Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4e687fa1-9b29-455d-9b8f-48a1ec23d39b.roa
File: 4e687fa1-9b29-455d-9b8f-48a1ec23d39b.roa (raw, json)
Hash identifier: 1ezfK2HTzJ2E6hbHnba01g2jx/vZHFCSfGRmKboBIYc=
Subject key identifier: 0B:A1:FF:CE:F0:B6:B4:66:5C:6E:2A:C6:4B:68:5F:CC:43:33:57:E8
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 77BB557D6AF8CF763DE6086CD919A79C3FD86AE8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4e687fa1-9b29-455d-9b8f-48a1ec23d39b.roa
Signing time: Tue 30 Sep 2025 00:11:59 +0000
ROA not before: Tue 30 Sep 2025 00:11:59 +0000
ROA not after: Tue 04 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 16.164.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:bb:55:7d:6a:f8:cf:76:3d:e6:08:6c:d9:19:a7:9c:3f:d8:6a:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Sep 30 00:11:59 2025 GMT
Not After : Nov 4 23:59:59 2025 GMT
Subject: serialNumber=5658d77e4cade70e1d684a122b086a079dfe42be0a10dc39d7718016df3d1c31, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c6:13:ff:97:ad:c7:a0:ee:d1:25:36:9e:3b:
bc:5b:90:23:19:8e:6c:dd:aa:18:8d:23:e8:66:84:
18:0e:ab:4f:77:5a:81:78:1a:cc:da:38:93:a3:53:
53:56:c9:dd:fb:f4:97:ee:eb:38:35:c0:12:5f:4c:
3e:29:70:2d:98:67:43:a8:58:63:de:ad:20:35:9a:
8e:64:3b:8a:77:89:f1:ab:f6:c1:4e:2f:c7:65:f5:
f8:bb:5c:2e:01:2e:f8:b3:dd:e9:0a:e6:7c:e9:17:
93:86:c0:0e:6c:e4:ca:6b:ba:29:94:34:2e:38:bf:
28:64:4d:bb:04:26:67:1a:03:09:3e:f6:15:d3:a7:
7e:63:09:19:78:05:20:9e:25:f9:3f:aa:e9:19:64:
a6:58:14:6b:68:f4:dc:66:fd:71:dc:82:49:e9:e3:
61:4e:2a:dc:b4:4a:b9:6a:f8:ef:1a:c8:55:e7:5a:
f6:1a:05:17:17:d0:2c:a6:6a:d9:d5:40:df:81:3f:
c5:80:c7:70:a0:16:aa:c0:ba:bb:74:cf:d3:73:f1:
c7:b2:a1:47:c4:06:57:e4:34:b3:50:dd:19:57:d4:
38:93:5c:6b:79:45:0e:e6:06:f8:3b:ee:55:6d:9c:
85:51:76:5e:6e:5a:45:44:30:d5:f8:e1:98:3d:a9:
5a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:A1:FF:CE:F0:B6:B4:66:5C:6E:2A:C6:4B:68:5F:CC:43:33:57:E8
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4e687fa1-9b29-455d-9b8f-48a1ec23d39b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.164.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1f:2e:2a:8d:60:f0:a0:85:14:27:1b:5c:56:fa:6e:c7:21:8c:
93:21:3d:aa:f6:f3:6a:b5:5e:09:02:87:42:5f:02:d1:ec:86:
dc:5e:89:01:cb:a0:1c:fc:7c:d4:1f:44:d5:5f:f1:85:d8:b1:
8c:18:f5:14:c1:b8:dc:b9:ec:27:80:df:3a:07:e3:01:46:6f:
6e:0d:9d:47:cd:4d:65:65:25:eb:9a:b0:3e:c6:e3:cd:61:b5:
d7:f9:84:c7:94:02:80:d5:93:28:84:5c:2e:66:4a:e6:be:1c:
76:64:8e:5c:7d:5f:4c:0a:ed:47:8f:94:a4:8f:0b:a9:47:89:
0f:19:79:72:cf:ce:2e:2a:eb:39:b9:fc:f8:be:e1:70:8c:60:
3f:3f:d8:f0:5e:af:8d:57:7c:b4:bb:d3:5d:48:53:6f:c8:d8:
6a:c4:37:50:0c:2f:27:80:9c:f2:b0:ac:25:3e:12:55:d9:16:
d6:8a:75:7b:0f:28:7f:c8:f3:6b:47:28:bc:2f:97:b5:83:ce:
7f:17:8b:34:c4:7c:3c:e8:d5:cb:ad:54:f4:f0:ea:bd:25:87:
41:0f:dc:69:97:1c:82:ee:ac:ac:b3:49:0b:c6:28:e9:db:44:
90:e2:16:bb:ee:29:f2:53:a3:75:24:e1:df:53:ff:53:ba:2a:
bf:2e:a7:48
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUd7tVfWr4z3Y95ghs2RmnnD/YaugwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTMwMDAxMTU5WhcNMjUxMTA0MjM1OTU5
WjB6MUkwRwYDVQQFE0A1NjU4ZDc3ZTRjYWRlNzBlMWQ2ODRhMTIyYjA4NmEwNzlk
ZmU0MmJlMGExMGRjMzlkNzcxODAxNmRmM2QxYzMxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCmxhP/l63HoO7RJTaeO7xbkCMZjmzdqhiNI+hmhBgOq093
WoF4GszaOJOjU1NWyd379Jfu6zg1wBJfTD4pcC2YZ0OoWGPerSA1mo5kO4p3ifGr
9sFOL8dl9fi7XC4BLviz3ekK5nzpF5OGwA5s5MpruimUNC44vyhkTbsEJmcaAwk+
9hXTp35jCRl4BSCeJfk/qukZZKZYFGto9Nxm/XHcgknp42FOKty0Srlq+O8ayFXn
WvYaBRcX0CymatnVQN+BP8WAx3CgFqrAurt0z9Nz8ceyoUfEBlfkNLNQ3RlX1DiT
XGt5RQ7mBvg77lVtnIVRdl5uWkVEMNX44Zg9qVopAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUC6H/zvC2tGZcbirGS2hfzEMzV+gwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRlNjg3ZmExLTliMjktNDU1ZC05YjhmLTQ4YTFlYzIzZDM5Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQpDANBgkqhkiG9w0BAQsFAAOCAQEAHy4qjWDwoIUUJxtcVvpuxyGMkyE9
qvbzarVeCQKHQl8C0eyG3F6JAcugHPx81B9E1V/xhdixjBj1FMG43LnsJ4DfOgfj
AUZvbg2dR81NZWUl65qwPsbjzWG11/mEx5QCgNWTKIRcLmZK5r4cdmSOXH1fTArt
R4+UpI8LqUeJDxl5cs/OLirrObn8+L7hcIxgPz/Y8F6vjVd8tLvTXUhTb8jYasQ3
UAwvJ4Cc8rCsJT4SVdkW1op1ew8of8jza0covC+XtYPOfxeLNMR8POjVy61U9PDq
vSWHQQ/caZccgu6srLNJC8Yo6dtEkOIWu+4p8lOjdSTh31P/U7oqvy6nSA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:44:10 2025 by rpki-client