Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94561e67-abd3-452b-8f4f-558c59d5be48.roa
File: 94561e67-abd3-452b-8f4f-558c59d5be48.roa (raw, json)
Hash identifier: NQZX2PMiA9VNyHrK92C/z/lukI06ykiGy/8H5yCek5k=
Subject key identifier: D8:FD:E9:91:81:B7:DC:33:73:C3:1D:F8:94:B9:0A:2F:2A:63:23:96
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 6BCA832BF87731558BC58CBF1A64166B2B2848C0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94561e67-abd3-452b-8f4f-558c59d5be48.roa
Signing time: Sat 18 Oct 2025 01:00:44 +0000
ROA not before: Sat 18 Oct 2025 01:00:44 +0000
ROA not after: Sat 22 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 65.8.24.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:ca:83:2b:f8:77:31:55:8b:c5:8c:bf:1a:64:16:6b:2b:28:48:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 18 01:00:44 2025 GMT
Not After : Nov 22 23:59:59 2025 GMT
Subject: serialNumber=0bb0037982ecba09692e32fe64027a4b8c4159f691635dbabe39b1525c7eae5d, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:99:a1:a6:1f:f4:38:3c:02:7a:6c:21:16:73:
cb:9c:f7:86:69:67:72:cb:4d:03:58:6f:98:57:1a:
a8:be:80:e6:39:24:f3:9f:01:ab:15:2d:6b:26:74:
e9:10:39:74:d1:08:0a:e0:78:73:ec:fe:8d:50:1e:
4f:34:03:54:b4:73:2f:cb:a0:9f:70:cd:53:68:6d:
e6:3c:38:cf:31:f6:41:bd:b2:ef:4e:9d:06:7e:88:
43:f9:26:f1:85:59:64:31:2c:de:75:54:ab:30:12:
b1:c0:d4:60:d7:e1:be:4c:16:40:6a:fc:bf:73:cd:
7b:cf:0f:e5:78:89:c1:9f:50:cc:9d:80:0e:0e:26:
60:4d:f1:55:8b:7e:b8:64:6d:06:28:c7:78:cb:69:
74:6d:6a:dc:87:4c:ce:72:1c:78:97:96:6e:cc:5c:
76:c7:11:5c:01:ef:fd:9e:08:9e:20:98:f7:05:96:
02:7e:38:1e:14:36:72:50:3d:f7:a4:ab:aa:92:58:
7a:6d:b7:f1:39:13:12:7b:48:b8:9c:19:24:17:87:
ec:01:39:12:4b:e3:1f:c6:33:f3:26:a7:7d:00:0b:
a1:8a:88:1d:b1:3b:3d:36:af:b9:b2:a6:67:fe:d2:
61:02:64:c9:6c:ff:9a:b5:cc:cd:52:07:77:92:3a:
cc:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:FD:E9:91:81:B7:DC:33:73:C3:1D:F8:94:B9:0A:2F:2A:63:23:96
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94561e67-abd3-452b-8f4f-558c59d5be48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
65.8.24.0/23
Signature Algorithm: sha256WithRSAEncryption
b8:7d:1a:af:03:99:09:62:c7:1e:c0:5b:6d:b5:b0:27:cc:58:
c9:24:60:9c:7d:a9:dc:04:d5:4f:74:e5:3a:8d:d1:cf:ed:b6:
f7:f1:c1:bf:0d:60:50:e6:36:ae:a0:d1:38:c7:29:61:a8:cd:
2d:44:da:56:64:c6:b8:2c:71:07:0f:30:ca:08:c1:7d:98:d4:
6d:d6:1a:21:e5:99:81:7e:61:6a:88:91:8b:e7:1c:7c:2d:48:
05:1d:a9:b7:75:b8:6e:fa:68:2b:0f:71:b5:bd:12:37:89:4b:
84:46:16:ae:39:51:32:39:81:4e:15:9e:98:7b:f6:50:de:eb:
ff:84:08:1a:af:eb:14:33:6f:8d:e5:d3:dd:4a:af:95:e0:e5:
5d:4b:76:82:10:4e:7f:5f:a3:0d:e4:7b:3b:c6:23:3d:5d:07:
21:c7:f2:7d:76:c3:b8:92:10:09:fc:d4:97:05:0b:24:fd:b1:
d5:f5:bd:d4:52:2f:cb:a2:5d:a8:80:e5:5d:6f:bf:b8:cf:57:
4c:46:03:6c:eb:c4:76:54:6e:bf:ca:d8:fd:fd:64:49:88:62:
b2:e5:80:d5:21:ee:a3:66:a2:bb:ab:b7:10:70:b5:4f:19:c8:
44:9e:a6:40:65:2c:2d:fa:da:17:0f:48:6f:85:cf:e6:3b:68:
96:5e:fd:b7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUa8qDK/h3MVWLxYy/GmQWaysoSMAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE4MDEwMDQ0WhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0AwYmIwMDM3OTgyZWNiYTA5NjkyZTMyZmU2NDAyN2E0Yjhj
NDE1OWY2OTE2MzVkYmFiZTM5YjE1MjVjN2VhZTVkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCdmaGmH/Q4PAJ6bCEWc8uc94ZpZ3LLTQNYb5hXGqi+gOY5
JPOfAasVLWsmdOkQOXTRCArgeHPs/o1QHk80A1S0cy/LoJ9wzVNobeY8OM8x9kG9
su9OnQZ+iEP5JvGFWWQxLN51VKswErHA1GDX4b5MFkBq/L9zzXvPD+V4icGfUMyd
gA4OJmBN8VWLfrhkbQYox3jLaXRtatyHTM5yHHiXlm7MXHbHEVwB7/2eCJ4gmPcF
lgJ+OB4UNnJQPfekq6qSWHptt/E5ExJ7SLicGSQXh+wBORJL4x/GM/Mmp30AC6GK
iB2xOz02r7mypmf+0mECZMls/5q1zM1SB3eSOszLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU2P3pkYG33DNzwx34lLkKLypjI5YwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk0NTYxZTY3LWFiZDMtNDUyYi04ZjRmLTU1OGM1OWQ1YmU0OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFBCBgwDQYJKoZIhvcNAQELBQADggEBALh9Gq8DmQlixx7AW221sCfMWMkk
YJx9qdwE1U905TqN0c/ttvfxwb8NYFDmNq6g0TjHKWGozS1E2lZkxrgscQcPMMoI
wX2Y1G3WGiHlmYF+YWqIkYvnHHwtSAUdqbd1uG76aCsPcbW9EjeJS4RGFq45UTI5
gU4Vnph79lDe6/+ECBqv6xQzb43l091Kr5Xg5V1LdoIQTn9fow3kezvGIz1dByHH
8n12w7iSEAn81JcFCyT9sdX1vdRSL8uiXaiA5V1vv7jPV0xGA2zrxHZUbr/K2P39
ZEmIYrLlgNUh7qNmorurtxBwtU8ZyESepkBlLC362hcPSG+Fz+Y7aJZe/bc=
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:42:11 2025 by rpki-client