Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/848aae69-2946-4ca0-98e1-2f073e06376d.roa
File: 848aae69-2946-4ca0-98e1-2f073e06376d.roa (raw, json)
Hash identifier: y/96AkkVAvHL9T67hDWNLFX4qT8MWnvA1ebhLdp0oX4=
Subject key identifier: 34:99:74:62:32:11:E2:72:EB:A2:C3:31:FD:A0:63:5B:60:F0:C4:53
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 73AEF8616FA3D449D0A14BFF034B8AC8AE7B783A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/848aae69-2946-4ca0-98e1-2f073e06376d.roa
Signing time: Sun 19 Oct 2025 00:40:07 +0000
ROA not before: Sun 19 Oct 2025 00:40:07 +0000
ROA not after: Sun 23 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.138.208.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:ae:f8:61:6f:a3:d4:49:d0:a1:4b:ff:03:4b:8a:c8:ae:7b:78:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 19 00:40:07 2025 GMT
Not After : Nov 23 23:59:59 2025 GMT
Subject: serialNumber=c0f7ea08c9eed873f7062d0b8e16c920d84490248d1752df16e36ca10ba1a364, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5e:11:c3:41:d9:e7:d9:ec:bc:71:4d:e7:17:
ab:9e:e3:e9:86:90:98:62:e1:a7:68:26:30:a6:fd:
44:45:86:44:c5:cb:a2:c0:9a:11:64:36:f9:a9:4c:
db:ee:fd:62:1d:73:af:75:35:d4:43:aa:2f:f2:5f:
14:b6:06:5a:76:4b:b9:d9:b9:90:58:84:d9:0c:c5:
25:2a:5b:26:fb:6d:d3:bb:72:ef:30:f4:42:20:51:
f2:65:a3:01:fe:01:3e:3a:04:59:c4:7d:c5:72:19:
20:e7:f7:bb:2a:bc:0b:92:df:ee:bd:e4:46:9d:b6:
d6:55:59:10:1d:46:26:91:a5:33:4f:12:82:91:55:
10:ea:a3:51:a9:f0:2c:52:97:24:7d:64:1d:dd:6b:
31:b6:2d:73:89:f0:63:52:b3:5b:dd:9d:fe:a7:21:
40:16:80:50:3a:9b:f0:57:86:dc:c2:70:89:d9:04:
87:14:62:f9:59:d4:d9:77:bc:93:a3:ad:33:6c:60:
e9:ec:86:bb:c1:68:3c:22:c3:3c:a8:a1:c8:86:b2:
e0:92:2b:54:f8:cc:bd:a7:3e:de:71:96:1c:46:2c:
63:ce:ec:84:a2:96:a9:50:9b:53:53:93:36:27:9c:
1d:a2:6a:04:f0:92:6c:f4:2d:42:34:66:9c:9d:8e:
f6:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:99:74:62:32:11:E2:72:EB:A2:C3:31:FD:A0:63:5B:60:F0:C4:53
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/848aae69-2946-4ca0-98e1-2f073e06376d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.138.208.0/24
Signature Algorithm: sha256WithRSAEncryption
96:e4:94:6d:c2:c9:da:ac:75:03:1a:2d:17:ad:48:c8:4c:04:
5b:78:58:8e:74:bd:08:30:06:c7:32:ce:d5:51:a4:71:3e:19:
2b:03:78:c5:e1:a9:97:8c:b0:47:97:8b:b5:fb:f8:5a:88:bf:
d7:d1:19:cf:be:0b:6e:53:1e:33:b4:9f:5e:4e:8f:14:0a:ed:
8b:22:ec:d2:8c:e4:38:d7:00:9f:34:25:0b:da:78:98:15:03:
9a:ef:60:e7:a0:ec:cc:55:c9:1c:76:36:cd:49:dc:7e:4b:a7:
12:d1:ba:6d:9d:76:ea:e9:49:62:cf:00:11:c0:2f:3f:9d:98:
7b:b4:7a:1e:cc:9d:c6:a1:17:6d:c2:80:ec:05:2d:2c:49:c1:
c3:50:a1:95:ee:70:bd:c1:08:bc:2e:fd:0a:76:06:0e:59:07:
bf:45:7c:46:4c:d9:46:fd:de:4b:15:64:17:a4:32:45:2d:42:
c5:3b:5f:c5:94:30:ec:77:58:0c:89:2e:91:25:4e:3f:f1:91:
41:66:2f:3b:77:20:b4:46:92:1d:d9:6d:a7:25:2c:86:40:7e:
7b:be:ad:7d:f7:f8:f5:ae:76:8d:42:17:39:58:ea:35:18:3c:
1c:92:47:3a:91:2e:a9:5e:c1:51:10:0c:83:d2:ab:74:a4:cc:
50:2d:dc:d1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUc674YW+j1EnQoUv/A0uKyK57eDowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE5MDA0MDA3WhcNMjUxMTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BjMGY3ZWEwOGM5ZWVkODczZjcwNjJkMGI4ZTE2YzkyMGQ4
NDQ5MDI0OGQxNzUyZGYxNmUzNmNhMTBiYTFhMzY0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpXhHDQdnn2ey8cU3nF6ue4+mGkJhi4adoJjCm/URFhkTF
y6LAmhFkNvmpTNvu/WIdc691NdRDqi/yXxS2Blp2S7nZuZBYhNkMxSUqWyb7bdO7
cu8w9EIgUfJlowH+AT46BFnEfcVyGSDn97sqvAuS3+695EadttZVWRAdRiaRpTNP
EoKRVRDqo1Gp8CxSlyR9ZB3dazG2LXOJ8GNSs1vdnf6nIUAWgFA6m/BXhtzCcInZ
BIcUYvlZ1Nl3vJOjrTNsYOnshrvBaDwiwzyoociGsuCSK1T4zL2nPt5xlhxGLGPO
7ISilqlQm1NTkzYnnB2iagTwkmz0LUI0Zpydjva3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUNJl0YjIR4nLrosMx/aBjW2DwxFMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg0OGFhZTY5LTI5NDYtNGNhMC05OGUxLTJmMDczZTA2Mzc2ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABsitAwDQYJKoZIhvcNAQELBQADggEBAJbklG3CydqsdQMaLRetSMhMBFt4
WI50vQgwBscyztVRpHE+GSsDeMXhqZeMsEeXi7X7+FqIv9fRGc++C25THjO0n15O
jxQK7Ysi7NKM5DjXAJ80JQvaeJgVA5rvYOeg7MxVyRx2Ns1J3H5LpxLRum2ddurp
SWLPABHALz+dmHu0eh7MncahF23CgOwFLSxJwcNQoZXucL3BCLwu/Qp2Bg5ZB79F
fEZM2Ub93ksVZBekMkUtQsU7X8WUMOx3WAyJLpElTj/xkUFmLzt3ILRGkh3Zbacl
LIZAfnu+rX33+PWudo1CFzlY6jUYPBySRzqRLqlewVEQDIPSq3SkzFAt3NE=
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:06:10 2025 by rpki-client