Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/69e50420-9b95-4750-a4a3-d14ce6e775ad.roa
File: 69e50420-9b95-4750-a4a3-d14ce6e775ad.roa (raw, json)
Hash identifier: /d+Yy4BfWX2eUxR1rypMMK0xal7j37dWC+NtJirfyLo=
Subject key identifier: 14:8B:F4:0C:62:FE:BE:FE:AD:0F:2D:9B:9A:41:5B:90:93:67:9E:F0
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 59825D4F1114C68EC22D4783D324E5B2B7E62DEC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/69e50420-9b95-4750-a4a3-d14ce6e775ad.roa
Signing time: Sat 18 Oct 2025 00:51:43 +0000
ROA not before: Sat 18 Oct 2025 00:51:43 +0000
ROA not after: Sat 22 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 65.9.160.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:82:5d:4f:11:14:c6:8e:c2:2d:47:83:d3:24:e5:b2:b7:e6:2d:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 18 00:51:43 2025 GMT
Not After : Nov 22 23:59:59 2025 GMT
Subject: serialNumber=19cb8396451cfb155ec23b5504d3245a816e9895db28edbb83bacf74901ab9e1, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:5d:30:96:e5:b9:ad:61:49:63:55:8c:b7:ac:
83:8d:b0:e6:ff:bd:db:3e:96:8e:61:aa:b1:78:9e:
5e:a1:de:99:f8:40:f5:ba:ab:52:fd:4c:8f:4a:20:
43:1c:a4:e4:34:e9:ad:08:8f:63:42:8b:41:87:d6:
ec:97:73:d3:17:42:e7:45:7e:59:68:14:1b:7a:75:
70:44:56:f6:70:0d:21:9f:c3:7c:32:ee:03:9c:86:
f0:c9:90:7b:48:ef:ed:df:4f:69:1f:8d:19:6b:c2:
fb:50:5f:6c:75:b2:a1:13:30:da:5d:c8:b9:1c:f8:
36:aa:07:63:12:28:cf:ff:fc:68:8c:d6:0f:e0:73:
d4:17:dd:50:cc:31:b7:4a:9a:33:fa:16:d1:2e:e4:
53:c3:e7:15:e5:a4:1f:ed:c0:aa:70:32:25:d6:9a:
e5:93:88:86:ba:ec:03:7b:39:59:e5:e1:68:28:a7:
d3:57:9e:2b:50:b7:7f:dc:f3:83:bc:23:a7:88:af:
a3:1a:35:8e:bf:68:54:0a:ec:5b:e0:b0:fc:99:4d:
8e:f9:13:a4:5a:99:f5:4d:6d:e6:46:e9:2b:de:f4:
cb:93:3b:a1:9e:12:96:06:8f:9b:82:58:ab:4a:9a:
3e:21:b5:78:20:4f:8a:07:58:ca:56:4a:44:12:26:
cf:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:8B:F4:0C:62:FE:BE:FE:AD:0F:2D:9B:9A:41:5B:90:93:67:9E:F0
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/69e50420-9b95-4750-a4a3-d14ce6e775ad.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
65.9.160.0/21
Signature Algorithm: sha256WithRSAEncryption
3d:08:98:28:34:c0:b2:b0:3a:8f:12:ce:5b:bb:d2:c5:a4:04:
db:b5:2b:53:b9:ea:e7:3f:1b:13:12:c2:08:87:ae:10:ee:50:
a0:e7:fb:00:1b:72:95:9e:4c:01:4e:65:42:e6:c0:9c:f5:53:
a5:ef:3d:cf:1a:3c:4a:e4:fa:48:eb:c1:3e:cd:6a:b0:9f:c4:
b9:80:47:55:a8:89:90:f6:32:58:15:17:a1:74:b5:78:4d:a8:
e0:2b:db:f9:aa:fc:1f:72:b0:f9:fc:2f:0d:62:6e:bc:82:7b:
98:04:b1:da:0d:2a:b4:32:1a:ca:1d:41:27:ca:36:bc:7c:b9:
75:77:6f:b3:36:60:b4:14:f6:2a:55:a8:e4:64:94:b7:cb:5b:
d0:60:c2:ac:40:08:7c:8c:4f:18:44:6d:25:b7:b5:c7:68:5d:
85:1e:d2:36:fc:fb:17:82:0d:82:5e:b4:7f:b0:4b:82:13:a6:
82:f0:66:0f:33:95:a1:81:82:11:bc:1c:e0:8e:4e:04:a2:4b:
56:78:76:02:0b:ab:c6:c6:63:ea:48:c7:8f:b8:8c:7c:06:95:
a3:f4:97:31:95:f2:6e:7e:98:ed:18:5c:fd:bb:ab:01:f0:5c:
55:e1:75:45:1f:6f:a4:2b:02:10:69:1d:c4:ec:4d:76:4a:62:
a4:eb:66:2f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWYJdTxEUxo7CLUeD0yTlsrfmLewwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE4MDA1MTQzWhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0AxOWNiODM5NjQ1MWNmYjE1NWVjMjNiNTUwNGQzMjQ1YTgx
NmU5ODk1ZGIyOGVkYmI4M2JhY2Y3NDkwMWFiOWUxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCHXTCW5bmtYUljVYy3rIONsOb/vds+lo5hqrF4nl6h3pn4
QPW6q1L9TI9KIEMcpOQ06a0Ij2NCi0GH1uyXc9MXQudFflloFBt6dXBEVvZwDSGf
w3wy7gOchvDJkHtI7+3fT2kfjRlrwvtQX2x1sqETMNpdyLkc+DaqB2MSKM///GiM
1g/gc9QX3VDMMbdKmjP6FtEu5FPD5xXlpB/twKpwMiXWmuWTiIa67AN7OVnl4Wgo
p9NXnitQt3/c84O8I6eIr6MaNY6/aFQK7FvgsPyZTY75E6RamfVNbeZG6Sve9MuT
O6GeEpYGj5uCWKtKmj4htXggT4oHWMpWSkQSJs+zAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUFIv0DGL+vv6tDy2bmkFbkJNnnvAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY5ZTUwNDIwLTliOTUtNDc1MC1hNGEzLWQxNGNlNmU3NzVhZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANBCaAwDQYJKoZIhvcNAQELBQADggEBAD0ImCg0wLKwOo8Szlu70sWkBNu1
K1O56uc/GxMSwgiHrhDuUKDn+wAbcpWeTAFOZULmwJz1U6XvPc8aPErk+kjrwT7N
arCfxLmAR1WoiZD2MlgVF6F0tXhNqOAr2/mq/B9ysPn8Lw1ibryCe5gEsdoNKrQy
GsodQSfKNrx8uXV3b7M2YLQU9ipVqORklLfLW9BgwqxACHyMTxhEbSW3tcdoXYUe
0jb8+xeCDYJetH+wS4ITpoLwZg8zlaGBghG8HOCOTgSiS1Z4dgILq8bGY+pIx4+4
jHwGlaP0lzGV8m5+mO0YXP27qwHwXFXhdUUfb6QrAhBpHcTsTXZKYqTrZi8=
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:05:44 2025 by rpki-client