Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fd657b2a-a06f-4226-9e04-9cd3daeffc75.roa
File: fd657b2a-a06f-4226-9e04-9cd3daeffc75.roa (raw, json)
Hash identifier: AFn/qtUrxPfCVQg/A1UV97zOoCRfF8xAWYMmWAEE+Vo=
Subject key identifier: E7:05:00:AC:96:44:58:82:7B:E3:20:7F:FD:82:20:AB:63:65:EC:28
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 475393414DED92EACE8D80E01955C4644E3F2E44
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fd657b2a-a06f-4226-9e04-9cd3daeffc75.roa
Signing time: Sat 18 Oct 2025 05:11:45 +0000
ROA not before: Sat 18 Oct 2025 05:11:45 +0000
ROA not after: Sat 22 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 65.8.198.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:53:93:41:4d:ed:92:ea:ce:8d:80:e0:19:55:c4:64:4e:3f:2e:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 18 05:11:45 2025 GMT
Not After : Nov 22 23:59:59 2025 GMT
Subject: serialNumber=66416aebf34e30fe1887236f933d49ed8a12a519e75c9eb319b85dd8cafe320d, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0e:c7:65:86:32:4a:c3:19:62:d8:22:eb:47:
90:ae:f9:42:9e:5e:c6:7c:6b:5b:ff:13:85:10:2e:
4f:83:40:bb:ca:1c:1a:c3:4d:cc:cf:9e:cc:64:e1:
b0:c2:b0:7f:df:d8:3b:5f:dd:11:cd:37:df:04:1a:
fa:e8:05:fd:0f:9c:a6:3a:04:3a:c1:bf:e2:7d:59:
87:bf:94:7a:89:37:19:78:e9:41:6e:e9:54:77:5b:
90:da:86:64:b2:a2:e8:b9:4e:f4:fc:3e:fd:46:28:
0e:b1:0a:cd:16:30:a7:3e:77:9e:52:81:b5:5e:99:
e4:3f:a2:f2:c3:1e:0d:02:3a:73:d6:02:79:9f:53:
dd:19:c5:6f:c9:b8:11:3c:2d:b9:c0:36:6e:37:84:
e3:8d:92:09:cf:6d:08:c7:f6:45:9d:4c:76:05:8a:
da:cc:55:80:32:87:65:07:a6:9e:27:16:57:e2:53:
52:7d:fa:1f:a2:a6:03:05:a4:cd:f4:51:a6:19:a6:
78:fc:b1:c9:c8:7b:73:da:df:a9:1c:bb:7f:01:7d:
59:d9:5f:10:67:3d:1f:95:c5:e5:62:df:23:22:12:
69:ad:20:c4:69:be:41:b5:46:5e:b1:10:49:79:7a:
d2:2c:3f:c3:dc:61:c7:3a:b6:70:a9:99:3f:f9:4e:
75:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:05:00:AC:96:44:58:82:7B:E3:20:7F:FD:82:20:AB:63:65:EC:28
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fd657b2a-a06f-4226-9e04-9cd3daeffc75.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
65.8.198.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:81:17:18:39:8a:95:d0:5a:11:74:f1:3a:81:30:aa:b1:75:
14:9c:c6:87:11:5c:f3:c4:fc:46:61:36:54:b5:43:23:17:d6:
9b:75:93:58:8c:eb:1d:fb:35:e0:84:e1:29:87:23:40:c4:2e:
f6:30:4c:29:c5:cd:a4:db:64:29:3d:f1:17:ed:f8:82:4f:08:
05:a6:6f:40:14:78:43:8a:f2:69:25:85:6e:93:9a:da:6b:c9:
e7:17:56:68:78:70:ed:ee:5e:59:ea:bd:f4:76:6c:35:a6:62:
99:10:e5:d7:a1:48:92:0d:9d:11:ed:62:08:bb:b5:bd:17:ad:
ff:60:8c:44:59:19:33:9b:2f:34:87:cd:98:cb:ca:3c:0f:13:
ce:52:ff:3f:67:7d:2d:1c:e0:31:c3:e9:9c:cd:cb:ca:25:cd:
c8:06:82:0b:d4:78:17:a8:48:3a:23:20:d7:ea:20:87:be:46:
b3:b2:eb:a2:7e:2b:88:d5:83:91:32:ec:44:f2:a5:8f:e5:cb:
62:c1:ce:82:90:6a:be:05:d0:61:27:e7:84:b1:aa:c6:fe:07:
22:22:2f:54:b8:2f:84:ca:92:b1:84:f7:ac:f8:fa:1b:5f:6a:
ca:c3:19:43:5e:13:cd:94:78:bd:63:47:a0:db:50:a5:c8:da:
6c:94:92:a8
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUR1OTQU3tkurOjYDgGVXEZE4/LkQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE4MDUxMTQ1WhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A2NjQxNmFlYmYzNGUzMGZlMTg4NzIzNmY5MzNkNDllZDhh
MTJhNTE5ZTc1YzllYjMxOWI4NWRkOGNhZmUzMjBkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0DsdlhjJKwxli2CLrR5Cu+UKeXsZ8a1v/E4UQLk+DQLvK
HBrDTczPnsxk4bDCsH/f2Dtf3RHNN98EGvroBf0PnKY6BDrBv+J9WYe/lHqJNxl4
6UFu6VR3W5DahmSyoui5TvT8Pv1GKA6xCs0WMKc+d55SgbVemeQ/ovLDHg0COnPW
AnmfU90ZxW/JuBE8LbnANm43hOONkgnPbQjH9kWdTHYFitrMVYAyh2UHpp4nFlfi
U1J9+h+ipgMFpM30UaYZpnj8scnIe3Pa36kcu38BfVnZXxBnPR+VxeVi3yMiEmmt
IMRpvkG1Rl6xEEl5etIsP8PcYcc6tnCpmT/5TnXjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU5wUArJZEWIJ74yB//YIgq2Nl7CgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ZkNjU3YjJhLWEwNmYtNDIyNi05ZTA0LTljZDNkYWVmZmM3NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABBCMYwDQYJKoZIhvcNAQELBQADggEBAC6BFxg5ipXQWhF08TqBMKqxdRSc
xocRXPPE/EZhNlS1QyMX1pt1k1iM6x37NeCE4SmHI0DELvYwTCnFzaTbZCk98Rft
+IJPCAWmb0AUeEOK8mklhW6TmtpryecXVmh4cO3uXlnqvfR2bDWmYpkQ5dehSJIN
nRHtYgi7tb0Xrf9gjERZGTObLzSHzZjLyjwPE85S/z9nfS0c4DHD6ZzNy8olzcgG
ggvUeBeoSDojINfqIIe+RrOy66J+K4jVg5Ey7ETypY/ly2LBzoKQar4F0GEn54Sx
qsb+ByIiL1S4L4TKkrGE96z4+htfasrDGUNeE82UeL1jR6DbUKXI2myUkqg=
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:44:28 2025 by rpki-client