Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/25c5d365-ef9b-43df-b9bd-26c3caaa1901.roa
File: 25c5d365-ef9b-43df-b9bd-26c3caaa1901.roa (raw, json)
Hash identifier: 6Jd/1rGNUDPS9clBGfDs2+te3nbU35xENYaiDFIR0p0=
Subject key identifier: 50:E9:F4:0D:BD:E8:A3:28:DD:14:9E:B2:FD:F2:74:A4:53:7A:08:0F
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3360BE9223B0AF555EB7C326744880E1E4D71B1F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/25c5d365-ef9b-43df-b9bd-26c3caaa1901.roa
Signing time: Mon 20 Oct 2025 01:51:52 +0000
ROA not before: Mon 20 Oct 2025 01:51:52 +0000
ROA not after: Mon 24 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.159.137.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:60:be:92:23:b0:af:55:5e:b7:c3:26:74:48:80:e1:e4:d7:1b:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 20 01:51:52 2025 GMT
Not After : Nov 24 23:59:59 2025 GMT
Subject: serialNumber=a7ff8c7ffab08821449d277a7d1c8a873a2029c45ffbf4326a546b4fc51242ea, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:5e:ec:29:a2:38:03:1a:d8:45:34:39:e8:f4:
7d:eb:bd:3b:f1:9d:5f:35:3f:09:11:d7:10:39:ee:
33:51:8a:3c:3e:b4:ed:e6:d5:32:2d:16:bd:ab:b3:
65:9c:a6:60:37:58:e2:6d:1e:fc:bf:50:61:f3:6b:
b7:32:16:2d:aa:1e:9b:37:28:82:a2:70:16:07:1e:
56:da:02:70:14:a2:3e:95:2e:b3:f4:70:a5:31:d6:
98:d1:7d:3b:5f:63:c3:ed:b2:f1:9f:68:e3:8e:46:
69:cb:a8:25:f7:c3:01:8e:bc:fe:53:fb:a5:ef:c2:
e6:5c:6f:df:02:b9:a3:49:49:76:e5:d0:f4:0f:3d:
f1:78:37:2e:e5:5b:17:aa:ae:61:f8:6d:12:48:25:
65:90:41:e4:75:cd:be:8f:61:43:b5:3a:b7:9f:a0:
42:ba:8d:1f:d5:b8:1a:97:53:78:a3:52:b9:e3:17:
54:ad:50:a7:0c:65:d6:9c:f5:2d:9c:14:11:be:29:
3b:c3:20:ed:1f:79:e8:39:66:34:74:fe:a5:52:68:
19:df:0a:b1:a7:f2:9d:69:81:a4:d6:46:43:f7:c6:
86:e9:08:a2:e8:24:0c:89:eb:db:59:0c:78:2a:3a:
9a:39:0c:5d:86:e3:9d:22:de:74:dc:5e:93:54:8f:
50:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:E9:F4:0D:BD:E8:A3:28:DD:14:9E:B2:FD:F2:74:A4:53:7A:08:0F
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/25c5d365-ef9b-43df-b9bd-26c3caaa1901.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.159.137.0/24
Signature Algorithm: sha256WithRSAEncryption
d6:74:20:cf:f1:63:05:f1:ed:11:59:52:1a:c1:57:b1:45:53:
44:a9:7c:f7:ef:12:07:6b:28:44:97:51:d0:6f:44:a6:4b:e9:
ee:0e:14:31:3b:e2:5d:36:69:07:91:a4:88:5f:f0:66:da:53:
ee:6a:b7:58:e0:2e:d7:37:de:67:91:a3:ab:8e:04:f2:ce:10:
28:f2:3b:05:30:bc:63:33:47:c5:81:03:43:4d:e1:83:89:10:
6a:04:b5:92:4c:f8:dd:75:a0:bc:b9:c0:a3:c7:bf:6e:56:15:
f5:c7:42:44:f9:78:4d:d9:c6:b0:c1:66:54:ab:c4:5f:be:45:
69:ca:78:12:09:6b:c6:b7:cf:68:e6:0d:d9:1c:cf:51:eb:20:
b5:c0:5c:66:09:08:fb:1d:96:22:c3:e9:74:ca:d9:d6:ad:92:
70:8e:62:c7:93:80:b8:6e:1a:2f:77:86:e9:08:e2:6c:7d:e3:
1f:d3:4a:78:27:91:4d:43:2b:45:89:82:08:ae:76:c3:4c:1a:
02:1d:da:08:b2:3a:49:15:59:dd:8c:68:2d:25:a6:21:05:91:
1c:5f:a7:a1:da:d6:d4:ea:74:a6:39:e4:63:c8:09:9e:25:93:
6f:c6:48:b6:0b:ef:30:62:d8:6f:fd:37:b2:63:28:38:14:49:
a4:bd:46:ee
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUM2C+kiOwr1Vet8MmdEiA4eTXGx8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMDE1MTUyWhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BhN2ZmOGM3ZmZhYjA4ODIxNDQ5ZDI3N2E3ZDFjOGE4NzNh
MjAyOWM0NWZmYmY0MzI2YTU0NmI0ZmM1MTI0MmVhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJXuwpojgDGthFNDno9H3rvTvxnV81PwkR1xA57jNRijw+
tO3m1TItFr2rs2WcpmA3WOJtHvy/UGHza7cyFi2qHps3KIKicBYHHlbaAnAUoj6V
LrP0cKUx1pjRfTtfY8PtsvGfaOOORmnLqCX3wwGOvP5T+6XvwuZcb98CuaNJSXbl
0PQPPfF4Ny7lWxeqrmH4bRJIJWWQQeR1zb6PYUO1OrefoEK6jR/VuBqXU3ijUrnj
F1StUKcMZdac9S2cFBG+KTvDIO0feeg5ZjR0/qVSaBnfCrGn8p1pgaTWRkP3xobp
CKLoJAyJ69tZDHgqOpo5DF2G450i3nTcXpNUj1CPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUUOn0Db3ooyjdFJ6y/fJ0pFN6CA8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI1YzVkMzY1LWVmOWItNDNkZi1iOWJkLTI2YzNjYWFhMTkwMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABsn4kwDQYJKoZIhvcNAQELBQADggEBANZ0IM/xYwXx7RFZUhrBV7FFU0Sp
fPfvEgdrKESXUdBvRKZL6e4OFDE74l02aQeRpIhf8GbaU+5qt1jgLtc33meRo6uO
BPLOECjyOwUwvGMzR8WBA0NN4YOJEGoEtZJM+N11oLy5wKPHv25WFfXHQkT5eE3Z
xrDBZlSrxF++RWnKeBIJa8a3z2jmDdkcz1HrILXAXGYJCPsdliLD6XTK2datknCO
YseTgLhuGi93hukI4mx94x/TSngnkU1DK0WJggiudsNMGgId2giyOkkVWd2MaC0l
piEFkRxfp6Ha1tTqdKY55GPICZ4lk2/GSLYL7zBi2G/9N7JjKDgUSaS9Ru4=
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:06:12 2025 by rpki-client