Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/425248ee-104d-44c2-9568-ff3915e0a91e.roa
File: 425248ee-104d-44c2-9568-ff3915e0a91e.roa (raw, json)
Hash identifier: Me+iFakdKUVwa55DLBX+stlIlF6ndUNWYnsYH5IklmA=
Subject key identifier: F6:12:3D:F2:8C:A5:39:9F:E9:E1:84:04:F5:E0:36:1A:97:AD:F7:66
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 5C70F2684E678354F1EBB3AC638958195B13D481
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/425248ee-104d-44c2-9568-ff3915e0a91e.roa
Signing time: Mon 22 Sep 2025 15:41:46 +0000
ROA not before: Mon 22 Sep 2025 15:41:46 +0000
ROA not after: Mon 27 Oct 2025 23:59:59 +0000
asID: 8987
IP address blocks: 136.18.1.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:70:f2:68:4e:67:83:54:f1:eb:b3:ac:63:89:58:19:5b:13:d4:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Sep 22 15:41:46 2025 GMT
Not After : Oct 27 23:59:59 2025 GMT
Subject: serialNumber=3766a44f1acb55867b5b36f1e20cada8367a6c422af65f5c3c29c41ac6324ff7, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ae:8e:91:55:ba:78:40:9b:dd:d5:4b:f2:e4:
dd:f9:82:a0:a4:6b:4b:1b:b5:9a:93:69:f9:c2:d6:
a9:27:06:9a:42:bb:50:55:f1:ce:32:74:52:15:0f:
8a:a6:89:e9:8a:7b:21:67:04:9f:7f:d8:04:03:e3:
9a:48:5d:f4:f7:21:0f:52:b0:f3:cb:c9:01:d5:d2:
5c:17:20:6b:8d:da:62:ec:ee:1d:8b:cc:bf:81:c8:
f5:b4:2f:dc:72:5b:6f:05:76:0b:00:3e:f2:85:e9:
65:0f:99:fc:81:85:ba:fa:23:89:eb:cf:1d:e8:d5:
a3:87:2b:d4:1c:2b:75:41:8f:a8:24:b8:ea:d5:16:
bd:13:7a:9c:53:e1:bd:a6:bd:1d:e1:ad:14:d7:fd:
ca:1d:8c:99:c1:5f:98:ff:34:1f:da:43:00:c2:99:
a1:24:ca:6e:8c:a8:69:87:ed:86:f8:10:67:fe:b5:
10:8d:77:be:05:23:b9:d2:7a:d7:bb:bb:2c:eb:b1:
7e:ad:a5:78:3b:68:85:1d:77:fa:ff:13:5c:cb:33:
7b:17:7e:5d:8f:de:68:8f:dc:87:3e:6a:db:ff:1f:
31:24:80:bf:89:4a:98:2a:23:9c:43:d2:0f:b0:a2:
30:20:fa:b8:45:d0:0e:4d:19:48:7e:bd:87:be:8c:
66:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:12:3D:F2:8C:A5:39:9F:E9:E1:84:04:F5:E0:36:1A:97:AD:F7:66
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/425248ee-104d-44c2-9568-ff3915e0a91e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
136.18.1.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:8a:ae:49:3d:d4:0c:72:66:35:20:95:fe:b0:1f:85:1c:87:
61:db:bc:34:11:38:37:53:8a:c6:fe:7f:33:35:80:ca:ca:c6:
5e:fc:85:7a:e2:d2:a1:17:9a:6c:25:b8:5d:13:51:c6:de:9e:
38:a7:84:9c:55:08:ed:86:14:d1:10:14:f6:89:c7:a1:bf:95:
d6:9b:d3:7a:14:87:72:c3:d7:b8:8b:7c:42:91:bd:08:e3:f4:
42:19:59:6c:30:c4:2e:f0:77:92:81:5e:5f:5d:e2:72:9f:c9:
bd:fc:5f:e0:78:38:ef:3a:ce:5c:85:59:68:e6:df:fa:c9:8a:
2c:fc:ce:6d:a2:17:3c:cc:84:1f:02:f4:c9:62:bf:76:44:ed:
58:76:df:bf:0f:fd:0b:80:e1:fd:08:d1:66:9c:ca:d0:fd:5d:
fa:98:df:f8:ed:8c:aa:69:28:bd:3e:cc:92:ed:58:45:44:2c:
2e:c5:5c:09:69:f1:b5:16:c9:65:50:81:43:5e:b1:5b:46:99:
81:39:fe:38:1d:b9:94:e0:e8:c0:04:7e:c8:8a:60:70:3b:4f:
c8:3e:21:35:02:36:b7:99:09:fe:fe:1c:b4:14:58:80:54:35:
aa:47:da:00:67:ea:da:79:27:be:22:9d:a7:7f:f7:af:60:7d:
95:7f:7f:e5
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXHDyaE5ng1Tx67OsY4lYGVsT1IEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTIyMTU0MTQ2WhcNMjUxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNzY2YTQ0ZjFhY2I1NTg2N2I1YjM2ZjFlMjBjYWRhODM2
N2E2YzQyMmFmNjVmNWMzYzI5YzQxYWM2MzI0ZmY3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDMro6RVbp4QJvd1Uvy5N35gqCka0sbtZqTafnC1qknBppC
u1BV8c4ydFIVD4qmiemKeyFnBJ9/2AQD45pIXfT3IQ9SsPPLyQHV0lwXIGuN2mLs
7h2LzL+ByPW0L9xyW28FdgsAPvKF6WUPmfyBhbr6I4nrzx3o1aOHK9QcK3VBj6gk
uOrVFr0TepxT4b2mvR3hrRTX/codjJnBX5j/NB/aQwDCmaEkym6MqGmH7Yb4EGf+
tRCNd74FI7nSete7uyzrsX6tpXg7aIUdd/r/E1zLM3sXfl2P3miP3Ic+atv/HzEk
gL+JSpgqI5xD0g+wojAg+rhF0A5NGUh+vYe+jGZDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU9hI98oylOZ/p4YQE9eA2Gpet92YwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQyNTI0OGVlLTEwNGQtNDRjMi05NTY4LWZmMzkxNWUwYTkxZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACIEgEwDQYJKoZIhvcNAQELBQADggEBAMKKrkk91AxyZjUglf6wH4Uch2Hb
vDQRODdTisb+fzM1gMrKxl78hXri0qEXmmwluF0TUcbenjinhJxVCO2GFNEQFPaJ
x6G/ldab03oUh3LD17iLfEKRvQjj9EIZWWwwxC7wd5KBXl9d4nKfyb38X+B4OO86
zlyFWWjm3/rJiiz8zm2iFzzMhB8C9Mliv3ZE7Vh2378P/QuA4f0I0WacytD9XfqY
3/jtjKppKL0+zJLtWEVELC7FXAlp8bUWyWVQgUNesVtGmYE5/jgduZTg6MAEfsiK
YHA7T8g+ITUCNreZCf7+HLQUWIBUNapH2gBn6tp5J74inad/969gfZV/f+U=
-----END CERTIFICATE-----
Generated at Thu Oct 16 02:06:43 2025 by rpki-client