Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c57bcef1-b811-4c33-8250-10863c654d10.roa
File: c57bcef1-b811-4c33-8250-10863c654d10.roa (raw, json)
Hash identifier: R3VersZMgRw7JaMkcD9hiwu8161etzHNfzlubRXk4h4=
Subject key identifier: 06:F2:A6:0D:F4:B8:6C:A1:F8:08:AB:AE:0A:AA:6E:4B:6E:1C:98:74
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 63BA6AF37C308D51B8E4156B2E717A3616ED1B27
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c57bcef1-b811-4c33-8250-10863c654d10.roa
Signing time: Wed 05 Nov 2025 00:20:41 +0000
ROA not before: Wed 05 Nov 2025 00:20:41 +0000
ROA not after: Wed 10 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 204.33.160.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:ba:6a:f3:7c:30:8d:51:b8:e4:15:6b:2e:71:7a:36:16:ed:1b:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 5 00:20:41 2025 GMT
Not After : Dec 10 23:59:59 2025 GMT
Subject: serialNumber=70441a65d8b707faf84755e0910a4fbe558cdf12b745c8b3dbef850f9af10079, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f8:3e:d6:55:42:10:22:70:b6:c0:90:ec:b6:
fc:93:45:b4:42:b1:9c:53:44:66:5e:4c:86:8b:ee:
b6:0e:6a:78:da:bf:f3:88:e7:3c:ad:5d:de:62:9e:
73:44:ae:0f:32:05:ce:93:8a:67:8f:d8:b5:8d:ac:
e5:ad:3e:8e:8c:f1:64:a7:30:07:d9:d0:3c:ff:8a:
cc:08:ab:26:54:5a:e5:51:72:75:e5:d1:0e:7d:9e:
ea:54:da:95:c7:3a:c6:21:ba:33:75:78:75:5b:0f:
1a:49:29:58:45:3c:56:13:82:9d:6e:03:7a:db:91:
bc:d7:61:4b:63:01:aa:de:7c:cd:9a:e7:cf:e9:e9:
fb:11:72:c3:1a:2e:6e:9d:6e:32:e8:7d:e0:de:a1:
9b:70:2d:8f:72:05:c9:04:c9:24:8b:8c:64:3d:24:
6f:66:d2:a9:b7:97:5f:e7:53:0b:63:73:6c:fd:4f:
61:c3:39:dd:c7:72:7a:3a:80:bb:64:e7:50:d1:7d:
1a:33:b1:df:b9:06:d2:35:cd:08:ce:24:ac:fd:62:
e2:41:2d:69:1c:73:87:f0:88:b8:0b:e9:34:28:76:
98:f9:65:da:4e:7a:24:4e:7e:fe:9a:50:c7:68:c2:
fd:56:64:b4:3b:3e:5b:14:7a:2c:f9:71:33:fc:d4:
9b:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:F2:A6:0D:F4:B8:6C:A1:F8:08:AB:AE:0A:AA:6E:4B:6E:1C:98:74
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c57bcef1-b811-4c33-8250-10863c654d10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
204.33.160.0/20
Signature Algorithm: sha256WithRSAEncryption
0c:ba:14:6c:45:1e:6d:a7:e5:39:a3:13:e2:23:1c:2a:c8:5c:
a5:75:2b:50:09:8f:ec:cf:0f:d0:10:d4:08:92:d8:55:db:ba:
8f:ba:ba:c1:25:d9:e3:11:39:01:4b:3c:18:4c:94:d8:9c:a6:
d1:66:bd:9b:83:23:9f:c9:8f:0a:09:dd:3d:c9:04:7e:56:49:
a3:75:b3:18:1e:4a:38:5c:44:d6:a7:4f:24:8b:1e:b2:71:23:
4c:e0:27:ac:67:31:07:a0:71:94:8e:d6:e7:69:d1:ba:fd:79:
f3:14:a6:f9:b6:24:ac:cd:59:a1:6a:01:7d:8a:5b:31:97:dc:
1d:85:86:9c:20:ef:5d:87:8e:10:ff:95:5e:52:f2:80:4f:24:
29:82:6d:4a:c8:a8:f5:52:d0:91:0e:b3:f6:79:60:b0:b8:af:
64:69:5c:1d:e0:1b:fe:47:1f:20:68:95:75:2b:6e:fb:6c:05:
29:12:4b:da:21:90:5b:11:c4:df:14:41:5b:f9:b7:a3:b3:e1:
49:64:ca:67:a4:0b:db:48:64:b7:12:11:2c:9c:69:83:aa:c6:
7c:be:8c:19:d2:a1:97:d3:a3:b7:87:7a:7b:fc:c5:4f:b3:d8:
a9:c7:2d:70:cb:4f:c9:b6:0c:be:ef:35:a7:f9:67:85:88:c8:
aa:36:a2:5b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUY7pq83wwjVG45BVrLnF6NhbtGycwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTA1MDAyMDQxWhcNMjUxMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A3MDQ0MWE2NWQ4YjcwN2ZhZjg0NzU1ZTA5MTBhNGZiZTU1
OGNkZjEyYjc0NWM4YjNkYmVmODUwZjlhZjEwMDc5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCu+D7WVUIQInC2wJDstvyTRbRCsZxTRGZeTIaL7rYOanja
v/OI5zytXd5innNErg8yBc6TimeP2LWNrOWtPo6M8WSnMAfZ0Dz/iswIqyZUWuVR
cnXl0Q59nupU2pXHOsYhujN1eHVbDxpJKVhFPFYTgp1uA3rbkbzXYUtjAarefM2a
58/p6fsRcsMaLm6dbjLofeDeoZtwLY9yBckEySSLjGQ9JG9m0qm3l1/nUwtjc2z9
T2HDOd3Hcno6gLtk51DRfRozsd+5BtI1zQjOJKz9YuJBLWkcc4fwiLgL6TQodpj5
ZdpOeiROfv6aUMdowv1WZLQ7PlsUeiz5cTP81Js3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUBvKmDfS4bKH4CKuuCqpuS24cmHQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M1N2JjZWYxLWI4MTEtNGMzMy04MjUwLTEwODYzYzY1NGQxMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBATMIaAwDQYJKoZIhvcNAQELBQADggEBAAy6FGxFHm2n5TmjE+IjHCrIXKV1
K1AJj+zPD9AQ1AiS2FXbuo+6usEl2eMROQFLPBhMlNicptFmvZuDI5/JjwoJ3T3J
BH5WSaN1sxgeSjhcRNanTySLHrJxI0zgJ6xnMQegcZSO1udp0br9efMUpvm2JKzN
WaFqAX2KWzGX3B2Fhpwg712HjhD/lV5S8oBPJCmCbUrIqPVS0JEOs/Z5YLC4r2Rp
XB3gG/5HHyBolXUrbvtsBSkSS9ohkFsRxN8UQVv5t6Oz4UlkymekC9tIZLcSESyc
aYOqxny+jBnSoZfTo7eHenv8xU+z2KnHLXDLT8m2DL7vNaf5Z4WIyKo2ols=
-----END CERTIFICATE-----
Generated at Tue Nov 18 05:40:56 2025 by rpki-client