Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d5b65366-8de7-4756-a36f-b27f4f98edb0.roa
File: d5b65366-8de7-4756-a36f-b27f4f98edb0.roa (raw, json)
Hash identifier: KhktxBQ5h6Ctd91h8w0yi2e9GSGs4ipONmPH1ceNwYA=
Subject key identifier: 6B:2A:2E:32:DA:FF:E5:16:C9:66:2A:77:52:74:A0:9A:D9:20:95:0E
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 18E90B5AA863BA703701E8155310242D29DD6524
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d5b65366-8de7-4756-a36f-b27f4f98edb0.roa
Signing time: Wed 12 Nov 2025 01:50:49 +0000
ROA not before: Wed 12 Nov 2025 01:50:49 +0000
ROA not after: Wed 17 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 216.182.224.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:e9:0b:5a:a8:63:ba:70:37:01:e8:15:53:10:24:2d:29:dd:65:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 12 01:50:49 2025 GMT
Not After : Dec 17 23:59:59 2025 GMT
Subject: serialNumber=3c32ec9137d4570ad0673916b4d08cef113fa977b0c1beacf8ac2629aff444b1, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:56:23:19:3a:ea:70:06:f3:8b:95:a1:71:55:
3b:69:20:40:64:a4:04:4d:f8:07:ea:37:3b:d3:fe:
cd:df:7f:85:f3:6a:f9:8a:47:2c:76:47:a8:33:5d:
1b:96:8d:04:50:4b:9f:d5:94:65:31:c8:6f:aa:b7:
6b:dc:94:f0:6f:0c:ac:91:4e:cb:f4:10:be:c1:af:
af:c5:86:4a:40:75:e3:23:12:4b:83:9e:96:bf:b8:
66:88:19:42:a3:c5:35:41:f5:8a:79:0d:47:c9:3d:
21:47:48:14:66:16:48:35:0f:ba:a8:4a:36:2a:43:
a3:d4:7b:63:32:c8:fe:9c:4c:ed:59:40:b5:75:15:
bf:83:a4:d7:fe:09:5c:e0:90:fc:81:27:fd:0f:3e:
5d:85:82:e6:88:16:fc:30:a5:26:73:cb:22:2c:3c:
6c:dc:ba:2f:95:2d:e4:ea:53:08:65:69:67:d0:8f:
e3:90:aa:26:9c:9d:32:eb:86:39:f3:4c:87:9d:71:
46:9d:7d:99:f4:ca:ce:ed:2f:4c:d6:2f:8f:be:00:
62:9e:e5:ec:6a:33:9b:ee:ca:c1:b9:f2:20:ea:c6:
40:9d:02:85:02:e6:7a:8f:08:4f:b8:64:12:b5:b6:
e0:83:5d:88:d1:6c:f0:c0:d4:c4:96:40:4c:db:cb:
b6:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:2A:2E:32:DA:FF:E5:16:C9:66:2A:77:52:74:A0:9A:D9:20:95:0E
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d5b65366-8de7-4756-a36f-b27f4f98edb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
216.182.224.0/20
Signature Algorithm: sha256WithRSAEncryption
7a:74:f8:0e:68:72:47:af:39:8c:3c:95:b3:96:a1:6c:1f:de:
cf:b3:1a:df:ae:b6:ec:42:7e:d6:a8:30:3b:eb:1f:2c:e5:3b:
cc:cf:41:42:d9:54:71:35:99:aa:5c:56:73:51:4d:d2:0f:3a:
29:4b:83:49:ea:d3:5f:85:66:a9:86:ba:cf:1e:1d:aa:f3:75:
a4:d1:22:4b:a8:03:0f:5a:99:6c:15:5e:3e:42:50:bf:fb:c8:
a4:7b:d1:64:14:de:a8:25:2d:4e:6f:b8:80:ac:16:c9:5d:0e:
b1:23:a7:a6:4c:05:ba:43:3a:ed:b7:9c:ea:0f:9e:27:53:41:
4a:27:d2:84:e0:90:25:c8:ce:49:d4:63:fc:12:f0:c2:b5:93:
8b:39:41:e6:26:63:ec:73:e8:86:11:79:57:26:47:66:cf:1e:
b2:70:8b:3c:64:6c:72:51:67:6c:85:1b:dd:51:01:2a:2c:f6:
26:75:3f:05:f8:bd:b1:72:73:5f:d2:d5:a8:30:02:0c:2e:fe:
a2:a6:7b:34:07:91:a5:a7:53:8c:08:d5:6e:e9:8c:c0:77:6f:
9e:ae:ce:ef:00:cc:e6:57:69:48:89:37:73:e1:fd:c8:9d:27:
ed:ab:42:84:22:6e:66:3e:97:11:04:04:9a:1f:16:a2:a3:83:
57:b2:74:90
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGOkLWqhjunA3AegVUxAkLSndZSQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEyMDE1MDQ5WhcNMjUxMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AzYzMyZWM5MTM3ZDQ1NzBhZDA2NzM5MTZiNGQwOGNlZjEx
M2ZhOTc3YjBjMWJlYWNmOGFjMjYyOWFmZjQ0NGIxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDCViMZOupwBvOLlaFxVTtpIEBkpARN+AfqNzvT/s3ff4Xz
avmKRyx2R6gzXRuWjQRQS5/VlGUxyG+qt2vclPBvDKyRTsv0EL7Br6/FhkpAdeMj
EkuDnpa/uGaIGUKjxTVB9Yp5DUfJPSFHSBRmFkg1D7qoSjYqQ6PUe2MyyP6cTO1Z
QLV1Fb+DpNf+CVzgkPyBJ/0PPl2FguaIFvwwpSZzyyIsPGzcui+VLeTqUwhlaWfQ
j+OQqiacnTLrhjnzTIedcUadfZn0ys7tL0zWL4++AGKe5exqM5vuysG58iDqxkCd
AoUC5nqPCE+4ZBK1tuCDXYjRbPDA1MSWQEzby7bvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUayouMtr/5RbJZip3UnSgmtkglQ4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q1YjY1MzY2LThkZTctNDc1Ni1hMzZmLWIyN2Y0Zjk4ZWRiMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBATYtuAwDQYJKoZIhvcNAQELBQADggEBAHp0+A5ockevOYw8lbOWoWwf3s+z
Gt+utuxCftaoMDvrHyzlO8zPQULZVHE1mapcVnNRTdIPOilLg0nq01+FZqmGus8e
HarzdaTRIkuoAw9amWwVXj5CUL/7yKR70WQU3qglLU5vuICsFsldDrEjp6ZMBbpD
Ou23nOoPnidTQUon0oTgkCXIzknUY/wS8MK1k4s5QeYmY+xz6IYReVcmR2bPHrJw
izxkbHJRZ2yFG91RASos9iZ1PwX4vbFyc1/S1agwAgwu/qKmezQHkaWnU4wI1W7p
jMB3b56uzu8AzOZXaUiJN3Ph/cidJ+2rQoQibmY+lxEEBJofFqKjg1eydJA=
-----END CERTIFICATE-----
Generated at Tue Nov 18 10:39:54 2025 by rpki-client