Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f0410a52-8f7d-4ab1-965c-eba5f15660b2.roa
File: f0410a52-8f7d-4ab1-965c-eba5f15660b2.roa (raw, json)
Hash identifier: ryuUeRcvEH1seOxQZHgN4PPobEw3xIBnIONK8DHMFFc=
Subject key identifier: BF:37:18:32:EA:66:E0:90:3B:6D:B8:7C:7D:C1:90:83:DE:44:4F:9C
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3416229501A562A114E6BD5A7D2FB52EFC01D7F2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f0410a52-8f7d-4ab1-965c-eba5f15660b2.roa
Signing time: Sun 16 Nov 2025 00:30:46 +0000
ROA not before: Sun 16 Nov 2025 00:30:46 +0000
ROA not after: Sun 21 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 40.195.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:16:22:95:01:a5:62:a1:14:e6:bd:5a:7d:2f:b5:2e:fc:01:d7:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 16 00:30:46 2025 GMT
Not After : Dec 21 23:59:59 2025 GMT
Subject: serialNumber=f73a73cc06cafe07e4cd080e41108ebf837b7437daecab588554da6a23addbd3, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:85:86:11:0a:36:8b:67:e5:7c:ef:36:79:18:
ce:1a:a5:c0:42:36:06:92:84:08:01:67:09:35:9b:
36:43:51:1c:1c:a5:7f:00:58:86:c3:3e:a0:41:f4:
a2:f5:b8:4d:17:ce:54:f2:d7:eb:3d:90:a1:cc:16:
06:d8:8b:5b:06:32:71:d0:c9:13:f4:8a:39:38:a0:
a1:2a:18:a4:d8:96:f8:73:e2:d7:af:9c:be:eb:1c:
02:8f:61:89:28:9f:eb:a4:0b:0e:c5:5a:36:df:7c:
04:be:5d:cd:60:a7:ce:f6:32:54:16:f0:5f:15:76:
89:3c:8c:76:55:02:4c:d5:97:9b:62:e8:1a:06:be:
6a:b8:f5:6f:18:94:3c:46:e4:7a:a5:3c:4a:2e:88:
dd:36:cd:ba:e8:ea:51:aa:75:a1:80:c0:ad:20:09:
c9:dc:8f:fc:a0:12:00:0a:63:12:3e:5d:1c:a0:5b:
8e:db:8b:be:d7:85:1f:f2:43:88:20:d1:dc:65:c7:
74:c3:ec:e7:85:5a:4e:74:6b:60:55:85:7d:54:b9:
6d:57:c0:09:3a:b6:df:95:dd:8d:b3:db:e2:2f:db:
8d:91:ab:56:a8:7f:34:37:05:16:5d:c1:3c:de:48:
00:81:a3:0f:7c:ed:7c:65:bb:b2:0e:d4:36:11:a9:
61:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:37:18:32:EA:66:E0:90:3B:6D:B8:7C:7D:C1:90:83:DE:44:4F:9C
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f0410a52-8f7d-4ab1-965c-eba5f15660b2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
40.195.0.0/16
Signature Algorithm: sha256WithRSAEncryption
21:f1:21:01:fd:b3:76:6a:dc:76:1d:64:c3:d8:44:de:22:ce:
d0:9c:f6:64:25:fe:68:7a:0a:dd:68:f4:1c:4b:dc:7e:dc:bd:
59:0c:a8:62:1d:a0:e9:1f:5d:d4:de:37:cd:2b:15:5c:d4:a7:
6d:fa:88:da:cf:0f:9b:06:fb:48:20:95:1c:23:d8:30:bf:0d:
17:11:f6:30:4d:c9:3e:13:32:a0:d9:52:89:38:7a:97:61:89:
9b:4a:47:3f:90:b3:59:2b:b5:82:d3:27:3f:57:7d:69:96:eb:
46:d3:c9:19:2a:74:8a:97:f2:5c:c5:79:4d:28:7c:86:42:25:
bd:eb:64:6c:1e:09:45:35:04:d3:21:17:09:69:60:dd:ae:02:
81:aa:dc:d1:e9:73:2c:e8:d1:bf:39:2b:19:71:03:ce:b9:15:
a0:4a:47:51:1a:52:1f:01:75:14:2b:80:fa:7f:f2:77:c6:3d:
68:eb:6b:e1:59:4b:46:ef:77:ec:5d:13:e6:d6:0d:14:45:65:
ca:00:0a:39:5a:13:3b:33:f2:3a:4e:cb:d2:73:9a:a2:13:9e:
68:22:46:88:4b:23:ca:29:4e:05:16:fe:de:45:1a:cc:5f:90:
3f:56:71:66:dd:da:f5:60:bd:b6:e0:54:33:5d:6a:20:ad:72:
66:a3:85:b1
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUNBYilQGlYqEU5r1afS+1LvwB1/IwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTE2MDAzMDQ2WhcNMjUxMjIxMjM1OTU5
WjB6MUkwRwYDVQQFE0BmNzNhNzNjYzA2Y2FmZTA3ZTRjZDA4MGU0MTEwOGViZjgz
N2I3NDM3ZGFlY2FiNTg4NTU0ZGE2YTIzYWRkYmQzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDAhYYRCjaLZ+V87zZ5GM4apcBCNgaShAgBZwk1mzZDURwc
pX8AWIbDPqBB9KL1uE0XzlTy1+s9kKHMFgbYi1sGMnHQyRP0ijk4oKEqGKTYlvhz
4tevnL7rHAKPYYkon+ukCw7FWjbffAS+Xc1gp872MlQW8F8Vdok8jHZVAkzVl5ti
6BoGvmq49W8YlDxG5HqlPEouiN02zbro6lGqdaGAwK0gCcncj/ygEgAKYxI+XRyg
W47bi77XhR/yQ4gg0dxlx3TD7OeFWk50a2BVhX1UuW1XwAk6tt+V3Y2z2+Iv242R
q1aofzQ3BRZdwTzeSACBow987Xxlu7IO1DYRqWGvAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUvzcYMupm4JA7bbh8fcGQg95ET5wwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2YwNDEwYTUyLThmN2QtNGFiMS05NjVjLWViYTVmMTU2NjBiMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAowzANBgkqhkiG9w0BAQsFAAOCAQEAIfEhAf2zdmrcdh1kw9hE3iLO0Jz2
ZCX+aHoK3Wj0HEvcfty9WQyoYh2g6R9d1N43zSsVXNSnbfqI2s8Pmwb7SCCVHCPY
ML8NFxH2ME3JPhMyoNlSiTh6l2GJm0pHP5CzWSu1gtMnP1d9aZbrRtPJGSp0ipfy
XMV5TSh8hkIlvetkbB4JRTUE0yEXCWlg3a4Cgarc0elzLOjRvzkrGXEDzrkVoEpH
URpSHwF1FCuA+n/yd8Y9aOtr4VlLRu937F0T5tYNFEVlygAKOVoTOzPyOk7L0nOa
ohOeaCJGiEsjyilOBRb+3kUazF+QP1ZxZt3a9WC9tuBUM11qIK1yZqOFsQ==
-----END CERTIFICATE-----
Generated at Tue Nov 18 06:41:34 2025 by rpki-client