Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2983c2e1-ba11-40a6-9ad5-b5b22db61183.roa
File: 2983c2e1-ba11-40a6-9ad5-b5b22db61183.roa (raw, json)
Hash identifier: 5FOJaeuJOJ25oc26D4TJ55jazX7zEo1QN4/QXW/HwHU=
Subject key identifier: B7:AC:23:35:DF:6C:9B:3C:15:92:97:CA:2B:4F:3D:44:ED:BB:25:5E
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3C0EDBE3EAB9E9E0A86006DF14477000CD18CE4B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2983c2e1-ba11-40a6-9ad5-b5b22db61183.roa
Signing time: Sun 26 Oct 2025 00:50:38 +0000
ROA not before: Sun 26 Oct 2025 00:50:38 +0000
ROA not after: Sun 30 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 136.1.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:0e:db:e3:ea:b9:e9:e0:a8:60:06:df:14:47:70:00:cd:18:ce:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 26 00:50:38 2025 GMT
Not After : Nov 30 23:59:59 2025 GMT
Subject: serialNumber=eb20931b3f081291234ef3acb665658afbd25aea311264058fbc03448442effd, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ac:74:da:ae:0c:a6:dc:a8:11:ea:b1:20:98:
1e:55:86:9f:c4:b0:17:5b:e6:2e:f5:f9:a2:ca:1e:
5d:d6:24:3c:07:fd:1a:9f:8d:6d:6a:9f:e1:ac:fc:
ce:72:83:48:ea:98:80:02:b5:c7:6e:0b:ea:18:eb:
54:a8:26:bf:00:eb:33:dd:fb:a9:7c:e0:b0:08:8b:
0f:dc:74:58:26:95:37:0f:4f:0b:fd:74:ce:1f:22:
67:b2:f3:d5:4b:39:e2:6a:2c:40:a1:84:7b:67:95:
b8:d3:53:56:2e:38:41:3e:3e:18:2a:bf:16:9e:7e:
68:3c:c7:52:e9:7d:54:b2:b0:8c:33:18:4a:f0:2b:
0e:cf:2a:e3:f7:c5:9f:c8:a4:83:c5:54:9c:cd:c2:
46:d8:ae:ec:c1:6d:bd:30:41:13:d8:34:dc:8e:e1:
9f:3b:fd:9d:6e:9b:81:d5:db:96:09:68:e2:76:0c:
be:e7:15:4d:d6:92:d8:e0:3a:67:8d:7e:85:b4:b2:
ae:b9:00:ce:48:98:52:24:b6:92:76:75:47:ac:e7:
a5:3c:42:4b:2c:39:c0:0a:f5:62:12:f7:b6:63:32:
e8:4a:45:8c:1f:02:45:39:f5:5f:4a:2b:1e:b7:38:
42:54:27:9f:c9:7c:5c:15:00:ce:ed:ce:2d:a4:e6:
15:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:AC:23:35:DF:6C:9B:3C:15:92:97:CA:2B:4F:3D:44:ED:BB:25:5E
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2983c2e1-ba11-40a6-9ad5-b5b22db61183.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
136.1.0.0/16
Signature Algorithm: sha256WithRSAEncryption
00:85:77:1d:16:1c:bf:1d:b6:2d:5c:fa:aa:ad:f4:3b:4b:ff:
73:e3:a9:30:04:b1:27:36:94:b9:40:c9:84:05:a6:67:db:3f:
d2:08:ff:4b:3c:80:61:2b:3e:16:c6:59:89:93:47:e0:c8:b5:
19:13:09:d8:bd:f5:7c:97:aa:50:00:22:8a:a6:29:ec:79:6e:
e8:ff:a3:bc:5d:00:c3:15:ab:9b:55:1a:84:78:bb:ff:80:5b:
27:52:04:16:89:1e:b2:b6:61:c8:fb:c7:d2:19:0f:2e:94:01:
4b:0d:cc:95:70:98:b0:f6:4d:56:d4:0b:f6:26:99:15:c8:04:
ef:57:46:3f:6a:ae:28:5d:b8:02:c9:85:1b:0e:25:dc:a5:48:
3b:09:5b:b2:5e:09:9b:82:a6:b0:1c:b2:cf:35:55:38:aa:bd:
e4:90:ef:bf:89:52:b2:b6:80:bd:eb:87:d6:d6:23:b2:56:f3:
07:32:43:09:7c:ae:0d:0c:91:cd:ca:fb:58:86:db:92:20:80:
e7:4d:27:a1:a3:95:08:0c:a5:af:a1:b7:ac:5c:52:19:ce:0c:
22:02:90:0f:94:25:d1:cf:99:9c:e6:7a:53:a3:08:32:a9:74:
7f:b9:5e:6b:f6:12:d7:6b:dc:3a:56:be:c5:42:11:67:9e:70:
61:a1:30:1b
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUPA7b4+q56eCoYAbfFEdwAM0YzkswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI2MDA1MDM4WhcNMjUxMTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BlYjIwOTMxYjNmMDgxMjkxMjM0ZWYzYWNiNjY1NjU4YWZi
ZDI1YWVhMzExMjY0MDU4ZmJjMDM0NDg0NDJlZmZkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCnrHTargym3KgR6rEgmB5Vhp/EsBdb5i71+aLKHl3WJDwH
/RqfjW1qn+Gs/M5yg0jqmIACtcduC+oY61SoJr8A6zPd+6l84LAIiw/cdFgmlTcP
Twv9dM4fImey89VLOeJqLEChhHtnlbjTU1YuOEE+Phgqvxaefmg8x1LpfVSysIwz
GErwKw7PKuP3xZ/IpIPFVJzNwkbYruzBbb0wQRPYNNyO4Z87/Z1um4HV25YJaOJ2
DL7nFU3WktjgOmeNfoW0sq65AM5ImFIktpJ2dUes56U8QkssOcAK9WIS97ZjMuhK
RYwfAkU59V9KKx63OEJUJ5/JfFwVAM7tzi2k5hUPAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUt6wjNd9smzwVkpfKK089RO27JV4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI5ODNjMmUxLWJhMTEtNDBhNi05YWQ1LWI1YjIyZGI2MTE4My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCIATANBgkqhkiG9w0BAQsFAAOCAQEAAIV3HRYcvx22LVz6qq30O0v/c+Op
MASxJzaUuUDJhAWmZ9s/0gj/SzyAYSs+FsZZiZNH4Mi1GRMJ2L31fJeqUAAiiqYp
7Hlu6P+jvF0AwxWrm1UahHi7/4BbJ1IEFokesrZhyPvH0hkPLpQBSw3MlXCYsPZN
VtQL9iaZFcgE71dGP2quKF24AsmFGw4l3KVIOwlbsl4Jm4KmsByyzzVVOKq95JDv
v4lSsraAveuH1tYjslbzBzJDCXyuDQyRzcr7WIbbkiCA500noaOVCAylr6G3rFxS
Gc4MIgKQD5Ql0c+ZnOZ6U6MIMql0f7lea/YS12vcOla+xUIRZ55wYaEwGw==
-----END CERTIFICATE-----
Generated at Mon Nov 3 20:19:23 2025 by rpki-client