Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/387f6abd-05be-4405-827e-d42259220290.roa
File: 387f6abd-05be-4405-827e-d42259220290.roa (raw, json)
Hash identifier: ePFfIoP2r5ipp1k1EB2WVoDtkJ6MJ2c9EVeoePu2zfs=
Subject key identifier: B6:E5:0A:D3:7A:D2:25:C7:1E:E9:71:29:B8:EA:5D:C8:4B:76:AE:C9
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 158BB61C8C96914D4ADCEC4721A9C33C2BF23D31
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/387f6abd-05be-4405-827e-d42259220290.roa
Signing time: Tue 14 Oct 2025 20:01:16 +0000
ROA not before: Tue 14 Oct 2025 20:01:16 +0000
ROA not after: Tue 18 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 99.84.92.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:8b:b6:1c:8c:96:91:4d:4a:dc:ec:47:21:a9:c3:3c:2b:f2:3d:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 14 20:01:16 2025 GMT
Not After : Nov 18 23:59:59 2025 GMT
Subject: serialNumber=0222b92561234850f7cef2661aae6fa1bb9714aba84419565f61e0169ecce6af, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f3:e8:c6:1d:4a:74:37:b3:d9:ff:b6:23:25:
34:c5:13:09:b4:13:ae:59:a8:e2:72:e5:bb:85:09:
ee:4b:73:ae:21:a1:30:60:e3:a1:91:9b:70:97:12:
a5:ba:6c:68:cb:bf:e1:aa:d3:90:6d:18:4b:5a:c6:
98:1b:65:2e:60:68:e0:e1:ae:60:60:b4:3e:b1:6e:
de:83:7d:72:43:1b:5a:2c:0b:9d:31:e0:a1:f6:2f:
9e:a5:fb:b2:c9:3e:6d:5a:89:0f:05:52:bd:e8:20:
22:79:ed:6d:78:e0:14:84:23:4d:03:0e:83:23:7e:
d3:64:3c:03:41:c0:80:0b:10:d7:b0:7a:a5:b0:c0:
55:17:4b:1b:f8:1a:ad:dc:9c:bb:22:5a:b8:ef:73:
45:34:55:cc:c1:95:be:34:dd:82:f6:cb:f1:4a:26:
e9:ca:23:ef:f8:3f:07:91:64:f2:8b:ea:f8:d8:0b:
5c:9e:b3:39:dc:6b:30:89:17:19:27:f1:35:c6:33:
44:f8:44:43:38:78:72:eb:7f:f5:08:9a:c0:cf:1e:
c1:c8:49:24:99:5e:39:16:a4:8d:dc:20:98:0d:42:
8c:9a:10:aa:1d:d6:bd:de:d8:2a:f4:f1:eb:f4:55:
f8:a1:16:e1:c6:23:2a:05:29:81:ed:2e:c1:ff:87:
1e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:E5:0A:D3:7A:D2:25:C7:1E:E9:71:29:B8:EA:5D:C8:4B:76:AE:C9
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/387f6abd-05be-4405-827e-d42259220290.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
99.84.92.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:73:bb:93:09:d0:08:02:e3:98:bd:01:44:61:52:30:0d:d2:
04:de:fa:ca:46:c5:ef:8f:92:64:a6:e8:2e:01:27:9b:8f:6f:
2d:09:55:b3:b5:e4:a8:60:08:87:8f:0c:22:1a:01:57:81:a4:
f0:48:45:77:f2:59:8c:fa:bd:38:cb:bd:29:54:6d:17:e3:aa:
5f:85:11:9f:b5:fa:b5:50:9c:58:5d:32:11:0f:a0:e5:93:a2:
3c:41:d7:f7:c2:e4:fb:23:f6:4d:4a:6d:a7:53:70:16:48:3e:
ff:fc:78:14:da:d4:c7:c0:c8:21:af:59:bc:c6:1c:d7:4c:d3:
d3:9c:f4:c4:d4:ee:59:e3:d1:fb:05:71:c8:10:23:d2:28:32:
da:7b:d6:5a:99:4a:b2:b2:2f:e1:49:14:44:de:73:a9:75:08:
5b:f6:f9:b9:5a:12:b3:79:80:e5:c6:fd:91:13:fc:6e:2d:b9:
67:87:60:81:4f:56:5e:3e:2e:55:48:aa:fb:60:0b:f4:5b:d2:
e3:6a:2c:6f:b1:9d:07:aa:83:ef:56:0e:ac:4e:df:8f:74:6c:
79:d2:2f:3d:f9:f3:96:c1:fd:04:9c:3b:dd:98:bf:7b:d6:18:
1d:a3:6c:57:0b:66:45:89:16:95:1a:35:5c:cc:52:38:29:32:
2a:35:97:58
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFYu2HIyWkU1K3OxHIanDPCvyPTEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE0MjAwMTE2WhcNMjUxMTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AwMjIyYjkyNTYxMjM0ODUwZjdjZWYyNjYxYWFlNmZhMWJi
OTcxNGFiYTg0NDE5NTY1ZjYxZTAxNjllY2NlNmFmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCp8+jGHUp0N7PZ/7YjJTTFEwm0E65ZqOJy5buFCe5Lc64h
oTBg46GRm3CXEqW6bGjLv+Gq05BtGEtaxpgbZS5gaODhrmBgtD6xbt6DfXJDG1os
C50x4KH2L56l+7LJPm1aiQ8FUr3oICJ57W144BSEI00DDoMjftNkPANBwIALENew
eqWwwFUXSxv4Gq3cnLsiWrjvc0U0VczBlb403YL2y/FKJunKI+/4PweRZPKL6vjY
C1yeszncazCJFxkn8TXGM0T4REM4eHLrf/UImsDPHsHISSSZXjkWpI3cIJgNQoya
EKod1r3e2Cr08ev0VfihFuHGIyoFKYHtLsH/hx45AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUtuUK03rSJcce6XEpuOpdyEt2rskwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM4N2Y2YWJkLTA1YmUtNDQwNS04MjdlLWQ0MjI1OTIyMDI5MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJjVFwwDQYJKoZIhvcNAQELBQADggEBAF1zu5MJ0AgC45i9AURhUjAN0gTe
+spGxe+PkmSm6C4BJ5uPby0JVbO15KhgCIePDCIaAVeBpPBIRXfyWYz6vTjLvSlU
bRfjql+FEZ+1+rVQnFhdMhEPoOWTojxB1/fC5Psj9k1KbadTcBZIPv/8eBTa1MfA
yCGvWbzGHNdM09Oc9MTU7lnj0fsFccgQI9IoMtp71lqZSrKyL+FJFETec6l1CFv2
+blaErN5gOXG/ZET/G4tuWeHYIFPVl4+LlVIqvtgC/Rb0uNqLG+xnQeqg+9WDqxO
3490bHnSLz3585bB/QScO92Yv3vWGB2jbFcLZkWJFpUaNVzMUjgpMio1l1g=
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:10:58 2025 by rpki-client