Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/41a88a73-93bb-44b8-90fd-a8b74cf86175.roa
File: 41a88a73-93bb-44b8-90fd-a8b74cf86175.roa (raw, json)
Hash identifier: Svum3lRdh6Qri9wbUhdlAo0c3TZ6Y8Dp9tCVOKs97bc=
Subject key identifier: 46:23:6B:C0:F1:6E:28:BB:87:E7:8B:DA:72:84:29:D4:5F:71:4F:78
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 10C3744C02AD0F860B3D6F503ABAF7CBB91AB339
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/41a88a73-93bb-44b8-90fd-a8b74cf86175.roa
Signing time: Tue 28 Oct 2025 00:50:52 +0000
ROA not before: Tue 28 Oct 2025 00:50:52 +0000
ROA not after: Tue 02 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 74.230.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:c3:74:4c:02:ad:0f:86:0b:3d:6f:50:3a:ba:f7:cb:b9:1a:b3:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 28 00:50:52 2025 GMT
Not After : Dec 2 23:59:59 2025 GMT
Subject: serialNumber=75c5a6adfb1daabd1c8264343ac96a5497c5836c62301fd43510b4d37fa01fd5, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d4:5e:00:b8:0b:b1:b2:c9:ce:5a:c8:26:fd:
dc:1f:33:1d:bc:d1:fd:3e:e9:0d:29:f9:4c:0b:39:
a0:d9:71:1f:64:73:5d:c9:d4:b8:23:f1:1b:0a:a0:
d2:55:99:fe:e4:0a:d8:c6:1c:e2:76:8a:4b:4a:d8:
5f:72:78:00:86:0f:f0:56:99:42:60:87:dc:ef:7f:
9f:f2:8f:d8:18:c0:72:f6:ea:6d:af:ea:fe:4f:04:
54:89:c0:38:4e:af:dd:64:ff:c2:7a:61:74:59:20:
9d:75:4f:9d:de:b9:f8:d3:f6:d9:9d:52:8a:29:38:
2d:b5:a4:20:22:b2:0c:22:5b:c6:46:c2:c2:25:3a:
55:00:3d:52:ab:31:41:4b:28:ae:4b:69:48:94:e8:
37:a8:a3:07:bd:51:8e:96:c4:af:60:4a:7d:e8:56:
ed:52:b7:eb:a3:9d:4b:e9:02:f6:12:8f:0b:5d:1b:
e5:d7:da:8d:48:e0:0a:f6:05:fa:25:24:ef:80:d7:
18:ac:40:c8:38:89:61:59:65:e6:0d:16:9b:96:4f:
9d:d7:ec:2e:39:f4:c3:c3:c6:1a:83:26:1e:49:52:
fa:48:9d:76:1e:70:e8:11:0d:69:13:8e:9c:af:53:
7f:3a:44:c9:fc:d8:ed:63:f7:1f:1d:1f:8e:19:97:
7e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:23:6B:C0:F1:6E:28:BB:87:E7:8B:DA:72:84:29:D4:5F:71:4F:78
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/41a88a73-93bb-44b8-90fd-a8b74cf86175.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
74.230.0.0/16
Signature Algorithm: sha256WithRSAEncryption
32:3a:f4:d8:9b:ab:94:2b:ea:cf:67:77:b7:b8:26:65:d8:ad:
8f:04:5e:ad:af:bf:9f:6e:b8:6f:f4:b9:02:95:6d:f5:28:03:
58:b2:bb:42:ea:b9:c3:a3:34:7b:cb:33:2e:01:25:17:ee:5e:
64:af:61:7a:f5:6a:ef:c9:f7:de:96:95:4c:b5:66:76:9e:e9:
39:e7:fd:02:17:e9:22:5f:1e:da:f0:51:d2:18:f7:b7:a6:6b:
a5:bc:cb:6e:d9:0c:96:53:f7:91:98:d8:59:59:80:7a:dd:90:
57:10:16:cd:57:27:11:a4:37:45:89:a1:34:6c:43:23:4d:0b:
9b:bf:ff:7c:ee:fb:0b:dc:73:28:71:5c:d6:31:97:0e:3a:ab:
d3:ba:17:a9:2e:9d:38:7e:18:a4:fc:80:5d:05:84:02:d1:89:
42:e7:7d:60:d4:d8:aa:d3:73:e3:08:2e:fc:60:ae:de:d2:4b:
2b:a2:39:f3:e3:9f:b5:be:7f:70:f7:23:4f:5b:22:8b:6d:03:
a5:0f:b5:ea:79:d7:b8:70:e5:19:57:5b:32:fb:3d:cf:ef:d3:
38:67:63:ac:97:43:12:d4:89:1c:ae:3b:f0:19:0f:6e:fe:3f:
19:ed:96:26:80:55:76:b2:df:d1:09:2a:76:bf:7e:55:d0:b6:
26:52:d7:2e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUEMN0TAKtD4YLPW9QOrr3y7kaszkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI4MDA1MDUyWhcNMjUxMjAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A3NWM1YTZhZGZiMWRhYWJkMWM4MjY0MzQzYWM5NmE1NDk3
YzU4MzZjNjIzMDFmZDQzNTEwYjRkMzdmYTAxZmQ1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC61F4AuAuxssnOWsgm/dwfMx280f0+6Q0p+UwLOaDZcR9k
c13J1Lgj8RsKoNJVmf7kCtjGHOJ2iktK2F9yeACGD/BWmUJgh9zvf5/yj9gYwHL2
6m2v6v5PBFSJwDhOr91k/8J6YXRZIJ11T53eufjT9tmdUoopOC21pCAisgwiW8ZG
wsIlOlUAPVKrMUFLKK5LaUiU6Deoowe9UY6WxK9gSn3oVu1St+ujnUvpAvYSjwtd
G+XX2o1I4Ar2BfolJO+A1xisQMg4iWFZZeYNFpuWT53X7C459MPDxhqDJh5JUvpI
nXYecOgRDWkTjpyvU386RMn82O1j9x8dH44Zl34pAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQURiNrwPFuKLuH54vacoQp1F9xT3gwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQxYTg4YTczLTkzYmItNDRiOC05MGZkLWE4Yjc0Y2Y4NjE3NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBK5jANBgkqhkiG9w0BAQsFAAOCAQEAMjr02JurlCvqz2d3t7gmZditjwRe
ra+/n264b/S5ApVt9SgDWLK7Quq5w6M0e8szLgElF+5eZK9hevVq78n33paVTLVm
dp7pOef9AhfpIl8e2vBR0hj3t6ZrpbzLbtkMllP3kZjYWVmAet2QVxAWzVcnEaQ3
RYmhNGxDI00Lm7//fO77C9xzKHFc1jGXDjqr07oXqS6dOH4YpPyAXQWEAtGJQud9
YNTYqtNz4wgu/GCu3tJLK6I58+Oftb5/cPcjT1sii20DpQ+16nnXuHDlGVdbMvs9
z+/TOGdjrJdDEtSJHK478BkPbv4/Ge2WJoBVdrLf0Qkqdr9+VdC2JlLXLg==
-----END CERTIFICATE-----
Generated at Tue Oct 28 05:35:47 2025 by rpki-client