Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/376cea87-1261-43b0-8bdc-603805220984.roa
File: 376cea87-1261-43b0-8bdc-603805220984.roa (raw, json)
Hash identifier: kBzV3VNmx0FD8R19KgomKJjnuPNW+we+ZBXKgSTAHYY=
Subject key identifier: C1:5A:5C:70:3C:84:27:2E:B6:88:7B:07:4D:74:3F:82:3E:6D:EC:53
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 268B88FBFA476CEB71D1FB3E0D920268E9BDA5FD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/376cea87-1261-43b0-8bdc-603805220984.roa
Signing time: Sat 25 Oct 2025 00:00:39 +0000
ROA not before: Sat 25 Oct 2025 00:00:39 +0000
ROA not after: Sat 29 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 166.117.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:8b:88:fb:fa:47:6c:eb:71:d1:fb:3e:0d:92:02:68:e9:bd:a5:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 25 00:00:39 2025 GMT
Not After : Nov 29 23:59:59 2025 GMT
Subject: serialNumber=d177cc581647b477081b1cec2f20caf9b76d2c6e06374830723012526e75513f, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:15:ea:1a:15:61:46:ab:8f:42:15:4e:ea:ec:
70:7a:c2:f2:88:f7:1d:5d:9a:39:72:20:cf:8e:45:
f1:75:31:15:7b:53:52:b1:0b:86:a0:74:db:5b:ec:
a1:70:cb:99:5e:7c:cf:9e:3a:45:18:48:3e:42:e6:
38:4c:f8:45:2f:15:12:eb:98:e5:90:0a:94:8d:54:
ed:92:9d:5f:f5:df:88:b7:f8:d6:93:da:da:a1:55:
91:3f:a1:25:15:5c:54:54:9f:46:5e:2c:f1:3f:de:
0e:5b:ca:65:24:ed:03:13:8c:8d:f3:02:97:85:8a:
fe:f0:04:cb:51:14:36:21:c8:ea:de:82:94:98:bf:
fc:8f:3f:dd:83:b7:00:66:58:dd:cb:71:3a:56:97:
10:04:f6:b2:0c:d3:b9:6c:99:05:01:d6:7e:48:54:
b6:aa:ec:49:1f:7d:19:4c:cd:78:09:35:fb:1b:44:
13:6b:a4:aa:c7:ab:08:31:79:22:57:2e:c5:3a:ce:
60:d3:63:91:6a:ba:e9:fe:37:6c:cb:61:85:0a:a7:
a1:d4:ff:5b:23:54:96:15:15:48:77:7c:9d:2b:35:
a9:34:08:fb:9c:cd:75:da:e2:15:94:d7:f5:f4:ae:
c3:0e:29:af:fb:8d:73:6a:cb:17:19:00:a6:c5:fa:
e1:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:5A:5C:70:3C:84:27:2E:B6:88:7B:07:4D:74:3F:82:3E:6D:EC:53
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/376cea87-1261-43b0-8bdc-603805220984.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.117.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0b:ad:52:cf:90:0f:23:e4:47:c4:a5:88:f0:bf:1a:d4:41:6a:
67:71:10:10:d7:0f:6b:89:64:64:28:d3:36:67:e3:ff:eb:eb:
5c:ef:fb:92:98:5d:dd:27:dc:06:57:23:a1:ac:9b:08:82:d8:
b0:4c:89:11:09:74:55:90:a2:6a:e0:54:31:3c:e9:2b:5e:a0:
ec:7b:d7:8c:2f:7f:03:f2:d8:35:d8:31:4b:72:a3:1c:07:81:
e6:fd:db:5c:61:f4:90:38:93:40:38:00:60:66:34:aa:a8:80:
59:b9:a8:5c:66:7f:66:f3:43:0a:70:a7:e1:90:ec:d4:17:08:
70:3f:9d:48:5a:a1:7a:3e:5a:10:56:23:61:4b:94:f7:84:e3:
d2:67:26:7d:62:c1:13:57:31:c1:8a:bb:ba:33:20:55:0d:39:
8a:26:6a:d7:3d:e2:5b:8e:f4:90:b7:9d:2a:e6:13:ee:38:01:
37:27:26:92:78:f5:87:4f:dc:95:7a:4b:01:d5:b7:bf:b1:63:
f7:cd:6e:ba:5b:10:3b:60:0b:a3:3d:f9:73:89:30:5b:da:e5:
92:41:7b:00:bb:22:8e:74:05:f9:50:ee:39:c0:e8:e7:f9:38:
a9:be:6a:8f:d6:76:c8:8b:6c:55:9c:58:9c:22:ae:b6:bb:ba:
0e:06:f3:99
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUJouI+/pHbOtx0fs+DZICaOm9pf0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI1MDAwMDM5WhcNMjUxMTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BkMTc3Y2M1ODE2NDdiNDc3MDgxYjFjZWMyZjIwY2FmOWI3
NmQyYzZlMDYzNzQ4MzA3MjMwMTI1MjZlNzU1MTNmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqFeoaFWFGq49CFU7q7HB6wvKI9x1dmjlyIM+ORfF1MRV7
U1KxC4agdNtb7KFwy5lefM+eOkUYSD5C5jhM+EUvFRLrmOWQCpSNVO2SnV/134i3
+NaT2tqhVZE/oSUVXFRUn0ZeLPE/3g5bymUk7QMTjI3zApeFiv7wBMtRFDYhyOre
gpSYv/yPP92DtwBmWN3LcTpWlxAE9rIM07lsmQUB1n5IVLaq7EkffRlMzXgJNfsb
RBNrpKrHqwgxeSJXLsU6zmDTY5Fquun+N2zLYYUKp6HU/1sjVJYVFUh3fJ0rNak0
CPuczXXa4hWU1/X0rsMOKa/7jXNqyxcZAKbF+uFvAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUwVpccDyEJy62iHsHTXQ/gj5t7FMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM3NmNlYTg3LTEyNjEtNDNiMC04YmRjLTYwMzgwNTIyMDk4NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCmdTANBgkqhkiG9w0BAQsFAAOCAQEAC61Sz5API+RHxKWI8L8a1EFqZ3EQ
ENcPa4lkZCjTNmfj/+vrXO/7kphd3SfcBlcjoaybCILYsEyJEQl0VZCiauBUMTzp
K16g7HvXjC9/A/LYNdgxS3KjHAeB5v3bXGH0kDiTQDgAYGY0qqiAWbmoXGZ/ZvND
CnCn4ZDs1BcIcD+dSFqhej5aEFYjYUuU94Tj0mcmfWLBE1cxwYq7ujMgVQ05iiZq
1z3iW470kLedKuYT7jgBNycmknj1h0/clXpLAdW3v7Fj981uulsQO2ALoz35c4kw
W9rlkkF7ALsijnQF+VDuOcDo5/k4qb5qj9Z2yItsVZxYnCKutru6DgbzmQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 17:55:39 2025 by rpki-client