Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dc7acccf-d352-4baa-891a-aa5bf4515372.roa
File: dc7acccf-d352-4baa-891a-aa5bf4515372.roa (raw, json)
Hash identifier: fqzDwIPpVi6Z5SyJZyLHnjaSnkVGNvCwe19cpztFL1Q=
Subject key identifier: D4:E6:C5:95:C0:73:C0:FC:C5:FC:C6:F2:DC:AE:A8:95:49:BA:5E:6C
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4A899F6B46C4D2FF365E932B919ECD0E74F9C985
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dc7acccf-d352-4baa-891a-aa5bf4515372.roa
Signing time: Wed 12 Nov 2025 02:31:01 +0000
ROA not before: Wed 12 Nov 2025 02:31:01 +0000
ROA not after: Wed 17 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 156.66.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:89:9f:6b:46:c4:d2:ff:36:5e:93:2b:91:9e:cd:0e:74:f9:c9:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 12 02:31:01 2025 GMT
Not After : Dec 17 23:59:59 2025 GMT
Subject: serialNumber=76261198b8fc4ad91ba3a8f5d24886c3c30fb9863708b8db5edec7fac24ba8d3, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:68:87:fc:5a:ca:ac:78:6c:9a:ab:f1:99:dc:
7a:bd:e4:ee:97:c0:e6:e9:17:e5:a7:f2:36:0e:32:
50:82:c8:ef:aa:7a:6c:0f:2c:bc:09:09:99:02:35:
eb:a4:f0:17:e2:9f:59:86:5d:93:8a:99:5d:bb:3c:
73:73:22:0e:bc:89:9b:ed:b1:38:c3:75:3d:3b:4a:
92:14:a8:90:e2:08:04:d5:dd:f0:e6:6c:88:a7:fc:
ae:61:cf:0c:4c:41:53:c6:81:ea:4b:25:1b:4e:64:
fc:da:b2:a6:3d:41:7f:d6:d9:3b:eb:ef:1e:e8:3a:
76:1c:58:c4:7d:2b:92:b3:ac:86:19:4d:af:a1:b4:
72:b4:59:ad:57:c4:45:49:55:16:33:0c:6f:5a:bc:
e7:f4:31:3a:5b:01:96:bf:55:6c:18:fa:bb:d6:ad:
9f:fe:f1:01:f5:5c:4c:2f:da:1b:f2:aa:b7:44:f1:
fc:bc:9d:2c:23:ac:91:a7:73:ee:be:cb:7e:79:0f:
43:8e:fc:6e:8c:04:cd:c8:bc:19:ba:e4:b9:75:2a:
b8:b3:d8:3b:d2:3a:b8:2f:04:c0:db:8f:3e:24:8a:
fd:9c:f9:a5:40:22:93:39:f9:7e:c1:3f:ed:52:d6:
c3:20:11:f0:d7:d8:95:66:5c:55:05:21:c7:f9:72:
24:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:E6:C5:95:C0:73:C0:FC:C5:FC:C6:F2:DC:AE:A8:95:49:BA:5E:6C
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dc7acccf-d352-4baa-891a-aa5bf4515372.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.66.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6e:91:af:46:6d:0a:11:94:6c:47:9d:42:e5:fd:e3:31:b9:80:
eb:91:26:a7:d1:70:a6:93:8f:f4:d7:64:b1:19:08:bd:07:cc:
52:ce:87:84:51:52:37:7e:ad:6c:34:a9:e7:f9:ae:48:40:e8:
a2:ee:dc:16:1b:71:a9:a8:df:a4:d3:49:99:10:36:73:c1:85:
4f:60:84:dc:7c:39:8e:74:d8:d1:75:02:4c:9c:c4:a0:9f:83:
5e:dd:30:be:76:51:97:2b:48:7b:9b:9a:3e:1a:bf:07:5a:78:
f0:0a:09:00:cc:34:40:37:98:f2:51:85:4b:71:f9:4c:2d:7a:
67:86:a3:8a:1f:92:50:8a:b7:2d:a8:5d:a6:fb:3a:c9:99:3b:
ff:d0:fb:a2:44:5d:7f:5f:03:78:90:10:1b:80:6d:37:62:26:
4b:42:73:06:dd:3a:18:7a:c1:7c:6c:41:7e:fa:bc:6b:db:81:
4a:d6:68:db:34:b2:64:c1:7b:c8:e9:39:57:e9:96:aa:5c:c6:
4c:ea:11:a3:12:fe:a1:57:d5:f1:94:5f:23:11:e6:41:93:f5:
e2:27:3e:6d:aa:ad:51:16:bc:04:eb:90:ce:46:f5:0e:fd:35:
e6:db:80:d8:89:8b:97:73:5f:c6:3d:29:2a:7f:5d:e4:a0:e8:
74:8b:f4:b3
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUSomfa0bE0v82XpMrkZ7NDnT5yYUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEyMDIzMTAxWhcNMjUxMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A3NjI2MTE5OGI4ZmM0YWQ5MWJhM2E4ZjVkMjQ4ODZjM2Mz
MGZiOTg2MzcwOGI4ZGI1ZWRlYzdmYWMyNGJhOGQzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCoaIf8WsqseGyaq/GZ3Hq95O6XwObpF+Wn8jYOMlCCyO+q
emwPLLwJCZkCNeuk8Bfin1mGXZOKmV27PHNzIg68iZvtsTjDdT07SpIUqJDiCATV
3fDmbIin/K5hzwxMQVPGgepLJRtOZPzasqY9QX/W2Tvr7x7oOnYcWMR9K5KzrIYZ
Ta+htHK0Wa1XxEVJVRYzDG9avOf0MTpbAZa/VWwY+rvWrZ/+8QH1XEwv2hvyqrdE
8fy8nSwjrJGnc+6+y355D0OO/G6MBM3IvBm65Ll1Kriz2DvSOrgvBMDbjz4kiv2c
+aVAIpM5+X7BP+1S1sMgEfDX2JVmXFUFIcf5ciSDAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU1ObFlcBzwPzF/Mby3K6olUm6XmwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2RjN2FjY2NmLWQzNTItNGJhYS04OTFhLWFhNWJmNDUxNTM3Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCcQjANBgkqhkiG9w0BAQsFAAOCAQEAbpGvRm0KEZRsR51C5f3jMbmA65Em
p9FwppOP9NdksRkIvQfMUs6HhFFSN36tbDSp5/muSEDoou7cFhtxqajfpNNJmRA2
c8GFT2CE3Hw5jnTY0XUCTJzEoJ+DXt0wvnZRlytIe5uaPhq/B1p48AoJAMw0QDeY
8lGFS3H5TC16Z4ajih+SUIq3Lahdpvs6yZk7/9D7okRdf18DeJAQG4BtN2ImS0Jz
Bt06GHrBfGxBfvq8a9uBStZo2zSyZMF7yOk5V+mWqlzGTOoRoxL+oVfV8ZRfIxHm
QZP14ic+baqtURa8BOuQzkb1Dv015tuA2ImLl3Nfxj0pKn9d5KDodIv0sw==
-----END CERTIFICATE-----
Generated at Tue Nov 18 05:47:59 2025 by rpki-client