Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2241d055-f782-452e-89e2-9e1cb6e89405.roa
File: 2241d055-f782-452e-89e2-9e1cb6e89405.roa (raw, json)
Hash identifier: CHHzOgqOq+oV0HKk178pqHrMIWGKshxpZ3Wg6x2L+d0=
Subject key identifier: D1:65:FB:96:63:9E:D1:B6:EC:84:A0:77:12:3D:21:C8:88:A3:AC:F3
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 0870B0B2C0A11EE25FF3347121BCEC610082EFD3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2241d055-f782-452e-89e2-9e1cb6e89405.roa
Signing time: Mon 20 Oct 2025 01:02:16 +0000
ROA not before: Mon 20 Oct 2025 01:02:16 +0000
ROA not after: Mon 24 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.158.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:70:b0:b2:c0:a1:1e:e2:5f:f3:34:71:21:bc:ec:61:00:82:ef:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 20 01:02:16 2025 GMT
Not After : Nov 24 23:59:59 2025 GMT
Subject: serialNumber=59726772bc380f7d2741e627e1571e90ecb0fa29c8be614da5fc6e0e5998f49f, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:85:46:25:05:4d:b6:02:b3:d6:f8:a9:84:ee:
fe:8f:f1:6c:32:1e:1e:b6:ba:11:f8:6b:2d:74:4d:
f7:75:1c:2f:ca:2f:45:e6:8c:9d:96:c6:2e:e7:8b:
18:fb:91:4f:2d:5f:1c:3b:c3:9e:96:1e:19:63:fa:
42:88:1a:b9:c6:50:b7:af:c5:4d:3c:d2:40:cb:40:
23:d1:6e:2b:40:29:73:93:aa:c5:3d:b3:4a:68:36:
9b:4d:ed:bc:a6:84:aa:e9:52:f0:a3:23:a4:92:ad:
a7:f5:69:43:09:e9:54:69:5a:9e:77:e5:41:e4:6f:
c2:af:6b:8e:0b:db:c6:f0:d4:af:7e:7a:e3:2c:e6:
7d:e0:8c:7c:b7:74:ca:b9:c2:7c:da:8b:8a:b1:1b:
14:61:81:ac:5f:83:16:9f:b9:ea:b2:68:66:e3:6a:
6e:53:50:12:0a:2c:1b:9c:81:31:cf:27:e1:3e:ff:
a4:ea:10:7e:2b:b0:b7:78:36:a2:7d:0f:f6:3e:82:
90:0c:a8:6a:87:c2:68:48:5a:d2:0e:a6:fe:2b:b0:
5c:6a:1d:f8:f2:57:c3:7b:f4:ee:b3:0e:69:10:38:
2a:e4:17:04:0a:8f:c7:86:3d:f2:a8:15:c4:ec:4d:
2a:20:18:76:b0:23:8d:a9:a7:4c:c3:dc:80:f0:92:
58:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:65:FB:96:63:9E:D1:B6:EC:84:A0:77:12:3D:21:C8:88:A3:AC:F3
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2241d055-f782-452e-89e2-9e1cb6e89405.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.158.223.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:5c:d5:9d:9f:38:e5:88:59:a3:6d:8b:3e:6c:04:3d:08:f8:
41:18:06:62:9f:0a:03:b1:8c:9c:3c:61:e7:c8:5d:75:f5:66:
c6:f6:11:42:58:57:be:18:21:29:b9:33:94:ed:ed:e0:3c:7f:
b1:98:24:65:cd:22:c6:f9:9d:da:c6:64:6b:9e:4e:a2:1d:f2:
46:62:6f:85:ca:55:65:01:ec:25:a6:ff:c6:aa:62:34:a1:66:
a4:70:fd:05:07:6b:24:a3:88:47:ca:21:33:4f:77:64:47:09:
d3:04:ab:14:ae:74:3c:ce:95:45:8d:21:e8:ec:62:e4:10:c8:
df:42:60:6e:0b:be:60:65:29:bf:34:fe:9d:fd:b2:ef:0e:20:
5f:bd:8b:cb:cf:d6:97:a9:4d:1e:c1:b5:a3:6a:bd:3f:67:fb:
58:4c:9c:96:4a:c7:e3:83:a2:f6:08:9b:75:48:6a:ad:ac:bc:
35:42:c7:c1:51:0c:79:54:4f:2a:2d:60:bd:61:7d:9c:ee:be:
95:77:f3:69:81:cb:88:c4:9d:d7:0e:fa:d9:f0:e7:28:83:0e:
f6:7c:c8:d6:39:c6:87:50:da:6d:0a:3e:7f:2b:46:53:7a:47:
27:94:4b:20:d4:f4:ad:98:82:1c:ea:fe:21:08:9f:b5:d3:91:
67:56:4b:3e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCHCwssChHuJf8zRxIbzsYQCC79MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMDEwMjE2WhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A1OTcyNjc3MmJjMzgwZjdkMjc0MWU2MjdlMTU3MWU5MGVj
YjBmYTI5YzhiZTYxNGRhNWZjNmUwZTU5OThmNDlmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDehUYlBU22ArPW+KmE7v6P8WwyHh62uhH4ay10Tfd1HC/K
L0XmjJ2Wxi7nixj7kU8tXxw7w56WHhlj+kKIGrnGULevxU080kDLQCPRbitAKXOT
qsU9s0poNptN7bymhKrpUvCjI6SSraf1aUMJ6VRpWp535UHkb8Kva44L28bw1K9+
euMs5n3gjHy3dMq5wnzai4qxGxRhgaxfgxafueqyaGbjam5TUBIKLBucgTHPJ+E+
/6TqEH4rsLd4NqJ9D/Y+gpAMqGqHwmhIWtIOpv4rsFxqHfjyV8N79O6zDmkQOCrk
FwQKj8eGPfKoFcTsTSogGHawI42pp0zD3IDwklj9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU0WX7lmOe0bbshKB3Ej0hyIijrPMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzIyNDFkMDU1LWY3ODItNDUyZS04OWUyLTllMWNiNmU4OTQwNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABsnt8wDQYJKoZIhvcNAQELBQADggEBAAtc1Z2fOOWIWaNtiz5sBD0I+EEY
BmKfCgOxjJw8YefIXXX1Zsb2EUJYV74YISm5M5Tt7eA8f7GYJGXNIsb5ndrGZGue
TqId8kZib4XKVWUB7CWm/8aqYjShZqRw/QUHaySjiEfKITNPd2RHCdMEqxSudDzO
lUWNIejsYuQQyN9CYG4LvmBlKb80/p39su8OIF+9i8vP1pepTR7BtaNqvT9n+1hM
nJZKx+ODovYIm3VIaq2svDVCx8FRDHlUTyotYL1hfZzuvpV382mBy4jEndcO+tnw
5yiDDvZ8yNY5xodQ2m0KPn8rRlN6RyeUSyDU9K2Yghzq/iEIn7XTkWdWSz4=
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:04:38 2025 by rpki-client