Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b93398ae-736f-4632-95ed-fd5f6d517f9d.roa
File: b93398ae-736f-4632-95ed-fd5f6d517f9d.roa (raw, json)
Hash identifier: SJVEYleSy7oTWQOIqHh/Bye4AK9xXux4JeOmemuJmo0=
Subject key identifier: 06:CE:4A:ED:9D:43:DF:97:72:3E:5A:72:28:0D:E5:7C:FC:58:FD:99
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 6B581A40E8D3311C510AEB34CCFB206F30ED8464
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b93398ae-736f-4632-95ed-fd5f6d517f9d.roa
Signing time: Tue 11 Nov 2025 01:30:59 +0000
ROA not before: Tue 11 Nov 2025 01:30:59 +0000
ROA not after: Tue 16 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1f38:8020::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:58:1a:40:e8:d3:31:1c:51:0a:eb:34:cc:fb:20:6f:30:ed:84:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 11 01:30:59 2025 GMT
Not After : Dec 16 23:59:59 2025 GMT
Subject: serialNumber=c60e00d489ca7650802940af6fbeb86dde96f943e1084e940f4872f2332cd020, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:75:90:0d:38:05:62:eb:81:76:6e:0b:b6:cb:
e5:62:c3:3c:71:ee:e4:10:78:d0:f7:0b:d9:a6:87:
2d:dd:77:c3:5c:b0:9c:cb:eb:78:0f:c6:54:fe:a3:
c7:39:4e:33:67:c0:cc:a3:8c:37:24:0d:c4:a7:6c:
be:48:03:cc:a6:b7:40:80:8c:d9:d3:eb:1f:7d:8a:
6f:51:67:1f:b4:aa:57:8a:0d:59:53:01:00:b3:8b:
cb:63:0f:ee:26:46:a3:bd:69:aa:9b:62:da:d6:cc:
b5:75:79:e7:4d:0c:43:a5:bd:e4:64:db:1c:66:80:
66:5c:ec:e4:13:a7:dc:4a:39:fc:42:0a:f5:a2:b6:
50:fe:84:e5:93:cc:c6:bb:ba:ec:4a:cc:2d:9a:fe:
62:50:ad:c8:4e:67:db:9d:31:db:84:5b:78:66:8f:
1d:b4:5d:48:79:7c:26:e4:17:43:26:fe:c9:da:62:
11:60:73:24:0d:f8:48:e2:bc:1e:bb:0c:42:db:44:
69:a4:80:66:8e:0a:e9:60:55:ab:b5:71:1e:e7:08:
e8:45:73:42:37:13:99:56:1d:7c:6a:5d:b4:e7:05:
8a:73:73:42:d2:51:26:75:66:70:78:22:76:4e:59:
f9:4b:c9:e8:c1:90:82:78:42:26:7f:da:24:b1:7e:
f5:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:CE:4A:ED:9D:43:DF:97:72:3E:5A:72:28:0D:E5:7C:FC:58:FD:99
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b93398ae-736f-4632-95ed-fd5f6d517f9d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1f38:8020::/48
Signature Algorithm: sha256WithRSAEncryption
46:0c:64:0a:de:ff:6a:73:e0:a1:1f:65:7a:6e:43:fd:d1:3f:
33:05:cc:73:39:94:4a:59:ac:48:10:17:93:bf:08:c4:d1:d6:
af:88:3d:4b:06:38:74:30:6d:d0:7e:95:e3:65:85:b4:bc:93:
79:fe:46:cc:68:2a:98:ac:64:9f:14:a1:b8:ab:c6:4b:8e:97:
3f:64:96:de:b5:f5:86:e2:a3:3b:e2:a4:6b:4b:6b:3d:02:01:
46:8c:f5:d8:60:2b:55:a9:76:35:fe:ef:af:8b:6d:c1:d8:75:
5c:9a:86:1c:53:c0:15:6e:35:fa:30:50:c5:ef:38:3f:f3:27:
b8:ad:88:37:14:f8:9e:ad:32:34:8d:3d:27:c2:44:91:49:30:
80:e0:ea:c0:68:5c:9a:c4:67:08:4c:95:a7:de:e7:bf:12:61:
c2:80:3b:93:c9:fb:2c:3d:d1:6b:6a:40:1e:61:d8:2d:a6:18:
58:7f:a9:24:d4:fc:d6:c4:aa:15:e2:03:80:b8:34:c1:99:20:
7b:a2:b6:1b:66:77:46:2c:ab:f9:e1:44:f7:39:8b:6e:43:71:
93:54:f1:2c:ce:24:eb:7f:3b:95:e8:40:f7:ba:0e:7e:d4:27:
97:55:e4:7b:6f:b9:c3:ac:f2:aa:e1:e4:fc:56:73:73:e3:78:
05:f7:4a:1c
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUa1gaQOjTMRxRCus0zPsgbzDthGQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDEzMDU5WhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BjNjBlMDBkNDg5Y2E3NjUwODAyOTQwYWY2ZmJlYjg2ZGRl
OTZmOTQzZTEwODRlOTQwZjQ4NzJmMjMzMmNkMDIwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzdZANOAVi64F2bgu2y+Viwzxx7uQQeND3C9mmhy3dd8Nc
sJzL63gPxlT+o8c5TjNnwMyjjDckDcSnbL5IA8ymt0CAjNnT6x99im9RZx+0qleK
DVlTAQCzi8tjD+4mRqO9aaqbYtrWzLV1eedNDEOlveRk2xxmgGZc7OQTp9xKOfxC
CvWitlD+hOWTzMa7uuxKzC2a/mJQrchOZ9udMduEW3hmjx20XUh5fCbkF0Mm/sna
YhFgcyQN+EjivB67DELbRGmkgGaOCulgVau1cR7nCOhFc0I3E5lWHXxqXbTnBYpz
c0LSUSZ1ZnB4InZOWflLyejBkIJ4QiZ/2iSxfvVzAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUBs5K7Z1D35dyPlpyKA3lfPxY/ZkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I5MzM5OGFlLTczNmYtNDYzMi05NWVkLWZkNWY2ZDUxN2Y5ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB84gCAwDQYJKoZIhvcNAQELBQADggEBAEYMZAre/2pz4KEfZXpuQ/3R
PzMFzHM5lEpZrEgQF5O/CMTR1q+IPUsGOHQwbdB+leNlhbS8k3n+RsxoKpisZJ8U
obirxkuOlz9klt619YbiozvipGtLaz0CAUaM9dhgK1WpdjX+76+LbcHYdVyahhxT
wBVuNfowUMXvOD/zJ7itiDcU+J6tMjSNPSfCRJFJMIDg6sBoXJrEZwhMlafe578S
YcKAO5PJ+yw90WtqQB5h2C2mGFh/qSTU/NbEqhXiA4C4NMGZIHuithtmd0Ysq/nh
RPc5i25DcZNU8SzOJOt/O5XoQPe6Dn7UJ5dV5HtvucOs8qrh5PxWc3PjeAX3Shw=
-----END CERTIFICATE-----
Generated at Tue Nov 18 05:41:08 2025 by rpki-client