Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ff87e530-4ce1-4f6d-a3bd-16282ceb3920.roa
File: ff87e530-4ce1-4f6d-a3bd-16282ceb3920.roa (raw, json)
Hash identifier: TDD0nWwaB/kaKhpcfOKPiM5st+CYIPwbhfKG/Y4Xh+k=
Subject key identifier: A0:95:CC:75:68:CF:43:47:88:BD:E4:6C:17:61:74:E7:2B:41:D2:2B
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 37F3D49E8B97D5407BCDC2C466A8E33FD76561D8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ff87e530-4ce1-4f6d-a3bd-16282ceb3920.roa
Signing time: Wed 22 Oct 2025 00:31:50 +0000
ROA not before: Wed 22 Oct 2025 00:31:50 +0000
ROA not after: Wed 26 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 32.172.0.0/14 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:f3:d4:9e:8b:97:d5:40:7b:cd:c2:c4:66:a8:e3:3f:d7:65:61:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 22 00:31:50 2025 GMT
Not After : Nov 26 23:59:59 2025 GMT
Subject: serialNumber=1d6becf679777d3fe261912326cdd15555da63b805fa2008f4862cac16f494c1, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:da:19:66:dd:8f:4f:b2:d1:04:74:0b:81:8a:
e4:82:14:3c:c9:dd:4a:00:af:02:a5:72:f1:27:7e:
9a:b7:03:af:ce:0d:50:2f:6d:c6:a4:e6:71:78:d4:
66:05:25:dc:03:e0:f3:81:33:43:d6:c3:68:6f:34:
bf:ff:3d:85:7d:84:e6:d9:df:76:5d:57:a6:da:8a:
88:cf:2c:ab:02:70:8b:3e:57:e9:e5:d9:c2:12:4f:
d5:c7:5f:d9:2d:12:68:3c:69:56:01:78:74:8a:72:
10:50:e2:aa:d0:46:27:af:04:ec:ab:e5:17:2a:fd:
92:34:64:0d:f2:b7:4c:48:31:b2:8b:28:70:43:48:
83:08:97:62:c6:a4:62:08:ba:b3:1b:33:a3:a0:c5:
65:43:a0:63:8e:69:80:e8:90:17:51:4d:22:95:bd:
5b:fe:12:f4:57:3e:5f:a4:c7:9a:8c:33:1c:d9:90:
b9:2d:6c:3e:b2:0c:fb:02:da:69:5c:58:e7:d7:20:
70:f4:43:24:52:da:08:46:30:ef:8f:89:fe:4d:0a:
f5:55:4a:d5:f2:1d:db:76:2d:ad:c3:14:c1:15:c5:
db:cc:da:a5:5f:3d:f9:82:82:68:a8:bd:5e:8c:0a:
75:ad:f1:85:ad:f1:29:ab:9d:5c:a7:3f:28:11:f2:
aa:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:95:CC:75:68:CF:43:47:88:BD:E4:6C:17:61:74:E7:2B:41:D2:2B
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ff87e530-4ce1-4f6d-a3bd-16282ceb3920.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
32.172.0.0/14
Signature Algorithm: sha256WithRSAEncryption
b8:e8:db:e5:63:98:42:b7:9b:5a:f3:58:48:84:8a:19:54:e3:
b7:77:df:2e:14:d7:a7:aa:2a:82:32:50:21:0f:20:24:b7:aa:
f9:48:8a:1a:16:61:21:7f:84:f5:10:50:48:63:df:e2:d1:4c:
f0:de:b3:ca:d1:2c:15:ea:36:8b:ae:3d:0f:55:e7:72:34:e6:
86:80:84:6e:38:c2:20:cf:bc:ad:52:fa:0a:72:5c:61:64:36:
85:4d:11:46:1a:3d:6f:85:a2:c2:a0:a5:de:53:e4:0c:bd:33:
71:31:80:2c:42:48:bb:5b:47:0b:58:f9:46:0a:c9:ad:c3:89:
4d:7e:f0:19:ab:68:1b:b7:1f:43:de:39:fb:63:0f:d0:1f:db:
29:bd:ee:bb:4e:1a:42:35:9d:c1:86:a6:18:f2:49:f8:a4:42:
33:5d:10:a1:78:d4:fc:2e:0d:50:e4:29:1c:1a:61:73:b4:53:
f4:b0:39:cd:9c:64:ab:9e:f8:20:6f:84:04:ef:5a:3f:8c:79:
06:6f:e8:ce:f4:70:5f:fc:78:78:e6:84:05:f4:cf:88:19:16:
2d:64:c9:f2:f4:0e:3e:85:50:db:0d:c6:9d:77:b7:30:42:a3:
5e:b5:3b:47:78:ec:02:7e:13:c3:e2:1c:d3:46:7f:da:dc:58:
fe:2e:23:c7
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUN/PUnouX1UB7zcLEZqjjP9dlYdgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIyMDAzMTUwWhcNMjUxMTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0AxZDZiZWNmNjc5Nzc3ZDNmZTI2MTkxMjMyNmNkZDE1NTU1
ZGE2M2I4MDVmYTIwMDhmNDg2MmNhYzE2ZjQ5NGMxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCu2hlm3Y9PstEEdAuBiuSCFDzJ3UoArwKlcvEnfpq3A6/O
DVAvbcak5nF41GYFJdwD4POBM0PWw2hvNL//PYV9hObZ33ZdV6baiojPLKsCcIs+
V+nl2cIST9XHX9ktEmg8aVYBeHSKchBQ4qrQRievBOyr5Rcq/ZI0ZA3yt0xIMbKL
KHBDSIMIl2LGpGIIurMbM6OgxWVDoGOOaYDokBdRTSKVvVv+EvRXPl+kx5qMMxzZ
kLktbD6yDPsC2mlcWOfXIHD0QyRS2ghGMO+Pif5NCvVVStXyHdt2La3DFMEVxdvM
2qVfPfmCgmiovV6MCnWt8YWt8SmrnVynPygR8qpBAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUoJXMdWjPQ0eIveRsF2F05ytB0iswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ZmODdlNTMwLTRjZTEtNGY2ZC1hM2JkLTE2MjgyY2ViMzkyMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwIgrDANBgkqhkiG9w0BAQsFAAOCAQEAuOjb5WOYQrebWvNYSISKGVTjt3ff
LhTXp6oqgjJQIQ8gJLeq+UiKGhZhIX+E9RBQSGPf4tFM8N6zytEsFeo2i649D1Xn
cjTmhoCEbjjCIM+8rVL6CnJcYWQ2hU0RRho9b4WiwqCl3lPkDL0zcTGALEJIu1tH
C1j5RgrJrcOJTX7wGatoG7cfQ945+2MP0B/bKb3uu04aQjWdwYamGPJJ+KRCM10Q
oXjU/C4NUOQpHBphc7RT9LA5zZxkq574IG+EBO9aP4x5Bm/ozvRwX/x4eOaEBfTP
iBkWLWTJ8vQOPoVQ2w3GnXe3MEKjXrU7R3jsAn4Tw+Ic00Z/2txY/i4jxw==
-----END CERTIFICATE-----
Generated at Wed Oct 22 09:17:38 2025 by rpki-client