Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/25d50afe-b916-421e-9463-8d89c5b90996.roa
File: 25d50afe-b916-421e-9463-8d89c5b90996.roa (raw, json)
Hash identifier: d1g5/PBPlSc65LNMlxE21p86vBe21WarYMDsH5eEvF8=
Subject key identifier: 16:31:91:8B:0C:F1:DA:71:19:92:E5:7C:B4:BE:F0:53:CB:66:AB:59
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3942260C5630D48E660863E7884909D705644A53
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/25d50afe-b916-421e-9463-8d89c5b90996.roa
Signing time: Thu 13 Nov 2025 00:30:47 +0000
ROA not before: Thu 13 Nov 2025 00:30:47 +0000
ROA not after: Thu 18 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 65.2.14.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:42:26:0c:56:30:d4:8e:66:08:63:e7:88:49:09:d7:05:64:4a:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 13 00:30:47 2025 GMT
Not After : Dec 18 23:59:59 2025 GMT
Subject: serialNumber=2cf3d12efc7865b165e8eccbc97b0612e9aba527fe79393fd1c98e07c87a001e, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:6a:ba:96:24:4e:23:83:02:37:50:8b:33:9a:
4c:96:46:81:6a:6d:6f:67:ef:8d:80:4d:27:f1:bb:
e4:7a:b2:18:30:e0:02:a2:f3:49:c9:46:66:31:69:
b3:50:8d:42:96:a6:e4:7e:4e:3d:6d:2f:e1:b7:a8:
c3:b5:b9:27:59:8f:b6:76:80:84:40:14:d0:ba:f3:
37:1a:a6:98:7a:9a:6f:c4:52:0e:f0:b5:c3:62:89:
85:1d:66:97:73:48:3c:2b:1a:e6:d1:29:b0:e8:99:
ff:e0:71:85:00:0b:c4:d4:06:b4:f1:75:86:64:ed:
83:08:c5:a2:0a:51:be:32:e5:ff:6b:9a:72:10:a8:
7a:0d:94:40:05:84:d8:26:22:1b:ff:86:ee:32:06:
68:fc:8c:bf:48:f6:98:3b:d1:ad:ca:64:be:c0:be:
9a:6a:d7:5f:c0:cc:8c:e2:73:45:ba:ec:18:c3:f4:
9c:af:26:1e:bb:4f:86:6f:a8:d2:15:6c:bc:fc:13:
0b:a4:de:b4:7f:94:ff:3d:26:81:9f:75:96:18:1a:
48:a0:27:5f:ad:c1:00:7a:39:d3:a6:34:a9:46:86:
05:6e:da:91:53:3b:6e:d7:b5:2a:0e:41:99:6e:e5:
dc:b9:b0:ee:a0:ab:4e:3c:85:1c:cb:dc:d4:35:41:
cd:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:31:91:8B:0C:F1:DA:71:19:92:E5:7C:B4:BE:F0:53:CB:66:AB:59
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/25d50afe-b916-421e-9463-8d89c5b90996.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
65.2.14.0/23
Signature Algorithm: sha256WithRSAEncryption
61:6f:c2:70:bb:fb:97:89:25:94:ad:74:11:87:84:ef:1e:63:
a1:3c:e2:8b:8a:12:ca:63:fe:1a:1c:85:96:ae:3c:e3:c5:30:
4b:61:61:8b:3f:73:4f:cb:09:28:30:42:3c:b5:ff:56:2b:b7:
ac:45:07:6b:4f:ec:44:99:1a:f4:cf:dc:13:b6:42:c5:a2:bb:
a0:0a:bc:3a:b3:93:73:e1:5d:64:f5:84:a6:3c:a8:92:2a:7a:
f6:45:ff:c0:e5:0d:98:e7:dd:1d:78:79:2a:7b:28:cf:79:4e:
2d:cd:8a:69:c7:7d:3c:5a:f5:f3:fc:f3:14:6e:e7:94:47:4f:
77:58:da:33:3f:4b:f8:d7:6e:1c:1a:2b:d6:93:27:7a:8f:70:
57:f3:35:ac:cb:c3:6a:3a:ff:cb:4e:13:16:e4:40:02:77:3b:
a9:1c:a6:58:b6:f2:ff:f1:9e:a0:53:7f:01:d6:dd:8d:65:93:
55:11:b7:0a:ca:d8:88:44:a5:3f:b1:ff:cb:f0:dd:b4:f7:18:
9d:b2:28:c2:cd:73:2d:1e:62:9e:46:bb:4a:95:76:3a:14:13:
d1:2c:3e:09:a0:9a:3e:72:b8:28:b3:fb:7c:41:89:c8:cf:2a:
a6:56:d0:0c:09:4d:f3:c0:4c:fe:5f:6a:09:a7:0c:b7:ea:e7:
38:32:1a:37
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOUImDFYw1I5mCGPniEkJ1wVkSlMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEzMDAzMDQ3WhcNMjUxMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AyY2YzZDEyZWZjNzg2NWIxNjVlOGVjY2JjOTdiMDYxMmU5
YWJhNTI3ZmU3OTM5M2ZkMWM5OGUwN2M4N2EwMDFlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDYarqWJE4jgwI3UIszmkyWRoFqbW9n742ATSfxu+R6shgw
4AKi80nJRmYxabNQjUKWpuR+Tj1tL+G3qMO1uSdZj7Z2gIRAFNC68zcapph6mm/E
Ug7wtcNiiYUdZpdzSDwrGubRKbDomf/gcYUAC8TUBrTxdYZk7YMIxaIKUb4y5f9r
mnIQqHoNlEAFhNgmIhv/hu4yBmj8jL9I9pg70a3KZL7Avppq11/AzIzic0W67BjD
9JyvJh67T4ZvqNIVbLz8Ewuk3rR/lP89JoGfdZYYGkigJ1+twQB6OdOmNKlGhgVu
2pFTO27XtSoOQZlu5dy5sO6gq048hRzL3NQ1Qc25AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUFjGRiwzx2nEZkuV8tL7wU8tmq1kwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI1ZDUwYWZlLWI5MTYtNDIxZS05NDYzLThkODljNWI5MDk5Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFBAg4wDQYJKoZIhvcNAQELBQADggEBAGFvwnC7+5eJJZStdBGHhO8eY6E8
4ouKEspj/hochZauPOPFMEthYYs/c0/LCSgwQjy1/1Yrt6xFB2tP7ESZGvTP3BO2
QsWiu6AKvDqzk3PhXWT1hKY8qJIqevZF/8DlDZjn3R14eSp7KM95Ti3NimnHfTxa
9fP88xRu55RHT3dY2jM/S/jXbhwaK9aTJ3qPcFfzNazLw2o6/8tOExbkQAJ3O6kc
pli28v/xnqBTfwHW3Y1lk1URtwrK2IhEpT+x/8vw3bT3GJ2yKMLNcy0eYp5Gu0qV
djoUE9EsPgmgmj5yuCiz+3xBicjPKqZW0AwJTfPATP5fagmnDLfq5zgyGjc=
-----END CERTIFICATE-----
Generated at Tue Nov 18 05:53:03 2025 by rpki-client