Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3c276463-a2cc-45c8-b7cb-823676ee513e.roa
File: 3c276463-a2cc-45c8-b7cb-823676ee513e.roa (raw, json)
Hash identifier: sCjThtToCsnmCLgJ9z3YsJ2Ew2RXurf7H7BnyNhcOYY=
Subject key identifier: 14:EE:37:F3:45:68:6C:2D:23:F8:65:69:E3:01:17:18:CE:10:A6:78
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 29929EBDF4BEAEE8658BCEC11C6AEC8F2924C0BD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3c276463-a2cc-45c8-b7cb-823676ee513e.roa
Signing time: Mon 20 Oct 2025 06:32:14 +0000
ROA not before: Mon 20 Oct 2025 06:32:14 +0000
ROA not after: Mon 24 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.156.142.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:92:9e:bd:f4:be:ae:e8:65:8b:ce:c1:1c:6a:ec:8f:29:24:c0:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 20 06:32:14 2025 GMT
Not After : Nov 24 23:59:59 2025 GMT
Subject: serialNumber=5ccceed7fa4518db2573c37fb861d169a1b377985023e8fa106e1740b1213f84, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:25:d2:c4:ef:0f:e8:9a:c1:4d:04:0d:ea:fc:
ac:ab:9e:bc:d0:08:8e:42:53:e2:3d:6b:8f:b2:33:
88:a3:4f:e3:16:7b:46:fe:0c:41:2b:89:ee:05:f1:
af:d0:87:84:49:c7:eb:21:e5:cc:a8:62:e8:93:8d:
d4:b6:b5:dd:2e:a9:36:f9:56:93:fc:14:d8:cb:50:
f0:d4:1b:72:34:d1:6e:e7:9a:10:65:76:e0:06:de:
9e:ad:d6:99:cc:a0:c1:36:17:23:a6:3c:2b:64:c9:
1f:4b:18:cb:d7:50:3b:67:c1:92:62:88:e1:85:f0:
5d:33:5c:66:51:4d:b4:ee:6e:a7:eb:ab:96:28:e1:
af:86:2a:7f:4e:b8:e2:0f:c1:3e:81:ac:b9:54:87:
cb:d9:0a:d4:21:00:fe:05:87:3e:94:5a:49:a5:13:
b1:6c:07:2f:b6:44:85:9e:96:3f:ee:3d:eb:70:29:
90:79:de:3e:2e:ac:ae:b2:a8:a7:c6:ea:80:d0:27:
2a:bb:ea:04:2e:5e:d2:e6:65:28:b6:8f:15:a0:a1:
55:85:9c:a8:56:05:21:2f:18:70:66:64:6b:5d:0a:
33:21:b0:ba:58:cc:48:b1:e0:48:28:9c:84:5f:7b:
2e:db:60:78:ca:0c:fe:30:14:1e:3d:33:52:46:6a:
41:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:EE:37:F3:45:68:6C:2D:23:F8:65:69:E3:01:17:18:CE:10:A6:78
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3c276463-a2cc-45c8-b7cb-823676ee513e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.156.142.0/23
Signature Algorithm: sha256WithRSAEncryption
61:2f:6f:9c:eb:86:d7:50:07:ea:ca:61:b2:e8:f3:4e:90:8a:
f5:0a:e0:0b:dd:25:72:67:18:31:c1:9e:f5:18:56:43:c8:19:
ea:6a:01:ce:f1:ce:fe:0b:67:8b:9d:e2:ef:f4:39:09:07:81:
5b:6d:7b:19:4f:af:c6:d4:d8:5d:36:55:cd:75:b9:ab:34:a5:
be:77:9f:41:0c:4e:4a:ff:af:4e:55:2e:64:dd:9c:80:87:0c:
b0:0b:ca:2e:9b:52:f5:21:10:f2:2b:47:65:72:84:92:66:5c:
45:04:41:29:d2:81:52:2b:e9:10:5e:6e:22:3a:f7:92:7d:b5:
ce:fb:f7:d7:7f:b8:ae:3b:41:f1:88:a9:f0:b7:df:f1:fe:b3:
f7:49:57:f0:27:ef:34:a1:31:c7:d6:49:38:1d:16:72:c8:e8:
c9:70:fa:9f:e7:b9:af:96:26:ad:47:87:d6:b1:c8:4a:45:83:
15:87:a1:67:3b:75:21:86:06:a0:d2:e2:02:e3:27:99:34:84:
ad:e9:b8:f3:88:de:5d:ee:bd:77:be:86:20:8b:73:f6:5e:96:
d5:26:82:c3:0b:6a:1e:c9:d1:00:4d:cf:3f:c4:34:31:63:98:
79:5e:cc:6d:5d:2d:64:28:d5:aa:3c:3f:17:d6:e9:f7:56:db:
26:2d:ec:86
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKZKevfS+ruhli87BHGrsjykkwL0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMDYzMjE0WhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A1Y2NjZWVkN2ZhNDUxOGRiMjU3M2MzN2ZiODYxZDE2OWEx
YjM3Nzk4NTAyM2U4ZmExMDZlMTc0MGIxMjEzZjg0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCHJdLE7w/omsFNBA3q/KyrnrzQCI5CU+I9a4+yM4ijT+MW
e0b+DEErie4F8a/Qh4RJx+sh5cyoYuiTjdS2td0uqTb5VpP8FNjLUPDUG3I00W7n
mhBlduAG3p6t1pnMoME2FyOmPCtkyR9LGMvXUDtnwZJiiOGF8F0zXGZRTbTubqfr
q5Yo4a+GKn9OuOIPwT6BrLlUh8vZCtQhAP4Fhz6UWkmlE7FsBy+2RIWelj/uPetw
KZB53j4urK6yqKfG6oDQJyq76gQuXtLmZSi2jxWgoVWFnKhWBSEvGHBmZGtdCjMh
sLpYzEix4EgonIRfey7bYHjKDP4wFB49M1JGakGdAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUFO4380VobC0j+GVp4wEXGM4QpngwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNjMjc2NDYzLWEyY2MtNDVjOC1iN2NiLTgyMzY3NmVlNTEzZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFsnI4wDQYJKoZIhvcNAQELBQADggEBAGEvb5zrhtdQB+rKYbLo806QivUK
4AvdJXJnGDHBnvUYVkPIGepqAc7xzv4LZ4ud4u/0OQkHgVttexlPr8bU2F02Vc11
uas0pb53n0EMTkr/r05VLmTdnICHDLALyi6bUvUhEPIrR2VyhJJmXEUEQSnSgVIr
6RBebiI695J9tc7799d/uK47QfGIqfC33/H+s/dJV/An7zShMcfWSTgdFnLI6Mlw
+p/nua+WJq1Hh9axyEpFgxWHoWc7dSGGBqDS4gLjJ5k0hK3puPOI3l3uvXe+hiCL
c/ZeltUmgsMLah7J0QBNzz/ENDFjmHlezG1dLWQo1ao8PxfW6fdW2yYt7IY=
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:06:18 2025 by rpki-client