Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ae8d6f7f-19ad-47e5-bdf5-1872ed4d5c4c.roa
File: ae8d6f7f-19ad-47e5-bdf5-1872ed4d5c4c.roa (raw, json)
Hash identifier: qGp6uO89enWzwOq7YRcB/OG3zQlkyNbBMOEJyzH/cFk=
Subject key identifier: 61:50:84:F1:CF:BE:A6:31:E4:4B:22:5F:D3:23:99:BD:89:52:14:A5
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 5A074D71C3D0FCC6172351460BF2AB8F52CCD299
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ae8d6f7f-19ad-47e5-bdf5-1872ed4d5c4c.roa
Signing time: Sat 18 Oct 2025 03:51:45 +0000
ROA not before: Sat 18 Oct 2025 03:51:45 +0000
ROA not after: Sat 22 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 65.8.200.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:07:4d:71:c3:d0:fc:c6:17:23:51:46:0b:f2:ab:8f:52:cc:d2:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 18 03:51:45 2025 GMT
Not After : Nov 22 23:59:59 2025 GMT
Subject: serialNumber=cf37df66c1d5561a8b6ddc1238631682c81fb11f023b2507a9e42d6c2a8f8d57, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5c:77:90:16:1a:fd:c2:8e:fc:5e:ff:5b:25:
76:97:0d:f1:d6:71:9e:ff:7f:11:f4:fb:e3:4e:d2:
74:1a:c3:31:f8:a9:20:42:4c:86:d1:5d:d8:ec:11:
90:3a:d0:55:e2:01:96:04:cc:e2:00:65:d4:a7:4c:
6a:90:3f:a8:25:da:2a:d2:1c:46:94:f0:7e:30:fe:
6b:03:cc:e6:8e:fe:61:8e:ef:fa:d1:40:d3:77:a3:
14:fd:24:c8:91:9d:d4:53:91:90:04:e9:6d:c2:af:
c6:ea:3b:ca:82:b7:3b:28:da:9b:2b:b4:9e:91:a4:
2d:26:a0:6f:e1:13:2f:74:bb:eb:b7:24:d9:8d:23:
03:4c:ca:16:db:64:ca:ca:e1:e1:4a:1f:70:f8:2a:
92:95:28:a7:45:13:4c:dc:76:68:b9:48:06:6a:96:
a1:fc:6a:a1:c8:9b:d1:03:a0:77:a4:94:73:84:de:
4c:4e:7e:28:46:72:44:ad:fc:2e:47:c0:f2:e3:e8:
fa:a8:1f:f4:3f:57:68:b9:b9:91:f1:54:fe:23:1c:
08:b5:17:9e:98:42:92:6d:71:65:f6:5a:30:3f:08:
a1:3f:97:75:2a:ff:b4:fa:12:a8:3c:45:1c:a6:e0:
b6:e0:b6:ba:dd:3c:f1:82:65:43:7a:d0:94:5e:a0:
99:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:50:84:F1:CF:BE:A6:31:E4:4B:22:5F:D3:23:99:BD:89:52:14:A5
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ae8d6f7f-19ad-47e5-bdf5-1872ed4d5c4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
65.8.200.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:0b:04:ec:93:52:12:d7:fc:e9:37:31:98:a2:6f:de:11:a0:
7c:b6:73:57:c7:49:5f:52:c2:76:a4:bb:68:f4:8f:d3:d7:b8:
a0:cb:8c:0c:d3:a4:01:8d:01:3b:2b:aa:17:6d:00:e3:04:a0:
1f:bd:fa:08:5f:46:4c:6d:fe:31:63:92:cf:9a:75:1d:4d:e6:
db:c9:45:82:cf:0d:2a:37:60:71:50:71:15:bf:8a:00:63:4c:
2f:fe:d0:27:d2:8c:f0:36:9a:43:57:7c:df:fe:8a:c9:0d:a7:
60:16:3f:90:8e:15:2d:f2:68:bb:63:cb:70:11:2e:51:ee:93:
b8:e0:ac:8f:41:d3:ba:ad:7d:a8:51:de:85:91:c3:cb:c0:49:
a8:3c:df:5a:15:2e:75:c8:2b:7d:ec:84:be:27:28:ca:d5:9e:
52:b1:50:23:d4:f5:91:4c:88:17:c4:d6:64:ad:e5:28:26:dd:
a8:4c:40:68:56:5c:75:e6:0b:84:41:e3:f4:c3:b7:59:16:e0:
35:d7:a8:4c:ae:cd:2c:3e:c0:2c:4f:fe:94:98:94:67:d1:d9:
4f:58:d4:ca:2a:bd:6c:c0:5e:1f:dd:27:d3:5a:18:bd:12:6c:
09:92:45:81:7a:b4:cf:a4:53:a8:f3:fb:f9:bf:25:5c:8d:03:
c4:56:f1:e0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWgdNccPQ/MYXI1FGC/Krj1LM0pkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE4MDM1MTQ1WhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BjZjM3ZGY2NmMxZDU1NjFhOGI2ZGRjMTIzODYzMTY4MmM4
MWZiMTFmMDIzYjI1MDdhOWU0MmQ2YzJhOGY4ZDU3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCnXHeQFhr9wo78Xv9bJXaXDfHWcZ7/fxH0++NO0nQawzH4
qSBCTIbRXdjsEZA60FXiAZYEzOIAZdSnTGqQP6gl2irSHEaU8H4w/msDzOaO/mGO
7/rRQNN3oxT9JMiRndRTkZAE6W3Cr8bqO8qCtzso2psrtJ6RpC0moG/hEy90u+u3
JNmNIwNMyhbbZMrK4eFKH3D4KpKVKKdFE0zcdmi5SAZqlqH8aqHIm9EDoHeklHOE
3kxOfihGckSt/C5HwPLj6PqoH/Q/V2i5uZHxVP4jHAi1F56YQpJtcWX2WjA/CKE/
l3Uq/7T6Eqg8RRym4LbgtrrdPPGCZUN60JReoJkZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUYVCE8c++pjHkSyJf0yOZvYlSFKUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FlOGQ2ZjdmLTE5YWQtNDdlNS1iZGY1LTE4NzJlZDRkNWM0Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJBCMgwDQYJKoZIhvcNAQELBQADggEBAB4LBOyTUhLX/Ok3MZiib94RoHy2
c1fHSV9Swnaku2j0j9PXuKDLjAzTpAGNATsrqhdtAOMEoB+9+ghfRkxt/jFjks+a
dR1N5tvJRYLPDSo3YHFQcRW/igBjTC/+0CfSjPA2mkNXfN/+iskNp2AWP5COFS3y
aLtjy3ARLlHuk7jgrI9B07qtfahR3oWRw8vASag831oVLnXIK33shL4nKMrVnlKx
UCPU9ZFMiBfE1mSt5Sgm3ahMQGhWXHXmC4RB4/TDt1kW4DXXqEyuzSw+wCxP/pSY
lGfR2U9Y1MoqvWzAXh/dJ9NaGL0SbAmSRYF6tM+kU6jz+/m/JVyNA8RW8eA=
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:42:10 2025 by rpki-client