Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a53faf94-0ead-4217-83a1-8cea694483a0.roa
File: a53faf94-0ead-4217-83a1-8cea694483a0.roa (raw, json)
Hash identifier: gubluGxW9S3qxPYNfW28wMBwtu8JeHbX778h64Ra5NI=
Subject key identifier: 84:96:DE:BE:A8:DD:B6:4C:D9:30:CA:5E:7A:D8:ED:ED:5E:28:18:D8
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 5E57FAA7F5EB0DE4C756661FD99713BE193E613B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a53faf94-0ead-4217-83a1-8cea694483a0.roa
Signing time: Wed 12 Nov 2025 00:10:08 +0000
ROA not before: Wed 12 Nov 2025 00:10:08 +0000
ROA not after: Wed 17 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 121.91.198.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:57:fa:a7:f5:eb:0d:e4:c7:56:66:1f:d9:97:13:be:19:3e:61:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 12 00:10:08 2025 GMT
Not After : Dec 17 23:59:59 2025 GMT
Subject: serialNumber=3abd53e16a0ee007e290c7e7a8c3bdce4882bbbd625a9678940de53ba388411f, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:4c:ed:df:2e:95:26:d1:c7:02:20:68:93:57:
cf:82:88:6b:d1:54:aa:bd:ad:0b:78:c5:9c:61:e4:
ce:21:d3:f1:61:82:27:c9:be:12:39:a9:4a:1e:9e:
1a:55:2c:94:11:25:3a:1d:e6:5f:df:47:ed:8e:79:
e0:12:d7:b8:1f:90:53:0d:b5:7f:48:f7:4e:38:0c:
30:ec:63:9e:f6:d1:d5:fd:cc:b0:9d:2c:f8:b5:0b:
b3:c8:37:de:de:df:11:f3:c6:39:65:78:a0:f8:1b:
88:00:b2:08:ca:91:16:fa:cf:76:fe:f0:18:d8:3e:
a6:0e:b5:a7:33:32:2d:68:11:38:05:4c:34:84:aa:
79:d1:6f:1f:68:e5:0c:de:4e:b5:ee:1d:45:4c:a9:
94:a0:42:fb:21:ab:a8:03:c0:f6:aa:0d:b2:a6:4d:
e3:3f:06:31:da:40:e8:83:c1:04:50:e1:ed:63:e4:
6f:58:17:30:b6:60:39:39:13:e9:6e:6f:db:83:db:
75:b7:24:e8:fb:4d:d9:d1:e2:7b:f7:6e:9a:45:5d:
a1:e8:84:ec:09:99:f8:4f:43:39:51:8f:20:f2:d3:
82:ba:dc:2d:7d:fb:dc:e6:09:68:2f:ff:02:84:32:
9f:eb:8e:7b:36:ab:96:fd:6b:77:d3:7d:55:ba:0c:
29:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:96:DE:BE:A8:DD:B6:4C:D9:30:CA:5E:7A:D8:ED:ED:5E:28:18:D8
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a53faf94-0ead-4217-83a1-8cea694483a0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.91.198.0/24
Signature Algorithm: sha256WithRSAEncryption
83:dc:56:2e:1f:ba:4f:88:80:24:50:da:2a:da:44:13:d7:79:
84:cc:fc:1f:34:81:1e:08:96:c8:61:50:c0:5e:67:c2:ef:90:
73:5a:5f:85:b4:81:21:fc:e9:f1:a2:24:4a:20:2c:fd:77:70:
6c:5f:72:dc:d4:d2:4c:dd:5b:a9:60:5b:6d:cb:58:17:63:00:
4a:7c:63:fe:c3:30:cd:f1:56:ab:f8:89:78:3f:f9:66:40:18:
23:fe:47:bc:8a:b4:fd:ff:47:86:51:86:55:e2:27:ea:87:1b:
e2:f1:09:f2:8b:89:57:78:ab:52:ea:a0:d2:60:c0:93:6d:2b:
63:ad:27:3a:51:63:6c:b6:09:01:f2:c3:b8:a2:e8:46:a2:28:
2a:c7:4e:21:ab:fc:c4:cd:c3:6f:21:f5:01:c7:69:4e:94:55:
15:27:fd:ac:71:df:93:65:ae:ef:66:2b:b1:6e:d0:99:c6:2a:
6a:c6:87:00:eb:d7:04:bc:aa:22:fc:55:a6:04:49:8e:35:ba:
4b:53:a7:cd:d7:ab:3e:b3:ee:fb:35:20:de:6a:5c:9d:24:d4:
61:f0:eb:86:cd:73:e5:5c:cb:83:99:75:58:24:3b:fe:57:65:
2a:9e:88:34:04:73:2c:e2:b6:bc:de:b8:46:ba:66:f7:5f:a3:
58:a0:73:e7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXlf6p/XrDeTHVmYf2ZcTvhk+YTswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEyMDAxMDA4WhcNMjUxMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AzYWJkNTNlMTZhMGVlMDA3ZTI5MGM3ZTdhOGMzYmRjZTQ4
ODJiYmJkNjI1YTk2Nzg5NDBkZTUzYmEzODg0MTFmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDWTO3fLpUm0ccCIGiTV8+CiGvRVKq9rQt4xZxh5M4h0/Fh
gifJvhI5qUoenhpVLJQRJTod5l/fR+2OeeAS17gfkFMNtX9I9044DDDsY5720dX9
zLCdLPi1C7PIN97e3xHzxjlleKD4G4gAsgjKkRb6z3b+8BjYPqYOtaczMi1oETgF
TDSEqnnRbx9o5QzeTrXuHUVMqZSgQvshq6gDwPaqDbKmTeM/BjHaQOiDwQRQ4e1j
5G9YFzC2YDk5E+lub9uD23W3JOj7TdnR4nv3bppFXaHohOwJmfhPQzlRjyDy04K6
3C19+9zmCWgv/wKEMp/rjns2q5b9a3fTfVW6DCk5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUhJbevqjdtkzZMMpeetjt7V4oGNgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E1M2ZhZjk0LTBlYWQtNDIxNy04M2ExLThjZWE2OTQ0ODNhMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAB5W8YwDQYJKoZIhvcNAQELBQADggEBAIPcVi4fuk+IgCRQ2iraRBPXeYTM
/B80gR4IlshhUMBeZ8LvkHNaX4W0gSH86fGiJEogLP13cGxfctzU0kzdW6lgW23L
WBdjAEp8Y/7DMM3xVqv4iXg/+WZAGCP+R7yKtP3/R4ZRhlXiJ+qHG+LxCfKLiVd4
q1LqoNJgwJNtK2OtJzpRY2y2CQHyw7ii6EaiKCrHTiGr/MTNw28h9QHHaU6UVRUn
/axx35Nlru9mK7Fu0JnGKmrGhwDr1wS8qiL8VaYESY41uktTp83Xqz6z7vs1IN5q
XJ0k1GHw64bNc+Vcy4OZdVgkO/5XZSqeiDQEcyzitrzeuEa6Zvdfo1igc+c=
-----END CERTIFICATE-----
Generated at Tue Nov 18 05:52:27 2025 by rpki-client