Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8a9489e8-8ade-4ce9-a7f5-9def391102e3.roa
File: 8a9489e8-8ade-4ce9-a7f5-9def391102e3.roa (raw, json)
Hash identifier: JmccdGtMb22sbu2kZ2RTeA8OR/gWO1Ok/A87Z03HF6U=
Subject key identifier: 35:97:EE:3E:0F:B6:A8:89:9E:08:AD:00:26:5C:C4:C5:31:98:3C:89
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2DADA38B1598E6EE051D270C81F20BEC2C7CB4D0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8a9489e8-8ade-4ce9-a7f5-9def391102e3.roa
Signing time: Sat 15 Nov 2025 00:21:08 +0000
ROA not before: Sat 15 Nov 2025 00:21:08 +0000
ROA not after: Sat 20 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 16.69.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:ad:a3:8b:15:98:e6:ee:05:1d:27:0c:81:f2:0b:ec:2c:7c:b4:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 15 00:21:08 2025 GMT
Not After : Dec 20 23:59:59 2025 GMT
Subject: serialNumber=a74a62df73b90fccab593262809cb4060636bc3a53fa89da2a40f8f272de4ac9, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:d3:cb:c6:46:a1:cd:91:e2:91:94:0a:fb:15:
ca:8d:6f:f4:44:15:bb:44:4f:cf:f6:ab:32:bf:76:
60:31:7f:f7:ff:89:26:d2:4b:36:4a:b0:97:68:2a:
57:16:6e:00:a6:4e:e4:9f:2b:80:88:a9:29:58:ae:
8f:8f:b4:b0:f0:35:2f:a7:d1:45:c3:40:f4:11:4f:
ff:6e:3e:99:aa:ec:c3:cf:dd:53:b1:ae:9c:a1:d1:
50:39:29:ef:b3:93:2e:81:83:bd:af:85:44:63:b5:
54:c5:bc:67:c5:33:2d:e5:84:be:87:6d:c6:ee:91:
29:a0:30:82:79:21:c7:45:11:12:0b:e1:63:35:db:
66:4a:ab:3e:1f:04:a0:22:c1:9e:48:c3:b6:d9:70:
fc:69:46:c9:b5:01:e7:cb:3f:55:38:79:3e:ac:81:
d6:32:e4:e8:25:ea:f6:bd:43:b9:e5:97:37:8f:92:
a9:a7:f4:3f:8a:7c:21:a7:74:d7:1a:be:22:73:e4:
38:da:f2:f9:f7:e3:85:0e:26:7b:eb:e0:d4:cb:30:
f1:31:f9:e4:e1:f7:f5:b1:33:0c:45:c6:cf:2d:53:
c1:71:50:14:fc:7c:11:02:c4:f2:bd:11:93:65:93:
ba:f8:56:3f:79:cd:b3:f9:fb:7e:02:46:7e:03:21:
d0:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:97:EE:3E:0F:B6:A8:89:9E:08:AD:00:26:5C:C4:C5:31:98:3C:89
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8a9489e8-8ade-4ce9-a7f5-9def391102e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.69.0.0/16
Signature Algorithm: sha256WithRSAEncryption
02:8d:23:53:6d:06:26:32:bf:45:9a:a9:3f:5c:f8:e8:05:43:
6e:c1:53:0d:80:e2:f0:34:51:47:3a:f4:94:2d:49:e9:bf:8a:
57:6a:b0:4a:c0:02:cd:9a:f8:14:c7:1e:84:a5:3e:f0:8a:0c:
32:c5:0b:d9:50:36:fe:f5:a6:29:b4:75:62:18:cd:f1:9e:7e:
67:49:1c:02:9d:08:ff:ff:35:27:49:4b:40:ea:f8:35:90:f9:
f1:46:8f:ac:e9:76:5c:65:fa:2b:bb:44:55:3a:87:95:0d:a6:
1e:42:7a:bb:d8:54:8a:14:15:cd:16:38:74:d0:4a:02:a9:7d:
f3:a0:23:0e:59:56:86:dc:57:2a:31:c1:e1:c7:22:de:a7:4b:
1c:2f:83:b1:32:cd:82:77:04:7f:02:0b:82:88:fd:30:64:4f:
18:c7:00:42:cb:64:4e:a9:6e:51:d7:0a:ee:a1:08:72:e0:73:
fb:79:eb:68:c1:b7:4b:6f:5e:ca:67:3e:79:20:7e:d7:48:be:
4f:17:9b:03:68:5a:c5:38:70:9b:f6:ad:c6:84:9e:40:81:63:
41:67:1d:d5:44:fb:08:a5:c7:11:e3:31:75:22:05:88:43:39:
eb:e5:fb:c6:f3:03:ef:df:c3:a4:3b:b4:66:03:ea:19:4c:9e:
ad:eb:e0:97
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIULa2jixWY5u4FHScMgfIL7Cx8tNAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTE1MDAyMTA4WhcNMjUxMjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BhNzRhNjJkZjczYjkwZmNjYWI1OTMyNjI4MDljYjQwNjA2
MzZiYzNhNTNmYTg5ZGEyYTQwZjhmMjcyZGU0YWM5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDy08vGRqHNkeKRlAr7FcqNb/REFbtET8/2qzK/dmAxf/f/
iSbSSzZKsJdoKlcWbgCmTuSfK4CIqSlYro+PtLDwNS+n0UXDQPQRT/9uPpmq7MPP
3VOxrpyh0VA5Ke+zky6Bg72vhURjtVTFvGfFMy3lhL6HbcbukSmgMIJ5IcdFERIL
4WM122ZKqz4fBKAiwZ5Iw7bZcPxpRsm1AefLP1U4eT6sgdYy5Ogl6va9Q7nllzeP
kqmn9D+KfCGndNcaviJz5Dja8vn344UOJnvr4NTLMPEx+eTh9/WxMwxFxs8tU8Fx
UBT8fBECxPK9EZNlk7r4Vj95zbP5+34CRn4DIdB/AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUNZfuPg+2qImeCK0AJlzExTGYPIkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhhOTQ4OWU4LThhZGUtNGNlOS1hN2Y1LTlkZWYzOTExMDJlMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQRTANBgkqhkiG9w0BAQsFAAOCAQEAAo0jU20GJjK/RZqpP1z46AVDbsFT
DYDi8DRRRzr0lC1J6b+KV2qwSsACzZr4FMcehKU+8IoMMsUL2VA2/vWmKbR1YhjN
8Z5+Z0kcAp0I//81J0lLQOr4NZD58UaPrOl2XGX6K7tEVTqHlQ2mHkJ6u9hUihQV
zRY4dNBKAql986AjDllWhtxXKjHB4cci3qdLHC+DsTLNgncEfwILgoj9MGRPGMcA
QstkTqluUdcK7qEIcuBz+3nraMG3S29eymc+eSB+10i+TxebA2haxThwm/atxoSe
QIFjQWcd1UT7CKXHEeMxdSIFiEM56+X7xvMD79/DpDu0ZgPqGUyerevglw==
-----END CERTIFICATE-----
Generated at Tue Nov 18 05:50:38 2025 by rpki-client