Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f27b7999-d38a-4b9b-9aff-302f3d69984e.roa
File: f27b7999-d38a-4b9b-9aff-302f3d69984e.roa (raw, json)
Hash identifier: wWsGs/tUzeEdj31OPr7VQa8Cka89rtcX+k6TLDxj2mQ=
Subject key identifier: 57:35:35:79:C3:79:47:19:F2:DD:FA:AD:09:00:40:97:5E:4A:85:7E
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 523E4378D51C29C5CF4B29BEF22B2A2E26CE03C3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f27b7999-d38a-4b9b-9aff-302f3d69984e.roa
Signing time: Tue 11 Nov 2025 00:50:07 +0000
ROA not before: Tue 11 Nov 2025 00:50:07 +0000
ROA not after: Tue 16 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 204.236.132.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:3e:43:78:d5:1c:29:c5:cf:4b:29:be:f2:2b:2a:2e:26:ce:03:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 11 00:50:07 2025 GMT
Not After : Dec 16 23:59:59 2025 GMT
Subject: serialNumber=d1fbb627ffa45b4de206a43823c0cf92b8843a76db29e3870f997a3d4462edd0, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:24:36:0e:b1:be:e2:83:e7:09:22:f6:40:63:
ff:11:06:48:d7:8b:1a:98:a8:41:21:64:1e:85:a4:
fb:cb:b9:bd:11:b7:77:d4:0d:15:b9:0b:fb:1d:b3:
82:1f:1f:a0:13:74:60:b1:fd:56:ae:da:97:32:ce:
d0:6b:f5:7b:bd:14:d5:fd:07:fa:e1:f9:a3:da:f3:
c7:b8:87:70:be:c8:8e:c8:10:52:9e:cc:cb:70:43:
e9:d4:cb:ed:1b:52:c6:ed:5c:9d:45:4a:33:17:77:
26:39:7d:b1:d0:5c:63:ce:0f:d4:5f:fb:fa:7a:24:
8d:e5:90:16:57:bb:95:b1:12:f0:2b:6e:76:4b:0f:
2e:26:7a:c8:6d:3a:47:37:f8:b5:bf:ca:fa:d3:eb:
0b:33:7a:ad:10:49:a9:15:f5:ca:b7:37:48:2c:1c:
15:15:1d:b2:85:42:4e:e1:78:81:d0:fa:b2:3d:f3:
86:f4:27:7a:3d:5a:73:c8:86:00:5f:56:e3:77:97:
8f:04:e4:4b:0c:e4:19:71:21:48:88:9b:7a:25:8a:
e4:4b:46:7c:5d:53:bd:be:af:a5:7c:7e:c3:35:87:
7f:2b:61:2f:3f:46:d1:3e:cb:85:47:6b:7a:c7:2b:
bc:05:3a:66:4e:81:42:3c:51:ad:94:e8:33:30:9b:
0b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:35:35:79:C3:79:47:19:F2:DD:FA:AD:09:00:40:97:5E:4A:85:7E
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f27b7999-d38a-4b9b-9aff-302f3d69984e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
204.236.132.0/22
Signature Algorithm: sha256WithRSAEncryption
bd:c1:49:06:e6:fd:c7:59:9a:48:d2:fd:4e:fc:62:ed:b3:8f:
4d:16:86:3f:ce:4e:78:3d:d2:b3:40:93:79:13:83:56:ba:ef:
06:73:75:3e:bd:b2:2e:cd:fd:0b:ee:2d:cd:75:e2:7b:9b:cb:
e4:13:74:de:9c:d3:97:01:2f:ea:0f:0f:45:51:5b:bd:c9:ed:
47:cd:aa:5c:dd:dc:56:86:a7:fa:fe:6f:0f:73:37:c5:b9:ee:
c9:5d:8f:55:d6:c0:14:6d:22:81:99:d1:07:ad:45:f7:73:49:
99:24:21:9b:a5:67:8f:80:79:d0:a3:96:5b:f8:8c:c7:e9:f6:
7c:e6:e6:d4:82:43:4b:02:f6:8c:ef:14:49:81:d6:dd:4f:1a:
a3:f4:62:53:04:31:eb:b9:61:22:37:48:45:8a:84:01:07:c4:
f5:01:a6:86:43:cd:9a:ef:d6:15:58:3a:4b:7a:02:18:48:cd:
6b:c7:e2:1b:10:1c:86:42:e9:f1:aa:29:43:b9:7d:a5:d2:84:
ee:12:07:7f:42:32:fc:2c:ca:d3:22:90:cc:e1:2c:d5:ea:c2:
c3:8f:1d:af:34:a6:ce:ce:6b:11:90:ef:07:24:96:7f:2d:ac:
69:e6:22:ab:42:4a:95:df:ad:2a:73:97:f0:ce:b6:99:2f:fa:
90:dd:1e:77
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUj5DeNUcKcXPSym+8isqLibOA8MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDA1MDA3WhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BkMWZiYjYyN2ZmYTQ1YjRkZTIwNmE0MzgyM2MwY2Y5MmI4
ODQzYTc2ZGIyOWUzODcwZjk5N2EzZDQ0NjJlZGQwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1JDYOsb7ig+cJIvZAY/8RBkjXixqYqEEhZB6FpPvLub0R
t3fUDRW5C/sds4IfH6ATdGCx/Vau2pcyztBr9Xu9FNX9B/rh+aPa88e4h3C+yI7I
EFKezMtwQ+nUy+0bUsbtXJ1FSjMXdyY5fbHQXGPOD9Rf+/p6JI3lkBZXu5WxEvAr
bnZLDy4meshtOkc3+LW/yvrT6wszeq0QSakV9cq3N0gsHBUVHbKFQk7heIHQ+rI9
84b0J3o9WnPIhgBfVuN3l48E5EsM5BlxIUiIm3oliuRLRnxdU72+r6V8fsM1h38r
YS8/RtE+y4VHa3rHK7wFOmZOgUI8Ua2U6DMwmwuzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUVzU1ecN5Rxny3fqtCQBAl15KhX4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2YyN2I3OTk5LWQzOGEtNGI5Yi05YWZmLTMwMmYzZDY5OTg0ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALM7IQwDQYJKoZIhvcNAQELBQADggEBAL3BSQbm/cdZmkjS/U78Yu2zj00W
hj/OTng90rNAk3kTg1a67wZzdT69si7N/QvuLc114nuby+QTdN6c05cBL+oPD0VR
W73J7UfNqlzd3FaGp/r+bw9zN8W57sldj1XWwBRtIoGZ0QetRfdzSZkkIZulZ4+A
edCjllv4jMfp9nzm5tSCQ0sC9ozvFEmB1t1PGqP0YlMEMeu5YSI3SEWKhAEHxPUB
poZDzZrv1hVYOkt6AhhIzWvH4hsQHIZC6fGqKUO5faXShO4SB39CMvwsytMikMzh
LNXqwsOPHa80ps7OaxGQ7wckln8trGnmIqtCSpXfrSpzl/DOtpkv+pDdHnc=
-----END CERTIFICATE-----
Generated at Tue Nov 18 07:03:19 2025 by rpki-client