Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b1564f4a-7df0-4932-af96-1ebffff2e421.roa
File: b1564f4a-7df0-4932-af96-1ebffff2e421.roa (raw, json)
Hash identifier: KcToWRR3FnWk58fDr3A4sUkIiKF/1mE+pcLIxoyq9pE=
Subject key identifier: D4:84:F2:32:88:DA:D1:F6:22:CF:7F:71:53:CA:30:DC:73:47:81:74
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 0D89E40801DCD5F7AF37D0C210D3EC8E92FCEA39
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b1564f4a-7df0-4932-af96-1ebffff2e421.roa
Signing time: Wed 22 Oct 2025 00:00:12 +0000
ROA not before: Wed 22 Oct 2025 00:00:12 +0000
ROA not after: Wed 26 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 72.29.0.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:89:e4:08:01:dc:d5:f7:af:37:d0:c2:10:d3:ec:8e:92:fc:ea:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 22 00:00:12 2025 GMT
Not After : Nov 26 23:59:59 2025 GMT
Subject: serialNumber=5075d69b67816a2c51a8861913ef83134ed6c57c9ffcba936c25969cc7746198, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:3b:21:0b:be:09:f4:ba:8d:e4:9f:c3:9b:c3:
25:dd:ef:53:5f:d4:a5:9f:33:11:5b:89:8b:cc:6f:
c0:9b:52:15:cb:62:4a:b1:9b:33:96:26:86:db:4f:
9c:e9:ef:e8:9f:56:e4:a6:94:90:af:17:14:d2:91:
df:83:62:95:e7:b7:fe:25:de:02:44:88:cf:e2:45:
d9:0d:b1:1d:e3:28:07:2c:8d:1a:77:7b:54:b1:81:
a9:70:e8:72:94:1c:64:32:75:34:8c:69:99:69:9b:
fe:ad:32:0c:80:94:4a:7f:07:18:5f:87:26:85:b5:
e7:70:12:c6:c1:6a:2d:32:20:1c:6c:73:86:41:c5:
5a:1b:1c:fc:23:3e:6f:3e:2b:12:87:5a:a6:ed:f9:
72:8e:02:3a:2b:dd:d2:28:b2:9d:46:e9:ab:aa:71:
c7:da:6e:0a:d7:15:5c:05:e8:96:fd:74:7d:65:43:
73:f6:23:69:17:4c:34:16:8b:e7:82:06:89:41:e8:
ed:8c:95:e5:1d:dd:79:cf:6e:0a:0b:e9:e1:01:81:
92:1e:e2:92:04:11:77:bb:6e:00:dc:82:42:6e:39:
35:91:c8:2e:65:78:e2:98:20:49:fb:08:97:e4:d5:
bc:fc:b2:d4:70:e2:3a:c6:45:34:7d:55:b5:f8:16:
0e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:84:F2:32:88:DA:D1:F6:22:CF:7F:71:53:CA:30:DC:73:47:81:74
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b1564f4a-7df0-4932-af96-1ebffff2e421.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
72.29.0.0/19
Signature Algorithm: sha256WithRSAEncryption
cd:51:97:0c:dd:b9:06:ce:fe:d6:a0:5c:0b:a5:b0:a6:8d:24:
68:b5:55:4b:8e:a7:8f:0a:3b:6c:bc:91:82:4a:64:bb:62:4d:
c5:fd:08:26:fd:01:bb:61:92:8a:6d:41:c7:22:03:b2:50:91:
c5:4c:36:7b:a4:17:47:63:cb:82:b8:26:94:e6:9c:d5:18:35:
1e:e0:0a:8a:d0:01:19:a0:e0:32:86:95:96:6f:97:6e:2f:e8:
6d:b4:b8:c0:36:70:78:63:8e:a5:28:18:8a:61:86:14:39:0b:
da:f0:bc:e7:69:67:8c:3c:97:85:ed:ae:5c:87:9e:6d:1c:0a:
f1:05:35:bb:21:8e:85:a6:48:1a:3c:69:5c:e6:f3:0c:7d:4d:
34:c7:27:50:6b:c3:5a:e9:ae:24:7a:59:76:c1:cb:0d:bc:9d:
24:6b:0b:01:3d:1d:65:e4:a2:08:c6:8a:9f:32:77:2f:cc:20:
19:1e:0d:40:7b:ec:1d:af:e8:ff:97:57:e0:a0:28:23:b4:06:
2b:29:46:05:51:39:47:55:9e:bd:14:00:41:c3:93:0b:f2:72:
54:96:3b:69:3b:64:7f:ef:32:a6:63:78:22:53:87:6e:db:88:
34:0c:bf:c0:19:5e:e6:9a:eb:53:36:bc:8b:06:eb:5b:80:56:
db:44:bb:03
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDYnkCAHc1fevN9DCENPsjpL86jkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIyMDAwMDEyWhcNMjUxMTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0A1MDc1ZDY5YjY3ODE2YTJjNTFhODg2MTkxM2VmODMxMzRl
ZDZjNTdjOWZmY2JhOTM2YzI1OTY5Y2M3NzQ2MTk4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDfOyELvgn0uo3kn8ObwyXd71Nf1KWfMxFbiYvMb8CbUhXL
YkqxmzOWJobbT5zp7+ifVuSmlJCvFxTSkd+DYpXnt/4l3gJEiM/iRdkNsR3jKAcs
jRp3e1Sxgalw6HKUHGQydTSMaZlpm/6tMgyAlEp/BxhfhyaFtedwEsbBai0yIBxs
c4ZBxVobHPwjPm8+KxKHWqbt+XKOAjor3dIosp1G6auqccfabgrXFVwF6Jb9dH1l
Q3P2I2kXTDQWi+eCBolB6O2MleUd3XnPbgoL6eEBgZIe4pIEEXe7bgDcgkJuOTWR
yC5leOKYIEn7CJfk1bz8stRw4jrGRTR9VbX4Fg6pAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU1ITyMoja0fYiz39xU8ow3HNHgXQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2IxNTY0ZjRhLTdkZjAtNDkzMi1hZjk2LTFlYmZmZmYyZTQyMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAVIHQAwDQYJKoZIhvcNAQELBQADggEBAM1RlwzduQbO/tagXAulsKaNJGi1
VUuOp48KO2y8kYJKZLtiTcX9CCb9AbthkoptQcciA7JQkcVMNnukF0djy4K4JpTm
nNUYNR7gCorQARmg4DKGlZZvl24v6G20uMA2cHhjjqUoGIphhhQ5C9rwvOdpZ4w8
l4XtrlyHnm0cCvEFNbshjoWmSBo8aVzm8wx9TTTHJ1Brw1rpriR6WXbByw28nSRr
CwE9HWXkogjGip8ydy/MIBkeDUB77B2v6P+XV+CgKCO0BispRgVROUdVnr0UAEHD
kwvyclSWO2k7ZH/vMqZjeCJTh27biDQMv8AZXuaa61M2vIsG61uAVttEuwM=
-----END CERTIFICATE-----
Generated at Thu Oct 23 04:32:43 2025 by rpki-client