Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b8a1d699-66bf-4eac-bb45-6e3527625d81.roa
File: b8a1d699-66bf-4eac-bb45-6e3527625d81.roa (raw, json)
Hash identifier: 7H2OeKpekOaPqPt9vfmwTlhQU1uiGekRGcnFISBgsMc=
Subject key identifier: A8:EF:68:5B:DA:0F:83:93:FF:FB:2E:D6:01:F9:D4:90:EB:D6:94:6E
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: E33F6442366206EF278B354C535E2E57304254
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b8a1d699-66bf-4eac-bb45-6e3527625d81.roa
Signing time: Tue 11 Nov 2025 00:31:22 +0000
ROA not before: Tue 11 Nov 2025 00:31:22 +0000
ROA not after: Tue 16 Dec 2025 23:59:59 +0000
asID: 8987
IP address blocks: 192.43.184.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
e3:3f:64:42:36:62:06:ef:27:8b:35:4c:53:5e:2e:57:30:42:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 11 00:31:22 2025 GMT
Not After : Dec 16 23:59:59 2025 GMT
Subject: serialNumber=d41a76ac05da24395f55a8e3d4d589d5b1c6f4de6fbbeb905fafeec081b92bc6, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:a4:71:f5:23:9c:57:a7:52:22:08:d7:c2:c6:
6c:4f:78:9f:a1:47:66:c4:ed:b4:8d:dd:87:b8:c7:
e1:a7:b7:22:b7:b5:8c:e2:5b:b0:b7:d7:a8:6f:8e:
fa:dc:25:98:94:30:23:93:46:48:a6:09:28:a5:d4:
98:ec:9a:1f:91:9d:33:0f:dc:a0:a3:a9:35:e2:62:
cc:e8:3b:c9:79:37:fd:b9:25:95:29:12:14:45:ec:
af:5f:a7:1b:66:cc:1a:f6:45:2d:69:c9:b5:bc:81:
64:a0:7f:6d:e1:1b:0d:58:8e:95:83:16:a8:b7:b2:
59:f4:61:ba:4e:ad:08:6d:b2:ed:b9:1e:c1:4a:0b:
46:d9:f2:dd:5a:02:97:98:f2:b5:9b:be:99:0f:d3:
c4:9c:64:2c:3d:c0:57:76:84:0c:11:8d:85:77:9d:
ba:5f:3a:0f:e4:23:e1:ca:4f:ab:2f:3f:ff:e6:f3:
d1:ba:16:bc:87:13:84:e2:9e:23:6c:95:d8:de:39:
8a:6f:48:1b:f6:1e:d8:a4:2f:ed:fc:89:18:2e:cd:
d2:64:48:a4:12:34:8c:5e:84:c9:97:94:73:9c:63:
d8:a9:25:df:40:d9:4a:26:2e:6b:6b:79:28:4a:b5:
73:32:62:74:a5:9f:2b:cc:58:49:33:d5:87:b4:60:
42:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:EF:68:5B:DA:0F:83:93:FF:FB:2E:D6:01:F9:D4:90:EB:D6:94:6E
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b8a1d699-66bf-4eac-bb45-6e3527625d81.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.43.184.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:f8:35:91:5d:06:c7:db:99:a8:7e:83:d2:9b:65:7b:31:94:
2f:f0:d3:e0:c1:e5:44:20:40:56:1d:60:f0:9d:83:d4:e3:81:
e0:69:b9:1d:99:0b:56:a1:cc:24:8b:fa:b5:f9:3b:72:30:78:
85:08:97:cb:f4:47:3b:32:ff:d0:d2:fa:88:f2:97:92:44:b7:
ad:a8:29:dd:07:74:66:9e:91:55:82:d9:0f:52:91:98:17:69:
c5:73:00:3a:a2:d2:4b:4d:c4:2f:e0:af:62:84:7e:ff:d3:20:
68:05:b9:c0:77:15:ff:18:dc:c6:43:f5:26:67:6f:a1:70:48:
a5:24:92:07:82:1a:22:29:48:ef:fa:b9:db:84:99:6e:67:3a:
26:ee:5a:46:61:43:94:e8:bb:8e:14:26:03:70:d2:49:ec:8f:
fa:4b:f0:86:a2:36:e9:9e:58:33:6a:85:ad:ec:51:ba:f7:f9:
ff:74:6d:e8:e4:e8:70:65:58:19:c7:cc:ec:22:4c:92:f6:4c:
e2:19:6f:a1:59:9a:8c:27:59:b6:31:3f:bf:28:66:50:4d:4f:
8b:ab:00:fe:9e:25:1e:4d:d6:21:5e:10:05:3f:1b:b5:1d:95:
71:50:6f:a1:a6:4c:81:b5:7a:c7:94:3e:a1:90:e2:46:cc:e3:
08:b4:09:56
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAOM/ZEI2YgbvJ4s1TFNeLlcwQlQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDAzMTIyWhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BkNDFhNzZhYzA1ZGEyNDM5NWY1NWE4ZTNkNGQ1ODlkNWIx
YzZmNGRlNmZiYmViOTA1ZmFmZWVjMDgxYjkyYmM2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDhpHH1I5xXp1IiCNfCxmxPeJ+hR2bE7bSN3Ye4x+GntyK3
tYziW7C316hvjvrcJZiUMCOTRkimCSil1Jjsmh+RnTMP3KCjqTXiYszoO8l5N/25
JZUpEhRF7K9fpxtmzBr2RS1pybW8gWSgf23hGw1YjpWDFqi3sln0YbpOrQhtsu25
HsFKC0bZ8t1aApeY8rWbvpkP08ScZCw9wFd2hAwRjYV3nbpfOg/kI+HKT6svP//m
89G6FryHE4TiniNsldjeOYpvSBv2HtikL+38iRguzdJkSKQSNIxehMmXlHOcY9ip
Jd9A2UomLmtreShKtXMyYnSlnyvMWEkz1Ye0YELHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUqO9oW9oPg5P/+y7WAfnUkOvWlG4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I4YTFkNjk5LTY2YmYtNGVhYy1iYjQ1LTZlMzUyNzYyNWQ4MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADAK7gwDQYJKoZIhvcNAQELBQADggEBALb4NZFdBsfbmah+g9KbZXsxlC/w
0+DB5UQgQFYdYPCdg9TjgeBpuR2ZC1ahzCSL+rX5O3IweIUIl8v0Rzsy/9DS+ojy
l5JEt62oKd0HdGaekVWC2Q9SkZgXacVzADqi0ktNxC/gr2KEfv/TIGgFucB3Ff8Y
3MZD9SZnb6FwSKUkkgeCGiIpSO/6uduEmW5nOibuWkZhQ5Tou44UJgNw0knsj/pL
8IaiNumeWDNqha3sUbr3+f90bejk6HBlWBnHzOwiTJL2TOIZb6FZmownWbYxP78o
ZlBNT4urAP6eJR5N1iFeEAU/G7UdlXFQb6GmTIG1eseUPqGQ4kbM4wi0CVY=
-----END CERTIFICATE-----
Generated at Fri Nov 14 12:37:12 2025 by rpki-client