Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/942b7589-0ee2-4f4b-b8b4-f938452b1983.roa
File: 942b7589-0ee2-4f4b-b8b4-f938452b1983.roa (raw, json)
Hash identifier: qdp7VC4xOvzKOnI/Drh6Ap0b4DqTNqkgPlkpNijNJRQ=
Subject key identifier: 31:E7:DB:DA:4F:0D:35:9F:E6:6D:FF:47:83:7B:98:56:F4:4E:E4:56
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 118660E2DF61BD616BA8B290DAC4F192AD61AF18
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/942b7589-0ee2-4f4b-b8b4-f938452b1983.roa
Signing time: Tue 11 Nov 2025 02:20:53 +0000
ROA not before: Tue 11 Nov 2025 02:20:53 +0000
ROA not after: Tue 16 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.136.128.0/17 maxlen: 17
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:86:60:e2:df:61:bd:61:6b:a8:b2:90:da:c4:f1:92:ad:61:af:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 11 02:20:53 2025 GMT
Not After : Dec 16 23:59:59 2025 GMT
Subject: serialNumber=7edbb0e3492449282f0723472ca21fbd9e50ddcd3cedb6ad5f5640aaeedb64e6, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:2a:ad:56:26:02:8a:b8:26:9b:6c:ea:70:78:
4a:f9:95:d2:c6:f3:b9:07:1e:4d:ba:05:f6:e2:be:
c4:85:09:45:1d:2e:06:55:a4:e7:8e:f7:71:ea:60:
2e:90:8c:6c:14:12:0c:14:4c:ce:e2:08:c0:86:50:
5d:c9:5f:fd:bc:53:cf:df:0c:cf:ea:70:d9:f9:c5:
cb:40:bc:e4:e1:af:c3:a3:60:e3:23:b0:11:0d:e0:
87:41:49:6a:7b:f8:f1:a2:43:5d:fd:27:c9:b7:ed:
36:7d:ee:42:53:5d:1a:4e:41:56:63:a2:30:8d:c9:
da:70:8c:83:6c:c3:f9:8d:e2:c8:88:dd:43:67:30:
cd:e0:0a:af:28:a0:23:bb:f9:18:5b:58:15:25:70:
61:b3:25:89:d7:b8:02:f0:90:07:48:4f:96:59:b3:
8d:4b:b0:b0:ec:ff:d0:7f:27:e9:1b:b3:5c:11:65:
ed:9c:c7:ae:51:e4:1a:d1:e0:8b:bb:5f:81:73:5b:
44:8e:e0:14:7d:b5:c8:4d:77:72:50:6c:66:2e:18:
ad:68:48:07:6d:82:e3:8b:82:b7:0a:f7:e5:73:d3:
2c:b9:26:fd:c2:d3:89:7b:b8:51:43:ae:c6:e4:bd:
1b:7c:6e:8d:8c:24:ab:ac:2f:11:b3:ea:cb:cc:dc:
b9:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:E7:DB:DA:4F:0D:35:9F:E6:6D:FF:47:83:7B:98:56:F4:4E:E4:56
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/942b7589-0ee2-4f4b-b8b4-f938452b1983.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.136.128.0/17
Signature Algorithm: sha256WithRSAEncryption
85:b7:d2:2f:a7:68:39:d0:4e:86:ae:e8:9c:2e:46:e2:a3:7e:
c9:76:ee:33:22:5e:28:08:3c:f0:e8:26:33:5d:ae:cd:b5:c0:
03:1b:3a:3b:29:f0:51:ca:01:8f:f9:91:7a:de:3a:a7:8c:f6:
11:25:c5:09:32:89:d6:6d:b3:a7:fb:3f:08:79:d9:05:61:f9:
09:aa:82:17:a1:9d:ad:f0:9f:20:5e:57:78:01:64:93:cb:16:
de:ea:af:fc:0a:13:db:e0:eb:11:ee:6d:e3:45:5f:05:5e:50:
5f:d2:09:4c:e7:58:cd:43:48:94:1e:37:45:6d:54:ed:4e:e1:
d1:5a:ae:6e:2b:49:4c:24:f3:bb:bf:d1:50:dc:e7:d8:23:08:
ca:85:99:32:7c:38:68:85:49:16:68:af:b4:43:83:a6:23:7f:
43:bd:79:ba:1a:4e:25:be:c7:4f:9a:16:65:8f:96:2f:8f:fe:
5e:a1:9a:52:94:46:ea:94:06:c0:b1:4a:da:a4:a5:12:75:4a:
a5:96:23:97:93:bc:c3:fb:89:26:e4:ce:f9:ab:fc:00:0f:be:
51:55:02:b4:3e:46:eb:49:85:77:a1:f5:0e:47:59:a1:35:f4:
0f:0a:bf:62:26:fe:df:3d:87:cb:e5:b7:b0:21:5f:b1:9d:76:
16:04:e1:07
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUEYZg4t9hvWFrqLKQ2sTxkq1hrxgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDIyMDUzWhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A3ZWRiYjBlMzQ5MjQ0OTI4MmYwNzIzNDcyY2EyMWZiZDll
NTBkZGNkM2NlZGI2YWQ1ZjU2NDBhYWVlZGI2NGU2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQClKq1WJgKKuCabbOpweEr5ldLG87kHHk26BfbivsSFCUUd
LgZVpOeO93HqYC6QjGwUEgwUTM7iCMCGUF3JX/28U8/fDM/qcNn5xctAvOThr8Oj
YOMjsBEN4IdBSWp7+PGiQ139J8m37TZ97kJTXRpOQVZjojCNydpwjINsw/mN4siI
3UNnMM3gCq8ooCO7+RhbWBUlcGGzJYnXuALwkAdIT5ZZs41LsLDs/9B/J+kbs1wR
Ze2cx65R5BrR4Iu7X4FzW0SO4BR9tchNd3JQbGYuGK1oSAdtguOLgrcK9+Vz0yy5
Jv3C04l7uFFDrsbkvRt8bo2MJKusLxGz6svM3LkxAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUMefb2k8NNZ/mbf9Hg3uYVvRO5FYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk0MmI3NTg5LTBlZTItNGY0Yi1iOGI0LWY5Mzg0NTJiMTk4My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAdsiIAwDQYJKoZIhvcNAQELBQADggEBAIW30i+naDnQToau6JwuRuKjfsl2
7jMiXigIPPDoJjNdrs21wAMbOjsp8FHKAY/5kXreOqeM9hElxQkyidZts6f7Pwh5
2QVh+Qmqghehna3wnyBeV3gBZJPLFt7qr/wKE9vg6xHubeNFXwVeUF/SCUznWM1D
SJQeN0VtVO1O4dFarm4rSUwk87u/0VDc59gjCMqFmTJ8OGiFSRZor7RDg6Yjf0O9
eboaTiW+x0+aFmWPli+P/l6hmlKURuqUBsCxStqkpRJ1SqWWI5eTvMP7iSbkzvmr
/AAPvlFVArQ+RutJhXeh9Q5HWaE19A8Kv2Im/t89h8vlt7AhX7GddhYE4Qc=
-----END CERTIFICATE-----
Generated at Tue Nov 18 05:51:31 2025 by rpki-client