Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f8f69e0f-af75-4a08-9d97-31505d87d67d.roa
File: f8f69e0f-af75-4a08-9d97-31505d87d67d.roa (raw, json)
Hash identifier: UzyTvE3NbsJj2IymREnCB5PAJRDBRp73YgrkYBBMy38=
Subject key identifier: 63:43:BB:83:60:75:7F:2C:96:BF:BD:98:E9:2B:9A:56:24:69:C6:BC
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 5CD96CB3BBF523934F19CA461B76386CBD385870
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f8f69e0f-af75-4a08-9d97-31505d87d67d.roa
Signing time: Sun 19 Oct 2025 00:00:10 +0000
ROA not before: Sun 19 Oct 2025 00:00:10 +0000
ROA not after: Sun 23 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 56.239.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:d9:6c:b3:bb:f5:23:93:4f:19:ca:46:1b:76:38:6c:bd:38:58:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 19 00:00:10 2025 GMT
Not After : Nov 23 23:59:59 2025 GMT
Subject: serialNumber=9c8d1c2c08aab2cb30aa1ba744a674f8d1eaf22fdd45cbb6b8e61af7ce5aed1f, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:fe:a3:ed:48:a7:fd:7f:a3:3d:0f:d6:8c:c3:
36:dd:39:92:6c:2d:e8:69:d2:2d:b8:33:f3:8f:46:
82:99:0d:09:52:0a:d5:13:8e:cd:b0:46:4d:51:a2:
49:2b:69:75:16:79:84:14:01:25:a2:05:eb:c6:52:
0a:df:fc:15:c4:8c:78:89:10:60:ea:89:a0:6b:f5:
a9:7c:e5:5a:32:1b:d8:0e:4a:b1:34:98:5c:89:11:
7c:78:9a:6f:6e:76:03:62:57:b7:e9:19:af:52:5b:
fe:fc:e0:42:d6:42:fd:5b:21:49:d5:8e:2e:be:34:
46:23:0d:5d:1c:c3:a8:ed:f7:01:2e:0f:d5:f5:6c:
a1:41:56:88:76:9c:fe:d1:47:47:bd:10:f2:18:c2:
c8:25:e6:0b:c9:c7:cc:38:96:1f:86:00:36:2f:0d:
9b:c9:0f:68:0c:13:12:13:a6:7f:b5:63:97:7c:da:
8c:a8:d4:ae:9c:7a:df:1f:41:19:f8:8f:98:cc:bc:
0e:d3:42:a5:30:e2:00:c0:40:e8:d8:89:4e:5b:46:
12:ab:16:22:a1:42:00:32:48:ba:90:e7:71:27:9b:
d0:32:e0:58:fd:b7:e6:87:78:cf:13:07:da:f9:21:
66:e3:ac:dd:83:27:50:ad:5b:84:fa:31:e6:14:c8:
2a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:43:BB:83:60:75:7F:2C:96:BF:BD:98:E9:2B:9A:56:24:69:C6:BC
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f8f69e0f-af75-4a08-9d97-31505d87d67d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
56.239.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4d:d2:e7:0b:b4:89:88:a9:de:e8:a0:c7:e0:24:c4:45:12:d7:
b9:3c:20:05:cc:eb:a6:7a:29:82:1e:f2:9d:1d:62:43:31:3c:
cc:77:6f:b4:e5:d1:18:10:ed:a2:55:08:86:8a:a5:74:3f:b8:
ee:8d:76:ef:80:8c:25:31:c2:e5:e9:f1:38:5f:93:2d:9e:1d:
dc:c3:b8:0b:a9:d0:ce:0e:72:c8:5e:e3:00:e5:9d:f2:f0:25:
c9:0a:be:4e:68:16:a4:e3:1f:72:45:f4:71:59:17:e0:fc:b7:
d8:1e:66:54:3c:25:59:67:23:3b:f8:93:14:b8:9c:8d:0a:d1:
0b:58:d6:bf:6f:cf:a4:51:91:e1:dc:a4:09:ae:85:08:47:88:
6a:8f:b2:ab:da:34:92:ae:be:00:c4:1d:cb:a2:0f:3b:4d:62:
79:79:7d:78:16:09:79:93:da:92:c0:b3:0b:55:e8:0a:bc:b6:
9b:64:ef:68:16:3a:ba:16:4a:ad:2d:84:24:46:7c:ea:f8:fd:
9f:d1:66:d7:c7:c9:be:10:b6:1f:59:2d:44:3f:a4:0a:6e:31:
f9:35:e2:11:b1:6e:41:85:de:42:41:df:f3:02:9b:cc:39:d3:
d5:d6:5e:c4:d7:11:84:ea:2f:ed:11:3d:16:7c:d8:75:5a:f2:
cc:14:50:b0
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUXNlss7v1I5NPGcpGG3Y4bL04WHAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE5MDAwMDEwWhcNMjUxMTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A5YzhkMWMyYzA4YWFiMmNiMzBhYTFiYTc0NGE2NzRmOGQx
ZWFmMjJmZGQ0NWNiYjZiOGU2MWFmN2NlNWFlZDFmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDB/qPtSKf9f6M9D9aMwzbdOZJsLehp0i24M/OPRoKZDQlS
CtUTjs2wRk1RokkraXUWeYQUASWiBevGUgrf/BXEjHiJEGDqiaBr9al85VoyG9gO
SrE0mFyJEXx4mm9udgNiV7fpGa9SW/784ELWQv1bIUnVji6+NEYjDV0cw6jt9wEu
D9X1bKFBVoh2nP7RR0e9EPIYwsgl5gvJx8w4lh+GADYvDZvJD2gMExITpn+1Y5d8
2oyo1K6cet8fQRn4j5jMvA7TQqUw4gDAQOjYiU5bRhKrFiKhQgAySLqQ53Enm9Ay
4Fj9t+aHeM8TB9r5IWbjrN2DJ1CtW4T6MeYUyCo7AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUY0O7g2B1fyyWv72Y6SuaViRpxrwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Y4ZjY5ZTBmLWFmNzUtNGEwOC05ZDk3LTMxNTA1ZDg3ZDY3ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA47zANBgkqhkiG9w0BAQsFAAOCAQEATdLnC7SJiKne6KDH4CTERRLXuTwg
Bczrpnopgh7ynR1iQzE8zHdvtOXRGBDtolUIhoqldD+47o1274CMJTHC5enxOF+T
LZ4d3MO4C6nQzg5yyF7jAOWd8vAlyQq+TmgWpOMfckX0cVkX4Py32B5mVDwlWWcj
O/iTFLicjQrRC1jWv2/PpFGR4dykCa6FCEeIao+yq9o0kq6+AMQdy6IPO01ieXl9
eBYJeZPaksCzC1XoCry2m2TvaBY6uhZKrS2EJEZ86vj9n9Fm18fJvhC2H1ktRD+k
Cm4x+TXiEbFuQYXeQkHf8wKbzDnT1dZexNcRhOov7RE9FnzYdVryzBRQsA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:11:59 2025 by rpki-client