Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/86f3c8fd-d116-494d-9a7b-058197537470.roa
File: 86f3c8fd-d116-494d-9a7b-058197537470.roa (raw, json)
Hash identifier: 2oNGrPwodqukILt8FhgFdc3TlrD0aj8y9SqxKxXPnEY=
Subject key identifier: 46:91:91:2C:24:C2:10:DD:10:C8:9B:91:2A:E6:DB:77:2E:8A:40:30
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4512C636F064BB888D27D6845D5A12DF6F683436
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/86f3c8fd-d116-494d-9a7b-058197537470.roa
Signing time: Tue 14 Oct 2025 15:02:56 +0000
ROA not before: Tue 14 Oct 2025 15:02:56 +0000
ROA not after: Tue 18 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 130.176.94.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:12:c6:36:f0:64:bb:88:8d:27:d6:84:5d:5a:12:df:6f:68:34:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 14 15:02:56 2025 GMT
Not After : Nov 18 23:59:59 2025 GMT
Subject: serialNumber=3c940c8f5ef3d58c7b8491a64048ecc33b6baac188ef1e77e069115e83a4fca4, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:fd:24:db:cf:d2:e8:08:b7:1c:b4:6d:3d:bd:
cc:6e:cd:40:2c:84:2c:8e:05:77:c0:09:a1:08:e2:
ee:91:e8:fc:54:b3:bf:82:03:f2:43:fd:a9:e3:5f:
e9:f0:31:db:cc:31:82:27:b0:57:86:f3:12:be:bb:
88:07:28:31:98:fe:0e:b4:97:6c:b4:47:7e:dc:c4:
28:5f:c2:41:41:0b:4f:d4:a8:24:33:47:7a:29:1b:
72:c8:2b:23:94:50:bb:36:bb:16:94:0e:4a:d2:2e:
60:cd:e6:1d:7a:1a:69:c5:6c:4b:5a:f6:f8:a1:9f:
90:d3:e8:eb:65:59:7c:fe:6f:12:ae:6e:72:82:09:
48:1f:7c:59:2a:bb:72:dc:8b:db:e8:f8:fe:64:15:
ad:77:c6:10:a9:6d:0d:2a:74:41:e8:d6:6c:7b:1c:
e2:be:e7:7d:f6:49:e4:b0:ed:91:9f:54:f0:fc:b9:
18:4b:10:4c:52:a7:19:41:aa:4f:9c:27:45:38:8c:
0f:54:5c:21:2a:12:5d:70:57:88:61:2c:62:2e:a9:
57:33:1c:cb:4b:4d:ea:ba:71:8b:ce:67:00:21:98:
8b:e1:ce:7a:71:4f:07:ad:c8:d2:ae:1b:6d:ef:b4:
3d:0f:2e:3f:fd:27:bc:73:88:fa:f2:b6:30:fb:8a:
f5:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:91:91:2C:24:C2:10:DD:10:C8:9B:91:2A:E6:DB:77:2E:8A:40:30
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/86f3c8fd-d116-494d-9a7b-058197537470.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.176.94.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:8a:d6:0e:0e:c4:07:6f:67:42:c7:5c:56:c8:d0:da:b9:03:
f4:c5:30:c2:d2:38:75:ab:49:24:83:bd:6b:02:a4:d9:09:f4:
07:7f:6d:83:87:3c:cf:4a:70:b0:16:e8:69:42:09:ef:09:48:
11:5f:30:56:96:94:af:ad:3a:e0:a2:3a:30:04:30:40:3e:ac:
49:39:63:23:2a:8c:ed:04:10:b7:ff:4d:db:f7:1e:38:93:62:
28:f1:be:2f:a9:77:40:46:f9:9b:c1:bb:5c:48:43:a1:d8:6b:
6a:49:bc:ee:d0:22:3d:0f:6c:12:48:3e:a7:32:fe:60:1a:da:
bd:80:ca:d1:50:e6:ba:40:c2:0f:0d:ee:11:fc:4d:bd:24:e0:
97:0d:0f:e0:64:ed:05:77:ed:a3:9a:0d:33:75:10:10:c5:a8:
9b:44:53:5d:a2:43:80:64:e3:23:f6:f0:15:71:25:f2:ec:49:
66:7e:29:72:da:b9:f3:aa:68:0d:62:57:5d:67:61:3a:79:2c:
fa:d3:85:be:a9:ad:77:31:ed:67:4d:22:78:f9:f5:71:b8:24:
3a:f0:76:60:0f:d7:9e:b0:9f:de:96:eb:95:16:83:a3:f5:7b:
82:7d:2b:b9:83:4e:c8:57:51:38:0e:06:33:99:fb:1d:e2:8f:
21:c5:a1:6c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURRLGNvBku4iNJ9aEXVoS329oNDYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE0MTUwMjU2WhcNMjUxMTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AzYzk0MGM4ZjVlZjNkNThjN2I4NDkxYTY0MDQ4ZWNjMzNi
NmJhYWMxODhlZjFlNzdlMDY5MTE1ZTgzYTRmY2E0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCg/STbz9LoCLcctG09vcxuzUAshCyOBXfACaEI4u6R6PxU
s7+CA/JD/anjX+nwMdvMMYInsFeG8xK+u4gHKDGY/g60l2y0R37cxChfwkFBC0/U
qCQzR3opG3LIKyOUULs2uxaUDkrSLmDN5h16GmnFbEta9vihn5DT6OtlWXz+bxKu
bnKCCUgffFkqu3Lci9vo+P5kFa13xhCpbQ0qdEHo1mx7HOK+5332SeSw7ZGfVPD8
uRhLEExSpxlBqk+cJ0U4jA9UXCEqEl1wV4hhLGIuqVczHMtLTeq6cYvOZwAhmIvh
znpxTwetyNKuG23vtD0PLj/9J7xziPrytjD7ivX3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQURpGRLCTCEN0QyJuRKubbdy6KQDAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg2ZjNjOGZkLWQxMTYtNDk0ZC05YTdiLTA1ODE5NzUzNzQ3MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACCsF4wDQYJKoZIhvcNAQELBQADggEBAKuK1g4OxAdvZ0LHXFbI0Nq5A/TF
MMLSOHWrSSSDvWsCpNkJ9Ad/bYOHPM9KcLAW6GlCCe8JSBFfMFaWlK+tOuCiOjAE
MEA+rEk5YyMqjO0EELf/Tdv3HjiTYijxvi+pd0BG+ZvBu1xIQ6HYa2pJvO7QIj0P
bBJIPqcy/mAa2r2AytFQ5rpAwg8N7hH8Tb0k4JcND+Bk7QV37aOaDTN1EBDFqJtE
U12iQ4Bk4yP28BVxJfLsSWZ+KXLaufOqaA1iV11nYTp5LPrThb6prXcx7WdNInj5
9XG4JDrwdmAP156wn96W65UWg6P1e4J9K7mDTshXUTgOBjOZ+x3ijyHFoWw=
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:10:34 2025 by rpki-client