Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9fd04f3e-2ac4-4c97-91d7-2ddff68451c4.roa
File: 9fd04f3e-2ac4-4c97-91d7-2ddff68451c4.roa (raw, json)
Hash identifier: nVhS0OglZKyxsaenfCWSBLhSDEsvUrcUM0nH3ABqc0k=
Subject key identifier: 68:61:BC:6F:C4:C2:B1:90:BF:D8:24:7F:73:56:D4:1F:04:F3:5C:8D
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 7B02D0B04BD6C1440BE43E7681ACA9C314D2FF08
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9fd04f3e-2ac4-4c97-91d7-2ddff68451c4.roa
Signing time: Wed 12 Nov 2025 02:30:15 +0000
ROA not before: Wed 12 Nov 2025 02:30:15 +0000
ROA not after: Wed 17 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 140.200.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:02:d0:b0:4b:d6:c1:44:0b:e4:3e:76:81:ac:a9:c3:14:d2:ff:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 12 02:30:15 2025 GMT
Not After : Dec 17 23:59:59 2025 GMT
Subject: serialNumber=00234a51257716d2ab505b7b19e9089f116e7d8d7444942c4e76a969c5fe4d0d, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:30:60:d2:b6:0f:fe:f6:d3:94:f1:fb:0a:b6:
15:0c:05:e5:e0:8f:81:c7:4a:1e:17:c6:04:cc:b9:
47:00:b6:db:b0:50:8f:d3:71:3d:03:fc:07:67:c2:
74:e8:45:b1:da:a3:49:b6:61:00:1e:4d:1f:21:63:
cf:33:93:39:aa:fc:f1:47:fc:e1:ae:3f:99:57:0f:
46:22:45:7a:08:e1:1d:92:4f:ae:13:00:f8:e7:cd:
78:4c:b8:c7:d3:e9:99:a9:b0:2b:02:ee:4c:d4:89:
54:02:18:3a:f0:a9:5c:5c:87:c1:52:bd:97:51:1c:
fa:4d:c9:b1:71:c5:bd:97:4e:f2:44:a0:df:f3:a7:
c1:49:65:93:80:16:3b:ca:87:3a:83:68:de:32:ec:
ae:b6:28:b0:13:0c:e0:82:a0:29:e2:d3:c2:7d:b9:
9c:4c:50:06:f1:db:0c:1c:2f:3f:88:de:ca:3b:17:
22:d5:39:e5:83:2f:35:39:41:52:46:3e:6d:97:2f:
50:c6:77:31:75:d7:14:bc:39:92:03:fe:e1:be:fd:
47:ca:ce:c8:62:a2:1b:b5:a5:24:8c:7f:bb:8d:af:
4b:ea:3f:2e:90:f0:92:56:82:b4:28:ec:69:26:51:
52:e2:e4:a0:88:a3:37:9e:00:72:43:a4:25:0f:1e:
ff:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:61:BC:6F:C4:C2:B1:90:BF:D8:24:7F:73:56:D4:1F:04:F3:5C:8D
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9fd04f3e-2ac4-4c97-91d7-2ddff68451c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.200.0.0/16
Signature Algorithm: sha256WithRSAEncryption
22:68:a4:7c:20:4f:ef:f8:e4:9f:49:e2:f2:d0:eb:63:33:9d:
29:8a:bd:5c:39:4c:b1:ee:c6:44:ce:5f:bb:78:2e:55:5e:98:
be:b3:81:15:c3:59:ae:df:54:f6:d7:92:68:2b:f9:62:d6:ee:
07:a1:97:86:d8:59:f6:01:6f:63:04:38:67:11:a6:c3:71:fe:
c1:d0:79:31:7c:9b:87:3b:e7:1f:74:a4:f9:8f:be:47:3c:d2:
8b:b8:d4:91:c6:57:b2:78:3e:25:d4:d3:92:0d:9a:b8:57:db:
aa:9c:0b:0a:d0:46:4e:dd:92:fd:ea:d1:7c:01:8e:6d:c9:70:
ab:9b:ba:0b:2a:09:e3:0b:4a:ab:4c:59:d2:20:e7:dc:80:b0:
6c:0d:58:a7:a0:b0:11:65:e4:ab:1c:89:f7:05:ae:a2:fe:4c:
0a:44:59:19:32:1b:d9:75:68:71:d6:3e:12:bd:d7:bb:11:0e:
68:70:d5:94:e8:50:7a:7d:a8:31:00:1e:3b:17:cf:a0:63:58:
c7:2c:ec:73:8c:a4:70:2d:de:05:93:5b:d2:84:67:3f:43:c4:
17:8b:c7:87:d0:42:e0:55:b2:22:ea:a7:0b:f9:d5:54:6e:d1:
52:44:0c:e5:93:23:06:d2:96:ca:a2:44:06:fb:c7:01:68:64:
8a:f1:c2:6a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUewLQsEvWwUQL5D52gaypwxTS/wgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEyMDIzMDE1WhcNMjUxMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AwMDIzNGE1MTI1NzcxNmQyYWI1MDViN2IxOWU5MDg5ZjEx
NmU3ZDhkNzQ0NDk0MmM0ZTc2YTk2OWM1ZmU0ZDBkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+MGDStg/+9tOU8fsKthUMBeXgj4HHSh4XxgTMuUcAttuw
UI/TcT0D/AdnwnToRbHao0m2YQAeTR8hY88zkzmq/PFH/OGuP5lXD0YiRXoI4R2S
T64TAPjnzXhMuMfT6ZmpsCsC7kzUiVQCGDrwqVxch8FSvZdRHPpNybFxxb2XTvJE
oN/zp8FJZZOAFjvKhzqDaN4y7K62KLATDOCCoCni08J9uZxMUAbx2wwcLz+I3so7
FyLVOeWDLzU5QVJGPm2XL1DGdzF11xS8OZID/uG+/UfKzshiohu1pSSMf7uNr0vq
Py6Q8JJWgrQo7GkmUVLi5KCIozeeAHJDpCUPHv8PAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUaGG8b8TCsZC/2CR/c1bUHwTzXI0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzlmZDA0ZjNlLTJhYzQtNGM5Ny05MWQ3LTJkZGZmNjg0NTFjNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCMyDANBgkqhkiG9w0BAQsFAAOCAQEAImikfCBP7/jkn0ni8tDrYzOdKYq9
XDlMse7GRM5fu3guVV6YvrOBFcNZrt9U9teSaCv5YtbuB6GXhthZ9gFvYwQ4ZxGm
w3H+wdB5MXybhzvnH3Sk+Y++RzzSi7jUkcZXsng+JdTTkg2auFfbqpwLCtBGTt2S
/erRfAGObclwq5u6CyoJ4wtKq0xZ0iDn3ICwbA1Yp6CwEWXkqxyJ9wWuov5MCkRZ
GTIb2XVocdY+Er3XuxEOaHDVlOhQen2oMQAeOxfPoGNYxyzsc4ykcC3eBZNb0oRn
P0PEF4vHh9BC4FWyIuqnC/nVVG7RUkQM5ZMjBtKWyqJEBvvHAWhkivHCag==
-----END CERTIFICATE-----
Generated at Tue Nov 18 05:51:37 2025 by rpki-client