Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2f4d1e5f-1483-4011-a7b3-0353a2c74128.roa
File: 2f4d1e5f-1483-4011-a7b3-0353a2c74128.roa (raw, json)
Hash identifier: zCIbo/QxXS0VLEMu1XsBMEkII48beQwKqFjz6TFfm+I=
Subject key identifier: 42:C9:44:58:C8:17:FA:1C:AA:07:3E:50:C4:77:1D:1D:78:6C:7E:5A
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 11C92E406372B503E7B259C24C54AC72C076DA12
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2f4d1e5f-1483-4011-a7b3-0353a2c74128.roa
Signing time: Tue 30 Sep 2025 00:02:52 +0000
ROA not before: Tue 30 Sep 2025 00:02:52 +0000
ROA not after: Tue 04 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 155.40.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:c9:2e:40:63:72:b5:03:e7:b2:59:c2:4c:54:ac:72:c0:76:da:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Sep 30 00:02:52 2025 GMT
Not After : Nov 4 23:59:59 2025 GMT
Subject: serialNumber=9ebe9bf2caa4625bf34f7971df547d6559015bf761a3eb5f61ee0fbe3ab09436, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:37:17:c2:37:14:25:21:b4:b5:f2:c9:4b:ae:
2c:c7:aa:98:33:e3:90:c3:b4:2d:63:be:77:45:f9:
ac:e6:81:78:1f:e7:9a:bf:9b:cf:6b:cb:91:0c:34:
68:61:dd:3f:31:4b:ba:96:6f:d1:fc:ef:bc:b0:01:
97:74:bc:41:b8:17:d9:17:31:af:55:fd:3b:24:e6:
b3:ff:12:85:b8:19:fa:f2:e4:45:03:4c:32:62:77:
30:32:7d:87:b0:d1:ea:39:e4:f1:12:45:2e:33:7a:
de:33:18:11:aa:cf:4a:cb:df:52:7d:4d:9c:1f:a5:
ab:e3:e4:1a:32:cb:9b:5b:86:b6:ec:75:89:17:5f:
a1:ac:e5:c4:f2:82:2e:20:1a:cf:4b:0c:e2:e9:05:
43:4a:5a:4b:2c:45:73:31:0a:45:f6:87:a6:1c:ed:
a3:1e:83:90:3e:23:1a:43:2a:73:eb:68:95:2d:e3:
00:40:87:3f:2c:26:a6:3a:44:b5:80:73:14:32:ba:
d8:34:98:45:0f:d3:39:c2:e3:eb:98:c4:1a:51:51:
ef:d2:f1:0d:b3:2a:9d:4e:88:5d:db:ed:fe:2a:fc:
75:f2:44:14:f6:19:9a:71:f2:c6:5f:b1:cc:9a:67:
54:1f:01:8f:e0:ad:da:3e:40:2c:88:63:1d:c5:4b:
d0:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:C9:44:58:C8:17:FA:1C:AA:07:3E:50:C4:77:1D:1D:78:6C:7E:5A
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2f4d1e5f-1483-4011-a7b3-0353a2c74128.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.40.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3f:ab:8f:38:c2:61:1a:9d:9a:5a:10:71:6c:56:ad:3a:2b:57:
2f:97:e9:6b:12:83:95:4a:44:31:a6:96:a6:f8:c1:54:3d:60:
95:a7:c1:32:cc:ba:43:50:92:d0:44:1f:07:9a:9b:07:25:61:
81:bf:8a:28:ff:ca:2e:6f:74:f4:44:e8:fe:4a:72:0f:65:0c:
f6:53:55:14:78:d2:21:ea:c4:38:b4:0a:de:53:44:2a:b4:28:
ed:e2:11:9c:e3:58:46:e6:85:b3:cf:47:86:2c:6d:55:5f:bd:
56:4c:92:a2:23:90:df:6d:40:8b:01:6b:ac:0a:dc:7b:07:39:
bc:cf:c6:94:ab:e2:0e:81:55:e7:d0:41:67:89:71:ab:26:8c:
e5:30:ce:66:a9:7c:7a:c8:fc:08:f6:7b:60:eb:77:c2:d3:98:
39:e1:83:4b:52:ba:e2:46:95:08:81:94:98:04:cf:67:c5:95:
88:5e:89:7c:b2:a2:f3:c3:27:cd:ad:d6:5d:85:9d:67:b3:24:
fb:52:0b:0d:3f:89:f7:4c:9c:ae:52:e5:39:6d:91:04:fd:78:
6b:9f:64:15:3b:3e:67:78:7d:67:f7:df:15:ad:44:79:f6:de:
7a:bf:fb:db:f3:44:16:5e:5d:ce:a8:b0:13:80:1f:64:aa:66:
2e:4c:14:d6
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUEckuQGNytQPnslnCTFSscsB22hIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTMwMDAwMjUyWhcNMjUxMTA0MjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZWJlOWJmMmNhYTQ2MjViZjM0Zjc5NzFkZjU0N2Q2NTU5
MDE1YmY3NjFhM2ViNWY2MWVlMGZiZTNhYjA5NDM2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD3NxfCNxQlIbS18slLrizHqpgz45DDtC1jvndF+azmgXgf
55q/m89ry5EMNGhh3T8xS7qWb9H877ywAZd0vEG4F9kXMa9V/Tsk5rP/EoW4Gfry
5EUDTDJidzAyfYew0eo55PESRS4zet4zGBGqz0rL31J9TZwfpavj5Boyy5tbhrbs
dYkXX6Gs5cTygi4gGs9LDOLpBUNKWkssRXMxCkX2h6Yc7aMeg5A+IxpDKnPraJUt
4wBAhz8sJqY6RLWAcxQyutg0mEUP0znC4+uYxBpRUe/S8Q2zKp1OiF3b7f4q/HXy
RBT2GZpx8sZfscyaZ1QfAY/grdo+QCyIYx3FS9AfAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUQslEWMgX+hyqBz5QxHcdHXhsflowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJmNGQxZTVmLTE0ODMtNDAxMS1hN2IzLTAzNTNhMmM3NDEyOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCbKDANBgkqhkiG9w0BAQsFAAOCAQEAP6uPOMJhGp2aWhBxbFatOitXL5fp
axKDlUpEMaaWpvjBVD1glafBMsy6Q1CS0EQfB5qbByVhgb+KKP/KLm909ETo/kpy
D2UM9lNVFHjSIerEOLQK3lNEKrQo7eIRnONYRuaFs89HhixtVV+9VkySoiOQ321A
iwFrrArcewc5vM/GlKviDoFV59BBZ4lxqyaM5TDOZql8esj8CPZ7YOt3wtOYOeGD
S1K64kaVCIGUmATPZ8WViF6JfLKi88Mnza3WXYWdZ7Mk+1ILDT+J90ycrlLlOW2R
BP14a59kFTs+Z3h9Z/ffFa1Eefbeer/72/NEFl5dzqiwE4AfZKpmLkwU1g==
-----END CERTIFICATE-----
Generated at Fri Oct 17 02:36:34 2025 by rpki-client