Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8d27659a-99b8-4f12-8e10-81c7bc2cf7bf.roa
File: 8d27659a-99b8-4f12-8e10-81c7bc2cf7bf.roa (raw, json)
Hash identifier: fvcW5mfvMfTK2yOnMPHycGKqolIGxxHs1NVg87vm0Rg=
Subject key identifier: 0D:5A:D3:40:4A:EB:3C:00:DE:FA:79:47:D3:BD:9A:DD:FE:94:56:8D
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 7C0B8AEEF478290760575B6B7F362155BE6B9656
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8d27659a-99b8-4f12-8e10-81c7bc2cf7bf.roa
Signing time: Wed 12 Nov 2025 01:20:08 +0000
ROA not before: Wed 12 Nov 2025 01:20:08 +0000
ROA not after: Wed 17 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 23.22.64.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:0b:8a:ee:f4:78:29:07:60:57:5b:6b:7f:36:21:55:be:6b:96:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 12 01:20:08 2025 GMT
Not After : Dec 17 23:59:59 2025 GMT
Subject: serialNumber=e3956cec18c9b16b833eec11fa66163432bae29c7f742de28a9dabb354089086, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f9:50:a4:d5:3f:81:f4:46:96:62:ce:9d:4e:
2d:48:62:40:b4:83:c6:54:9c:10:93:e3:65:8a:05:
7d:8a:7f:1b:91:fb:a1:98:7a:e5:be:dc:a4:34:61:
4b:3c:12:27:25:d9:24:f9:27:0b:55:c0:98:8b:2b:
49:d5:dc:4f:c2:ab:8f:98:ae:77:9c:88:a5:89:ce:
1b:01:56:d9:1d:bc:bc:83:95:c2:ce:03:49:5d:8f:
58:70:48:5a:03:be:51:3b:28:cd:80:27:d3:cf:7c:
5a:96:61:62:d6:ee:46:9a:c3:54:f8:f1:8a:af:32:
57:3a:0d:cb:c8:7a:a1:db:64:7f:50:4c:8a:9c:14:
6f:4b:9e:a3:05:45:ce:ec:2f:c8:c8:f9:00:79:30:
06:b1:01:d2:20:95:a4:53:b7:a3:7b:68:c6:fa:7f:
bc:0d:7c:62:4d:fa:2a:86:10:ea:31:9f:ac:4a:5e:
57:25:af:23:21:ee:7f:8f:9b:b3:26:c1:71:f5:09:
70:19:ce:ef:40:7a:dc:7c:76:df:95:dc:97:7d:2a:
2e:c3:39:41:cf:b1:dd:b5:90:a9:41:fc:43:17:e7:
cc:65:2e:c3:9b:d3:4b:e5:be:ab:83:93:e8:7c:0c:
69:c4:32:af:6e:f9:56:dc:5a:f4:a7:34:b3:da:a7:
ee:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:5A:D3:40:4A:EB:3C:00:DE:FA:79:47:D3:BD:9A:DD:FE:94:56:8D
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8d27659a-99b8-4f12-8e10-81c7bc2cf7bf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.22.64.0/21
Signature Algorithm: sha256WithRSAEncryption
16:2a:ff:76:f2:c2:5c:7f:a4:64:2e:31:e1:da:94:a5:ef:fe:
5d:a0:1a:e4:01:91:b2:3d:32:e3:9b:00:7a:40:ba:e2:bb:7c:
fd:58:90:92:33:97:67:7c:4f:ae:d9:d1:fd:ad:70:06:50:e7:
d1:6a:ff:9c:ac:63:e1:d8:1d:f6:3e:2f:7e:e3:75:9f:41:f4:
f2:b5:40:74:cb:ea:f4:ef:70:df:21:a9:27:29:fa:b2:57:4c:
2c:6c:2b:bd:17:b7:b9:8e:95:94:4c:c2:84:da:83:aa:cf:00:
4e:1a:47:d1:95:32:a3:b8:eb:f1:02:b3:89:ab:5e:4d:13:9a:
07:c0:23:b2:19:23:46:ed:8c:e0:d5:73:1f:ec:4f:68:a6:4f:
ff:4c:46:8f:c5:6c:05:db:d0:8d:22:3a:93:8e:51:c7:23:64:
4b:25:b6:88:ae:b5:c6:76:c6:d8:0c:6a:dd:67:3e:e5:04:92:
cf:19:73:83:d3:87:7d:25:b6:0f:cd:a6:df:5d:29:b1:44:49:
b5:2e:d1:c0:60:a7:d8:f9:be:16:87:cf:13:35:fe:eb:8b:80:
a5:9a:45:82:9e:6e:71:dd:42:65:f5:7f:5b:bd:3d:fe:d0:80:
a1:36:04:e8:44:e2:c7:39:c7:5f:20:37:86:50:a6:c3:a5:76:
fc:44:0f:2c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfAuK7vR4KQdgV1trfzYhVb5rllYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEyMDEyMDA4WhcNMjUxMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BlMzk1NmNlYzE4YzliMTZiODMzZWVjMTFmYTY2MTYzNDMy
YmFlMjljN2Y3NDJkZTI4YTlkYWJiMzU0MDg5MDg2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0+VCk1T+B9EaWYs6dTi1IYkC0g8ZUnBCT42WKBX2KfxuR
+6GYeuW+3KQ0YUs8Eicl2ST5JwtVwJiLK0nV3E/Cq4+YrneciKWJzhsBVtkdvLyD
lcLOA0ldj1hwSFoDvlE7KM2AJ9PPfFqWYWLW7kaaw1T48YqvMlc6DcvIeqHbZH9Q
TIqcFG9LnqMFRc7sL8jI+QB5MAaxAdIglaRTt6N7aMb6f7wNfGJN+iqGEOoxn6xK
XlclryMh7n+Pm7MmwXH1CXAZzu9Aetx8dt+V3Jd9Ki7DOUHPsd21kKlB/EMX58xl
LsOb00vlvquDk+h8DGnEMq9u+VbcWvSnNLPap+6JAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUDVrTQErrPADe+nlH072a3f6UVo0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhkMjc2NTlhLTk5YjgtNGYxMi04ZTEwLTgxYzdiYzJjZjdiZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMXFkAwDQYJKoZIhvcNAQELBQADggEBABYq/3bywlx/pGQuMeHalKXv/l2g
GuQBkbI9MuObAHpAuuK7fP1YkJIzl2d8T67Z0f2tcAZQ59Fq/5ysY+HYHfY+L37j
dZ9B9PK1QHTL6vTvcN8hqScp+rJXTCxsK70Xt7mOlZRMwoTag6rPAE4aR9GVMqO4
6/ECs4mrXk0TmgfAI7IZI0btjODVcx/sT2imT/9MRo/FbAXb0I0iOpOOUccjZEsl
toiutcZ2xtgMat1nPuUEks8Zc4PTh30ltg/Npt9dKbFESbUu0cBgp9j5vhaHzxM1
/uuLgKWaRYKebnHdQmX1f1u9Pf7QgKE2BOhE4sc5x18gN4ZQpsOldvxEDyw=
-----END CERTIFICATE-----
Generated at Tue Nov 18 05:49:32 2025 by rpki-client