Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/21aa0dd7-3715-4fba-9058-ff15105f4485.roa
File: 21aa0dd7-3715-4fba-9058-ff15105f4485.roa (raw, json)
Hash identifier: Iz2uh3AkhvHvlmM0roD3pPCfR5qloq4giJRf5cqe2Cg=
Subject key identifier: 63:EE:3B:1C:2A:AE:E9:3D:65:97:18:97:80:B8:20:1E:3F:27:89:69
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 21C4EC39A14E1E40C6553E14A117B895BEDC9AAC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/21aa0dd7-3715-4fba-9058-ff15105f4485.roa
Signing time: Tue 11 Nov 2025 00:20:41 +0000
ROA not before: Tue 11 Nov 2025 00:20:41 +0000
ROA not after: Tue 16 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1f00:10c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:c4:ec:39:a1:4e:1e:40:c6:55:3e:14:a1:17:b8:95:be:dc:9a:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 11 00:20:41 2025 GMT
Not After : Dec 16 23:59:59 2025 GMT
Subject: serialNumber=b42826810e1273978d52ad120dffb32fffaa56cc3849c84887e2736720caa605, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:2e:15:20:3a:ad:c1:af:cf:ce:84:aa:82:ce:
75:50:30:34:4b:80:a4:a8:eb:87:5e:22:02:42:1a:
1e:f9:9d:c7:ba:09:f2:ff:58:43:fc:f5:42:95:5f:
57:a6:0f:98:87:68:80:86:69:8f:77:2e:1c:5d:12:
1e:1a:4d:21:f5:ab:0c:fb:03:12:3d:78:1f:a1:61:
94:89:4e:77:91:a8:21:6f:10:63:9c:81:68:bc:bc:
fc:ea:7f:39:02:7f:7a:19:85:38:de:f5:3b:de:8f:
72:76:5c:9f:ee:67:db:0c:b7:eb:65:26:4d:60:9e:
83:66:a0:3c:38:93:71:00:a1:c3:13:d5:15:12:3c:
e8:be:9d:e4:03:1a:1e:bc:18:38:9d:47:cf:06:23:
6b:58:09:dd:a6:e0:69:9c:c4:cb:46:07:ca:a5:84:
0b:e9:86:05:9c:d5:9c:8b:78:e0:d5:fd:35:e8:fc:
13:c7:71:e6:f6:8d:44:1a:4e:0d:02:e9:df:5c:75:
e1:d5:b7:65:f7:19:66:4e:9f:5e:5d:08:33:50:10:
24:4c:98:4e:0a:22:c3:79:20:11:40:e0:c4:0f:1e:
4b:dc:13:1b:ce:f7:17:88:e5:a4:b2:59:df:15:c3:
12:79:ca:2a:9c:3a:13:31:b1:f2:31:72:d3:24:c9:
8c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:EE:3B:1C:2A:AE:E9:3D:65:97:18:97:80:B8:20:1E:3F:27:89:69
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/21aa0dd7-3715-4fba-9058-ff15105f4485.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1f00:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
85:d6:6d:3f:0c:b7:9f:f8:67:06:41:33:91:65:06:52:be:63:
47:bc:6f:d3:e4:55:3b:2c:24:9a:0f:91:db:e5:d3:f4:54:98:
9f:7c:50:04:bd:b2:3d:55:17:93:61:99:ee:0e:89:51:28:65:
f6:94:24:66:cb:46:0d:12:37:a9:63:4c:12:e1:eb:24:79:96:
d3:f0:35:8b:a3:bc:62:0d:3c:c1:8c:a8:ab:e9:cc:c2:90:8a:
3f:f4:34:d3:44:ea:66:50:b6:79:0b:98:f0:36:a1:61:21:78:
71:69:bd:f8:b0:34:7d:4e:3a:3b:37:e2:64:31:66:4b:02:98:
91:59:eb:7b:64:92:84:86:7d:f8:5c:94:c3:a1:11:51:99:02:
ef:86:0d:9f:af:2f:41:2a:e0:04:77:39:99:0e:78:b1:b7:d0:
4e:80:98:8e:41:5d:24:ed:a5:1d:86:05:46:ae:1f:b9:e2:3d:
f1:40:9c:30:9b:71:f2:e2:ef:d5:47:2d:4f:b8:6a:18:af:f6:
e7:30:2d:9f:5d:f4:fd:d1:e0:65:cc:3b:23:2a:6f:ed:15:c5:
e3:f0:51:09:2d:c5:ac:60:02:91:95:2a:aa:42:7e:b8:d3:3d:
45:94:fe:f1:f4:ec:f6:43:f4:1c:51:b9:1a:ff:17:d0:a3:d0:
8e:52:f6:fd
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUIcTsOaFOHkDGVT4UoRe4lb7cmqwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDAyMDQxWhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BiNDI4MjY4MTBlMTI3Mzk3OGQ1MmFkMTIwZGZmYjMyZmZm
YWE1NmNjMzg0OWM4NDg4N2UyNzM2NzIwY2FhNjA1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCiLhUgOq3Br8/OhKqCznVQMDRLgKSo64deIgJCGh75nce6
CfL/WEP89UKVX1emD5iHaICGaY93LhxdEh4aTSH1qwz7AxI9eB+hYZSJTneRqCFv
EGOcgWi8vPzqfzkCf3oZhTje9Tvej3J2XJ/uZ9sMt+tlJk1gnoNmoDw4k3EAocMT
1RUSPOi+neQDGh68GDidR88GI2tYCd2m4GmcxMtGB8qlhAvphgWc1ZyLeODV/TXo
/BPHceb2jUQaTg0C6d9cdeHVt2X3GWZOn15dCDNQECRMmE4KIsN5IBFA4MQPHkvc
ExvO9xeI5aSyWd8VwxJ5yiqcOhMxsfIxctMkyYw1AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUY+47HCqu6T1llxiXgLggHj8niWkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzIxYWEwZGQ3LTM3MTUtNGZiYS05MDU4LWZmMTUxMDVmNDQ4NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB8AEMAwDQYJKoZIhvcNAQELBQADggEBAIXWbT8Mt5/4ZwZBM5FlBlK+
Y0e8b9PkVTssJJoPkdvl0/RUmJ98UAS9sj1VF5Nhme4OiVEoZfaUJGbLRg0SN6lj
TBLh6yR5ltPwNYujvGINPMGMqKvpzMKQij/0NNNE6mZQtnkLmPA2oWEheHFpvfiw
NH1OOjs34mQxZksCmJFZ63tkkoSGffhclMOhEVGZAu+GDZ+vL0Eq4AR3OZkOeLG3
0E6AmI5BXSTtpR2GBUauH7niPfFAnDCbcfLi79VHLU+4ahiv9ucwLZ9d9P3R4GXM
OyMqb+0VxePwUQktxaxgApGVKqpCfrjTPUWU/vH07PZD9BxRuRr/F9Cj0I5S9v0=
-----END CERTIFICATE-----
Generated at Tue Nov 18 05:52:36 2025 by rpki-client