Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0c216dd4-0371-4db0-9543-a165a832f035.roa
File: 0c216dd4-0371-4db0-9543-a165a832f035.roa (raw, json)
Hash identifier: 5ut75IgNjXSn+xV0yqT4mEEIjF9n3k9+c9QyaM/5ubQ=
Subject key identifier: 67:A9:F3:23:40:1C:5A:82:76:BF:44:47:91:64:DD:E3:A1:23:2E:91
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 0342056B4C156D73E89F7AFCCC0C00ED4426972D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0c216dd4-0371-4db0-9543-a165a832f035.roa
Signing time: Wed 12 Nov 2025 02:31:53 +0000
ROA not before: Wed 12 Nov 2025 02:31:53 +0000
ROA not after: Wed 17 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1fff:e020::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:42:05:6b:4c:15:6d:73:e8:9f:7a:fc:cc:0c:00:ed:44:26:97:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 12 02:31:53 2025 GMT
Not After : Dec 17 23:59:59 2025 GMT
Subject: serialNumber=23b85c86fa68d054e18f59b66f6c50800827c23cb2d0ecd42a4375a650fa8d33, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:c3:2f:eb:ff:0c:c5:ad:03:c8:1b:cc:01:4f:
b9:41:41:5d:11:82:fe:81:08:5a:67:e7:62:cf:b9:
bd:81:b3:af:eb:66:e6:59:9c:34:b5:44:38:ca:4b:
e7:55:fe:21:48:f1:cd:c5:b6:8f:b0:34:ad:c2:97:
16:d3:94:7c:f7:1c:30:29:fc:3f:8f:94:b2:e5:5c:
ad:0e:65:6d:ed:74:ab:83:be:ab:a7:7d:25:ba:8b:
f2:c4:a9:6a:78:65:32:7b:b1:ed:a1:ba:9d:be:2c:
7e:1c:48:00:a3:a9:04:99:69:e2:9f:2c:d7:60:43:
2c:06:72:42:92:6f:25:e9:92:e7:3b:de:69:83:1b:
78:16:60:7a:cd:1f:bc:7c:7a:da:8e:7b:95:d7:8f:
06:24:49:a3:de:35:81:15:fe:f9:32:2d:6e:a1:40:
f7:4f:3f:27:fa:ae:af:1e:88:a5:a0:73:6b:b9:87:
88:eb:6e:b7:d2:59:54:00:65:89:ac:68:a2:26:2e:
a9:16:dd:fd:a6:e3:eb:b7:5a:95:f3:61:22:04:5e:
47:ce:5c:57:2a:f2:c6:bc:45:56:cd:d4:b6:84:18:
29:15:39:07:7f:20:15:3f:60:26:4a:fc:ef:60:61:
ee:25:c7:3e:75:06:a4:11:a0:4d:0f:94:3e:2c:95:
50:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:A9:F3:23:40:1C:5A:82:76:BF:44:47:91:64:DD:E3:A1:23:2E:91
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0c216dd4-0371-4db0-9543-a165a832f035.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1fff:e020::/48
Signature Algorithm: sha256WithRSAEncryption
97:41:d5:9f:e2:1a:10:31:9a:74:aa:9e:3a:f8:27:fa:ee:03:
08:ff:68:ad:e7:00:35:98:e0:f3:41:7b:be:8b:17:aa:e1:95:
e8:8e:11:52:da:0e:df:ad:f9:8a:e9:80:72:1b:b5:9a:41:ed:
2d:94:17:d0:c4:68:44:3d:26:0a:38:fa:fd:11:5f:5b:22:09:
40:44:24:c3:75:62:c3:4b:e7:2e:2e:26:71:27:c7:c8:16:dd:
e3:3e:ca:51:fb:9f:e3:c0:de:4b:82:29:d2:f2:de:8a:86:0b:
64:a6:a7:0d:86:fa:6e:82:9f:56:e8:14:a3:80:9c:59:40:04:
9b:99:60:bb:46:74:86:d0:e8:76:bf:b7:8b:65:a4:6c:f2:57:
28:84:50:63:f2:b8:c1:2e:30:c8:ee:db:2a:8a:94:a0:9c:78:
9f:ca:41:c2:b2:8d:c2:24:c9:54:0f:39:f4:54:ec:01:84:34:
e4:5c:14:fa:c1:b3:80:7c:e2:fd:b6:af:5c:2c:24:72:e2:cf:
8f:49:48:9c:f2:ce:ff:73:fc:cd:5d:aa:e7:cb:da:3c:d4:8a:
89:18:f9:05:64:77:15:c6:21:ab:85:6e:0b:48:a4:82:d3:bd:
8c:bb:f7:d8:09:5d:3d:c2:7a:2a:5c:8b:01:a1:bc:0e:a8:bd:
40:81:2e:17
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUA0IFa0wVbXPon3r8zAwA7UQmly0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEyMDIzMTUzWhcNMjUxMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AyM2I4NWM4NmZhNjhkMDU0ZTE4ZjU5YjY2ZjZjNTA4MDA4
MjdjMjNjYjJkMGVjZDQyYTQzNzVhNjUwZmE4ZDMzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDmwy/r/wzFrQPIG8wBT7lBQV0Rgv6BCFpn52LPub2Bs6/r
ZuZZnDS1RDjKS+dV/iFI8c3Fto+wNK3ClxbTlHz3HDAp/D+PlLLlXK0OZW3tdKuD
vqunfSW6i/LEqWp4ZTJ7se2hup2+LH4cSACjqQSZaeKfLNdgQywGckKSbyXpkuc7
3mmDG3gWYHrNH7x8etqOe5XXjwYkSaPeNYEV/vkyLW6hQPdPPyf6rq8eiKWgc2u5
h4jrbrfSWVQAZYmsaKImLqkW3f2m4+u3WpXzYSIEXkfOXFcq8sa8RVbN1LaEGCkV
OQd/IBU/YCZK/O9gYe4lxz51BqQRoE0PlD4slVB5AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUZ6nzI0AcWoJ2v0RHkWTd46EjLpEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzBjMjE2ZGQ0LTAzNzEtNGRiMC05NTQzLWExNjVhODMyZjAzNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB//4CAwDQYJKoZIhvcNAQELBQADggEBAJdB1Z/iGhAxmnSqnjr4J/ru
Awj/aK3nADWY4PNBe76LF6rhleiOEVLaDt+t+YrpgHIbtZpB7S2UF9DEaEQ9Jgo4
+v0RX1siCUBEJMN1YsNL5y4uJnEnx8gW3eM+ylH7n+PA3kuCKdLy3oqGC2Smpw2G
+m6Cn1boFKOAnFlABJuZYLtGdIbQ6Ha/t4tlpGzyVyiEUGPyuMEuMMju2yqKlKCc
eJ/KQcKyjcIkyVQPOfRU7AGENORcFPrBs4B84v22r1wsJHLiz49JSJzyzv9z/M1d
qufL2jzUiokY+QVkdxXGIauFbgtIpILTvYy799gJXT3CeipciwGhvA6ovUCBLhc=
-----END CERTIFICATE-----
Generated at Tue Nov 18 05:52:21 2025 by rpki-client