Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/298f7a82-24b8-4c48-8005-46f4c30ff875.roa
File: 298f7a82-24b8-4c48-8005-46f4c30ff875.roa (raw, json)
Hash identifier: ylhUXTX+WD3elLUOclbiusWx/Z5NhjHF2UK3Bt5OsQo=
Subject key identifier: A1:F5:CE:5D:6E:CC:28:A5:07:9C:33:99:6A:12:D2:2C:19:37:26:0B
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4A97C22A4D473E7536B1744D0C983C17D41AC13B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/298f7a82-24b8-4c48-8005-46f4c30ff875.roa
Signing time: Fri 03 Oct 2025 00:12:50 +0000
ROA not before: Fri 03 Oct 2025 00:12:50 +0000
ROA not after: Fri 07 Nov 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2600:1fa0:5000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:97:c2:2a:4d:47:3e:75:36:b1:74:4d:0c:98:3c:17:d4:1a:c1:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 3 00:12:50 2025 GMT
Not After : Nov 7 23:59:59 2025 GMT
Subject: serialNumber=b038d66de50861b4a3a50f1f21c0e8a4e0a6eaa2c33b49f9e40416727c32e3e0, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:68:6e:ff:92:d3:cc:55:bb:eb:c6:4d:12:9b:
d1:32:a5:b0:79:50:ff:cb:e7:fd:5f:da:15:90:f1:
78:e2:f0:d9:83:dd:4d:33:b4:57:e3:8c:4e:d7:5a:
a7:e9:27:1b:b7:8e:02:6a:11:ef:ac:55:6e:e5:b0:
8e:7e:62:a9:31:8e:fc:0d:32:17:66:2f:3b:7e:a5:
a0:9a:7e:b7:8c:6b:e0:f0:22:c0:f9:2b:10:45:d3:
8f:71:d9:ac:19:35:69:9e:c7:68:81:44:b2:3a:90:
86:23:77:19:a4:52:37:76:03:a3:8b:6d:5d:b8:37:
26:84:ce:6d:12:60:e9:4a:a5:af:9d:8c:8b:fb:d7:
83:9a:04:61:45:02:11:99:70:d2:a3:2b:ab:75:bc:
ad:a4:cc:46:a7:eb:f9:c0:08:b8:7a:62:d6:4d:c2:
0e:23:f9:fb:53:48:d8:e8:c8:66:31:7e:05:ff:c2:
87:44:dd:1c:82:64:7a:cd:e8:0a:8b:97:42:7e:57:
44:5a:b3:f9:59:ca:13:c1:85:41:8b:7e:5a:51:e4:
55:49:95:0b:e4:51:12:b2:d7:2f:ce:28:53:d3:94:
c1:3e:11:ba:f7:cb:66:56:70:8a:99:1e:1a:8f:5b:
2b:7a:c1:67:b5:53:ad:b1:16:e2:ef:9f:fb:1f:66:
4c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:F5:CE:5D:6E:CC:28:A5:07:9C:33:99:6A:12:D2:2C:19:37:26:0B
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/298f7a82-24b8-4c48-8005-46f4c30ff875.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1fa0:5000::/40
Signature Algorithm: sha256WithRSAEncryption
39:2e:78:37:42:0d:a4:eb:f4:3f:d7:d7:3a:69:ea:b2:90:a7:
0e:c5:0b:01:5f:1d:04:4e:d8:38:23:5f:92:76:d9:65:a4:1a:
93:4c:4f:35:01:4d:b7:e8:f6:27:56:30:2e:75:2b:d6:87:a2:
63:72:2b:5e:45:bf:28:3d:a9:8c:7a:e7:60:9d:91:0d:2c:5e:
92:5f:63:1b:42:9c:15:94:a7:db:94:09:98:55:22:b1:e4:83:
5c:55:59:83:d3:42:45:a6:d5:18:55:df:f5:83:df:8e:af:4a:
21:7a:86:02:94:ac:55:da:e6:7a:40:cd:c5:56:c3:29:53:70:
44:ae:39:1e:51:ea:5d:f3:80:7e:02:44:48:98:39:ea:22:e6:
6b:e2:38:d6:c4:0e:0e:78:bc:07:36:c2:ce:36:80:3f:2e:cf:
dd:b4:4f:ac:45:16:7c:21:65:4e:7e:1a:8b:e0:bb:1e:65:22:
1b:17:ea:53:22:f9:6f:00:79:9d:d4:b7:af:fd:60:21:6f:de:
c0:dd:b0:76:57:65:fd:ea:ef:ed:fb:19:e8:2e:fd:68:e4:13:
66:7b:f5:63:72:02:aa:6e:d1:a1:5b:1d:19:7d:d0:30:e3:2d:
a2:74:1e:56:51:27:c3:55:62:eb:34:e8:e8:32:91:e2:94:89:
a5:63:56:3e
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUSpfCKk1HPnU2sXRNDJg8F9QawTswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAzMDAxMjUwWhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BiMDM4ZDY2ZGU1MDg2MWI0YTNhNTBmMWYyMWMwZThhNGUw
YTZlYWEyYzMzYjQ5ZjllNDA0MTY3MjdjMzJlM2UwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCiaG7/ktPMVbvrxk0Sm9EypbB5UP/L5/1f2hWQ8Xji8NmD
3U0ztFfjjE7XWqfpJxu3jgJqEe+sVW7lsI5+YqkxjvwNMhdmLzt+paCafreMa+Dw
IsD5KxBF049x2awZNWmex2iBRLI6kIYjdxmkUjd2A6OLbV24NyaEzm0SYOlKpa+d
jIv714OaBGFFAhGZcNKjK6t1vK2kzEan6/nACLh6YtZNwg4j+ftTSNjoyGYxfgX/
wodE3RyCZHrN6AqLl0J+V0Ras/lZyhPBhUGLflpR5FVJlQvkURKy1y/OKFPTlME+
Ebr3y2ZWcIqZHhqPWyt6wWe1U62xFuLvn/sfZkxBAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUofXOXW7MKKUHnDOZahLSLBk3JgswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI5OGY3YTgyLTI0YjgtNGM0OC04MDA1LTQ2ZjRjMzBmZjg3NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB+gUDANBgkqhkiG9w0BAQsFAAOCAQEAOS54N0INpOv0P9fXOmnqspCn
DsULAV8dBE7YOCNfknbZZaQak0xPNQFNt+j2J1YwLnUr1oeiY3IrXkW/KD2pjHrn
YJ2RDSxekl9jG0KcFZSn25QJmFUiseSDXFVZg9NCRabVGFXf9YPfjq9KIXqGApSs
VdrmekDNxVbDKVNwRK45HlHqXfOAfgJESJg56iLma+I41sQODni8BzbCzjaAPy7P
3bRPrEUWfCFlTn4ai+C7HmUiGxfqUyL5bwB5ndS3r/1gIW/ewN2wdldl/erv7fsZ
6C79aOQTZnv1Y3ICqm7RoVsdGX3QMOMtonQeVlEnw1Vi6zTo6DKR4pSJpWNWPg==
-----END CERTIFICATE-----
Generated at Tue Oct 14 04:41:19 2025 by rpki-client