Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/18be7a76-724b-4e6a-9d5a-ba51fd885a5e.roa
File: 18be7a76-724b-4e6a-9d5a-ba51fd885a5e.roa (raw, json)
Hash identifier: pLgS8Kn2eON1yI/V8cV9m/vY5Ro8zKOzQRtD72AgvFw=
Subject key identifier: 85:5A:5E:C4:EB:4C:0A:53:39:FB:68:F2:0A:2C:21:90:89:28:D8:8B
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 78AB1CDE7AF8B8F2C1680C3E37212F217820784A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/18be7a76-724b-4e6a-9d5a-ba51fd885a5e.roa
Signing time: Tue 11 Nov 2025 00:31:24 +0000
ROA not before: Tue 11 Nov 2025 00:31:24 +0000
ROA not after: Tue 16 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 136.18.32.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:ab:1c:de:7a:f8:b8:f2:c1:68:0c:3e:37:21:2f:21:78:20:78:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 11 00:31:24 2025 GMT
Not After : Dec 16 23:59:59 2025 GMT
Subject: serialNumber=de91a81cc55464f01ad1847b1f489ee1e0ae5c811a6fa44f2220d1a10b3e8281, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:84:52:19:59:ad:bb:02:b3:fc:67:21:1a:95:
28:84:fe:03:40:4f:c6:f5:07:09:dd:85:ed:26:a1:
43:2b:61:64:6d:10:9e:ee:b1:4e:09:88:9e:58:4f:
47:4e:a1:09:3d:f2:f7:77:cd:b4:c5:6c:c9:df:79:
4c:05:90:ba:9e:7d:e3:df:9c:e7:b3:13:70:76:9a:
8d:aa:b4:17:ba:aa:2a:68:4a:b5:c4:18:ea:79:4a:
89:60:10:f3:01:91:27:5a:94:b6:fe:9c:a8:b0:5f:
34:f2:3b:ce:91:89:b6:6c:e8:6f:e6:4d:91:a4:b8:
81:d4:eb:7f:bf:fa:6f:0f:a8:15:74:d3:b4:78:5c:
80:e6:71:52:e3:d2:9c:15:69:07:01:c7:ab:59:bd:
26:ab:97:ca:fa:04:d3:26:9a:4a:50:51:9d:dd:af:
86:23:4e:66:66:30:76:d5:69:b7:68:09:32:26:73:
23:78:70:96:64:37:95:32:32:76:01:b6:8f:ce:15:
a5:88:78:3f:b1:e1:12:31:7b:6f:cd:11:fb:05:1b:
80:30:c6:a1:8d:b7:5d:bf:91:9d:36:18:c0:70:f2:
e0:8b:7d:a6:72:0a:ab:80:18:55:e1:52:14:0f:5b:
77:d9:75:31:70:17:a2:36:37:eb:84:42:af:e8:60:
37:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:5A:5E:C4:EB:4C:0A:53:39:FB:68:F2:0A:2C:21:90:89:28:D8:8B
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/18be7a76-724b-4e6a-9d5a-ba51fd885a5e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
136.18.32.0/20
Signature Algorithm: sha256WithRSAEncryption
a6:30:17:f6:5e:95:43:4d:9f:0e:d7:b0:d7:52:ae:ce:f1:f0:
ad:9c:6f:c0:34:8d:77:e6:13:d0:d8:88:04:0e:6e:b6:73:bb:
91:2f:cb:17:3e:ba:b7:8b:37:d7:5e:b5:9c:90:34:82:01:fb:
8d:5a:82:e2:d4:cb:71:58:75:9c:a0:71:10:44:48:19:fb:8c:
e9:5f:5c:8c:a3:b8:ec:92:8b:74:32:10:fb:c8:64:49:72:86:
a4:d5:bb:a1:7c:6e:ac:d1:78:39:cf:dc:ab:31:e2:2e:ae:d2:
50:08:40:16:f3:1e:a7:4e:8e:18:68:b8:d8:f3:46:0f:08:8f:
e9:4c:37:4a:6d:61:f8:12:91:bb:33:07:3e:ce:61:8c:63:26:
55:7d:fe:bf:16:1d:b7:57:98:06:af:72:69:9f:67:59:e6:7b:
64:91:72:b1:de:0c:46:d1:c6:8d:53:f8:1e:bc:95:33:0f:5c:
e8:39:25:57:e4:f8:5e:3b:6c:ae:03:9a:5c:87:dc:4b:07:5d:
c0:ce:b4:3c:9e:00:65:ff:9b:9c:8f:a5:28:09:3c:44:63:15:
5c:d4:02:82:9f:1c:9f:0d:6e:75:ad:d0:72:5e:f9:7a:2c:4d:
c6:85:b5:df:bf:28:09:be:2b:96:c8:b8:45:40:43:9a:14:b1:
b5:13:e5:00
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUeKsc3nr4uPLBaAw+NyEvIXggeEowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDAzMTI0WhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BkZTkxYTgxY2M1NTQ2NGYwMWFkMTg0N2IxZjQ4OWVlMWUw
YWU1YzgxMWE2ZmE0NGYyMjIwZDFhMTBiM2U4MjgxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCPhFIZWa27ArP8ZyEalSiE/gNAT8b1Bwndhe0moUMrYWRt
EJ7usU4JiJ5YT0dOoQk98vd3zbTFbMnfeUwFkLqefePfnOezE3B2mo2qtBe6qipo
SrXEGOp5SolgEPMBkSdalLb+nKiwXzTyO86RibZs6G/mTZGkuIHU63+/+m8PqBV0
07R4XIDmcVLj0pwVaQcBx6tZvSarl8r6BNMmmkpQUZ3dr4YjTmZmMHbVabdoCTIm
cyN4cJZkN5UyMnYBto/OFaWIeD+x4RIxe2/NEfsFG4AwxqGNt12/kZ02GMBw8uCL
faZyCquAGFXhUhQPW3fZdTFwF6I2N+uEQq/oYDfdAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUhVpexOtMClM5+2jyCiwhkIko2IswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE4YmU3YTc2LTcyNGItNGU2YS05ZDVhLWJhNTFmZDg4NWE1ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBASIEiAwDQYJKoZIhvcNAQELBQADggEBAKYwF/ZelUNNnw7XsNdSrs7x8K2c
b8A0jXfmE9DYiAQObrZzu5Evyxc+ureLN9detZyQNIIB+41aguLUy3FYdZygcRBE
SBn7jOlfXIyjuOySi3QyEPvIZElyhqTVu6F8bqzReDnP3Ksx4i6u0lAIQBbzHqdO
jhhouNjzRg8Ij+lMN0ptYfgSkbszBz7OYYxjJlV9/r8WHbdXmAavcmmfZ1nme2SR
crHeDEbRxo1T+B68lTMPXOg5JVfk+F47bK4DmlyH3EsHXcDOtDyeAGX/m5yPpSgJ
PERjFVzUAoKfHJ8NbnWt0HJe+XosTcaFtd+/KAm+K5bIuEVAQ5oUsbUT5QA=
-----END CERTIFICATE-----
Generated at Mon Nov 17 15:42:26 2025 by rpki-client