Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a64475c4-4e72-4427-8384-c08a7d2cca65.roa
File: a64475c4-4e72-4427-8384-c08a7d2cca65.roa (raw, json)
Hash identifier: a+Nwhwa7ec0G3BpsLG+liRfScrNQSTmGg698eGdH3ZI=
Subject key identifier: 6A:7A:0B:D1:D4:79:26:F5:3E:6F:AD:14:07:C0:67:D3:6E:8F:BE:4A
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 436D5492F17CCA2C2B9D7142719A2A555CB0338F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a64475c4-4e72-4427-8384-c08a7d2cca65.roa
Signing time: Thu 13 Nov 2025 01:00:07 +0000
ROA not before: Thu 13 Nov 2025 01:00:07 +0000
ROA not after: Thu 18 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 220.157.88.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:6d:54:92:f1:7c:ca:2c:2b:9d:71:42:71:9a:2a:55:5c:b0:33:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 13 01:00:07 2025 GMT
Not After : Dec 18 23:59:59 2025 GMT
Subject: serialNumber=a47d487f7a6210676c180c0dd376d41e0399ef113429d7d956a2006e173981a8, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ac:e7:9a:6e:69:1d:a5:3f:ca:35:df:d8:06:
3a:89:ee:dc:45:13:47:a4:2d:64:93:f9:2c:d6:de:
42:dd:5f:8b:9b:c9:ee:2d:23:ae:23:dc:48:6b:9b:
23:24:7e:c0:5e:a5:e7:14:8f:b1:c5:c7:21:e2:6e:
0a:39:51:85:e4:ef:6d:fb:ff:e4:2e:f0:e0:05:26:
cc:f9:e2:29:83:be:56:fc:eb:50:8f:c6:e5:d2:fb:
9d:e6:82:af:91:39:4d:c0:87:8a:49:7e:a0:af:41:
11:a8:38:5a:3a:08:a7:6d:d1:c8:14:ba:a7:27:83:
86:05:34:79:4f:a7:1f:0d:bf:53:46:05:3b:1e:4c:
45:b9:06:40:ae:5c:38:28:e0:fd:ea:d1:be:17:8a:
80:86:bd:0c:c6:e5:bd:a3:82:03:95:0a:a1:a7:79:
bd:39:8e:ac:4c:71:66:a6:f9:04:b5:9c:f0:fd:ee:
16:0d:71:6c:2b:5a:d0:56:ac:de:34:7d:c1:10:d9:
8b:d3:09:63:bd:44:4f:87:70:3b:45:9e:78:05:d0:
0f:eb:dd:96:ff:3f:d2:e1:0e:2a:93:50:a3:8a:57:
fd:b7:e0:02:f9:d4:b6:c5:cd:3e:a8:9a:38:f4:4f:
5d:5c:dd:18:82:91:56:5c:76:52:67:38:d4:62:9c:
33:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:7A:0B:D1:D4:79:26:F5:3E:6F:AD:14:07:C0:67:D3:6E:8F:BE:4A
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a64475c4-4e72-4427-8384-c08a7d2cca65.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
220.157.88.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:5b:98:c4:61:78:38:eb:7e:d3:35:6c:41:7f:7a:ab:d5:a2:
7c:40:12:36:76:80:8e:85:32:90:c5:3a:d5:33:79:36:74:d2:
d0:5d:f6:2b:fa:d7:30:07:1c:8c:aa:96:3c:a8:39:11:24:6d:
0a:ce:72:3f:6f:4e:52:9f:d8:6e:38:33:fb:a2:06:5a:9d:ce:
29:b7:d5:06:74:47:d8:07:58:9f:d9:d0:d6:4c:48:91:b6:06:
f0:ca:7d:ae:42:82:e0:c3:3d:c6:4b:7e:e4:b8:fe:10:11:46:
92:2b:7d:2c:fc:9e:9f:1c:0f:10:6e:7d:d0:c9:54:04:13:94:
89:eb:99:a0:a8:1f:cf:f6:98:27:f2:6f:e2:6d:ba:fd:4e:32:
95:09:47:b8:fc:c3:5e:32:92:f6:79:7c:45:37:2b:26:93:ee:
36:41:bc:63:6b:b4:cb:b9:86:03:aa:72:e9:ce:c9:77:3a:c1:
24:b1:20:62:bb:99:3f:9e:66:78:02:cf:c6:3f:18:32:80:28:
1f:fe:a6:e4:18:30:05:e5:9d:e4:6c:64:6d:62:f8:50:22:80:
97:c5:0c:f1:23:2c:d7:c6:d1:35:fb:3b:bd:f4:e3:1c:b8:8e:
56:89:d4:98:28:95:ed:e0:f8:73:72:cc:1a:c6:b2:d8:45:e7:
84:f2:12:77
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQ21UkvF8yiwrnXFCcZoqVVywM48wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEzMDEwMDA3WhcNMjUxMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BhNDdkNDg3ZjdhNjIxMDY3NmMxODBjMGRkMzc2ZDQxZTAz
OTllZjExMzQyOWQ3ZDk1NmEyMDA2ZTE3Mzk4MWE4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/rOeabmkdpT/KNd/YBjqJ7txFE0ekLWST+SzW3kLdX4ub
ye4tI64j3EhrmyMkfsBepecUj7HFxyHibgo5UYXk7237/+Qu8OAFJsz54imDvlb8
61CPxuXS+53mgq+ROU3Ah4pJfqCvQRGoOFo6CKdt0cgUuqcng4YFNHlPpx8Nv1NG
BTseTEW5BkCuXDgo4P3q0b4XioCGvQzG5b2jggOVCqGneb05jqxMcWam+QS1nPD9
7hYNcWwrWtBWrN40fcEQ2YvTCWO9RE+HcDtFnngF0A/r3Zb/P9LhDiqTUKOKV/23
4AL51LbFzT6omjj0T11c3RiCkVZcdlJnONRinDMLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUanoL0dR5JvU+b60UB8Bn026PvkowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E2NDQ3NWM0LTRlNzItNDQyNy04Mzg0LWMwOGE3ZDJjY2E2NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAHcnVgwDQYJKoZIhvcNAQELBQADggEBAB9bmMRheDjrftM1bEF/eqvVonxA
EjZ2gI6FMpDFOtUzeTZ00tBd9iv61zAHHIyqljyoOREkbQrOcj9vTlKf2G44M/ui
Blqdzim31QZ0R9gHWJ/Z0NZMSJG2BvDKfa5CguDDPcZLfuS4/hARRpIrfSz8np8c
DxBufdDJVAQTlInrmaCoH8/2mCfyb+Jtuv1OMpUJR7j8w14ykvZ5fEU3KyaT7jZB
vGNrtMu5hgOqcunOyXc6wSSxIGK7mT+eZngCz8Y/GDKAKB/+puQYMAXlneRsZG1i
+FAigJfFDPEjLNfG0TX7O7304xy4jlaJ1Jgole3g+HNyzBrGsthF54TyEnc=
-----END CERTIFICATE-----
Generated at Tue Nov 18 05:52:24 2025 by rpki-client