Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94ef2039-0392-447d-8b24-57c939ae5256.roa
File: 94ef2039-0392-447d-8b24-57c939ae5256.roa (raw, json)
Hash identifier: IdXPXfcx8c63LdekJv2Y61TrrhnC6tGnA/+jBNHBEDw=
Subject key identifier: 2D:F6:19:DF:13:57:72:4D:4A:E7:96:8D:9B:AF:02:8E:65:66:8E:32
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2965C301A908F387E81DDFB6BBAA789A3010AD15
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94ef2039-0392-447d-8b24-57c939ae5256.roa
Signing time: Mon 20 Oct 2025 03:42:26 +0000
ROA not before: Mon 20 Oct 2025 03:42:26 +0000
ROA not after: Mon 24 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.157.17.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:65:c3:01:a9:08:f3:87:e8:1d:df:b6:bb:aa:78:9a:30:10:ad:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 20 03:42:26 2025 GMT
Not After : Nov 24 23:59:59 2025 GMT
Subject: serialNumber=c80952b5de45193e314ec286e77ad5a69c9839bef9407b5f87fd6c53af930aa1, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:95:09:4c:7b:d6:1e:5f:d6:30:d6:e2:6b:19:
ce:12:a8:3e:b9:ed:bf:55:e2:ae:24:7e:ed:18:9b:
76:4f:3a:d6:cd:5f:43:e6:68:c2:80:e9:0d:17:17:
18:38:c3:29:5d:9d:45:14:42:dc:4c:8e:95:c5:f2:
d5:42:be:e2:b2:eb:be:f4:7f:63:1d:22:67:17:34:
19:dd:c1:d4:9f:b3:1b:8e:89:d5:49:06:66:9e:79:
4e:02:61:b4:36:61:70:e5:a2:d4:be:ae:c9:44:b4:
7d:1b:62:57:fb:1a:fd:e9:c1:65:e4:91:54:57:8e:
07:4b:75:bb:ff:23:67:07:0f:7e:ef:38:d2:17:a1:
ac:19:46:96:ed:66:fb:d2:1c:a2:11:97:17:5d:b1:
34:8a:d0:3e:cd:23:7b:11:a0:80:e4:b9:71:80:9c:
81:30:cb:8e:bb:ed:79:8a:47:1a:af:d1:c5:92:9c:
09:a4:62:8a:20:f0:19:7f:e7:23:47:3a:6b:bf:09:
5e:31:6b:0c:7a:c6:50:1a:3c:7f:81:97:50:1d:43:
eb:1e:1a:b5:36:e9:b4:e7:d1:59:46:dc:16:e2:39:
1b:4d:2a:ab:14:49:6c:3b:2b:39:11:0e:2b:69:e5:
d9:47:bf:e8:68:8e:f8:cc:38:8c:01:d8:b4:e6:82:
01:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:F6:19:DF:13:57:72:4D:4A:E7:96:8D:9B:AF:02:8E:65:66:8E:32
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94ef2039-0392-447d-8b24-57c939ae5256.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.157.17.0/24
Signature Algorithm: sha256WithRSAEncryption
98:d6:1e:03:0c:fe:05:bc:17:66:77:32:20:26:1b:6e:51:82:
c7:0b:9b:87:52:41:3b:c9:2d:14:47:fb:e0:07:ec:24:11:ee:
af:b5:b2:f6:f4:26:4c:85:b5:0a:93:d5:9c:71:ae:b7:87:b5:
73:15:db:26:e1:5a:41:e2:51:03:be:ea:92:6e:f9:ea:3e:c7:
71:9e:23:c2:8c:32:21:47:5d:07:63:4b:64:9a:9e:21:d3:72:
a2:de:89:c3:ad:65:5d:38:0a:9f:6f:08:07:d2:ee:4d:00:c4:
7c:67:da:72:bd:6e:b3:0f:fe:a8:52:99:ff:6c:02:5f:eb:c4:
f6:93:6d:ee:0e:4b:c2:3e:d5:18:75:b3:0f:14:5e:12:39:29:
8a:02:54:87:04:a9:0d:aa:94:19:ac:05:79:97:b0:cf:46:3a:
24:d5:61:3e:1f:69:db:91:4b:ee:61:4b:a6:37:1a:9a:c7:a7:
d7:28:58:42:1a:61:50:33:b9:14:03:e5:cb:33:50:9d:12:c1:
f4:ae:1b:56:ba:e6:de:8e:4c:fb:d2:e3:e7:b4:da:f1:7b:ee:
a2:9b:5b:5c:3c:7b:fa:40:76:51:eb:6e:55:94:3b:db:b9:d7:
43:99:a8:76:89:eb:40:dc:90:b2:bb:f0:9f:d1:08:3f:9c:59:
c6:12:f5:7f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKWXDAakI84foHd+2u6p4mjAQrRUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMDM0MjI2WhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BjODA5NTJiNWRlNDUxOTNlMzE0ZWMyODZlNzdhZDVhNjlj
OTgzOWJlZjk0MDdiNWY4N2ZkNmM1M2FmOTMwYWExMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCplQlMe9YeX9Yw1uJrGc4SqD657b9V4q4kfu0Ym3ZPOtbN
X0PmaMKA6Q0XFxg4wyldnUUUQtxMjpXF8tVCvuKy6770f2MdImcXNBndwdSfsxuO
idVJBmaeeU4CYbQ2YXDlotS+rslEtH0bYlf7Gv3pwWXkkVRXjgdLdbv/I2cHD37v
ONIXoawZRpbtZvvSHKIRlxddsTSK0D7NI3sRoIDkuXGAnIEwy4677XmKRxqv0cWS
nAmkYoog8Bl/5yNHOmu/CV4xawx6xlAaPH+Bl1AdQ+seGrU26bTn0VlG3BbiORtN
KqsUSWw7KzkRDitp5dlHv+hojvjMOIwB2LTmggFbAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQULfYZ3xNXck1K55aNm68CjmVmjjIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk0ZWYyMDM5LTAzOTItNDQ3ZC04YjI0LTU3YzkzOWFlNTI1Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABsnREwDQYJKoZIhvcNAQELBQADggEBAJjWHgMM/gW8F2Z3MiAmG25RgscL
m4dSQTvJLRRH++AH7CQR7q+1svb0JkyFtQqT1ZxxrreHtXMV2ybhWkHiUQO+6pJu
+eo+x3GeI8KMMiFHXQdjS2SaniHTcqLeicOtZV04Cp9vCAfS7k0AxHxn2nK9brMP
/qhSmf9sAl/rxPaTbe4OS8I+1Rh1sw8UXhI5KYoCVIcEqQ2qlBmsBXmXsM9GOiTV
YT4faduRS+5hS6Y3GprHp9coWEIaYVAzuRQD5cszUJ0SwfSuG1a65t6OTPvS4+e0
2vF77qKbW1w8e/pAdlHrblWUO9u510OZqHaJ60DckLK78J/RCD+cWcYS9X8=
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:11:38 2025 by rpki-client