Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/76aa40ec-69b9-44f1-9209-484f2d282a6a.roa
File: 76aa40ec-69b9-44f1-9209-484f2d282a6a.roa (raw, json)
Hash identifier: 3LtDblebj523GJmg+PowRvnw+HreRtkAcH4fySPa2EM=
Subject key identifier: F9:81:FA:29:3F:A6:DE:3F:7A:12:0A:78:8A:BD:A5:FA:9E:92:70:EE
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 28B94C87C5842C308A5545A10587E3FBFB433BF2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/76aa40ec-69b9-44f1-9209-484f2d282a6a.roa
Signing time: Tue 11 Nov 2025 02:20:54 +0000
ROA not before: Tue 11 Nov 2025 02:20:54 +0000
ROA not after: Tue 16 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 157.175.128.0/17 maxlen: 17
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:b9:4c:87:c5:84:2c:30:8a:55:45:a1:05:87:e3:fb:fb:43:3b:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 11 02:20:54 2025 GMT
Not After : Dec 16 23:59:59 2025 GMT
Subject: serialNumber=21a4834517d833d5e3e8aaf59a1ca2979db7b0a03da8a3b24169264db61b9ecb, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:cd:b9:90:b2:3c:af:84:f0:8f:13:49:da:6a:
15:be:50:70:c0:69:70:c3:44:fe:45:01:d0:eb:93:
a9:2f:9e:f7:89:62:82:d2:25:ab:10:c4:e5:8f:b5:
70:e7:e3:74:16:05:de:89:df:b1:18:56:38:28:6c:
c1:50:4f:f3:ba:93:2e:ca:74:8a:71:5d:c1:04:1e:
0a:4e:89:82:94:84:61:c1:54:92:f4:aa:05:f3:e9:
27:66:4c:60:67:12:e5:db:39:14:21:24:9c:79:b3:
09:dc:a2:24:d5:39:b9:21:6e:7b:20:bd:35:e3:7b:
50:5f:e2:64:4c:c5:4c:c7:84:ec:b5:40:f2:5a:85:
88:eb:ca:15:04:b5:bd:59:30:61:8f:67:a9:b8:68:
2c:ea:5e:9e:2a:9a:9a:fb:5c:b3:e2:e4:31:56:01:
42:6f:07:eb:38:99:e1:a3:11:0e:06:79:49:8b:dd:
b5:2a:b5:b8:c0:58:70:e6:f6:cf:17:6b:55:4c:31:
8e:24:0b:18:d5:d5:89:46:3d:38:e0:4d:3f:f1:7e:
33:59:69:21:3e:ed:30:24:d6:a5:ce:91:23:41:2e:
72:06:6b:48:7f:fd:95:43:18:e2:2e:79:d3:da:1b:
ac:af:b8:9d:01:af:3b:1e:41:aa:f0:21:04:1e:00:
a5:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:81:FA:29:3F:A6:DE:3F:7A:12:0A:78:8A:BD:A5:FA:9E:92:70:EE
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/76aa40ec-69b9-44f1-9209-484f2d282a6a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.175.128.0/17
Signature Algorithm: sha256WithRSAEncryption
68:75:bb:8a:0c:f9:1b:19:0c:56:69:5d:9a:e8:0e:ac:40:83:
00:e1:4e:03:ae:f5:a2:00:db:2b:92:97:37:ee:e2:62:1d:c1:
6e:c8:36:03:6a:a4:d5:dc:e5:c3:0f:89:3f:7b:32:34:82:b8:
50:9f:b8:dc:ed:4f:bd:2e:48:cc:0b:11:c0:e2:98:d5:07:ea:
05:d5:8c:b3:76:0d:db:64:ac:82:9c:e4:4c:16:b1:84:2a:43:
c0:48:95:12:78:7e:31:87:b0:9d:ae:3e:1c:da:a2:2d:d8:c4:
62:68:b6:db:28:a1:80:42:eb:f6:e0:87:38:54:29:88:f6:40:
bf:90:e5:f1:7d:a3:fb:f4:05:16:e1:5f:21:69:3a:2f:e0:31:
a8:ee:4f:e8:ac:9f:64:e3:87:6a:88:e5:ad:05:ee:ce:9c:4a:
51:2d:27:30:2b:7c:79:f2:0e:5b:2c:34:73:97:5f:9a:89:a2:
68:d3:a8:9b:31:d3:87:9a:bc:d1:4e:ee:54:c3:af:31:25:f4:
5b:f6:8d:b4:88:e8:d5:d2:1a:2f:91:b5:aa:41:f0:3e:d0:07:
7a:3c:cc:aa:f6:02:86:2a:f9:45:2a:e4:a4:23:32:05:da:a1:
6e:ae:97:c7:0c:2e:5e:1f:a1:8d:d2:f6:cc:57:6a:66:79:a8:
f7:e1:87:cb
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKLlMh8WELDCKVUWhBYfj+/tDO/IwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDIyMDU0WhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0AyMWE0ODM0NTE3ZDgzM2Q1ZTNlOGFhZjU5YTFjYTI5Nzlk
YjdiMGEwM2RhOGEzYjI0MTY5MjY0ZGI2MWI5ZWNiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3zbmQsjyvhPCPE0naahW+UHDAaXDDRP5FAdDrk6kvnveJ
YoLSJasQxOWPtXDn43QWBd6J37EYVjgobMFQT/O6ky7KdIpxXcEEHgpOiYKUhGHB
VJL0qgXz6SdmTGBnEuXbORQhJJx5swncoiTVObkhbnsgvTXje1Bf4mRMxUzHhOy1
QPJahYjryhUEtb1ZMGGPZ6m4aCzqXp4qmpr7XLPi5DFWAUJvB+s4meGjEQ4GeUmL
3bUqtbjAWHDm9s8Xa1VMMY4kCxjV1YlGPTjgTT/xfjNZaSE+7TAk1qXOkSNBLnIG
a0h//ZVDGOIuedPaG6yvuJ0BrzseQarwIQQeAKVlAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU+YH6KT+m3j96Egp4ir2l+p6ScO4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc2YWE0MGVjLTY5YjktNDRmMS05MjA5LTQ4NGYyZDI4MmE2YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAedr4AwDQYJKoZIhvcNAQELBQADggEBAGh1u4oM+RsZDFZpXZroDqxAgwDh
TgOu9aIA2yuSlzfu4mIdwW7INgNqpNXc5cMPiT97MjSCuFCfuNztT70uSMwLEcDi
mNUH6gXVjLN2DdtkrIKc5EwWsYQqQ8BIlRJ4fjGHsJ2uPhzaoi3YxGJottsooYBC
6/bghzhUKYj2QL+Q5fF9o/v0BRbhXyFpOi/gMajuT+isn2Tjh2qI5a0F7s6cSlEt
JzArfHnyDlssNHOXX5qJomjTqJsx04eavNFO7lTDrzEl9Fv2jbSI6NXSGi+RtapB
8D7QB3o8zKr2AoYq+UUq5KQjMgXaoW6ul8cMLl4foY3S9sxXamZ5qPfhh8s=
-----END CERTIFICATE-----
Generated at Tue Nov 18 05:53:09 2025 by rpki-client