Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1e25c82c-c566-43b2-add2-4b2bab8925c8.roa
File: 1e25c82c-c566-43b2-add2-4b2bab8925c8.roa (raw, json)
Hash identifier: Og37HfXxVPDZpriuGFJImyXG3sv/Me4aFwIK5du1+bI=
Subject key identifier: C8:57:64:5D:C2:A5:BD:24:35:7A:F0:77:DB:D8:00:C9:DF:C6:77:74
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 5E2E1332B208FEEDC1215F0681596A9C5B4F9DCD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1e25c82c-c566-43b2-add2-4b2bab8925c8.roa
Signing time: Tue 28 Oct 2025 00:00:05 +0000
ROA not before: Tue 28 Oct 2025 00:00:05 +0000
ROA not after: Tue 02 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 104.153.115.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:2e:13:32:b2:08:fe:ed:c1:21:5f:06:81:59:6a:9c:5b:4f:9d:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 28 00:00:05 2025 GMT
Not After : Dec 2 23:59:59 2025 GMT
Subject: serialNumber=626f8382ed2cf86821b1153d57b46271eaa1a88514b590bb31f148df4ba726e0, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:5e:4e:be:e4:08:d8:58:44:d7:76:cd:61:71:
2c:11:3b:d5:51:27:6c:af:66:9d:43:73:48:02:fa:
a7:6f:59:5b:db:b7:93:ed:28:4d:13:25:47:bb:42:
15:6e:6d:46:e1:2e:0f:c6:ad:b6:57:49:e0:18:ea:
e0:dd:4c:3f:ba:5c:17:4d:55:54:c8:cb:7b:c0:58:
17:41:cf:56:79:eb:52:b9:e9:44:cb:ad:72:81:55:
f8:40:65:df:eb:cb:59:47:00:97:39:5f:b7:7b:1c:
cb:ee:af:5f:41:aa:ef:f7:94:9f:65:54:65:21:09:
80:75:6f:b6:49:7e:3b:bb:e0:69:fd:de:ae:24:c0:
fa:f7:be:45:20:5b:40:ae:df:3e:bc:5a:54:ec:c1:
16:eb:0d:24:7b:ea:0a:d8:18:8b:d9:dc:36:60:f4:
2a:69:17:12:89:06:bd:a0:05:a5:40:1d:30:8c:ed:
8d:a1:09:bf:b1:b7:39:c7:de:a7:01:9e:11:d0:41:
f3:7a:9b:f0:a4:99:90:e2:bc:f9:e2:0d:7e:3e:48:
02:17:f5:d8:d7:25:ac:b1:f0:d0:06:63:0f:d6:c7:
15:48:a1:8c:da:0b:c5:47:5e:87:fc:92:97:93:d9:
00:66:b9:8d:4c:6d:42:40:7b:bd:fd:98:4e:b8:fe:
68:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:57:64:5D:C2:A5:BD:24:35:7A:F0:77:DB:D8:00:C9:DF:C6:77:74
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1e25c82c-c566-43b2-add2-4b2bab8925c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.153.115.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:35:c4:de:7c:a3:e0:57:99:92:5c:33:4a:7e:eb:6e:68:cd:
39:6f:81:5e:e4:b4:28:ea:07:d2:8b:f1:33:53:35:95:2c:38:
a4:2b:70:8b:20:a6:30:e5:0a:06:61:fa:d0:12:42:ab:80:59:
30:a7:90:13:a4:92:a9:bc:d5:c6:7e:0d:cc:12:9a:a9:da:ec:
48:50:4a:8d:c7:0c:8d:de:bf:07:48:71:c9:91:40:ad:43:55:
06:2a:3b:b5:33:38:6b:fa:1e:f2:17:5a:1e:3c:10:08:fd:03:
49:4d:ef:86:56:c6:21:b1:21:e4:92:a7:94:24:61:c8:c1:05:
cc:44:19:ec:9f:b2:6e:5b:03:d1:25:86:f0:35:bb:1b:fb:7c:
0a:e5:42:42:14:73:7a:c6:a7:08:1d:e6:bb:75:e0:9e:df:bb:
db:92:bb:80:c1:11:c9:21:cb:fa:26:9e:5f:c3:29:99:69:dd:
b2:e5:93:4d:e2:ae:41:b7:67:2d:0a:0c:17:19:6d:c6:da:dd:
e1:cb:6c:cc:73:8b:4e:41:04:50:45:ef:a4:ed:95:b7:af:81:
bb:54:60:6e:bb:91:ab:70:46:e4:79:9c:28:b3:82:09:0d:3e:
94:65:5d:53:32:58:15:34:77:6e:48:46:84:ba:c1:a5:d8:2f:
54:ba:a6:a8
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXi4TMrII/u3BIV8GgVlqnFtPnc0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI4MDAwMDA1WhcNMjUxMjAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A2MjZmODM4MmVkMmNmODY4MjFiMTE1M2Q1N2I0NjI3MWVh
YTFhODg1MTRiNTkwYmIzMWYxNDhkZjRiYTcyNmUwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDMXk6+5AjYWETXds1hcSwRO9VRJ2yvZp1Dc0gC+qdvWVvb
t5PtKE0TJUe7QhVubUbhLg/GrbZXSeAY6uDdTD+6XBdNVVTIy3vAWBdBz1Z561K5
6UTLrXKBVfhAZd/ry1lHAJc5X7d7HMvur19Bqu/3lJ9lVGUhCYB1b7ZJfju74Gn9
3q4kwPr3vkUgW0Cu3z68WlTswRbrDSR76grYGIvZ3DZg9CppFxKJBr2gBaVAHTCM
7Y2hCb+xtznH3qcBnhHQQfN6m/CkmZDivPniDX4+SAIX9djXJayx8NAGYw/WxxVI
oYzaC8VHXof8kpeT2QBmuY1MbUJAe739mE64/mh/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUyFdkXcKlvSQ1evB329gAyd/Gd3QwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzFlMjVjODJjLWM1NjYtNDNiMi1hZGQyLTRiMmJhYjg5MjVjOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABomXMwDQYJKoZIhvcNAQELBQADggEBAI01xN58o+BXmZJcM0p+625ozTlv
gV7ktCjqB9KL8TNTNZUsOKQrcIsgpjDlCgZh+tASQquAWTCnkBOkkqm81cZ+DcwS
mqna7EhQSo3HDI3evwdIccmRQK1DVQYqO7UzOGv6HvIXWh48EAj9A0lN74ZWxiGx
IeSSp5QkYcjBBcxEGeyfsm5bA9ElhvA1uxv7fArlQkIUc3rGpwgd5rt14J7fu9uS
u4DBEckhy/omnl/DKZlp3bLlk03irkG3Zy0KDBcZbcba3eHLbMxzi05BBFBF76Tt
lbevgbtUYG67katwRuR5nCizggkNPpRlXVMyWBU0d25IRoS6waXYL1S6pqg=
-----END CERTIFICATE-----
Generated at Sun Nov 2 12:38:19 2025 by rpki-client