Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/19da53cb-5900-4e0a-8e42-80f19d06288c.roa
File: 19da53cb-5900-4e0a-8e42-80f19d06288c.roa (raw, json)
Hash identifier: FCFu9TlnUxJBeuXcDJSrSHK7Kdc6GZRzk7c82ynOZzI=
Subject key identifier: 2F:06:81:4C:FF:2B:95:8D:6B:28:FC:D7:9C:5E:CA:FF:D1:4B:F4:DD
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 19A6EB7A7DA5983E060ADE4CF1CBF879F609A990
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/19da53cb-5900-4e0a-8e42-80f19d06288c.roa
Signing time: Sat 18 Oct 2025 04:50:11 +0000
ROA not before: Sat 18 Oct 2025 04:50:11 +0000
ROA not after: Sat 22 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 65.9.112.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:a6:eb:7a:7d:a5:98:3e:06:0a:de:4c:f1:cb:f8:79:f6:09:a9:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 18 04:50:11 2025 GMT
Not After : Nov 22 23:59:59 2025 GMT
Subject: serialNumber=48194064d5b54ee5d3ddf8740a5b5f1117c154857182e1506bec191b62f1ccfd, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:88:40:08:cd:90:37:3e:11:30:67:e2:eb:6f:
81:17:75:43:34:26:b2:ea:24:20:8b:8a:84:a3:64:
f1:8e:ea:c0:0e:43:bb:70:b5:37:39:0d:46:1a:65:
82:6d:16:c5:36:f6:a2:f4:fe:ba:bf:a3:3b:9f:21:
ac:3e:8d:54:09:dc:e6:09:e2:e2:da:79:2f:aa:02:
56:be:63:cc:ef:b0:e9:48:9c:b5:07:63:c3:6f:cc:
90:51:ce:87:df:ee:dc:0d:6f:18:54:09:e5:e4:c4:
67:e9:b9:c1:dc:ed:58:a9:60:88:42:b3:02:e5:1d:
3b:ae:be:27:79:09:f6:a7:68:d6:86:dc:04:83:70:
e8:32:6d:d4:39:6e:26:0a:1e:0c:5e:7d:45:a6:69:
d0:ea:c0:51:d5:f0:49:28:52:e3:d2:43:fd:26:c9:
4e:6e:c4:d4:30:96:7a:06:65:1f:c8:6f:6b:c2:36:
8b:8c:23:d1:58:a6:64:93:db:45:ac:60:52:2c:24:
e9:d1:0b:56:e4:c8:b5:0d:3d:ad:1e:4f:4a:31:7f:
95:6e:ad:a6:81:77:f8:4e:53:b1:5c:fc:af:54:2e:
7f:8e:5d:6b:b2:fd:fc:9b:ba:e8:6a:27:8f:b9:6b:
be:13:d3:c5:cf:34:f2:22:c7:05:8f:ca:79:9b:37:
1b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:06:81:4C:FF:2B:95:8D:6B:28:FC:D7:9C:5E:CA:FF:D1:4B:F4:DD
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/19da53cb-5900-4e0a-8e42-80f19d06288c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
65.9.112.0/21
Signature Algorithm: sha256WithRSAEncryption
8b:3f:28:33:78:e8:4d:14:4d:e8:76:45:47:e5:49:4b:da:71:
d4:21:2d:be:d7:2f:24:a2:28:15:97:d0:ec:49:35:f7:de:59:
3e:bf:8e:fa:7d:32:d2:ed:1a:06:21:cc:2c:17:85:ad:95:b6:
a0:4e:ed:24:3d:3a:74:b4:a3:96:27:4d:c0:6a:ca:b9:2e:9b:
be:5c:49:b9:60:66:d7:3e:8f:a2:7e:41:eb:59:16:23:af:03:
a2:5f:98:43:73:1e:14:c7:70:eb:41:20:24:5c:ae:c7:75:ca:
1b:5a:10:69:69:d6:60:56:00:a2:64:d4:89:21:e5:18:39:c6:
91:04:23:4b:85:ff:31:86:08:e8:b1:da:53:d1:1b:3e:d6:bf:
25:1e:45:60:c8:36:15:c9:7c:ed:ff:e3:21:25:92:6e:12:14:
2c:05:45:30:54:30:97:4d:01:9f:c5:62:b8:dc:59:03:df:c3:
99:1a:b0:7a:ed:15:ee:e1:1e:8e:6a:68:ff:b7:73:a2:21:6b:
ff:73:1d:24:78:a8:c6:ea:c5:0c:7d:50:9b:31:67:6f:2b:19:
5a:73:7a:75:3c:01:5f:30:fc:3e:a6:14:94:d7:e1:59:6a:5c:
44:6e:b9:d6:79:e7:76:09:20:ab:2a:12:1f:8d:15:1c:3a:4d:
2a:d5:e9:6d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGabren2lmD4GCt5M8cv4efYJqZAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE4MDQ1MDExWhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A0ODE5NDA2NGQ1YjU0ZWU1ZDNkZGY4NzQwYTViNWYxMTE3
YzE1NDg1NzE4MmUxNTA2YmVjMTkxYjYyZjFjY2ZkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCUiEAIzZA3PhEwZ+Lrb4EXdUM0JrLqJCCLioSjZPGO6sAO
Q7twtTc5DUYaZYJtFsU29qL0/rq/ozufIaw+jVQJ3OYJ4uLaeS+qAla+Y8zvsOlI
nLUHY8NvzJBRzoff7twNbxhUCeXkxGfpucHc7VipYIhCswLlHTuuvid5CfanaNaG
3ASDcOgybdQ5biYKHgxefUWmadDqwFHV8EkoUuPSQ/0myU5uxNQwlnoGZR/Ib2vC
NouMI9FYpmST20WsYFIsJOnRC1bkyLUNPa0eT0oxf5VuraaBd/hOU7Fc/K9ULn+O
XWuy/fybuuhqJ4+5a74T08XPNPIixwWPynmbNxulAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQULwaBTP8rlY1rKPzXnF7K/9FL9N0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE5ZGE1M2NiLTU5MDAtNGUwYS04ZTQyLTgwZjE5ZDA2Mjg4Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANBCXAwDQYJKoZIhvcNAQELBQADggEBAIs/KDN46E0UTeh2RUflSUvacdQh
Lb7XLySiKBWX0OxJNffeWT6/jvp9MtLtGgYhzCwXha2VtqBO7SQ9OnS0o5YnTcBq
yrkum75cSblgZtc+j6J+QetZFiOvA6JfmENzHhTHcOtBICRcrsd1yhtaEGlp1mBW
AKJk1Ikh5Rg5xpEEI0uF/zGGCOix2lPRGz7WvyUeRWDINhXJfO3/4yElkm4SFCwF
RTBUMJdNAZ/FYrjcWQPfw5kasHrtFe7hHo5qaP+3c6Iha/9zHSR4qMbqxQx9UJsx
Z28rGVpzenU8AV8w/D6mFJTX4VlqXERuudZ553YJIKsqEh+NFRw6TSrV6W0=
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:04:59 2025 by rpki-client