Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2c295dc3-8adf-4c3d-82c5-67900163edde.roa
File: 2c295dc3-8adf-4c3d-82c5-67900163edde.roa (raw, json)
Hash identifier: uNNTLlQgoBC1kk9oOVNDA8EchqtTap1CRZaq3K9iSb4=
Subject key identifier: 2E:21:38:77:42:67:59:FC:88:AB:FF:E4:03:57:9B:0D:5A:D7:A4:30
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 0E79A8442E4D7CF7D688F52A8E97F06434263394
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2c295dc3-8adf-4c3d-82c5-67900163edde.roa
Signing time: Sat 08 Nov 2025 01:40:55 +0000
ROA not before: Sat 08 Nov 2025 01:40:55 +0000
ROA not after: Sat 13 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1fec:c800::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:79:a8:44:2e:4d:7c:f7:d6:88:f5:2a:8e:97:f0:64:34:26:33:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 8 01:40:55 2025 GMT
Not After : Dec 13 23:59:59 2025 GMT
Subject: serialNumber=8049788e539670cd176d12fbac1951b3c8ccae5333ebff665e0b92cdc5cd7dfb, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f3:11:b3:b0:9a:9c:5e:f1:5d:59:71:c6:66:
6c:64:45:35:e1:5c:13:1c:ff:fd:f4:48:42:0a:5c:
b9:49:ac:d9:bb:fc:9b:ca:60:44:cc:cc:cf:a5:65:
1a:7c:35:cd:ba:0b:d6:e3:8b:73:5b:32:93:f9:c5:
86:7a:55:1a:49:72:54:51:24:e2:7d:d6:14:15:2f:
b5:c8:6c:b2:60:bd:e4:f3:db:6d:35:d2:08:94:d1:
9c:95:da:08:78:a0:45:2b:37:50:80:a5:d5:75:a6:
7b:b2:d2:e5:ad:13:d5:47:57:65:10:f9:1e:25:ab:
53:18:d1:36:2c:33:14:62:ef:11:a1:51:2d:ea:99:
19:68:80:62:78:4b:b1:3f:94:36:32:85:61:6c:b8:
c0:d5:95:b1:d4:e0:c0:3b:d1:d2:e9:e3:63:2a:8a:
09:19:c8:b0:5d:f6:92:44:30:78:39:a4:2c:01:ae:
df:80:6e:14:62:88:3b:39:60:32:f6:2c:b1:7a:d2:
d9:46:aa:98:f7:2f:c1:7d:ec:e1:db:03:dc:26:ab:
d3:bc:84:2b:03:ce:74:35:03:05:60:a6:d1:47:63:
74:62:17:b1:75:ed:95:56:f6:58:bc:22:81:73:f4:
a4:44:04:05:d4:b1:d2:9d:7b:81:ed:26:71:85:c5:
90:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:21:38:77:42:67:59:FC:88:AB:FF:E4:03:57:9B:0D:5A:D7:A4:30
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2c295dc3-8adf-4c3d-82c5-67900163edde.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1fec:c800::/48
Signature Algorithm: sha256WithRSAEncryption
26:91:90:27:4d:d9:4a:28:dc:03:5e:49:d1:05:19:0a:55:04:
78:e9:b2:12:a2:a8:24:78:d3:0b:de:1f:ba:f1:f7:00:7c:21:
c3:56:21:fb:29:61:87:59:d6:1e:9a:a8:06:0a:80:0c:86:a5:
a2:fb:27:5e:6e:c2:8e:84:52:0e:b7:e0:e6:d0:1d:ad:53:bf:
cd:d7:6b:c0:fa:a6:89:08:3e:74:34:7b:3a:87:3b:b5:c1:48:
31:8a:a2:97:5b:fb:81:90:06:5f:18:77:03:ae:e2:ec:62:ec:
af:69:8a:56:30:cd:a8:1f:8d:ed:57:8a:65:32:05:91:4d:d5:
bc:18:87:51:ff:02:24:25:fc:ca:55:cf:bd:7b:1f:42:87:2d:
da:a3:fc:d0:d4:a7:68:0e:9f:f4:af:f2:51:8e:f0:4f:01:88:
d0:63:26:08:88:5d:c5:90:02:51:28:91:98:f5:6b:f3:7b:41:
e0:98:21:c8:05:3e:5b:6f:bd:68:3f:21:ce:aa:42:cf:e9:59:
9c:86:30:a4:6b:a5:67:98:3e:98:cd:f9:2c:7b:84:f5:a9:00:
2a:aa:87:45:ab:b3:53:35:f5:a5:e4:12:a1:37:ec:27:7a:82:
76:4b:f2:b2:d3:ae:d9:39:63:91:fc:02:38:52:30:01:5d:5a:
eb:8f:56:72
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUDnmoRC5NfPfWiPUqjpfwZDQmM5QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTA4MDE0MDU1WhcNMjUxMjEzMjM1OTU5
WjB6MUkwRwYDVQQFE0A4MDQ5Nzg4ZTUzOTY3MGNkMTc2ZDEyZmJhYzE5NTFiM2M4
Y2NhZTUzMzNlYmZmNjY1ZTBiOTJjZGM1Y2Q3ZGZiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDI8xGzsJqcXvFdWXHGZmxkRTXhXBMc//30SEIKXLlJrNm7
/JvKYETMzM+lZRp8Nc26C9bji3NbMpP5xYZ6VRpJclRRJOJ91hQVL7XIbLJgveTz
22010giU0ZyV2gh4oEUrN1CApdV1pnuy0uWtE9VHV2UQ+R4lq1MY0TYsMxRi7xGh
US3qmRlogGJ4S7E/lDYyhWFsuMDVlbHU4MA70dLp42MqigkZyLBd9pJEMHg5pCwB
rt+AbhRiiDs5YDL2LLF60tlGqpj3L8F97OHbA9wmq9O8hCsDznQ1AwVgptFHY3Ri
F7F17ZVW9li8IoFz9KREBAXUsdKde4HtJnGFxZCFAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQULiE4d0JnWfyIq//kA1ebDVrXpDAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJjMjk1ZGMzLThhZGYtNGMzZC04MmM1LTY3OTAwMTYzZWRkZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB/syAAwDQYJKoZIhvcNAQELBQADggEBACaRkCdN2Uoo3ANeSdEFGQpV
BHjpshKiqCR40wveH7rx9wB8IcNWIfspYYdZ1h6aqAYKgAyGpaL7J15uwo6EUg63
4ObQHa1Tv83Xa8D6pokIPnQ0ezqHO7XBSDGKopdb+4GQBl8YdwOu4uxi7K9pilYw
zagfje1XimUyBZFN1bwYh1H/AiQl/MpVz717H0KHLdqj/NDUp2gOn/Sv8lGO8E8B
iNBjJgiIXcWQAlEokZj1a/N7QeCYIcgFPltvvWg/Ic6qQs/pWZyGMKRrpWeYPpjN
+Sx7hPWpACqqh0Wrs1M19aXkEqE37Cd6gnZL8rLTrtk5Y5H8AjhSMAFdWuuPVnI=
-----END CERTIFICATE-----
Generated at Tue Nov 18 05:52:39 2025 by rpki-client