Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a2addf8e-2171-4265-a398-51896a3c14e0.roa
File: a2addf8e-2171-4265-a398-51896a3c14e0.roa (raw, json)
Hash identifier: Nmnz9cpSeZs1PNiCnztDUHb3Iczy3pAculoQWUFJQwY=
Subject key identifier: A9:0C:7F:1E:8B:88:1C:F0:AE:F6:F1:44:62:3C:63:49:79:21:65:39
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 6B71359BA3040AA28B9A484D043D58DA5875116F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a2addf8e-2171-4265-a398-51896a3c14e0.roa
Signing time: Mon 20 Oct 2025 06:00:09 +0000
ROA not before: Mon 20 Oct 2025 06:00:09 +0000
ROA not after: Mon 24 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.158.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:71:35:9b:a3:04:0a:a2:8b:9a:48:4d:04:3d:58:da:58:75:11:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 20 06:00:09 2025 GMT
Not After : Nov 24 23:59:59 2025 GMT
Subject: serialNumber=e779caf7d6d2c00bf67a5ddeecd002bb16017154c30a13bb660d04601943fe22, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:70:f3:64:ba:dd:34:fe:4b:21:1f:37:d8:e1:
3e:79:82:ef:19:78:aa:8d:02:d0:dc:0d:15:8f:ad:
4c:ea:28:92:07:0f:b4:71:2d:f2:b8:79:12:e1:74:
61:2b:b2:e8:f3:c4:99:50:90:e2:04:43:3f:e2:ae:
4f:61:b6:ff:d2:ff:cd:8f:3b:11:25:4d:3c:46:e6:
a5:f4:7c:47:bc:f2:46:e5:8f:8d:13:58:5e:d9:ca:
cb:39:75:cc:68:94:f9:a2:45:a7:8a:1c:72:91:2a:
45:2b:47:e6:f0:17:10:3a:09:38:e7:dd:fe:20:26:
f5:3e:34:1e:50:f5:ff:cd:4f:1d:24:22:8f:85:b3:
2d:08:3b:78:4e:56:d0:1b:d0:7b:88:6c:25:c6:ad:
ad:89:27:0b:5a:c4:35:3c:fd:e0:ee:2e:80:76:de:
c8:bc:cc:64:67:19:94:9e:ca:00:ff:29:76:3b:0e:
e8:a3:24:3f:20:b8:12:83:de:de:7b:31:4a:12:b7:
3c:07:c7:f6:a8:d6:b6:ed:b8:a6:fe:11:42:d7:f8:
e1:db:65:c9:52:cb:81:41:94:cc:ab:4b:9b:5a:0a:
5c:53:d1:16:5f:30:c4:53:24:05:b7:18:88:8f:96:
04:da:54:3b:04:7b:ff:b6:4d:74:a3:27:da:a2:9b:
63:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:0C:7F:1E:8B:88:1C:F0:AE:F6:F1:44:62:3C:63:49:79:21:65:39
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a2addf8e-2171-4265-a398-51896a3c14e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.158.11.0/24
Signature Algorithm: sha256WithRSAEncryption
61:3d:95:24:c4:1f:1a:22:f0:70:a4:a2:94:e3:7a:8f:17:46:
a6:5a:f7:da:b6:4a:8d:90:0b:d9:16:2c:89:bf:ec:e9:ae:5c:
44:42:ba:d6:e3:d0:f5:dc:0a:9a:ff:6f:07:d7:0c:16:18:24:
6f:c3:f8:65:78:2f:bd:36:f9:49:d4:1c:35:3a:29:23:ea:c7:
a2:a4:bf:ae:c5:b4:e7:be:a2:9d:f8:19:00:6b:c8:3b:76:c7:
1d:65:89:01:5e:79:91:6f:4e:46:de:70:59:26:1f:f6:78:e8:
9e:a9:2f:33:1c:fb:79:41:9b:57:92:33:fc:c2:ba:a4:c9:03:
95:6b:cc:7b:1c:0c:98:b6:1c:53:fa:b8:39:cd:b9:88:ab:26:
71:a1:a4:b8:47:6d:a4:ed:bb:21:b7:a7:ae:ae:0e:69:7f:bc:
7d:13:3a:9c:24:02:9a:3a:ab:44:44:e2:fa:de:80:32:f5:45:
9b:98:9c:40:a2:58:3e:b6:fb:5d:41:31:b7:25:21:94:dd:1e:
04:d0:3a:24:e5:a4:95:75:db:1b:ad:61:d2:b6:83:e9:a9:1a:
cc:97:2a:8b:6f:fd:5c:de:f1:f5:a2:e2:8e:ad:92:07:83:6c:
82:ae:c5:28:0c:01:52:a0:e9:1c:9f:e8:49:29:5d:b0:a8:f2:
96:56:aa:b6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUa3E1m6MECqKLmkhNBD1Y2lh1EW8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMDYwMDA5WhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BlNzc5Y2FmN2Q2ZDJjMDBiZjY3YTVkZGVlY2QwMDJiYjE2
MDE3MTU0YzMwYTEzYmI2NjBkMDQ2MDE5NDNmZTIyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDccPNkut00/kshHzfY4T55gu8ZeKqNAtDcDRWPrUzqKJIH
D7RxLfK4eRLhdGErsujzxJlQkOIEQz/irk9htv/S/82POxElTTxG5qX0fEe88kbl
j40TWF7Zyss5dcxolPmiRaeKHHKRKkUrR+bwFxA6CTjn3f4gJvU+NB5Q9f/NTx0k
Io+Fsy0IO3hOVtAb0HuIbCXGra2JJwtaxDU8/eDuLoB23si8zGRnGZSeygD/KXY7
DuijJD8guBKD3t57MUoStzwHx/ao1rbtuKb+EULX+OHbZclSy4FBlMyrS5taClxT
0RZfMMRTJAW3GIiPlgTaVDsEe/+2TXSjJ9qim2NPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUqQx/HouIHPCu9vFEYjxjSXkhZTkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2EyYWRkZjhlLTIxNzEtNDI2NS1hMzk4LTUxODk2YTNjMTRlMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABsngswDQYJKoZIhvcNAQELBQADggEBAGE9lSTEHxoi8HCkopTjeo8XRqZa
99q2So2QC9kWLIm/7OmuXERCutbj0PXcCpr/bwfXDBYYJG/D+GV4L702+UnUHDU6
KSPqx6Kkv67FtOe+op34GQBryDt2xx1liQFeeZFvTkbecFkmH/Z46J6pLzMc+3lB
m1eSM/zCuqTJA5VrzHscDJi2HFP6uDnNuYirJnGhpLhHbaTtuyG3p66uDml/vH0T
OpwkApo6q0RE4vregDL1RZuYnECiWD62+11BMbclIZTdHgTQOiTlpJV12xutYdK2
g+mpGsyXKotv/Vze8fWi4o6tkgeDbIKuxSgMAVKg6Ryf6EkpXbCo8pZWqrY=
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:05:13 2025 by rpki-client