Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4c794a93-8daa-4f21-9025-e3dce82b1d63.roa
File: 4c794a93-8daa-4f21-9025-e3dce82b1d63.roa (raw, json)
Hash identifier: nrQt6cUS7lIGF9GDEqNrzqeeCxSYkZWBbWjBn4m3i4o=
Subject key identifier: F8:3D:98:74:57:06:68:7F:D9:31:F8:7F:C1:10:78:0A:97:0D:E4:6B
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 164888502EA6E2F1A1787732C1612272D380AD7E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4c794a93-8daa-4f21-9025-e3dce82b1d63.roa
Signing time: Sun 19 Oct 2025 01:40:54 +0000
ROA not before: Sun 19 Oct 2025 01:40:54 +0000
ROA not after: Sun 23 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.138.108.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:48:88:50:2e:a6:e2:f1:a1:78:77:32:c1:61:22:72:d3:80:ad:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 19 01:40:54 2025 GMT
Not After : Nov 23 23:59:59 2025 GMT
Subject: serialNumber=e45cc74b826256f4d1c7555a0c7d7b2916db4bb54eae5c3bbfec8219cdd85579, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:21:fc:62:73:c2:86:f5:cf:7b:3a:39:2a:67:
8f:c5:83:b4:95:60:8c:86:b9:e6:13:4e:17:78:5b:
07:69:c1:0b:cb:2b:7a:3e:74:10:73:fc:84:a5:bc:
ea:9a:4f:ad:8e:a9:af:b2:bd:14:f5:ad:1f:9f:2e:
b3:4e:f0:39:e3:3f:7f:20:b7:82:b3:45:58:65:a3:
76:8d:bd:c0:e8:bc:69:1f:23:20:dc:f7:9b:8b:54:
86:22:f0:e3:bf:ba:92:42:ff:a2:ee:3c:d0:c1:a5:
bd:6c:e9:fe:39:cc:31:8f:5d:dc:dc:9e:5e:cd:6b:
3f:37:c1:94:29:b0:cf:fd:a3:55:24:27:a0:9f:28:
89:96:df:ba:ab:a4:e7:7a:c0:54:78:72:c3:e7:17:
c7:ad:ea:7d:57:c4:33:68:1a:d1:f5:11:91:e6:b3:
2a:3b:0d:3f:53:22:d7:61:52:8c:e1:54:e9:71:9b:
5d:64:6b:10:cd:fa:f2:01:1b:9e:6d:1b:c9:4d:c2:
dc:49:3b:3b:30:9e:c0:f6:9f:c4:59:d0:a1:7e:1d:
74:61:62:54:53:c8:82:64:f9:f4:a4:73:d4:82:0e:
00:8f:0c:e2:2c:bf:04:dd:cd:fe:ac:62:8c:62:d9:
fe:8b:65:f6:47:57:ea:38:04:55:6b:55:f1:7a:40:
8b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:3D:98:74:57:06:68:7F:D9:31:F8:7F:C1:10:78:0A:97:0D:E4:6B
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4c794a93-8daa-4f21-9025-e3dce82b1d63.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.138.108.0/24
Signature Algorithm: sha256WithRSAEncryption
d1:6c:7a:c7:8e:6f:4f:21:f3:81:fe:12:76:c3:0b:2d:bd:a2:
64:33:ae:d0:19:4d:6b:91:d0:b8:dc:e2:d0:b9:ab:4f:71:59:
a2:de:a5:c4:8b:2d:53:56:ab:2e:e9:f5:12:bf:fa:c0:67:20:
50:4e:35:e5:8e:9b:91:34:54:13:e8:f8:b9:52:46:dc:d5:0a:
9d:35:e1:3c:64:a7:39:43:bf:64:35:3c:a8:b5:27:dd:ca:dd:
77:16:0d:1c:a5:08:e2:2b:95:be:4f:4f:05:38:23:6f:b7:a5:
40:d1:57:cd:df:67:ee:a7:bf:51:0f:5c:d4:d3:60:72:96:e3:
ca:e6:42:9c:8e:87:e0:d0:2d:e2:7f:d3:c4:8a:10:4e:3a:1b:
f8:b6:08:ec:43:bf:c4:d9:7f:54:f0:7f:d5:1e:c3:e0:d1:d3:
cb:88:e9:fd:c2:43:cf:f3:ea:0e:bb:e8:f0:41:7d:3c:dd:f4:
8f:fa:44:f8:59:61:b2:18:90:ad:58:3e:09:da:08:05:36:e9:
dc:a0:a4:c2:56:53:86:21:a8:f7:fd:1e:cc:6e:22:3e:4f:fa:
3a:35:ff:03:c9:3a:38:e7:5e:07:5d:86:35:f5:3f:a3:53:9f:
59:d8:5b:e0:d3:12:56:40:ad:56:cf:b9:7f:b8:61:62:35:81:
a9:5f:45:55
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFkiIUC6m4vGheHcywWEictOArX4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE5MDE0MDU0WhcNMjUxMTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BlNDVjYzc0YjgyNjI1NmY0ZDFjNzU1NWEwYzdkN2IyOTE2
ZGI0YmI1NGVhZTVjM2JiZmVjODIxOWNkZDg1NTc5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDCIfxic8KG9c97OjkqZ4/Fg7SVYIyGueYTThd4WwdpwQvL
K3o+dBBz/ISlvOqaT62Oqa+yvRT1rR+fLrNO8DnjP38gt4KzRVhlo3aNvcDovGkf
IyDc95uLVIYi8OO/upJC/6LuPNDBpb1s6f45zDGPXdzcnl7Naz83wZQpsM/9o1Uk
J6CfKImW37qrpOd6wFR4csPnF8et6n1XxDNoGtH1EZHmsyo7DT9TItdhUozhVOlx
m11kaxDN+vIBG55tG8lNwtxJOzswnsD2n8RZ0KF+HXRhYlRTyIJk+fSkc9SCDgCP
DOIsvwTdzf6sYoxi2f6LZfZHV+o4BFVrVfF6QIuFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU+D2YdFcGaH/ZMfh/wRB4CpcN5GswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRjNzk0YTkzLThkYWEtNGYyMS05MDI1LWUzZGNlODJiMWQ2My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABsimwwDQYJKoZIhvcNAQELBQADggEBANFseseOb08h84H+EnbDCy29omQz
rtAZTWuR0Ljc4tC5q09xWaLepcSLLVNWqy7p9RK/+sBnIFBONeWOm5E0VBPo+LlS
RtzVCp014TxkpzlDv2Q1PKi1J93K3XcWDRylCOIrlb5PTwU4I2+3pUDRV83fZ+6n
v1EPXNTTYHKW48rmQpyOh+DQLeJ/08SKEE46G/i2COxDv8TZf1Twf9Uew+DR08uI
6f3CQ8/z6g676PBBfTzd9I/6RPhZYbIYkK1YPgnaCAU26dygpMJWU4YhqPf9Hsxu
Ij5P+jo1/wPJOjjnXgddhjX1P6NTn1nYW+DTElZArVbPuX+4YWI1galfRVU=
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:06:05 2025 by rpki-client