Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/734aa407-2656-4503-bd27-1f445170dc56.roa
File: 734aa407-2656-4503-bd27-1f445170dc56.roa (raw, json)
Hash identifier: Rhb855V6y9L7VwIP0NbfDsfemIMM+7EA7OQ3hwFxZgM=
Subject key identifier: C4:E1:29:E8:C7:EF:39:25:74:58:C0:ED:7A:6B:32:4C:80:91:C7:05
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 631B4B7AB7281E038E3FD2D160BF1BA2424829D8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/734aa407-2656-4503-bd27-1f445170dc56.roa
Signing time: Tue 23 Sep 2025 15:20:36 +0000
ROA not before: Tue 23 Sep 2025 15:20:36 +0000
ROA not after: Tue 28 Oct 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2600:1ff0:8000::/39 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:1b:4b:7a:b7:28:1e:03:8e:3f:d2:d1:60:bf:1b:a2:42:48:29:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Sep 23 15:20:36 2025 GMT
Not After : Oct 28 23:59:59 2025 GMT
Subject: serialNumber=697935c916b63aac70f5865b6419eacf61a6d0190449514a650de93e3f525e32, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f4:b4:cf:2b:b0:b6:b6:4b:c2:e5:87:f1:0d:
ac:52:c6:38:fe:01:6a:a9:b3:19:8b:57:61:f0:f5:
5f:e1:61:2f:ce:d6:f6:28:e8:0e:c7:62:4d:5a:cf:
aa:1e:d0:24:80:f4:24:f8:2d:d8:e2:36:79:76:65:
0d:33:98:00:59:63:6b:81:2a:a8:68:35:c8:76:d5:
45:d0:8e:0e:a7:c8:c8:d7:5b:b2:63:bb:f9:a7:eb:
36:f8:c5:13:f6:03:51:45:c9:d3:90:62:37:a8:4e:
c6:0a:90:85:e7:b6:fd:a4:28:88:d1:9f:f1:1c:36:
fb:69:79:2f:0e:37:c9:ad:2a:86:cb:5f:65:70:bd:
ac:54:01:84:6c:e5:d1:df:a1:12:43:ae:1d:bd:80:
02:59:9b:c1:a5:bf:5d:ba:15:af:63:8b:94:9f:a7:
73:55:0b:6c:75:d3:16:c7:ff:2d:bb:d0:8f:55:22:
8b:b6:a4:0a:a8:09:34:58:c9:e3:f2:e2:83:8d:ef:
83:8f:77:6b:ef:d7:c2:c1:26:2a:9f:56:7a:18:28:
86:ef:95:52:9b:5c:3b:5f:3d:9e:85:a1:92:bc:21:
6c:ac:8e:7c:a1:1c:49:71:88:53:00:15:9f:98:c0:
70:1c:5b:ab:0e:a7:4a:6a:fd:48:0a:d1:28:e8:54:
b7:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:E1:29:E8:C7:EF:39:25:74:58:C0:ED:7A:6B:32:4C:80:91:C7:05
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/734aa407-2656-4503-bd27-1f445170dc56.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1ff0:8000::/39
Signature Algorithm: sha256WithRSAEncryption
00:2b:f8:4f:36:2f:84:9c:c8:f8:d1:a9:42:81:53:12:ab:59:
52:ab:81:d5:f9:3d:74:06:b8:0d:2b:51:1b:79:02:89:33:39:
5a:27:ec:eb:bf:eb:f9:26:41:b9:50:b0:29:41:60:af:7e:02:
09:94:79:ce:ff:ab:f7:06:e7:d8:93:d8:c3:0c:32:10:a9:3f:
db:e8:60:e6:f8:4e:48:85:7d:52:96:db:ec:18:6f:ad:4b:82:
cc:a7:4c:ff:9b:f0:13:be:4a:02:be:53:37:11:0f:90:db:1b:
87:8d:c7:71:ff:dc:72:e2:ff:f7:54:09:e3:9b:7c:f3:72:6b:
5c:e0:a9:9b:23:51:09:41:7d:75:eb:ed:c3:64:14:02:84:68:
ba:ae:19:c8:25:51:d7:4c:38:a1:c8:5f:b1:4f:58:1f:06:7d:
5e:54:db:84:55:52:df:e1:41:24:9c:63:cb:fa:0a:2c:9f:be:
05:d5:56:7c:cf:c9:33:39:cc:db:87:68:d0:a5:79:8b:dc:14:
2a:54:f1:19:d4:9a:57:e6:a5:66:3f:69:f6:3c:55:64:34:5f:
3a:3c:cb:2c:04:12:1a:ed:1f:9e:48:c9:10:a7:0a:c1:8b:81:
3e:ad:18:47:60:16:dd:6d:06:cd:d7:3e:22:77:c5:5c:47:29:
c7:47:89:4f
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUYxtLercoHgOOP9LRYL8bokJIKdgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTIzMTUyMDM2WhcNMjUxMDI4MjM1OTU5
WjB6MUkwRwYDVQQFE0A2OTc5MzVjOTE2YjYzYWFjNzBmNTg2NWI2NDE5ZWFjZjYx
YTZkMDE5MDQ0OTUxNGE2NTBkZTkzZTNmNTI1ZTMyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCz9LTPK7C2tkvC5YfxDaxSxjj+AWqpsxmLV2Hw9V/hYS/O
1vYo6A7HYk1az6oe0CSA9CT4LdjiNnl2ZQ0zmABZY2uBKqhoNch21UXQjg6nyMjX
W7Jju/mn6zb4xRP2A1FFydOQYjeoTsYKkIXntv2kKIjRn/EcNvtpeS8ON8mtKobL
X2VwvaxUAYRs5dHfoRJDrh29gAJZm8Glv126Fa9ji5Sfp3NVC2x10xbH/y270I9V
Iou2pAqoCTRYyePy4oON74OPd2vv18LBJiqfVnoYKIbvlVKbXDtfPZ6FoZK8IWys
jnyhHElxiFMAFZ+YwHAcW6sOp0pq/UgK0SjoVLcZAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUxOEp6MfvOSV0WMDtemsyTICRxwUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzczNGFhNDA3LTI2NTYtNDUwMy1iZDI3LTFmNDQ1MTcwZGM1Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAB/wgDANBgkqhkiG9w0BAQsFAAOCAQEAACv4TzYvhJzI+NGpQoFTEqtZ
UquB1fk9dAa4DStRG3kCiTM5Wifs67/r+SZBuVCwKUFgr34CCZR5zv+r9wbn2JPY
wwwyEKk/2+hg5vhOSIV9Upbb7BhvrUuCzKdM/5vwE75KAr5TNxEPkNsbh43Hcf/c
cuL/91QJ45t883JrXOCpmyNRCUF9devtw2QUAoRouq4ZyCVR10w4ochfsU9YHwZ9
XlTbhFVS3+FBJJxjy/oKLJ++BdVWfM/JMznM24do0KV5i9wUKlTxGdSaV+alZj9p
9jxVZDRfOjzLLAQSGu0fnkjJEKcKwYuBPq0YR2AW3W0Gzdc+InfFXEcpx0eJTw==
-----END CERTIFICATE-----
Generated at Wed Oct 8 23:18:55 2025 by rpki-client