Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1053bb16-bdc2-44c5-ae28-3ce0e4e5f4e2.roa
File: 1053bb16-bdc2-44c5-ae28-3ce0e4e5f4e2.roa (raw, json)
Hash identifier: 5Pl/5ZxidAsIVZMdHIuh/TzuXoguMmFbj5ecp7eETXg=
Subject key identifier: 96:F3:35:4C:92:5D:E4:49:31:4A:24:B2:D7:4F:B9:A8:31:38:4E:06
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 7DD5EF0211CD77F85DC5149F1F9A0680615AF1ED
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1053bb16-bdc2-44c5-ae28-3ce0e4e5f4e2.roa
Signing time: Mon 20 Oct 2025 04:40:01 +0000
ROA not before: Mon 20 Oct 2025 04:40:01 +0000
ROA not after: Mon 24 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.138.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:d5:ef:02:11:cd:77:f8:5d:c5:14:9f:1f:9a:06:80:61:5a:f1:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 20 04:40:01 2025 GMT
Not After : Nov 24 23:59:59 2025 GMT
Subject: serialNumber=56008ca47829743c0fa60f4ff87510f987813570e2d78fd42dcce8d5897ff193, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:77:cd:b0:d5:c0:62:5a:b4:a0:5a:a9:e1:0e:
cf:a0:13:87:3d:90:35:3a:06:80:40:ee:26:c7:70:
0d:94:b8:85:97:b7:b8:06:96:7f:04:d8:a6:31:98:
ef:84:20:ca:c9:a5:3b:d6:32:e0:cb:c5:72:f5:ef:
b9:b2:4f:08:19:c9:43:1a:ff:c6:22:2f:a9:c1:98:
f2:ff:fa:28:01:93:21:ad:54:8b:48:0c:0e:81:82:
e6:e2:ce:ff:0f:05:a8:bf:ec:10:83:cc:d3:12:9c:
41:5a:ab:b0:0a:63:94:e4:42:e4:2f:73:06:ba:18:
c1:60:76:d6:d4:95:78:a4:02:f6:f9:5d:49:0d:51:
2d:aa:27:cd:1e:4c:2b:92:3f:c6:45:88:ca:1a:dd:
1d:ad:20:b2:1d:0c:e2:a0:2e:6c:8b:94:f2:a2:f3:
d2:1c:5c:75:c0:8d:15:9b:95:2f:17:0e:be:21:9e:
b4:a6:2b:f8:05:83:80:11:cb:17:54:10:1a:9e:32:
6c:15:29:62:d7:0d:45:73:50:6f:a2:e2:ae:07:53:
bc:35:a0:7a:8a:27:f8:5c:66:57:0c:94:45:81:58:
80:58:1b:c0:9b:5c:cd:4f:a5:5e:d1:e8:1d:e5:43:
6a:83:53:b6:e6:15:11:5a:48:07:d2:77:6f:e1:e5:
d2:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:F3:35:4C:92:5D:E4:49:31:4A:24:B2:D7:4F:B9:A8:31:38:4E:06
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1053bb16-bdc2-44c5-ae28-3ce0e4e5f4e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.138.64.0/18
Signature Algorithm: sha256WithRSAEncryption
9f:c2:78:e5:ed:7f:03:9b:ec:f1:45:8a:4a:8c:bf:e7:63:ac:
ac:ec:f8:9c:97:47:ac:60:ce:28:12:41:56:83:40:a3:ad:7e:
ee:ea:a4:91:ee:e5:5a:ae:39:ec:5f:d6:19:7f:f5:da:9d:b2:
86:1b:53:23:8d:00:48:4a:3e:10:ea:f5:28:3a:3c:cd:0c:aa:
ae:6a:ea:12:10:e0:a6:98:70:d9:f2:9d:b6:4b:30:cc:99:9b:
bc:eb:91:e0:e4:43:81:5f:22:36:3b:8c:40:4e:94:b5:95:c4:
2b:a9:71:a5:ee:0d:f6:4b:9a:44:8d:a8:6c:e6:58:96:3b:17:
d5:a8:99:5a:fc:27:ee:02:7a:4b:9a:7a:d6:8f:f0:68:4f:d9:
25:96:92:59:c5:0c:16:7f:a1:c2:58:fc:bd:d6:86:55:7f:0d:
b2:df:88:c8:85:7d:d3:22:d8:b0:41:f0:98:7b:4a:70:18:8a:
28:39:d4:d8:e8:51:8c:f9:de:5a:b1:74:46:9f:b3:f1:c9:02:
17:7c:37:12:2a:58:35:a0:26:e1:77:0a:40:35:6f:62:65:3a:
1a:58:53:71:ef:24:d8:0b:ea:50:50:00:84:9f:83:06:8a:69:
52:f0:51:30:56:ff:02:88:c1:1c:fd:9d:c2:28:cd:90:26:ea:
18:09:0a:e0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfdXvAhHNd/hdxRSfH5oGgGFa8e0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMDQ0MDAxWhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A1NjAwOGNhNDc4Mjk3NDNjMGZhNjBmNGZmODc1MTBmOTg3
ODEzNTcwZTJkNzhmZDQyZGNjZThkNTg5N2ZmMTkzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgd82w1cBiWrSgWqnhDs+gE4c9kDU6BoBA7ibHcA2UuIWX
t7gGln8E2KYxmO+EIMrJpTvWMuDLxXL177myTwgZyUMa/8YiL6nBmPL/+igBkyGt
VItIDA6Bgubizv8PBai/7BCDzNMSnEFaq7AKY5TkQuQvcwa6GMFgdtbUlXikAvb5
XUkNUS2qJ80eTCuSP8ZFiMoa3R2tILIdDOKgLmyLlPKi89IcXHXAjRWblS8XDr4h
nrSmK/gFg4ARyxdUEBqeMmwVKWLXDUVzUG+i4q4HU7w1oHqKJ/hcZlcMlEWBWIBY
G8CbXM1PpV7R6B3lQ2qDU7bmFRFaSAfSd2/h5dKFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUlvM1TJJd5EkxSiSy10+5qDE4TgYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzEwNTNiYjE2LWJkYzItNDRjNS1hZTI4LTNjZTBlNGU1ZjRlMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZsikAwDQYJKoZIhvcNAQELBQADggEBAJ/CeOXtfwOb7PFFikqMv+djrKzs
+JyXR6xgzigSQVaDQKOtfu7qpJHu5VquOexf1hl/9dqdsoYbUyONAEhKPhDq9Sg6
PM0Mqq5q6hIQ4KaYcNnynbZLMMyZm7zrkeDkQ4FfIjY7jEBOlLWVxCupcaXuDfZL
mkSNqGzmWJY7F9WomVr8J+4CekuaetaP8GhP2SWWklnFDBZ/ocJY/L3WhlV/DbLf
iMiFfdMi2LBB8Jh7SnAYiig51NjoUYz53lqxdEafs/HJAhd8NxIqWDWgJuF3CkA1
b2JlOhpYU3HvJNgL6lBQAISfgwaKaVLwUTBW/wKIwRz9ncIozZAm6hgJCuA=
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:48:41 2025 by rpki-client