Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98aa5ac4-1895-4aa6-9175-1ee3bda2890d.roa
File: 98aa5ac4-1895-4aa6-9175-1ee3bda2890d.roa (raw, json)
Hash identifier: 9+A+521iefp9MM1bH+xjQoa4Wdh3CEMN9Z623vXhLvw=
Subject key identifier: A2:4B:11:10:A9:C7:2B:E0:E9:1C:CB:FC:81:6F:98:6F:A6:49:D7:B8
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 535587C5F3FF91D00DDEB6071A2820F0AD400988
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98aa5ac4-1895-4aa6-9175-1ee3bda2890d.roa
Signing time: Tue 28 Oct 2025 01:01:19 +0000
ROA not before: Tue 28 Oct 2025 01:01:19 +0000
ROA not after: Tue 02 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 64.252.116.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:55:87:c5:f3:ff:91:d0:0d:de:b6:07:1a:28:20:f0:ad:40:09:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 28 01:01:19 2025 GMT
Not After : Dec 2 23:59:59 2025 GMT
Subject: serialNumber=f61a154cf501954bf275ed5244cad946b5522de925914d56ac86f4122557647d, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:65:d7:ac:6c:07:a3:02:f9:b8:d4:e3:e6:54:
7e:98:28:2e:5c:68:ef:3c:13:57:8b:28:0b:c3:36:
ff:b6:dd:11:f4:fb:7f:61:38:c5:56:66:b0:9f:2f:
11:9f:ce:51:2f:75:da:4e:b4:64:34:e2:d3:e6:32:
30:e2:79:d1:8d:f4:b8:78:e4:fd:59:95:69:82:0c:
d2:21:7a:e4:bf:42:2c:fb:6f:c6:68:33:47:e4:56:
a2:48:e1:9f:ed:84:c2:0b:71:50:fe:1b:59:a7:0a:
e0:fc:12:fe:8d:62:69:ba:7c:ef:82:d9:d4:56:41:
ce:f5:ed:66:b8:11:bd:01:22:70:9f:76:64:17:24:
02:52:33:6f:ab:2e:3a:58:10:fe:5f:88:d6:73:d0:
26:27:64:91:ad:df:c0:c6:8f:56:94:1d:52:4a:42:
1c:a0:6f:24:4a:30:18:cb:2d:af:e5:96:74:d5:09:
a5:5c:2d:38:d6:0e:c7:79:47:d2:dd:f0:de:12:27:
0d:b1:b5:de:97:e2:ea:32:cb:18:91:2c:34:f3:60:
32:5b:21:2f:1e:ea:93:5d:6c:fe:b1:e4:1f:aa:e0:
a4:76:2f:54:28:be:90:78:5e:ce:39:fd:0c:21:03:
cb:cc:74:58:5b:cb:60:3b:36:ce:63:6d:64:31:82:
6c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:4B:11:10:A9:C7:2B:E0:E9:1C:CB:FC:81:6F:98:6F:A6:49:D7:B8
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98aa5ac4-1895-4aa6-9175-1ee3bda2890d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.252.116.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:84:61:0b:32:90:00:4b:77:9f:61:29:e8:ec:e3:11:54:33:
5f:eb:b3:9a:e4:4f:6c:89:18:3b:82:0e:40:32:ee:11:5c:dc:
c0:5d:f3:cf:cd:82:13:e3:93:d0:6b:0d:50:d6:e2:7b:65:28:
37:b7:ff:a2:61:a4:01:ec:0f:eb:a3:38:0a:25:65:5d:7d:3c:
9a:d8:f9:f3:60:61:64:1a:b8:1a:d6:57:5b:e0:aa:65:f7:08:
74:d4:be:c5:03:1f:2d:e5:62:66:8e:64:f4:d9:69:be:e6:99:
ba:9a:60:cc:12:62:0f:c6:3c:54:b1:a0:d8:1e:13:f4:2b:40:
5a:3e:a3:53:c6:e5:80:26:19:ce:1d:ea:fe:21:8b:74:3a:98:
b0:e9:df:e2:d8:a1:47:e0:1d:a2:13:e4:a2:54:bf:1b:07:fb:
21:9f:ef:cd:1d:19:ee:a4:bd:ea:3f:04:56:69:c4:29:8d:a4:
a4:09:d7:c9:f5:c7:05:bf:0e:af:57:c4:bc:23:cf:e3:76:f4:
a1:7e:a0:8f:e7:b1:9b:2d:9b:4e:89:0a:85:65:20:93:26:ca:
b1:d2:92:2e:5c:29:86:1f:b1:78:22:c7:b5:4a:90:a6:f5:db:
1d:28:b5:26:75:b8:47:dd:a1:46:dd:22:7e:a9:5e:6c:43:4a:
bc:c2:09:a9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUU1WHxfP/kdAN3rYHGigg8K1ACYgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI4MDEwMTE5WhcNMjUxMjAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BmNjFhMTU0Y2Y1MDE5NTRiZjI3NWVkNTI0NGNhZDk0NmI1
NTIyZGU5MjU5MTRkNTZhYzg2ZjQxMjI1NTc2NDdkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCRZdesbAejAvm41OPmVH6YKC5caO88E1eLKAvDNv+23RH0
+39hOMVWZrCfLxGfzlEvddpOtGQ04tPmMjDiedGN9Lh45P1ZlWmCDNIheuS/Qiz7
b8ZoM0fkVqJI4Z/thMILcVD+G1mnCuD8Ev6NYmm6fO+C2dRWQc717Wa4Eb0BInCf
dmQXJAJSM2+rLjpYEP5fiNZz0CYnZJGt38DGj1aUHVJKQhygbyRKMBjLLa/llnTV
CaVcLTjWDsd5R9Ld8N4SJw2xtd6X4uoyyxiRLDTzYDJbIS8e6pNdbP6x5B+q4KR2
L1QovpB4Xs45/QwhA8vMdFhby2A7Ns5jbWQxgmy1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUoksREKnHK+DpHMv8gW+Yb6ZJ17gwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk4YWE1YWM0LTE4OTUtNGFhNi05MTc1LTFlZTNiZGEyODkwZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABA/HQwDQYJKoZIhvcNAQELBQADggEBAMiEYQsykABLd59hKejs4xFUM1/r
s5rkT2yJGDuCDkAy7hFc3MBd88/NghPjk9BrDVDW4ntlKDe3/6JhpAHsD+ujOAol
ZV19PJrY+fNgYWQauBrWV1vgqmX3CHTUvsUDHy3lYmaOZPTZab7mmbqaYMwSYg/G
PFSxoNgeE/QrQFo+o1PG5YAmGc4d6v4hi3Q6mLDp3+LYoUfgHaIT5KJUvxsH+yGf
780dGe6kveo/BFZpxCmNpKQJ18n1xwW/Dq9XxLwjz+N29KF+oI/nsZstm06JCoVl
IJMmyrHSki5cKYYfsXgix7VKkKb12x0otSZ1uEfdoUbdIn6pXmxDSrzCCak=
-----END CERTIFICATE-----
Generated at Fri Oct 31 16:23:14 2025 by rpki-client