Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e13db33d-b492-48c9-a7e4-aa878a359fe3.roa
File: e13db33d-b492-48c9-a7e4-aa878a359fe3.roa (raw, json)
Hash identifier: gp0WM/Q2AGbPSvwXnyi1p+KiQye2+Nt2zaLsYowoR6o=
Subject key identifier: 9A:18:28:7C:53:8A:53:25:3C:5A:78:C4:EC:E7:1E:20:3B:C1:07:12
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 787A0720775D962E45423E334C24874281A7FF18
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e13db33d-b492-48c9-a7e4-aa878a359fe3.roa
Signing time: Tue 30 Sep 2025 00:37:47 +0000
ROA not before: Tue 30 Sep 2025 00:37:47 +0000
ROA not after: Tue 04 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 23.254.120.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:7a:07:20:77:5d:96:2e:45:42:3e:33:4c:24:87:42:81:a7:ff:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Sep 30 00:37:47 2025 GMT
Not After : Nov 4 23:59:59 2025 GMT
Subject: serialNumber=fb8d978bf6cf6f97784e02ba236d4c65721381265cb6d3aacdd743f12a668c91, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:91:94:09:10:ea:fe:90:67:6d:f5:52:26:58:
d4:97:85:3c:c6:73:db:69:92:08:85:67:ca:e1:23:
50:ea:f4:04:b8:8c:04:fb:fb:f5:21:8e:85:c5:04:
39:2c:41:e5:da:30:90:4e:dd:ca:bb:fb:4b:e9:f8:
d0:5d:e3:db:37:46:74:cf:86:39:14:e7:8e:41:30:
ef:08:62:b8:f0:72:93:46:3c:aa:70:97:df:f4:4d:
f2:e2:e7:0c:94:2f:32:f0:ef:7e:cd:f1:8f:2d:f8:
67:08:a9:b2:56:9b:62:4e:62:0a:6c:de:9f:4b:25:
fd:98:e6:6e:86:97:d2:4a:2e:4a:92:66:39:47:b6:
69:00:20:bc:f5:e9:08:c1:c2:e7:20:9c:91:42:4a:
28:c5:53:bc:44:bd:3b:6a:68:f3:8a:f6:39:9e:7d:
b7:11:0c:4e:20:67:08:fd:2d:da:1c:17:96:f7:61:
98:70:7f:02:31:f7:57:e4:f5:b0:96:aa:9b:60:aa:
2e:78:72:e3:15:13:8c:bc:8f:b6:4d:1d:eb:ab:d3:
b7:cc:84:cf:b6:2d:96:6f:95:ee:3d:79:4e:21:64:
28:e9:08:21:fd:46:b1:c7:70:fb:cb:51:85:31:c0:
50:a8:e9:2a:70:4c:b9:4d:6c:b0:13:10:f6:b3:14:
cd:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:18:28:7C:53:8A:53:25:3C:5A:78:C4:EC:E7:1E:20:3B:C1:07:12
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e13db33d-b492-48c9-a7e4-aa878a359fe3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.254.120.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:04:f7:c7:3d:18:80:ba:74:8c:c9:b2:58:c8:26:50:c9:21:
71:88:0c:b1:45:71:0b:b7:92:62:20:59:7c:1f:64:1b:ba:9b:
2a:3c:8e:12:35:57:58:3c:73:88:3a:43:0b:94:3f:bf:8a:1d:
5c:d3:bd:1c:b8:ca:a3:e3:5e:f7:51:3f:9b:ab:6c:77:75:b8:
38:6b:15:ba:dd:bb:57:24:28:4c:ba:70:0d:c0:36:09:89:07:
e4:d5:bf:9b:d3:7e:c5:6b:ec:72:dd:df:4f:22:8b:48:21:6d:
ea:a1:7c:36:70:ee:0c:da:3b:dc:37:ea:78:ae:cd:18:e6:a3:
e9:fa:d6:e7:ca:6a:b3:75:13:40:3c:51:92:d2:ab:f8:c3:c2:
44:6c:a3:e2:0c:e3:08:38:32:57:d3:e7:ba:36:47:43:f6:2b:
38:d1:ed:4e:a5:3c:a4:65:77:db:16:3b:0b:4b:e5:12:b7:ba:
fc:f1:65:99:46:23:0e:28:55:bb:7f:85:15:3a:a4:20:75:8d:
14:cb:92:3d:ab:bb:20:7e:84:b2:6c:45:58:13:3e:3b:10:37:
49:81:97:2a:c9:16:76:b0:85:40:cf:7a:00:ba:0a:a0:4c:e6:
d1:ec:1d:65:a4:52:63:26:a7:c1:52:33:0e:98:91:0c:ee:6e:
25:aa:3b:d0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUeHoHIHddli5FQj4zTCSHQoGn/xgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTMwMDAzNzQ3WhcNMjUxMTA0MjM1OTU5
WjB6MUkwRwYDVQQFE0BmYjhkOTc4YmY2Y2Y2Zjk3Nzg0ZTAyYmEyMzZkNGM2NTcy
MTM4MTI2NWNiNmQzYWFjZGQ3NDNmMTJhNjY4YzkxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCNkZQJEOr+kGdt9VImWNSXhTzGc9tpkgiFZ8rhI1Dq9AS4
jAT7+/UhjoXFBDksQeXaMJBO3cq7+0vp+NBd49s3RnTPhjkU545BMO8IYrjwcpNG
PKpwl9/0TfLi5wyULzLw737N8Y8t+GcIqbJWm2JOYgps3p9LJf2Y5m6Gl9JKLkqS
ZjlHtmkAILz16QjBwucgnJFCSijFU7xEvTtqaPOK9jmefbcRDE4gZwj9LdocF5b3
YZhwfwIx91fk9bCWqptgqi54cuMVE4y8j7ZNHeur07fMhM+2LZZvle49eU4hZCjp
CCH9RrHHcPvLUYUxwFCo6SpwTLlNbLATEPazFM1nAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUmhgofFOKUyU8WnjE7OceIDvBBxIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2UxM2RiMzNkLWI0OTItNDhjOS1hN2U0LWFhODc4YTM1OWZlMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIX/ngwDQYJKoZIhvcNAQELBQADggEBAKcE98c9GIC6dIzJsljIJlDJIXGI
DLFFcQu3kmIgWXwfZBu6myo8jhI1V1g8c4g6QwuUP7+KHVzTvRy4yqPjXvdRP5ur
bHd1uDhrFbrdu1ckKEy6cA3ANgmJB+TVv5vTfsVr7HLd308ii0ghbeqhfDZw7gza
O9w36niuzRjmo+n61ufKarN1E0A8UZLSq/jDwkRso+IM4wg4MlfT57o2R0P2KzjR
7U6lPKRld9sWOwtL5RK3uvzxZZlGIw4oVbt/hRU6pCB1jRTLkj2ruyB+hLJsRVgT
PjsQN0mBlyrJFnawhUDPegC6CqBM5tHsHWWkUmMmp8FSMw6YkQzubiWqO9A=
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:44:10 2025 by rpki-client