Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3a08c855-4cd4-4fa5-b780-8a773463b987.roa
File: 3a08c855-4cd4-4fa5-b780-8a773463b987.roa (raw, json)
Hash identifier: /6wsF1hW+lTnPIjiyaVZeFS6exBtcsDtvOf+PPkLm/g=
Subject key identifier: D4:71:AA:8A:4B:05:EB:6F:B7:BD:A5:49:D4:50:B0:6E:B2:30:1A:CD
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4660E62BB1549AA2F1493D729F1987EA3F30B034
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3a08c855-4cd4-4fa5-b780-8a773463b987.roa
Signing time: Wed 29 Oct 2025 00:20:03 +0000
ROA not before: Wed 29 Oct 2025 00:20:03 +0000
ROA not after: Wed 03 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 151.148.16.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:60:e6:2b:b1:54:9a:a2:f1:49:3d:72:9f:19:87:ea:3f:30:b0:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 29 00:20:03 2025 GMT
Not After : Dec 3 23:59:59 2025 GMT
Subject: serialNumber=befc66135f42c4e29bd2156bc397ecf982ac624493cdf7f50b56fae599adba97, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:31:86:20:f9:ea:a0:0e:94:a2:f1:f8:38:25:
47:f4:2d:97:48:b9:4f:ee:f5:dc:06:f9:ef:cf:6c:
29:b5:7d:d0:b0:8d:64:c9:15:36:2b:e2:94:8d:98:
5d:ae:8f:0c:b7:be:54:3e:a8:a8:ff:97:a0:89:91:
96:11:ea:3c:4e:63:ed:6d:45:73:0a:04:c7:93:d4:
e1:9d:0c:15:d9:4c:0c:b3:fb:fd:71:82:52:be:90:
d6:f8:04:83:4c:1c:c5:23:10:0b:c5:51:64:be:ce:
a4:a2:53:ba:ac:d3:95:c1:6c:cc:4d:38:e3:6c:51:
48:6d:cb:e6:61:f9:3e:61:a6:5a:cf:6c:4f:91:93:
72:48:cd:db:c5:ad:70:d5:94:9d:21:3c:6c:ea:45:
08:03:28:e2:b8:fb:6f:79:65:61:25:96:69:01:4b:
35:12:a8:51:e8:50:ca:9c:0a:3a:ec:f4:8b:f8:50:
95:21:a6:a2:12:b6:d1:8a:49:5a:53:04:a2:29:46:
f0:81:e1:27:d3:8d:1b:66:32:4f:18:99:f2:64:fe:
32:19:56:0c:bc:97:87:c6:25:a9:3a:52:77:86:2c:
28:07:14:75:d4:c2:ac:25:48:21:d1:5f:ea:62:ae:
1f:0a:b8:de:17:aa:7b:8c:b5:b6:97:dc:38:8d:62:
20:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:71:AA:8A:4B:05:EB:6F:B7:BD:A5:49:D4:50:B0:6E:B2:30:1A:CD
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3a08c855-4cd4-4fa5-b780-8a773463b987.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.148.16.0/20
Signature Algorithm: sha256WithRSAEncryption
bf:de:d8:54:15:a8:e3:ed:40:67:f9:c2:27:9f:f4:4f:78:34:
f2:e2:e9:b1:dd:a1:bc:7f:48:20:2b:3f:45:32:de:fc:04:2c:
4a:03:d3:9d:83:aa:05:ac:af:2d:05:05:44:08:03:02:7d:99:
23:c7:b7:e8:9e:00:50:e1:fc:f0:16:31:35:e8:2d:7c:39:94:
91:ea:b9:82:19:8f:72:a3:d0:e8:64:01:2e:5e:25:99:11:9b:
0d:47:a6:67:8c:a6:3a:63:7e:f4:57:41:79:48:68:b4:cb:27:
46:a6:d3:f7:41:55:22:e2:2e:25:8d:79:ab:f4:fc:63:36:50:
f9:54:37:77:3e:d6:a0:45:b1:cd:e7:8c:46:76:55:d8:d0:f1:
94:3c:27:10:81:39:c4:86:d9:dd:2d:28:5d:c4:f6:a2:66:21:
f0:c8:61:4c:b2:6b:ce:7b:de:fd:32:2d:ff:27:15:e6:e0:63:
02:1c:71:07:75:2a:1f:e1:e8:dd:9e:bb:1e:11:03:ae:36:62:
4c:0e:dd:45:49:fc:29:7d:e1:fb:39:80:aa:6e:dc:e2:dd:a0:
4a:2f:2e:c9:21:71:2f:ad:00:53:76:c7:1f:e3:f7:92:fb:9e:
91:58:5f:d6:36:60:33:0b:44:ee:54:01:f1:61:81:3f:52:30:
e9:56:e2:49
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURmDmK7FUmqLxST1ynxmH6j8wsDQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI5MDAyMDAzWhcNMjUxMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BiZWZjNjYxMzVmNDJjNGUyOWJkMjE1NmJjMzk3ZWNmOTgy
YWM2MjQ0OTNjZGY3ZjUwYjU2ZmFlNTk5YWRiYTk3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwMYYg+eqgDpSi8fg4JUf0LZdIuU/u9dwG+e/PbCm1fdCw
jWTJFTYr4pSNmF2ujwy3vlQ+qKj/l6CJkZYR6jxOY+1tRXMKBMeT1OGdDBXZTAyz
+/1xglK+kNb4BINMHMUjEAvFUWS+zqSiU7qs05XBbMxNOONsUUhty+Zh+T5hplrP
bE+Rk3JIzdvFrXDVlJ0hPGzqRQgDKOK4+295ZWEllmkBSzUSqFHoUMqcCjrs9Iv4
UJUhpqISttGKSVpTBKIpRvCB4SfTjRtmMk8YmfJk/jIZVgy8l4fGJak6UneGLCgH
FHXUwqwlSCHRX+pirh8KuN4XqnuMtbaX3DiNYiBJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU1HGqiksF62+3vaVJ1FCwbrIwGs0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNhMDhjODU1LTRjZDQtNGZhNS1iNzgwLThhNzczNDYzYjk4Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBASXlBAwDQYJKoZIhvcNAQELBQADggEBAL/e2FQVqOPtQGf5wief9E94NPLi
6bHdobx/SCArP0Uy3vwELEoD052DqgWsry0FBUQIAwJ9mSPHt+ieAFDh/PAWMTXo
LXw5lJHquYIZj3Kj0OhkAS5eJZkRmw1HpmeMpjpjfvRXQXlIaLTLJ0am0/dBVSLi
LiWNeav0/GM2UPlUN3c+1qBFsc3njEZ2VdjQ8ZQ8JxCBOcSG2d0tKF3E9qJmIfDI
YUyya8573v0yLf8nFebgYwIccQd1Kh/h6N2eux4RA642YkwO3UVJ/Cl94fs5gKpu
3OLdoEovLskhcS+tAFN2xx/j95L7npFYX9Y2YDMLRO5UAfFhgT9SMOlW4kk=
-----END CERTIFICATE-----
Generated at Fri Oct 31 09:09:11 2025 by rpki-client