Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b7c0cb74-fe99-4d60-a3ad-d4c299875974.roa
File: b7c0cb74-fe99-4d60-a3ad-d4c299875974.roa (raw, json)
Hash identifier: ZhAoCYqJOQrNmPOelJTf+Xl90heHuwMshbN7uSRPCLo=
Subject key identifier: D2:91:1C:0E:2E:2B:1B:BD:97:07:9F:62:9B:96:A2:C4:BB:EA:F5:53
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3A4F1B17AB9A650C987234E5987532D3B14D7FD4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b7c0cb74-fe99-4d60-a3ad-d4c299875974.roa
Signing time: Fri 26 Sep 2025 00:21:26 +0000
ROA not before: Fri 26 Sep 2025 00:21:26 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 204.130.202.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:4f:1b:17:ab:9a:65:0c:98:72:34:e5:98:75:32:d3:b1:4d:7f:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Sep 26 00:21:26 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=6dc13520897a1dd3a2100f0c4bc0ec6eba4ac07ad86dc3b9679b29d921b0edd9, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:cd:ea:d1:1d:94:34:a2:9e:df:d1:1a:50:9f:
9e:a2:f7:1b:73:78:05:a8:f8:c4:38:a1:05:47:80:
7d:e3:59:6a:f5:cb:9d:1a:d4:c0:4e:cb:a8:d0:53:
2b:85:27:66:f8:5b:dc:54:a4:aa:a7:3f:5a:50:b1:
af:59:e9:f7:05:5f:03:f1:29:21:ee:f6:15:7c:38:
60:b6:0e:80:fa:17:aa:ea:8f:bb:0f:8d:20:93:c7:
4d:fb:07:4a:4d:ef:2e:ac:75:eb:a9:92:d5:67:56:
ac:c4:1c:2b:d5:f6:51:af:58:97:28:51:51:14:a6:
23:d0:8e:e0:d1:ee:06:a4:88:c4:0f:e5:cf:2c:f5:
2e:d8:71:54:d4:ef:e5:78:ba:a3:82:67:b7:ab:45:
67:0d:2e:54:0d:1e:4a:5c:07:1d:31:50:47:fd:1c:
e4:59:a7:b5:90:27:6e:59:bb:f9:79:cc:f9:d2:a5:
bc:75:44:3d:4d:40:e2:35:54:f4:7a:b0:a2:18:a3:
d2:ba:09:fd:eb:bf:f4:d1:3c:17:55:9b:b8:4d:76:
50:c6:ba:c4:01:04:1c:ef:13:10:66:72:3d:bf:4b:
fb:7f:b4:15:1a:9a:83:9f:0d:40:6c:a5:f7:42:67:
08:81:99:cb:b9:db:c1:3b:37:b6:78:96:c5:13:a8:
5e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:91:1C:0E:2E:2B:1B:BD:97:07:9F:62:9B:96:A2:C4:BB:EA:F5:53
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b7c0cb74-fe99-4d60-a3ad-d4c299875974.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
204.130.202.0/24
Signature Algorithm: sha256WithRSAEncryption
98:76:9c:3a:4a:bd:9f:94:62:d2:16:2d:fa:1d:44:17:41:b2:
4f:7e:08:a9:5f:45:be:58:7d:47:42:54:53:5c:8f:b6:21:b7:
bd:57:01:76:e2:4f:54:fb:22:f2:82:23:7c:d7:8f:67:7d:18:
91:10:ce:54:ce:50:b6:2a:ba:6b:c0:ea:2c:26:91:4e:23:a0:
e4:ec:4b:94:c1:2e:a9:14:da:6f:36:35:22:42:0d:4f:06:de:
95:05:39:94:de:ff:70:86:a1:b4:4e:a7:ce:76:42:9d:22:de:
ee:49:b0:e0:13:56:6f:07:be:5c:d0:b4:38:5f:6d:94:a1:16:
84:88:24:5c:b3:50:19:5e:26:66:0c:95:3d:aa:28:9d:c0:82:
07:c9:2b:76:fe:98:d3:15:16:e5:15:7c:e2:f8:0e:38:fd:c3:
9a:24:ed:47:dc:cb:cb:c2:06:6d:fa:1d:72:60:e8:e1:4e:71:
74:f9:9e:17:a2:d0:50:64:49:e4:e3:43:2c:9a:3f:41:98:e5:
ff:79:9b:6c:30:ae:49:1a:95:90:01:4a:4d:69:be:bb:7f:40:
ec:42:ac:26:ab:86:f3:2e:23:63:2d:60:f0:30:fb:e7:25:20:
96:8c:70:e3:41:59:e3:37:82:7a:f5:78:37:8f:7e:a7:61:a1:
a6:f6:68:ca
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOk8bF6uaZQyYcjTlmHUy07FNf9QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI2MDAyMTI2WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A2ZGMxMzUyMDg5N2ExZGQzYTIxMDBmMGM0YmMwZWM2ZWJh
NGFjMDdhZDg2ZGMzYjk2NzliMjlkOTIxYjBlZGQ5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDczerRHZQ0op7f0RpQn56i9xtzeAWo+MQ4oQVHgH3jWWr1
y50a1MBOy6jQUyuFJ2b4W9xUpKqnP1pQsa9Z6fcFXwPxKSHu9hV8OGC2DoD6F6rq
j7sPjSCTx037B0pN7y6sdeupktVnVqzEHCvV9lGvWJcoUVEUpiPQjuDR7gakiMQP
5c8s9S7YcVTU7+V4uqOCZ7erRWcNLlQNHkpcBx0xUEf9HORZp7WQJ25Zu/l5zPnS
pbx1RD1NQOI1VPR6sKIYo9K6Cf3rv/TRPBdVm7hNdlDGusQBBBzvExBmcj2/S/t/
tBUamoOfDUBspfdCZwiBmcu528E7N7Z4lsUTqF43AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU0pEcDi4rG72XB59im5aixLvq9VMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I3YzBjYjc0LWZlOTktNGQ2MC1hM2FkLWQ0YzI5OTg3NTk3NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADMgsowDQYJKoZIhvcNAQELBQADggEBAJh2nDpKvZ+UYtIWLfodRBdBsk9+
CKlfRb5YfUdCVFNcj7Yht71XAXbiT1T7IvKCI3zXj2d9GJEQzlTOULYqumvA6iwm
kU4joOTsS5TBLqkU2m82NSJCDU8G3pUFOZTe/3CGobROp852Qp0i3u5JsOATVm8H
vlzQtDhfbZShFoSIJFyzUBleJmYMlT2qKJ3AggfJK3b+mNMVFuUVfOL4Djj9w5ok
7Ufcy8vCBm36HXJg6OFOcXT5nhei0FBkSeTjQyyaP0GY5f95m2wwrkkalZABSk1p
vrt/QOxCrCarhvMuI2MtYPAw++clIJaMcONBWeM3gnr1eDePfqdhoab2aMo=
-----END CERTIFICATE-----
Generated at Sat Oct 18 01:44:07 2025 by rpki-client