Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/70aa4285-cbd0-450f-b52c-a70ba1e394d0.roa
File: 70aa4285-cbd0-450f-b52c-a70ba1e394d0.roa (raw, json)
Hash identifier: tS28RQF+K1tVKkKnWN/3oIGNeRKFsuRxvK1EXXhpZ9A=
Subject key identifier: B3:36:ED:CF:10:E7:26:03:6D:EF:24:A3:B4:15:6C:F6:9F:78:BE:7E
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 0C5E9EBB4787EF6D865C06FCA0A6AB8155B28D05
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/70aa4285-cbd0-450f-b52c-a70ba1e394d0.roa
Signing time: Wed 12 Nov 2025 01:20:51 +0000
ROA not before: Wed 12 Nov 2025 01:20:51 +0000
ROA not after: Wed 17 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 216.182.232.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:5e:9e:bb:47:87:ef:6d:86:5c:06:fc:a0:a6:ab:81:55:b2:8d:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 12 01:20:51 2025 GMT
Not After : Dec 17 23:59:59 2025 GMT
Subject: serialNumber=e157ad80a91731e0bd9f4a5f3d97df6cd1f965a82f644874bf347d08f42b9c46, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fa:98:97:d0:e2:ef:f5:45:ef:ca:35:0d:e6:
59:dc:00:94:d6:39:90:a5:38:17:7c:e9:3e:8e:7b:
b0:fc:b0:88:20:35:d6:72:ad:ca:7b:d2:9a:82:c7:
cc:2f:1c:df:b7:20:db:00:be:00:f5:1a:bd:77:ec:
bf:89:f9:f7:85:13:aa:63:30:9c:2f:58:3f:7c:fe:
15:52:10:42:6e:b3:16:45:08:6c:9a:a7:00:30:f5:
52:f5:be:9f:79:a3:c1:ae:58:ab:c5:ef:bb:df:74:
b1:60:ba:51:42:93:4e:dd:f8:94:7c:d5:9c:82:ac:
75:2c:ae:d0:b4:dd:d2:1a:89:2a:c7:4b:7a:43:e1:
4e:83:64:8b:2f:b9:b4:1f:d6:26:87:f0:a5:85:61:
63:fa:a8:f4:cf:93:81:cc:7a:f8:6d:e1:90:d8:a1:
36:a6:d2:99:ae:d8:48:4c:ea:03:df:3d:4e:74:43:
b7:c4:4e:ea:f2:2b:9f:c8:e6:83:cb:3d:18:76:9b:
e0:cf:ee:dc:0c:a6:1f:84:5d:b7:3b:60:f7:0c:9b:
20:3a:25:e9:c1:28:f7:46:28:47:ea:a5:66:b8:48:
1f:a4:c5:5a:1a:9e:4e:c8:9a:6b:f1:a6:e7:81:a1:
23:66:21:7b:9c:8d:00:70:b5:9b:81:b3:ef:e3:f6:
cf:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:36:ED:CF:10:E7:26:03:6D:EF:24:A3:B4:15:6C:F6:9F:78:BE:7E
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/70aa4285-cbd0-450f-b52c-a70ba1e394d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
216.182.232.0/22
Signature Algorithm: sha256WithRSAEncryption
19:d0:19:b3:41:59:1d:ce:10:91:b9:54:de:81:a3:80:64:fc:
87:4e:72:60:82:cf:3a:46:41:9a:f7:f8:08:dc:7e:ec:12:6e:
77:a9:f1:3b:f2:55:f3:6b:6f:1a:a4:c4:cb:9d:23:33:79:81:
a9:a1:1a:fd:bb:b5:00:b2:cd:97:ac:52:a3:c5:8a:b9:4b:67:
4a:32:b4:e9:c5:d4:b6:4c:84:03:5c:de:09:1a:8d:d4:f5:73:
82:c4:26:2e:cf:d6:eb:b2:9c:44:26:ec:55:ef:74:cb:73:af:
8e:a6:4d:57:8f:03:ed:74:4b:bb:f9:f5:7f:2c:8a:fe:d6:d0:
c3:71:f8:8d:61:cc:79:fc:eb:78:65:db:f1:b8:aa:e4:d5:cd:
5e:a6:d8:00:a0:2f:dc:1c:b2:62:2c:49:d4:88:4a:40:f5:eb:
85:f1:c7:b4:e5:c1:41:bd:5c:36:d1:04:fc:40:e9:40:f0:ab:
8c:31:25:82:53:43:23:0d:ef:4f:f6:45:17:94:81:b6:4e:d1:
82:4e:ad:00:46:20:5b:7d:0e:8e:e4:f6:3a:ef:c0:ec:93:8d:
7b:24:4a:9f:21:8c:57:36:df:a5:f0:a4:8c:1d:75:79:02:c2:
ac:35:ba:64:ae:55:0f:3a:69:30:e5:ce:8a:28:e4:91:10:29:
67:0b:3b:e3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDF6eu0eH722GXAb8oKargVWyjQUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEyMDEyMDUxWhcNMjUxMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BlMTU3YWQ4MGE5MTczMWUwYmQ5ZjRhNWYzZDk3ZGY2Y2Qx
Zjk2NWE4MmY2NDQ4NzRiZjM0N2QwOGY0MmI5YzQ2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/+piX0OLv9UXvyjUN5lncAJTWOZClOBd86T6Oe7D8sIgg
NdZyrcp70pqCx8wvHN+3INsAvgD1Gr137L+J+feFE6pjMJwvWD98/hVSEEJusxZF
CGyapwAw9VL1vp95o8GuWKvF77vfdLFgulFCk07d+JR81ZyCrHUsrtC03dIaiSrH
S3pD4U6DZIsvubQf1iaH8KWFYWP6qPTPk4HMevht4ZDYoTam0pmu2EhM6gPfPU50
Q7fETuryK5/I5oPLPRh2m+DP7twMph+EXbc7YPcMmyA6JenBKPdGKEfqpWa4SB+k
xVoank7ImmvxpueBoSNmIXucjQBwtZuBs+/j9s+3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUszbtzxDnJgNt7ySjtBVs9p94vn4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzcwYWE0Mjg1LWNiZDAtNDUwZi1iNTJjLWE3MGJhMWUzOTRkMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALYtugwDQYJKoZIhvcNAQELBQADggEBABnQGbNBWR3OEJG5VN6Bo4Bk/IdO
cmCCzzpGQZr3+AjcfuwSbnep8TvyVfNrbxqkxMudIzN5gamhGv27tQCyzZesUqPF
irlLZ0oytOnF1LZMhANc3gkajdT1c4LEJi7P1uuynEQm7FXvdMtzr46mTVePA+10
S7v59X8siv7W0MNx+I1hzHn863hl2/G4quTVzV6m2ACgL9wcsmIsSdSISkD164Xx
x7TlwUG9XDbRBPxA6UDwq4wxJYJTQyMN70/2RReUgbZO0YJOrQBGIFt9Do7k9jrv
wOyTjXskSp8hjFc236XwpIwddXkCwqw1umSuVQ86aTDlzooo5JEQKWcLO+M=
-----END CERTIFICATE-----
Generated at Tue Nov 18 05:49:33 2025 by rpki-client