Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/daa21079-0b9a-4fa2-aa2f-8706b125633e.roa
File: daa21079-0b9a-4fa2-aa2f-8706b125633e.roa (raw, json)
Hash identifier: 8+OoOK9PW9u/uJZDFysP3jQTLyZ3K3s7mWimv2H8iho=
Subject key identifier: 94:A4:22:71:17:BE:16:A8:59:FB:08:5C:63:63:5A:1D:9C:88:47:AD
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 37B79F7C6E16844552D8448983983B417710DE1E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/daa21079-0b9a-4fa2-aa2f-8706b125633e.roa
Signing time: Tue 11 Nov 2025 01:20:10 +0000
ROA not before: Tue 11 Nov 2025 01:20:10 +0000
ROA not after: Tue 16 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1fff:40e0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:b7:9f:7c:6e:16:84:45:52:d8:44:89:83:98:3b:41:77:10:de:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 11 01:20:10 2025 GMT
Not After : Dec 16 23:59:59 2025 GMT
Subject: serialNumber=02ef575c46778dba89ef59612a7ba81244a59462226d1d40cfb4cab682fad9fc, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:70:8c:0f:26:cd:3f:d7:6d:31:14:24:aa:94:
de:e1:9b:f4:bc:2b:6b:8e:5f:31:0f:93:58:3f:15:
56:ba:27:0b:9d:b6:16:3d:c9:cb:e1:41:78:0f:00:
03:69:55:90:f7:94:ea:fd:65:6f:fb:39:56:de:58:
04:a8:42:da:54:cd:2b:d6:55:a3:26:dc:55:5a:7d:
dc:11:40:88:2e:fa:5b:a2:70:c6:73:05:5c:8a:6d:
31:85:8d:4b:7a:9b:9a:96:57:3c:40:cb:ef:75:91:
36:95:58:58:51:1d:5f:bc:3e:67:0b:a5:ff:8e:75:
07:2c:77:fe:5c:e2:46:4d:bc:08:09:d7:45:4b:64:
b0:6c:ab:c6:ed:40:c4:81:ee:fc:d3:79:f9:74:d6:
de:73:36:d2:b0:a5:ca:3b:9f:7f:70:3d:ff:28:11:
a7:78:69:d5:77:4d:9b:f0:2b:91:cf:03:f8:32:a3:
4f:95:14:c2:18:ec:17:6c:48:a0:38:67:76:0a:e8:
04:ed:aa:97:3b:f2:8b:b9:38:77:11:3d:ca:8c:a6:
8f:23:60:18:ee:bf:48:0f:86:a4:1d:a5:f9:59:91:
72:f3:45:00:a2:0e:96:de:08:8b:d4:18:68:d6:28:
26:df:8b:c5:5f:47:da:0c:26:d1:91:ee:ac:6a:28:
bf:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:A4:22:71:17:BE:16:A8:59:FB:08:5C:63:63:5A:1D:9C:88:47:AD
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/daa21079-0b9a-4fa2-aa2f-8706b125633e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1fff:40e0::/48
Signature Algorithm: sha256WithRSAEncryption
c4:8a:a5:ef:f9:1a:16:30:52:00:af:f8:29:3e:b9:bf:39:8c:
1f:90:ba:7c:a5:95:af:a5:72:cf:c4:c2:19:42:a6:f3:8d:95:
ab:e1:0a:8e:21:50:ca:71:aa:0e:c1:f0:6f:57:06:28:89:1f:
b1:f4:6a:6f:b1:a2:99:a1:a3:02:dd:24:28:cf:3e:1c:d2:cb:
49:8e:46:be:b5:37:93:4b:ab:18:a4:f9:cf:3f:4f:66:6a:f4:
32:4a:57:3f:a7:75:b2:55:fa:8d:90:9c:de:51:15:53:c2:c2:
18:41:a3:22:60:ca:f9:72:4c:f2:10:a1:29:d9:97:28:cc:32:
f1:82:57:33:3f:ff:d7:42:3a:bd:bd:96:72:b1:92:4b:43:a9:
fc:b3:88:ab:5a:20:9a:e5:11:47:67:6c:46:ce:3a:e4:51:53:
03:44:d4:fa:03:76:eb:63:ec:9b:7e:62:84:b9:f4:81:7e:85:
96:47:c1:37:37:8c:cf:16:b9:94:75:fe:ad:13:0a:24:95:6c:
4f:69:c7:40:d8:09:71:5f:3f:2d:d8:54:90:9e:7a:4d:c3:4c:
ff:7b:26:d2:72:b2:56:ac:fb:9f:48:fe:c3:3d:94:3a:be:d5:
be:77:1a:17:23:a8:c6:3e:58:c6:e4:d3:fe:54:0a:9d:60:31:
a5:27:e1:aa
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUN7effG4WhEVS2ESJg5g7QXcQ3h4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDEyMDEwWhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0AwMmVmNTc1YzQ2Nzc4ZGJhODllZjU5NjEyYTdiYTgxMjQ0
YTU5NDYyMjI2ZDFkNDBjZmI0Y2FiNjgyZmFkOWZjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFcIwPJs0/120xFCSqlN7hm/S8K2uOXzEPk1g/FVa6Jwud
thY9ycvhQXgPAANpVZD3lOr9ZW/7OVbeWASoQtpUzSvWVaMm3FVafdwRQIgu+lui
cMZzBVyKbTGFjUt6m5qWVzxAy+91kTaVWFhRHV+8PmcLpf+OdQcsd/5c4kZNvAgJ
10VLZLBsq8btQMSB7vzTefl01t5zNtKwpco7n39wPf8oEad4adV3TZvwK5HPA/gy
o0+VFMIY7BdsSKA4Z3YK6ATtqpc78ou5OHcRPcqMpo8jYBjuv0gPhqQdpflZkXLz
RQCiDpbeCIvUGGjWKCbfi8VfR9oMJtGR7qxqKL8zAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUlKQicRe+FqhZ+whcY2NaHZyIR60wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2RhYTIxMDc5LTBiOWEtNGZhMi1hYTJmLTg3MDZiMTI1NjMzZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB//QOAwDQYJKoZIhvcNAQELBQADggEBAMSKpe/5GhYwUgCv+Ck+ub85
jB+Qunylla+lcs/EwhlCpvONlavhCo4hUMpxqg7B8G9XBiiJH7H0am+xopmhowLd
JCjPPhzSy0mORr61N5NLqxik+c8/T2Zq9DJKVz+ndbJV+o2QnN5RFVPCwhhBoyJg
yvlyTPIQoSnZlyjMMvGCVzM//9dCOr29lnKxkktDqfyziKtaIJrlEUdnbEbOOuRR
UwNE1PoDdutj7Jt+YoS59IF+hZZHwTc3jM8WuZR1/q0TCiSVbE9px0DYCXFfPy3Y
VJCeek3DTP97JtJyslas+59I/sM9lDq+1b53GhcjqMY+WMbk0/5UCp1gMaUn4ao=
-----END CERTIFICATE-----
Generated at Tue Nov 18 08:23:56 2025 by rpki-client