Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/04ee03b7-12a6-41a9-a0ce-ab7e197d0ac3.roa
File: 04ee03b7-12a6-41a9-a0ce-ab7e197d0ac3.roa (raw, json)
Hash identifier: ZD+uB33UrULEu+l74T69JemenuXLDKCJqZXuwQFMgdY=
Subject key identifier: 89:E3:07:08:F3:61:D0:D8:EA:31:CA:B2:63:9C:C6:C9:16:54:A8:01
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2799B017A8E6F6C8A593356E2CB4297765E59F89
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/04ee03b7-12a6-41a9-a0ce-ab7e197d0ac3.roa
Signing time: Wed 01 Oct 2025 00:11:20 +0000
ROA not before: Wed 01 Oct 2025 00:11:20 +0000
ROA not after: Wed 05 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 209.54.160.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:99:b0:17:a8:e6:f6:c8:a5:93:35:6e:2c:b4:29:77:65:e5:9f:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 1 00:11:20 2025 GMT
Not After : Nov 5 23:59:59 2025 GMT
Subject: serialNumber=5afbfa4cffcf44ad15b5f43443b83254f86209ee760003bdae8f8eb3e0f13918, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:70:a3:42:fc:e8:8f:46:15:a1:24:ee:26:f4:
0d:df:a7:4c:20:10:94:db:54:d8:04:cb:d8:b2:8e:
99:1b:a5:2a:4f:1b:13:e3:fe:fc:a8:0a:05:6b:c3:
f9:b4:50:69:30:54:dc:48:c3:6e:8d:c1:ff:df:08:
a8:0d:ac:c9:13:d9:45:8e:09:53:2d:86:16:39:6a:
1f:25:6e:a5:4a:4c:04:f4:1d:19:c6:62:78:3a:2c:
f2:49:c6:8e:a1:ed:4d:31:63:9d:14:54:26:c3:0e:
f9:a8:4d:14:bf:5d:09:56:0d:6e:fa:94:da:63:ca:
05:46:05:86:31:e2:64:9c:67:d1:f7:53:f4:4b:2c:
38:e7:ca:94:e2:32:ad:9e:c0:86:ba:f3:fa:b7:e7:
22:90:d2:69:b2:b0:83:3f:f0:db:7e:7b:5e:0e:d6:
91:21:b5:20:7e:e0:aa:af:db:8b:fd:5b:50:38:1c:
0e:bc:ce:ac:54:f1:f8:12:e5:04:a0:9d:31:86:c4:
b5:2c:b3:e8:ac:03:a7:47:3a:75:41:40:52:2c:d0:
e6:58:3f:3e:2f:69:c5:41:73:ee:6c:56:bb:5c:5e:
ba:36:ef:8b:18:be:46:53:e0:89:56:5f:fd:ca:1c:
e3:c1:b4:a7:de:b7:e3:03:f3:4d:93:64:a2:2f:ef:
8f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:E3:07:08:F3:61:D0:D8:EA:31:CA:B2:63:9C:C6:C9:16:54:A8:01
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/04ee03b7-12a6-41a9-a0ce-ab7e197d0ac3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
209.54.160.0/19
Signature Algorithm: sha256WithRSAEncryption
94:f1:05:84:70:42:e5:d1:75:04:20:60:db:d4:bf:c5:b2:8b:
88:ce:83:6d:f5:31:1d:4f:c9:44:1c:83:e8:30:99:20:57:d1:
72:ab:d7:2f:90:7a:ad:a4:76:cb:0f:62:95:70:16:fb:9e:d1:
03:0c:61:9d:2c:e7:e0:6a:41:c8:2a:69:f7:23:e8:4a:28:ac:
cd:24:f6:8d:07:99:c4:0e:f5:16:28:be:54:55:43:33:91:4e:
90:ee:65:c6:d5:95:ea:fe:75:78:1f:7a:db:5e:07:fe:c5:d3:
2f:3a:eb:72:39:e4:da:e3:fe:6e:d5:69:34:7a:eb:eb:9b:6c:
ac:a2:68:44:41:5f:1e:fa:99:6f:90:c0:45:d1:b5:fd:08:0e:
1c:de:af:0b:3c:6d:04:2a:d3:4d:97:86:9c:65:04:3c:9c:b0:
97:41:c5:7b:0b:1d:a9:fc:90:18:40:f5:28:77:f4:a1:38:8f:
bf:aa:24:21:c0:f0:ae:aa:a6:f5:44:2d:c1:ca:20:af:1e:b7:
94:05:7a:89:27:ee:0c:b3:f6:6d:12:30:b6:82:b1:71:7e:36:
d1:54:67:73:67:b7:26:bb:8e:d6:75:25:a2:71:b3:38:ce:6e:
7f:d8:e5:38:03:00:64:7c:ce:fe:34:df:fe:96:85:dc:a6:af:
ad:91:2b:7c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJ5mwF6jm9silkzVuLLQpd2Xln4kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDAxMTIwWhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A1YWZiZmE0Y2ZmY2Y0NGFkMTViNWY0MzQ0M2I4MzI1NGY4
NjIwOWVlNzYwMDAzYmRhZThmOGViM2UwZjEzOTE4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFcKNC/OiPRhWhJO4m9A3fp0wgEJTbVNgEy9iyjpkbpSpP
GxPj/vyoCgVrw/m0UGkwVNxIw26Nwf/fCKgNrMkT2UWOCVMthhY5ah8lbqVKTAT0
HRnGYng6LPJJxo6h7U0xY50UVCbDDvmoTRS/XQlWDW76lNpjygVGBYYx4mScZ9H3
U/RLLDjnypTiMq2ewIa68/q35yKQ0mmysIM/8Nt+e14O1pEhtSB+4Kqv24v9W1A4
HA68zqxU8fgS5QSgnTGGxLUss+isA6dHOnVBQFIs0OZYPz4vacVBc+5sVrtcXro2
74sYvkZT4IlWX/3KHOPBtKfet+MD802TZKIv74+DAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUieMHCPNh0NjqMcqyY5zGyRZUqAEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzA0ZWUwM2I3LTEyYTYtNDFhOS1hMGNlLWFiN2UxOTdkMGFjMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXRNqAwDQYJKoZIhvcNAQELBQADggEBAJTxBYRwQuXRdQQgYNvUv8Wyi4jO
g231MR1PyUQcg+gwmSBX0XKr1y+Qeq2kdssPYpVwFvue0QMMYZ0s5+BqQcgqafcj
6EoorM0k9o0HmcQO9RYovlRVQzORTpDuZcbVler+dXgfetteB/7F0y8663I55Nrj
/m7VaTR66+ubbKyiaERBXx76mW+QwEXRtf0IDhzerws8bQQq002XhpxlBDycsJdB
xXsLHan8kBhA9Sh39KE4j7+qJCHA8K6qpvVELcHKIK8et5QFeokn7gyz9m0SMLaC
sXF+NtFUZ3Nntya7jtZ1JaJxszjObn/Y5TgDAGR8zv403/6Whdymr62RK3w=
-----END CERTIFICATE-----
Generated at Tue Oct 14 05:57:13 2025 by rpki-client