Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2d76007c-5a34-4e16-98f2-4480db53617a.roa
File: 2d76007c-5a34-4e16-98f2-4480db53617a.roa (raw, json)
Hash identifier: Fra87G3yjW11mvOh88xtcVqIgKbLn0O3X/pzP/lUyqg=
Subject key identifier: 19:30:A6:EA:17:15:6B:42:70:7A:68:7C:C2:99:FC:6C:F6:01:85:7F
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 7943B9067CFC37936580FAD7E4C63EF4FFCB7E96
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2d76007c-5a34-4e16-98f2-4480db53617a.roa
Signing time: Mon 20 Oct 2025 00:20:59 +0000
ROA not before: Mon 20 Oct 2025 00:20:59 +0000
ROA not after: Mon 24 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.157.244.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:43:b9:06:7c:fc:37:93:65:80:fa:d7:e4:c6:3e:f4:ff:cb:7e:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 20 00:20:59 2025 GMT
Not After : Nov 24 23:59:59 2025 GMT
Subject: serialNumber=f142f77828b89b1e36bf87f6ba8f2a87062bcaaf4b74cf03c3fcfcc05a0a3189, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:bb:c0:12:63:4c:51:46:7c:3d:7a:4f:53:a3:
02:b2:a8:8a:e6:f6:75:a9:38:51:90:bd:82:be:de:
54:0c:6b:8b:72:17:b8:6b:94:87:19:1f:6d:38:33:
5b:63:80:72:d6:13:51:48:27:84:cc:ba:53:6b:69:
58:19:d6:07:05:6e:0f:2b:71:cb:39:3c:e6:21:3a:
fc:48:40:dc:33:66:cd:11:3c:ac:f7:c3:53:44:aa:
5c:cb:49:d4:d6:10:81:17:19:1f:63:e9:03:92:c0:
2e:02:5d:77:94:f4:3c:d6:4b:99:97:ea:f2:f5:eb:
1a:0a:da:63:8f:6d:65:27:50:c2:8e:b3:48:81:41:
fc:a0:cf:8a:f6:32:59:28:8e:f4:22:70:7e:01:5d:
89:e7:5c:f7:e7:59:f0:8d:f1:d4:56:1a:41:e0:47:
10:ad:1a:05:7a:83:fc:7c:74:9a:ef:c2:f9:2d:6c:
e6:e6:cc:de:b7:e2:21:39:92:49:63:74:44:95:67:
ed:8e:14:58:59:7a:1a:94:d2:a0:4a:bb:17:2d:56:
e4:69:b9:29:13:c8:c8:9e:32:92:d1:2a:18:17:b0:
ed:27:39:96:95:e4:84:55:aa:0f:fd:3f:25:7c:3c:
bb:89:72:20:46:e8:13:4f:67:ef:36:08:8d:6a:3f:
bb:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:30:A6:EA:17:15:6B:42:70:7A:68:7C:C2:99:FC:6C:F6:01:85:7F
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2d76007c-5a34-4e16-98f2-4480db53617a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.157.244.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:95:16:97:2c:64:1f:ec:c4:5c:1b:2f:9d:46:28:cb:c9:92:
7c:61:99:45:53:9c:6f:f4:55:a6:56:c3:06:05:c1:99:b4:cb:
46:17:e9:f5:c5:85:40:fd:e6:76:14:49:93:1c:47:56:bd:f3:
3a:1a:8f:2a:0c:9f:59:cb:7b:49:c2:3a:5d:c4:d0:b8:32:13:
48:6c:2b:10:c8:e6:bc:0a:16:9a:57:32:45:81:43:81:36:3a:
13:3a:7f:85:47:dc:4d:bf:f1:f2:64:95:9f:d0:b3:db:d6:99:
d0:43:f3:9d:17:51:e0:c6:09:4f:4e:c7:64:28:d0:bb:8f:72:
aa:5e:d1:4f:84:63:86:88:2c:98:ca:c9:ab:ef:d5:8f:5b:0c:
53:0c:10:bd:19:95:f7:21:bc:10:b1:94:b3:fb:1c:51:ee:da:
fd:3a:fb:e5:0f:e9:d7:e5:84:0c:d5:90:41:99:0b:90:1e:ac:
c3:26:fa:bd:80:08:f3:bc:05:58:52:8b:c4:b4:19:9d:aa:05:
b4:a4:dd:d0:71:5c:0f:4b:27:3a:ec:ba:2e:f0:62:fb:47:a2:
46:37:c9:96:f8:10:f7:5e:79:f2:e4:01:ec:0d:ef:2b:47:3a:
85:b6:69:be:26:09:23:e7:0a:44:31:62:f1:83:d1:e1:9a:c1:
8a:a6:88:01
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUeUO5Bnz8N5NlgPrX5MY+9P/LfpYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMDAyMDU5WhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BmMTQyZjc3ODI4Yjg5YjFlMzZiZjg3ZjZiYThmMmE4NzA2
MmJjYWFmNGI3NGNmMDNjM2ZjZmNjMDVhMGEzMTg5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxu8ASY0xRRnw9ek9TowKyqIrm9nWpOFGQvYK+3lQMa4ty
F7hrlIcZH204M1tjgHLWE1FIJ4TMulNraVgZ1gcFbg8rccs5POYhOvxIQNwzZs0R
PKz3w1NEqlzLSdTWEIEXGR9j6QOSwC4CXXeU9DzWS5mX6vL16xoK2mOPbWUnUMKO
s0iBQfygz4r2MlkojvQicH4BXYnnXPfnWfCN8dRWGkHgRxCtGgV6g/x8dJrvwvkt
bObmzN634iE5kkljdESVZ+2OFFhZehqU0qBKuxctVuRpuSkTyMieMpLRKhgXsO0n
OZaV5IRVqg/9PyV8PLuJciBG6BNPZ+82CI1qP7sRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUGTCm6hcVa0Jwemh8wpn8bPYBhX8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJkNzYwMDdjLTVhMzQtNGUxNi05OGYyLTQ0ODBkYjUzNjE3YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJsnfQwDQYJKoZIhvcNAQELBQADggEBAB+VFpcsZB/sxFwbL51GKMvJknxh
mUVTnG/0VaZWwwYFwZm0y0YX6fXFhUD95nYUSZMcR1a98zoajyoMn1nLe0nCOl3E
0LgyE0hsKxDI5rwKFppXMkWBQ4E2OhM6f4VH3E2/8fJklZ/Qs9vWmdBD850XUeDG
CU9Ox2Qo0LuPcqpe0U+EY4aILJjKyavv1Y9bDFMMEL0ZlfchvBCxlLP7HFHu2v06
++UP6dflhAzVkEGZC5AerMMm+r2ACPO8BVhSi8S0GZ2qBbSk3dBxXA9LJzrsui7w
YvtHokY3yZb4EPdeefLkAewN7ytHOoW2ab4mCSPnCkQxYvGD0eGawYqmiAE=
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:42:01 2025 by rpki-client