614aad.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
209.168.128.0/17
Signature Algorithm: sha256WithRSAEncryption
84:73:73:17:20:3d:51:23:5d:2a:74:20:87:9d:10:74:fe:df:
d8:51:0e:fb:c5:1e:25:f4:bf:1b:2c:c3:c3:d8:54:05:e8:1d:
e9:72:0d:49:90:b9:8b:b4:6d:bc:5d:9b:8c:06:19:ff:59:ef:
7f:39:01:70:08:99:63:a3:37:f3:f8:8c:e6:c0:f1:42:1c:7c:
b8:46:bb:0d:4e:39:6c:80:f1:5e:0b:c2:ba:d0:c4:ea:dd:c7:
db:6a:30:aa:e4:f1:a8:1b:cb:77:77:cd:d6:f1:e6:53:0d:19:
99:98:bc:20:06:4a:03:81:5f:a1:79:f4:ab:73:fb:5f:ed:20:
95:54:9b:27:b6:6f:00:e1:fd:a3:5e:30:b8:3d:d2:d4:94:0e:
3a:ec:ac:1e:84:5a:20:6d:e6:1a:bb:20:26:f4:8a:90:8c:46:
43:6b:b3:be:6b:6b:5b:ed:42:bd:ca:fb:13:26:bb:ef:29:cb:
2b:52:af:85:35:4f:b3:d5:2d:14:b5:a5:54:fd:a6:aa:46:f8:
88:9d:ff:5c:1b:3b:bd:d4:75:d4:3c:7e:5c:2b:aa:8f:37:65:
00:02:89:1f:06:d0:18:a1:6c:08:fe:29:41:f3:ef:4c:18:0f:
02:df:ec:24:56:e3:c3:a7:2a:42:b8:58:e6:d3:28:c7:f4:47:
f2:32:ef:15
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITAwh6RF7ZN9HJHdgL4HVybk/YqDANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzI2ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAxOGQ0MmJlMzU4ZWIz
NzEwN2RiZThjYjcxZDBhNzAeFw0yNTEwMDcwMDQxMTBaFw0yNTExMTEyMzU5NTla
MHoxSTBHBgNVBAUTQDIwOTQ4MGVmYjU2NmIwOThhNzY0MjA0ZmRkYzI4OWNhNGVh
M2VjOTM2YWU4YTU3ZGYwYWNjNGE3YmRjZTA2YzAxLTArBgNVBAMTJGIyNWM5NzBm
LWQ4MTMtNDQ1Yy1iZmUyLTYyNjY4NTE4Yzg3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANiuTSaChsA9vhEGykDUDoU7M+CgJop8oNCyaUZ4VvF5fbMd
IB20Jg07zxHUP7cZbxKAK8hMCYXDjQYL4lU7017y962jJcjCe+c0gvlHx+MJf383
IHx3Q4T0++4mXRhjIG0TUrEGNXwykhyMCQoLEk+BXO+jVzx0l3gsmCitIYCib4KC
5c4B8Bdrq3NGMXz4YiJAkxglgdvMIiLuZU1DCqwlbkYwhE4fJ3OgPFpFc4T8bAjY
YraNdQLGco57rD+Y2krLM3mnbPXClljwIkfYxTV/KYktPp52bWbp0GBvtQkSS+/A
2m5S1pNNQuXIqh8IlrJErLGicJ8Qh2msXtrG5wECAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBQVtS2t0RBbOkgwtyEmK1o8qQw7HTAfBgNVHSMEGDAWgBQQXdeNVXhAq0Nd
vRUhII8p+kk/rjAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzFiYTMwMmI4LThk
YWItNDkxZC1iOWVkLWQ3YzkyZDAzMGQ4Mi82ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAx
OGQ0MmJlMzU4ZWIzNzEwN2RiZThjYjcxZDBhNy5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8yMGFhMzI5Yi1mYzUyLTRjNjEtYmY1My0wOTcy
NWMwNDI5NDIvZjVhZWM1NjAtOWVlMi00NzA2LWE0MTItZTE0NWQ4NjE0YWFkLnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMt
MDk3MjVjMDQyOTQyL19xeDNSSjhCalVLLU5ZNnpjUWZiNk10eDBLYy5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEB9GogDANBgkqhkiG9w0BAQsFAAOCAQEAhHNzFyA9USNdKnQgh50QdP7f2FEO
+8UeJfS/GyzDw9hUBegd6XINSZC5i7RtvF2bjAYZ/1nvfzkBcAiZY6M38/iM5sDx
Qhx8uEa7DU45bIDxXgvCutDE6t3H22owquTxqBvLd3fN1vHmUw0ZmZi8IAZKA4Ff
oXn0q3P7X+0glVSbJ7ZvAOH9o14wuD3S1JQOOuysHoRaIG3mGrsgJvSKkIxGQ2uz
vmtrW+1Cvcr7Eya77ynLK1KvhTVPs9UtFLWlVP2mqkb4iJ3/XBs7vdR11Dx+XCuq
jzdlAAKJHwbQGKFsCP4pQfPvTBgPAt/sJFbjw6cqQrhY5tMox/RH8jLvFQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:56:15 2025 by rpki-client